Re: (PM) Radius Problem

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Lanham Rattan: "(PM) Radius Login Timeout"
• Previous message: Chad Schwartz: "Re: (PM) Syslog"

> Is there any truth to this:
>
> http://itrac.bourg.net/radiusdos.html

Go take a look at the BugTraq archives at:

<URL:http://www.geek-girl.com/bugtraq/>

Search the archives for Febuary/1998 for the term "radius".

Basically the guy jumped the gun a bit on what platforms were vulnerable
and what the exact configuration required for exploit was. When I
followed up with him it came out that he was actually using a modified
version of our RADIUS which had been hacked to do concurrency control (if
I remember right)--which he failed to mention in his original message.

-jr

----
Josh Richards - <jrichard@livingston.com> - <josh@lucent.com>
[Beta Engineer] - LUCENT Technologies - Remote Access Business Unit
<URL:http://www.livingston.com/> * <URL:http://www.lucent.com/dns/>

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

• Next message: Lanham Rattan: "(PM) Radius Login Timeout"
• Previous message: Chad Schwartz: "Re: (PM) Syslog"