FAILED_LOGIN _ATTEMPTS issue
From: Remigiusz Sokolowski <remigiusz.sokolowski_at_nordea.com>
Date: Thu, 11 Dec 2008 14:55:26 +0100
Message-ID: <1229003726.3469.77.camel@rems>
Remigiusz Sokolowski <remigiusz.sokolowski_at_nordea.com>
--
http://www.freelists.org/webpage/oracle-l Received on Thu Dec 11 2008 - 07:55:26 CST
Date: Thu, 11 Dec 2008 14:55:26 +0100
Message-ID: <1229003726.3469.77.camel@rems>
hi,
I wonder how do You deal with FAILED_LOGIN _ATTEMPTS issue in a day to
day practice.
This part of profile is thought of as a countermeasure against "brute
force" attacks on password, however dark side of it is a blocking an
account.
Let's assume there is an evil insider, who blocks in this way accounts used by an application. Of course we can audit logins, find an enemy etc, but I would prefer to disable such possibility at all (because that means some completely authorized requests to fail).
The "ideal" solution to this issue would be to allow a client identified
by IP to connect with for example only its own account or few chosen
accounts.
Any thoughts?
Best regards
Remigiusz
--
Remigiusz Sokolowski <remigiusz.sokolowski_at_nordea.com>
pos : DBA at DUSB addr : Nordea Bank Polska SA, Luzycka 6A Street, 81-537 Gdynia, Poland phone: +48 58 667 17 43Nordea Bank Polska S.A. z siedziba w Gdyni, ul. Kielecka 2, 81-303 Gdynia wpisana do Rejestru Przedsiebiorców Krajowego Rejestru Sadowego pod numerem: 0000021828, dla której dokumentacje przechowuje Sad Rejonowy Gdansk – Pólnoc w Gdansku, VIII Wydzial Gospodarczy Krajowego Rejestru Sadowego, o kapitale zakladowym i wplaconym w wysokosci: 227.593.500,00 zlotych, NIP: 586-000-78-20, REGON: 190024711
-----------------------------------------------------------------------------------------
--
http://www.freelists.org/webpage/oracle-l Received on Thu Dec 11 2008 - 07:55:26 CST