CAPTIVE PORTAL VS FREERADIUS: AUTHENTIFCATION WITH PHONE NUMBER XXXXXXXX
hi friends, i configured the pfsense captive portal and radius server with authentication the phone number as username and password.i have loaded the phone numbers of my users on freeradius (in this format XXXXXXXX Cleartext- Password: = "XXXXXXXX") so that they can authenticate.
the problem is that a user can use another user's phone number to authenticate.
is it possible to be able to identify the phone number of a user and that only this user can connect with his phone number only?
Or is it possible to directly link the authentication to the GSM system to the HLR (home location register)?
Try running a radsniff -x and check what info the phones are sending in the requests., there may be something unique to each phone.
Why didn't you create an individual user ID & unique password for each user, using easily known data seems a little stupid.
I know that I can create a user ID and password for each user, I want to encourage my users to use my product (phone number (sim)), I set up wifi terminals in public places, once you buy my product (Sim) I give you free access to the internet but while authenticating with the number of the sim you paid.
first of all HLR don't exist in phone networks anymore. we are now in the age of 3g and 4g, HLR have been replaced by HSS.
second of all, unless you are a government agency, you can't have access to such data, for obvious safety reasons. you are not allowed to track the location of any user you want
third, the recommanded way to check that a phone number really belong to someone, is to send a confirmation code to the phone.
this is what banks do for verifying an user's phone, so you should be safe with it
in order to do this, you could either code your own system using a sim card reader, or use an external services for this. multiple companies are offering this services. you can type "confirmation SMS API" or "F2A API" on google to find one