Re: (RADIATOR) RejectMePls

2002-01-06 Thread Hugh Irvine 


Hello Alex -

You can turn on a trace 4 debug to see where the request is coming from, and 
if you want to trap this particular username you can do something like this 
(assuming you are using Handlers):

# define Handler to trap a particular username



DefaultResult REJECT



regards

Hugh


>
> We are having something unusual going on.  We have a particular user that
> is continuously hitting our system that is obviously not valid.  The user
> is Reject-Me-Pls...@(defaultrealm).  And it's counterpart
> RejectMePls@(defaultrealm).  I'm not sure who it is or if it's the
> networks, but we can't figure how they are even getting past our
> authentication and getting rows into our accounting tables.  Now if they
> are in our RadOnline (SessionDatabase) they don't seem to get in, but
> normally do.  Not to mention it's flooding my error logs.  Does anybody
> know anything about this or how this person or whatever is getting
> authenticated when they aren't in the database?  We called Qwest to ask
> them about it and they didn't seem to. Thanks for the help...
>
> Alex Fritz
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.307 / Virus Database: 168 - Release Date: 12/11/2001
>
> ---

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

(RADIATOR) RejectMePls

2002-01-06 Thread Mike McCauley 



--  Forwarded Message  --

Subject: BOUNCE [EMAIL PROTECTED]:Non-member submission from ["Alex 
Fritz" <[EMAIL PROTECTED]>]
Date: Sun, 6 Jan 2002 15:37:21 -0600
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]

>From [EMAIL PROTECTED] Sun Jan  6 15:37:20 2002
Received: from ncninternet.com (ns1.ncninternet.com [63.252.251.123])
by server1.open.com.au (8.11.0/8.11.0) with ESMTP id g06LbK327015
for <[EMAIL PROTECTED]>; Sun, 6 Jan 2002 15:37:20 -0600
Received: from cc529972a [65.81.72.44] by ncninternet.com
  (SMTPD32-7.04) id AC0E400186; Sun, 06 Jan 2002 17:21:50 -0600
From: "Alex Fritz" <[EMAIL PROTECTED]>
To: "Radiator NewsGroup" <[EMAIL PROTECTED]>
Subject: RejectMePls
Date: Sun, 6 Jan 2002 17:12:22 -0600
Message-ID: <[EMAIL PROTECTED]>
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.

We are having something unusual going on.  We have a particular user that is
continuously hitting our system that is obviously not valid.  The user is
Reject-Me-Pls...@(defaultrealm).  And it's counterpart
RejectMePls@(defaultrealm).  I'm not sure who it is or if it's the networks,
but we can't figure how they are even getting past our authentication and
getting rows into our accounting tables.  Now if they are in our RadOnline
(SessionDatabase) they don't seem to get in, but normally do.  Not to
mention it's flooding my error logs.  Does anybody know anything about this
or how this person or whatever is getting authenticated when they aren't in
the database?  We called Qwest to ask them about it and they didn't seem to.
Thanks for the help...

Alex Fritz
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.307 / Virus Database: 168 - Release Date: 12/11/2001

---

-- 
Mike McCauley   [EMAIL PROTECTED]
Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia   http://www.open.com.au
Phone +61 3 9598-0985   Fax   +61 3 9598-0955

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory etc etc 
on Unix, Win95/8, 2000, NT, MacOS 9, MacOS X
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.