(RADIATOR) Tarpitting auth requests from naughty users..

Hugh Irvine hugh at open.com.au
Fri May 9 00:18:05 CDT 2003 

Hello Robert -

The only thing I can think of is that you write a PreClientHook to do 
what you describe.

regards

Hugh


On Friday, May 9, 2003, at 09:04 Australia/Melbourne, Robert Blayzor 
wrote:

>> As Dave says, there is sadly nothing that Radiator can do, as
>> it is the
>> NAS that is sending the requests in response to actions by the end
>> user's device. If Radiator just ignores the request, the device will
>> retry anyway, and if Radiator rejects the request the same thing will
>> also occur.
>
> Right, yes, I am aware of that.  I'm more looking for an option in 
> which
> Radiator can notice a "threshhold of bad requests" coming through, say
> "X amount in X timeframe".  This way you can have Radiator just send
> back an insant NAK  without passing it on to any handlers, loggers, 
> etc.
>
> The problem I have is that every time this user's PPPoE client tries to
> auth it has to call stored proceedures and insert records into the
> database.  Even though these our are customers, it's quite possible for
> some little script kiddie to attempt a DDOS attack by calling a simple
> PERL script to send hundreds of requests at a time....  I do realize at
> that time we'd probably go after him with bodily harm but also, by then
> it's to late. ;-)
>
> I'm just looking for an easy way for Radiator to protect itself from
> something like this and perhaps reduce CPU cycles and resources.
>
> --
> Robert Blayzor, BOFH
> INOC, LLC
> rblayzor at inoc.net
>
> Exclusive: We're the only ones who have the documentation.
>
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list