Re: (ASCEND) Ascend's Radiusd

[Ilker TEMIR <ilker@marketweb.net.tr>]

	Selecting a good password is not enough :))

	I have derived a radius based on ascend's, and one day we realized
that there were some simultaneous logins (although my radius does not
allow that), parsing the logs and ODBC tables I found that users typing
an extra "space" at the end of their user could do simultaneous logins :)
furthermore, their time credits was not changing. It only took a few
minutes to fix it. 
	Anyway, I can recommend you to directly go into the source files.
Try to do the fix yourself, I could send you mine but it has some
other features that I do not want to distribute
	Best Regards,

	- Ilker

> Sascha E. Pollok <"Sascha E. Pollok" <sp@iphh.de>> writes:
> 
> >What I experienced is that in case we have a "testuser" in the
> >users-file, the radiusd also accepts a "testuser anotherword" for
> >this user. All following chars after the space seem to be
> >ignored.
> 
> >This is running on a Linux Box with Kernel 2.2.10, no special
> >stuff.
> 
> 	Yes! It's a bug of RADIUS (Ascend).  Also, you can try type more
> 	spaces after real_name.
> 
> 	One way - is a good password. :)
> 
> 	So, who know, when will releases a new version?
> 
> 					    Nick K. Kozubsky
> 					      nick@ray.ru
> 					  Tel: +7 0112 350601
> 					  FAX: +7 0112 350603
> 
> Rem:  No Microsoft products were used in the production of this message.
> ++ Ascend Users Mailing List ++
> To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
> To get FAQ'd:	<http://www.nealis.net/ascend/faq>
> 

++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>