FAILED_LOGIN _ATTEMPTS issue
- From: "Remigiusz Sokolowski" <remigiusz.sokolowski@xxxxxxxxxx>
- To: <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 11 Dec 2008 14:55:26 +0100
hi,
I wonder how do You deal with FAILED_LOGIN _ATTEMPTS issue in a day to
day practice.
This part of profile is thought of as a countermeasure against "brute
force" attacks on password, however dark side of it is a blocking an
account.
Let's assume there is an evil insider, who blocks in this way accounts
used by an application. Of course we can audit logins, find an enemy
etc, but I would prefer to disable such possibility at all (because that
means some completely authorized requests to fail).
The "ideal" solution to this issue would be to allow a client identified
by IP to connect with for example only its own account or few chosen
accounts.
Any thoughts?
Best regards
Remigiusz
--
----------------------------------------------------------------------
Remigiusz Sokolowski <remigiusz.sokolowski@xxxxxxxxxx>
pos : DBA at DUSB
addr : Nordea Bank Polska SA, Luzycka 6A Street, 81-537 Gdynia, Poland
phone: +48 58 667 17 43
-----------------------------------------------------------------------------------------
Nordea Bank Polska S.A. z siedziba w Gdyni, ul. Kielecka 2, 81-303 Gdynia
wpisana do Rejestru Przedsiebiorców Krajowego Rejestru Sadowego pod numerem:
0000021828,
dla której dokumentacje przechowuje Sad Rejonowy Gdansk – Pólnoc w Gdansku,
VIII Wydzial Gospodarczy Krajowego Rejestru Sadowego,
o kapitale zakladowym i wplaconym w wysokosci: 227.593.500,00 zlotych,
NIP: 586-000-78-20, REGON: 190024711
-----------------------------------------------------------------------------------------
--
http://www.freelists.org/webpage/oracle-l
Other related posts: