Re: Login anomaly or security issue?

John Storms (jstorms@livingston.com)
Fri, 25 Jul 1997 16:30:28 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Adam L. Geiger: "Re: Request-Authenticator (fwd)"
Previous message: clemdog@marshallnet.com: "56k Required encoding"
Maybe in reply to: Jason Robbins: "Login anomaly or security issue?"

At 11:36 AM 7/25/97 -0600, Stephen Fisher wrote:
>I believe Livingston Radius 2.0 or 2.0.1 fixed it so that this can't
>happen anymore?

Livingston's RADIUS has been tested against each character on the keyboard,
and then some.

>On Fri, 25 Jul 1997, Jason Robbins wrote:
>
>> A user, lets call him 'joe' accidentally logged in yesterday with his
>> username, a space and his lastname, 'joe last'. He authenticated just
>> fine, and a show session listed him as 'joe last', as did the detail
>> file. We are using radius, system authentication to a linux box.
>> Haven't checked yet to see if I can log into linux as 'joe testguy' (but
>> I seriously doubt it). I don't know if this is a security issue, but at
>> the very least, it makes examining the detail file a little more
>> difficult.
>
>
>

---
jstorms@livingston.com
Diplomacy:  The art of saying good doggie
while seaching for a big rock.

Next message: Adam L. Geiger: "Re: Request-Authenticator (fwd)"
Previous message: clemdog@marshallnet.com: "56k Required encoding"
Maybe in reply to: Jason Robbins: "Login anomaly or security issue?"