North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Denial of service attacks apparently from UUNET Netblocks

  • From: Matthew V. J. Whalen
  • Date: Wed Oct 08 22:01:10 1997

I think I heard "John A. Tamplin" say:
>Why not just have the Radius server generate the filter itself based on the
>assigned IP address?

Aside from having to reconfigure the router everytime somebody logs on
or off? Other than having to have the Radius server run a script which
logs into the router and enables (assuming that you are using a Cisco)?
Ignoring the problems that Cisco's can have with changing access-lists
(especially under high load)? (the list could continue)  Other than all
those reasons, it would work just fine. :)

(okay - maybe I'm Cisco bashing and flaming, but I've seen far too many
service interruptions caused by changing access-lists to ignore the issue)