Re: Crashing an XTACACS authentication server

Alan Brown (alan@MANAWATU.GEN.NZ)
Wed, 24 Dec 1997 15:39:39 +1300

At 11:21 23/12/97 -0800, Coaxial Karma wrote:

>I recently discovered that when an ISP was using XTACACS server from
>Vikas Aggarwal (vikas@navya.com) in a standalone mode, it was possible
>to
>make the XTACACS server crash by sending it different type of ICMP
>messages.

Nasty, but...

This reinforces the recommendation in Vikas' documentation that xtacacsd be
run out of inetd in persistent mode and not in standalone mode. Having
login/logout control die will at best generate a flurry of support calls
plus mess up time-based accounting or at worst, cost an ISP customers.

Thankfully Tacacs based clients usually default to "no response = no
access", so it only really becomes a security issue if a bogus tacacs
server can be installed on the network _and_ the tacacs servers are
configured to look at it. (Discounting forged udp tacacs responses).

AB