Remote Authentication Dial In User Service (RADIUS), a networking
protocol that provides centralized Authentication, Authorization, and
Accounting (AAA) services to connect network resources. Attacker can use
crafted username which could lead to Denial of Service.
To Authenticate and Authorize users, RADIUS server connects to Domain
controller. Active Directory is queried for username upon incoming
access request message. This involves establishing LDAP connection and
passing LDAP query.
LDAP filter tests the username for predefined special characters and
normalize them except NUL character. If username string starts with NUL
character it causes Active Directory Domain Controller server to return
an error value. Multiple invalid requests cause RADIUS server to
disassociated from Active Directory Domain controller. Causing Denial of
further requests.
So if you aware on this and haven't patch you IPS signature yet? Please update it quickly to prevent your network.
Source : Dell SonicWALL Security Center
My Myanmar Blog
Categories
Popular Posts
-
During bootup of Cisco hardware through Cisco IOS software, error messages similar to below are displayed when you erase configuration and r...
-
We need to think about Server Virtualization first if we want to talk about Network Virtualization. In the era of cloud computing, servers... -
Today, I've got below when I try to connect my WSUS Server via WSUS Console. Below logs are display in Event Logs too. The WSUS... -
As an office 365 administrator, you would definitely need to display and export some user information such as distribution group list, all u...
-
If you face with error like above picture, take note it's your BCD corrupted. You can fix that error as below. Boot your server...
Post a Comment