Failed login lockout protection in FreeRADIUS

mr. s sigasecure at gmail.com
Tue Sep 18 05:13:17 CEST 2012


For edification, what its worth.. Heres the question asked by the author of
the article, I was referring to, and the answer from Alan D. --

Here’s my question and response from Alan T DeKok aland at freeradius.org about
this. You can check with him on more details if needed or send to the
mailing list.****

** **

>> Does FR support an account lockout feature to block users after so many
failed password attempts?****

** **

  Yes.  It's not enabled in the default configuration, but you can make****

*any* policy decision based on *any* data source, including logs.




Cheers -

On Fri, Sep 14, 2012 at 10:25 AM, Marinko Tarlać <mangia81 at gmail.com> wrote:

> Nice option but please keep in mind that suspended routers can behave like
> a brute force attacker and you'll lock them too.
>
>
> On 14.9.2012 15:36, Phil Mayers wrote:
>
>> On 14/09/12 13:57, mr. s wrote:
>>
>>> Hello,
>>>
>>> I was reading an article in computer world comparing a few RADIUS
>>> servers.
>>>
>>> It said that FreeRADIUS had "failed login lockout protection", however I
>>> can't find that particular verbiage in the FreeRADIUS documentation, FAQ
>>> or HowTos.
>>>
>>
>> What are you asking here? How to lock out a user after X failed logins?
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/**
>> list/users.html <http://www.freeradius.org/list/users.html>
>>
>>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/**
> list/users.html <http://www.freeradius.org/list/users.html>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120917/66cbf405/attachment.html>


More information about the Freeradius-Users mailing list