Mark -
Thanks for your response. Actually I know it
isn't a shared secret issue, because the same box has
no problems authenticating to the Radius server. Just
once in a while I see these entries added to the
Radius
log.
I think it may be someone trying a brute force
login or war-dialing attempt... When these entries
are added they come up 3 times within a few seconds
and then they stop.
- Anthony
--- [EMAIL PROTECTED] wrote:
>
>
>
>
> I have seen this before when the client doing the
> authentication is using a
> different shared secret than the RADIUS server is
> expecting. Could this be
> the case?
>
> - Mark
>
> On Mon, 2 Jun 2003 09:22:30 -0700 (PDT), you wrote:
>
>
> Hello -
>
> We are running FreeRadius 0.8.1
> Almost everytime I monitor the Radius logs I notice
> entries like this and I would like to know if
> anybody
> knows what they may be about. They seem to be
> garbled
> entries or some kind of brute force attempt. The
> client
> that they seem to come from most of the time, has
> no problems authenticating.
>
> Auth: Login
> incorrect:[I'/=a2[n|nc["RP/\0261GKRl{\003VmnBa]
> (from client dnv-dts1 port 11)
>
> Please advise on what can be done about this.
>
> Thanks
>
__________________________________
Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
http://calendar.yahoo.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
