From: mmj (groupstudy@users.hotpop.com)
Date: Sun Nov 28 2004 - 08:36:53 GMT-3
I cannot give stright answer but,
To give some directions:
-clean ACS, trough accepted loging method from NAS or user group
-clean NAS, trough accepted loging method from user
find a way in interface/Group/network configuration to accept only needed
Service-Type
Login-TCP-Port
Login-Service
Etc. That should clean logs.
Furthermore explain if you need tacacs or radius for your NAS or user
requirements?
Martijn
-----Oorspronkelijk bericht-----
Van: nobody@groupstudy.com [mailto:nobody@groupstudy.com] Namens Vishal B
Patel
Verzonden: zaterdag 13 november 2004 23:12
Aan: 'ccielab@groupstudy.com'
Onderwerp: Attack on Authentication Server
Hello ,
Iam facing a problem with my ACS , I have been using Cisco ACS for users
authentication of the various Routers, Access Servers and DSLAMs
From last fews days I notice that ACS is being flooded by requests for
authentication from the access servers and DSLAMs , when I check the logs of
failed attempts in ACS , it says the user is trying to login from a aync
connection and for the matter of fact the DSLAMs are not having any async
connections.
I tried to run Debug Modems and Debug Tacacs events on the DSLAMs ,I can
just see the that Modem is trying to come up on a TTY line and then TACACS
authentication is trying to happen.
If would be of great help if anyone help me to solve this problem.
Thanks
Vishal
This archive was generated by hypermail 2.1.4 : Thu Dec 02 2004 - 06:57:50 GMT-3