Garbase from terminal server / freeradius crashes?

2003-02-28 Thread Brendon Colby 
Greetings,

I wrote in a while back about garbage in our logs from our routers. The 
terminal servers are logging in to the device causing this garbage to show up 
in the radius logs. For example:

Fri Feb 28 13:16:38 2003 : Auth: Login incorrect: [5)55)AiMM]=Ii] (from client 
network-backbone port 1)
Fri Feb 28 13:16:38 2003 : Auth: Login incorrect: [9Q%] (from client 
network-backbone port 1)
Fri Feb 28 13:16:38 2003 : Auth: Login incorrect: [ap-vxr#] (from client 
corporate-network port 11)

So this is a known issue with the terminal servers logging in to the devices. 
Our network engineers are aware of this problem but do not know how to fix 
it.

My question is, would this sort of constant stream of garbage hitting our 
RADIUS server cause freeradius to just die with no warning or errors? This is 
what happens and I cannot seem to find a reason why. The process just seems 
to die at random. We're running 0.8.1.

Also, if anyone has any pointers on fixing this issue with all Cisco equipment 
please let me know.

Thanks.

-- 
Brendon Colby
Systems Administrator
Midcontinent Communications


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Garbase from terminal server / freeradius crashes?

2003-02-28 Thread Vincent_Giovannone 
When I had my terminal servers misconfigured (in my case, they were 
looking for XON/OFF flow control that wasn't there), I had nearly the same 
results.  Check your terminal server config. 

If you want to test it, how about unplugging your terminal servers for a 
while and seeing if radius stops dying?  (seriously)  Although it's almost 
assuredly a bug that should be addressed (processes dying are _never_ a 
good thing), might want to get the ball rolling that way.

Vincent Giovannone
Network Infrastructure Group
Information Services Division
Rush - Presbyterian St. Luke's Medical Center

So for the IT Manager Role, you want someone who's absolute crap, looks 
reasonable on paper, and won't cause too much trouble. ...  Well I don't 
have any MCSEs on my books at the moment, but I could call around.-- 
Simon Travaglia





Brendon Colby [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
02/28/2003 01:27 PM
Please respond to freeradius-users

 
To: [EMAIL PROTECTED]
cc: 
Subject:Garbase from terminal server / freeradius crashes?


Greetings,

I wrote in a while back about garbage in our logs from our routers. The 
terminal servers are logging in to the device causing this garbage to show 
up 
in the radius logs. For example:

Fri Feb 28 13:16:38 2003 : Auth: Login incorrect: [5)55)AiMM]=Ii] (from 
client 
network-backbone port 1)
Fri Feb 28 13:16:38 2003 : Auth: Login incorrect: [9Q%] (from client 
network-backbone port 1)
Fri Feb 28 13:16:38 2003 : Auth: Login incorrect: [ap-vxr#] (from client 
corporate-network port 11)

So this is a known issue with the terminal servers logging in to the 
devices. 
Our network engineers are aware of this problem but do not know how to fix 

it.

My question is, would this sort of constant stream of garbage hitting our 
RADIUS server cause freeradius to just die with no warning or errors? This 
is 
what happens and I cannot seem to find a reason why. The process just 
seems 
to die at random. We're running 0.8.1.

Also, if anyone has any pointers on fixing this issue with all Cisco 
equipment 
please let me know.

Thanks.

-- 
Brendon Colby
Systems Administrator
Midcontinent Communications


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Garbase from terminal server / freeradius crashes?

2003-02-28 Thread Alan DeKok 
Brendon Colby [EMAIL PROTECTED] wrote:
 I wrote in a while back about garbage in our logs from our routers. The 
 terminal servers are logging in to the device causing this garbage to show up 
 in the radius logs. For example:
 
 Fri Feb 28 13:16:38 2003 : Auth: Login incorrect: [5)55)AiMM]=Ii] (from client 
 network-backbone port 1)

  Hmm... a useful hack to rlm_preprocess may be a list of characters
which are allowed in usernames.  e.g. [EMAIL PROTECTED] etc.  If the
server receives a request with a crazy username, it should be rejected
*immediately*.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html