Magnus Hagander wrote:
> If you can test the complete patch in your environment (particularly
> if you already have a "bad packet injector" that you know creates the
> issue on 9.0), that would be great though.
If you use FreeRADIUS, use "radclient" to send the following text:
User-Name = "bob"
User-Password = "hello"
Raw-Attribute = 0x0501
The last bit is a malformed RADIUS attribute.
>> OK. My only interest there was to ensure that a DoS attack wouldn't
>> result in the log being flooded with "invalid packet" messages.
>
> Uh, how exactly does your patch prevent that?
Hmm.... not so much.
Alan DeKok.