Dear all, I know that this is FreeRadius forum, but since ICRadius forum is almost dead i thought someone can help me, here. It turns out this morning that I have over 1,800,000 records in my RadAcct table with blank username. Probably I am under attack. The record is so much different than regular user records authenticated through NAS server. In each record AcctSessionTime=1 Attack Regular NASIPAddress A.B.C.D A.B.C.D NASPortType Virtual Async AcctAuthentic local Radius CalledStationId first 10 char of A.B.C.D Regular phone number AcctTerminateCause Lost-Carrier Usually User-Request Service-Type NAS-Prompt-User Framed-User NASPortId 122, 123 * Can anyone tell me, what is going on? How can I stop this attacker? BR, Baynaa.