(RADIATOR) Tarpitting auth requests from naughty users..
Hugh Irvine
hugh at open.com.au
Fri May 9 00:18:05 CDT 2003
Hello Robert -
The only thing I can think of is that you write a PreClientHook to do
what you describe.
regards
Hugh
On Friday, May 9, 2003, at 09:04 Australia/Melbourne, Robert Blayzor
wrote:
>> As Dave says, there is sadly nothing that Radiator can do, as
>> it is the
>> NAS that is sending the requests in response to actions by the end
>> user's device. If Radiator just ignores the request, the device will
>> retry anyway, and if Radiator rejects the request the same thing will
>> also occur.
>
> Right, yes, I am aware of that. I'm more looking for an option in
> which
> Radiator can notice a "threshhold of bad requests" coming through, say
> "X amount in X timeframe". This way you can have Radiator just send
> back an insant NAK without passing it on to any handlers, loggers,
> etc.
>
> The problem I have is that every time this user's PPPoE client tries to
> auth it has to call stored proceedures and insert records into the
> database. Even though these our are customers, it's quite possible for
> some little script kiddie to attempt a DDOS attack by calling a simple
> PERL script to send hundreds of requests at a time.... I do realize at
> that time we'd probably go after him with bodily harm but also, by then
> it's to late. ;-)
>
> I'm just looking for an easy way for Radiator to protect itself from
> something like this and perhaps reduce CPU cycles and resources.
>
> --
> Robert Blayzor, BOFH
> INOC, LLC
> rblayzor at inoc.net
>
> Exclusive: We're the only ones who have the documentation.
>
>
>
NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list