Date: Wed, 10 Apr 2002 15:21:40 +0300 (EEST) From: Dmitry Pryanishnikov <dmitry@atlantis.dp.ua> To: <freebsd-isp@freebsd.org> Subject: Re: [OT] All-in-one server Message-ID: <Pine.BSF.4.31.0204101516350.70741-100000@atlantis.dp.ua> In-Reply-To: <20020410075427.E77771-100000@cagelink.com.lucky.freebsd.isp>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello! On Wed, 10 Apr 2002, Tyler wrote: > I don't use it so I wouldn't know about any exploits, but the newest > version is 0.18.1 and I dunno what version is in ports. > > On Tue, 9 Apr 2002, Alan Clegg wrote: > > > Unless the network is lying to me again, Tyler said: > > > > > ICRADIUS uses a web-interface and a MySQL backend. > > > > From the port Makefile: > > > > FORBIDDEN= "Remotely exploitable buffer overflow" IMHO, one can safely use it if he guard RADIUS UDP ports (old pair 1646/1646, new 1812/1813) against side traffic using the firewall. Don't forget about IP address spoofing: receive packets only from NASes and filter out such a packets on all other interfaces (including clients, of course!). Sincerely, Dmitry Atlantis ISP, System Administrator e-mail: dmitry@atlantis.dp.ua nic-hdl: LYNX-RIPE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0204101516350.70741-100000>