Hello Gabriela -
I am not certain that what you show below is due to a hacker - you often see things like this with modems that do not train properly when receiving a call. In any case, with Radiator 2.19 you can use the new "UsernameCharset" parameter to limit what characters you will accept in the User-Name string. Have a look at section 6.4.30 in the Radiator reference manual ("doc/ref.html"). Note that you can use this either globally or on a per-Handler basis. regards Hugh > > > > The last Saturday our Radius server received an attack. I´m sending you > > the information I can found on my server in order to help all Radius > > Server from unspected attacks. > > > > Sat Nov 10 22:59:54 2001: DEBUG: Packet dump: > > *** Received from 200.16.169.56 port 1645 .... > > Code: Access-Request > > Identifier: 150 > > Authentic: Ei`!:iLLLL(:r(LC > > Attributes: > > User-Name = "'S R%H%G1\|g+%s8rEs3)o}p/G}/J?~o]F 4%7.+CBsg,'?j/?u" > > User-Password = > > ")<162><225><251><177>o<25>9\<177>o<6>:[J<5>va<146><145>U<173>F<8><198>4< > >1 60><249>D<179><198><239>" > > NAS-IP-Address = 200.16.169.56 > > NAS-Port = 56 > > Called-Station-Id = "6200" > > Calling-Station-Id = "1145674048" > > USR-Connect-Speed = 24000_BPS > > USR-Modulation-Type = v32Terbo > > USR-Simplified-MNP-Levels = 0 > > USR-Simplified-V42bis-Usage = 0 > > USR-Chassis-Call-Slot = 7 > > USR-Chassis-Call-Span = 0 > > USR-Chassis-Call-Channel = 27 > > NAS-Identifier = "access2" > > Acct-Session-Id = "071b05f8" > > NAS-Port-Type = Async > > > > Sat Nov 10 22:59:54 2001: DEBUG: Handling request with Handler > > 'Realm=DEFAULT' > > Sat Nov 10 22:59:54 2001: DEBUG: SessionDbSQL Deleting session for 'S > > R%H%G1\|g+%s8rEs3)o}p/G}/J?~o]F 4%7.+CBsg,'?j/?u, 200.16.169.56, 56 > > Sat Nov 10 22:59:54 2001: DEBUG: do query is: delete from RADONLINE where > > NASIDENTIFIER='200.16.169.56' and NASPORT=056 > > > > Sat Nov 10 22:59:54 2001: DEBUG: Query is: select NASIDENTIFIER, NASPORT, > > ACCTSESSIONID from RADONLINE where USERNAME=''S R%H%G1\|g+%s8rEs3)o} > > p/G}/J?~o]F 4%7.+CBsg,'?j/?u' > > > > Sat Nov 10 22:59:54 2001: ERR: Execute failed for 'select NASIDENTIFIER, > > NASPORT, ACCTSESSIONID from RADONLINE where USERNAME=''S R%H%G1\|g+%s > > 8rEs3)o}p/G}/J?~o]F 4%7.+CBsg,'?j/?u'': ERROR: parser: parse error at or > > near "s" > > > > Sat Nov 10 22:59:55 2001: ERR: Execute failed for 'select NASIDENTIFIER, > > NASPORT, ACCTSESSIONID from RADONLINE where USERNAME=''S R%H%G1\|g+%s > > 8rEs3)o}p/G}/J?~o]F 4%7.+CBsg,'?j/?u'': ERROR: parser: parse error at or > > near "s" > > > > Sat Nov 10 22:59:55 2001: DEBUG: Handling with Radius::AuthSQL > > Sat Nov 10 22:59:55 2001: DEBUG: Handling with Radius::AuthSQL > > > > Lic. Gabriela Barsotti > > Technology Manager > > EasyMail S.A. > > A VirtualCom Company > > 54-11-54590-8820 > > ------------------------------------------------------- -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.