(RADIATOR) Radius packet or server attack protection.

[Ronan Eckelberry]

	I use a SIMLOGIN field in MySQL in conjunction with the Session
Database in Radiator to handle this.  I only allow 1 login at a time per
username unless the customer is paying for more than one computer to
connect at a time.  If someone calls and can't log in, the Radiator logs
will show that they were denied for the reason of Simultaneous logins
exceeded.  You can then have the customer change their password and/or
check your accounting logs if you have it setup to log the
Calling-Station-ID attribute to see where the other call is coming from.

-Ronan

-----Original Message-----
From: owner-radiator at open.com.au [mailto:owner-radiator at open.com.au] On
Behalf Of User BALGAA System Engineer
Sent: Monday, 28 January, 2002 05:16
To: Hugh Irvine
Cc: radiator at open.com.au
Subject: (RADIATOR) Radius packet or server attack protection.


Hugh,

Some of our dial-up users complain about someone using they username and
password.

How can I to secure and protect from such attacks and hacking?

Now Radiator AAA server (2.19) and NAS's (AS5300,AS5400,Ascend MAX 4060)
same subnet.

Thanks,
Balgaa


===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.