[Snort-devel] pptp+radius+ldap

Andrew Rucker Jones arjones at ...2237...
Sun Aug 21 09:56:02 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

I think You're on the wrong list. This list has nothing to do with PPP,
PPTP, VPNs or LDAP. It has to do with Snort, and intrusion detection system.

Here's another tip: if possible, it helps to write a little introduction
explaining the problem You have. Sending logs is good, but it's probably
not enough.

		-&

abanger wu wrote:
> Aug 21 21:36:26 vpn pptpd[4545]: CTRL: Sent packet to
> client
> Aug 21 21:36:26 vpn pppd[4546]: Plugin
> /usr/local/lib/pppd/2.4.3/radius.so loaded.
> Aug 21 21:36:26 vpn pppd[4546]: RADIUS plugin
> initialized.
> Aug 21 21:36:26 vpn pppd[4546]: Plugin
> /usr/lib/pptpd/pptpd-logwtmp.so loaded.
> Aug 21 21:36:26 vpn pppd[4546]: pptpd-logwtmp:
> $Version$
> Aug 21 21:36:26 vpn pppd[4546]: pppd 2.4.3 started by
> root, uid 0
> Aug 21 21:36:26 vpn pppd[4546]: using channel 15
> Aug 21 21:36:26 vpn kernel: divert: not allocating
> divert_blk for non-ethernet device ppp0
> Aug 21 21:36:26 vpn pppd[4546]: Using interface ppp0
> Aug 21 21:36:26 vpn pppd[4546]: Connect: ppp0 <-->
> /dev/pts/1
> Aug 21 21:36:26 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:26 vpn pptpd[4545]: CTRL: Received PPTP
> Control Message (type: 15)
> Aug 21 21:36:26 vpn pptpd[4545]: CTRL: Got a SET LINK
> INFO packet with standard ACCMs
> Aug 21 21:36:26 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x0 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:26 vpn pppd[4546]: sent [LCP ConfRej
> id=0x0 <callback CBCP>]
> Aug 21 21:36:28 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x1 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:28 vpn pppd[4546]: sent [LCP ConfRej
> id=0x1 <callback CBCP>]
> Aug 21 21:36:29 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:31 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x2 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:31 vpn pppd[4546]: sent [LCP ConfRej
> id=0x2 <callback CBCP>]
> Aug 21 21:36:32 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:35 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:35 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x3 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:35 vpn pppd[4546]: sent [LCP ConfRej
> id=0x3 <callback CBCP>]
> Aug 21 21:36:38 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:39 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x4 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:39 vpn pppd[4546]: sent [LCP ConfRej
> id=0x4 <callback CBCP>]
> Aug 21 21:36:41 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:43 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x5 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:43 vpn pppd[4546]: sent [LCP ConfRej
> id=0x5 <callback CBCP>]
> Aug 21 21:36:44 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:47 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:47 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x6 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:47 vpn pppd[4546]: sent [LCP ConfRej
> id=0x6 <callback CBCP>]
> Aug 21 21:36:50 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:51 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x7 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:51 vpn pppd[4546]: sent [LCP ConfRej
> id=0x7 <callback CBCP>]
> Aug 21 21:36:53 vpn pppd[4546]: sent [LCP ConfReq
> id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xc29af7f3> <pcomp> <accomp>]
> Aug 21 21:36:55 vpn pppd[4546]: rcvd [LCP ConfReq
> id=0x8 <mru 1400> <magic 0x281421f2> <pcomp> <accomp>
> <callback CBCP>]
> Aug 21 21:36:55 vpn pppd[4546]: sent [LCP ConfRej
> id=0x8 <callback CBCP>]
> Aug 21 21:36:56 vpn pppd[4546]: LCP: timeout sending
> Config-Requests 
> Aug 21 21:36:56 vpn pppd[4546]: Connection terminated.
> Aug 21 21:36:56 vpn kernel: divert: no divert_blk to
> free, ppp0 not ethernet
> Aug 21 21:36:56 vpn pppd[4546]: using channel 16
> Aug 21 21:36:56 vpn pppd[4546]: Using interface ppp0
> Aug 21 21:36:56 vpn pppd[4546]: Connect: ppp0 <-->
> /dev/pts/1
> Aug 21 21:36:56 vpn pppd[4546]: sent [LCP ConfReq
> id=0x2 <asyncmap 0x0> <auth chap MS-v2> <magic
> 0xacba009f> <pcomp> <accomp>]
> Aug 21 21:36:56 vpn pppd[4546]: tcflush failed: Bad
> file descriptor
> Aug 21 21:36:56 vpn kernel: divert: not allocating
> divert_blk for non-ethernet device ppp0
> Aug 21 21:36:56 vpn kernel: divert: no divert_blk to
> free, ppp0 not ethernet
> Aug 21 21:36:56 vpn pppd[4546]: tcsetattr: Invalid
> argument (line 1001)
> Aug 21 21:36:56 vpn pppd[4546]: Exit.
> 
> thanks and help!
> 
> 
> 	
> 
> 	
> 		
> ___________________________________________________________ 
> ????G??????????????????? 
> http://cn.mail.yahoo.com
> 
> 
> 
> -------------------------------------------------------
> SF.Net email is Sponsored by the Better Software Conference & EXPO
> September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
> Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
> Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
> _______________________________________________
> Snort-devel mailing list
> Snort-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-devel

- --
GPG key / Schlüssel -- http://simultan.dyndns.org/~arjones/gpgkey.txt
Encrypt everything. / Alles verschlüsseln.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFDCLHToI7tqy5bNGMRAxywAJ4x5BNl5zPDJFfYoaibOjM0O7HRXQCgzz5O
gMkPzeJkzru6wT6Z3VkWiWU=
=R8pX
-----END PGP SIGNATURE-----




More information about the Snort-devel mailing list