RE: [RadiusNT] ISDN HACK

Geo. ( (no email) )
Wed, 21 Jul 1999 11:41:08 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Geo.: "RE: [RadiusNT] ISDN HACK"
Next message: Info Desk: "Re: [RadiusNT] ISDN HACK"
In reply to: Brian Lube: "Re: [RadiusNT] ISDN HACK"

NAS is a Portmaster3 running ComOS 3.8.2c2

All you need to do is set the user for 1 concurrent session, make sure
concurency is turned on, then flood the NAS with a ton of requests that get
rejected because user is already logged on once. Sooner or later you will
get in (not to mention slowing everyone else down during login while you are
flooding it).

Geo.

> -----Original Message-----
> From: radiusnt-request@iea-software.com
> [mailto:radiusnt-request@iea-software.com]On Behalf Of Brian Lube
> Sent: Wednesday, July 21, 1999 11:25 AM
> To: radiusnt@iea-software.com
> Subject: Re: [RadiusNT] ISDN HACK
>
>
> I just attempted to replicate this with my USR/3com TC equipment and was
> not successful.
>
> I'd like to test it out, just so everyone can know if the problem is
> RadiusNT or the NAS in question (this is personal piece of mind here btw).
>
> Can we get some more information on the problem -
>
> NAS being used (Ascend/3com/Lucent/?)
> Code Rev
> Details of the 'hack'
>
> Thanks!
>
> --bl
>
>
> At 08:37 AM 7/21/99 -0400, you wrote:
> >I've got a customer who has an ISDN modem but only a single
> login account.
> >He has somehow found a way to cause the ISDN modem to dial in on
> the second
> >line and he sits there holding the return key down forcing a rapid
> >succession of login attempts. In Radius with debug mode turned
> on we can see
> >the screen scrolling at an incredible rate.
> >
> >What happens is after 10-20 seconds of this, he manages to get logged in
> >with the second line.
> >
> >Now it seems to me this is a bug in Radius that's allowing this
> to happen.
> >What I need is some way to stop it or a fix. Anyone got any
> ideas? If word
> >of this gets out, we are all going to have a bunch of people trying it.
> >
> >Geo.
> >
> >
> >
> >For more information about this list (including removal) go to:
> >http://www.iea-software.com/support/maillists/liststart
>
> Brian Lube
> System Administrator
> MPInet
>
> For more information about this list (including removal) go to:
> http://www.iea-software.com/support/maillists/liststart
>

For more information about this list (including removal) go to:
http://www.iea-software.com/support/maillists/liststart

Previous message: Geo.: "RE: [RadiusNT] ISDN HACK"
Next message: Info Desk: "Re: [RadiusNT] ISDN HACK"
In reply to: Brian Lube: "Re: [RadiusNT] ISDN HACK"