Denial of service attacks apparently from UUNET Netblocks
Matthew V. J. Whalen
mwhalen at uucom.com
Thu Oct 9 01:37:51 UTC 1997
I think I heard "John A. Tamplin" say:
>Why not just have the Radius server generate the filter itself based on the
>assigned IP address?
Aside from having to reconfigure the router everytime somebody logs on
or off? Other than having to have the Radius server run a script which
logs into the router and enables (assuming that you are using a Cisco)?
Ignoring the problems that Cisco's can have with changing access-lists
(especially under high load)? (the list could continue) Other than all
those reasons, it would work just fine. :)
(okay - maybe I'm Cisco bashing and flaming, but I've seen far too many
service interruptions caused by changing access-lists to ignore the issue)
More information about the NANOG