manIP wrote:
On 10/30/07, *Florin Andrei* <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
If the password is incorrect, the Access Reject reply is delayed until
the user enters the password the second time. It's like the server waits
for the next auth attempt to send back the Reject.
Look at "reject_delay" in radiusd.conf. May be that will answer your
question.
It was set to 1, but the actual delay is clearly bigger than that. In
fact, it doesn't seem to be constant, it seems to wait until a new
request was sent, and then it unleashes the reject.
I set reject_delay to 0 and now there's no delay, but I'm not sure I
like it that way, due to possible brute-force attacks.
--
Florin Andrei
http://florin.myip.org/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
