RE: (RADIATOR) What is this? A bug, a DOS attack?

Thu, 30 Nov 2000 08:35:16 -0800 

I believe it's a BUG.

Please see my post from last week:

        "Radiator/LDAP hangs on binary username!"

to which no one has replied yet, where I described a similar experience.
Again, AuthBy CDB never misbehaved with these binary usernames, but AuthBy
LDAP2 will hang Radiator completely.

It's pretty easy to reproduce: telnet to your NAS IP, and when it asks for
username or login, enter something like:

        ���pZ_S^�G*�_��g�_�<BQ����?4y,�h�Mpt��.h__`��_OE�*�v

Bingo. Radiator is trashed. What's worse is that if you have multiple
Radiator/LDAP servers for redundancy, the NAS will retry until it brings
down ALL the servers :(

At the moment, we're testing:

        RewriteUsername tr#!-'/+-~/##cd

which should strip out all non-printable characters (and a few others),
which seems to patch the bug so far. But the whole issue makes me pretty
nervous.

Dave

> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Behalf Of Luis Alves
> Sent: Thursday, November 30, 2000 9:03 AM
> To: [EMAIL PROTECTED]
> Subject: (RADIATOR) What is this? A bug, a DOS attack?
>
>
>
> Hi,
>
> Something strange  happened with my Radiator Servers. The
> servers freezed,
> ignoring all the requests that were made by the NAS.
>
> Although, the process of Radiator was alive and taking the
> usual resources
> from the server.
>
> When I checked the log messages in SQL, I saw this strange
> message (where
> XXX.XXX.XXX.XXX is the NAS IP address and YYY the port):
>
> Deleting session for
> �YZp}+����pZ_S^�G*�_��g�_�<BQ����?4y,�h�Mpt��.h__`��_OE�*�vl�+
> l��_]_"�ף^-""
> T�...H_�V_(�-D�oe��{_� �:�_ DG�e������z�#_� :, XXX.XXX.XXX.XXX, YYY
>
> I use Radiator-2.16.3 with authentication in LDAP and loging is MYSQL
>
> What is this? A bug, a DOS attack?
>
> Thank's in advance
>
> ===
> Archive at http://www.starport.net/~radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to