Re: Auditing of FAILED_LOGIN_ATTEMPTS value on Oracle profiles

From: Don Seiler <don_at_seiler.us>
Date: Fri, 6 Dec 2013 10:19:42 -0600
Message-ID: <CAHJZqBC1hha297kX5nEsLw0VKOjmkJGFYAyTaGcE0hCF7HRN2w_at_mail.gmail.com>



I'd start by getting a large cricket bat or wooden paddle and let IT know the consequences of using the wrong DB.

On Fri, Dec 6, 2013 at 9:07 AM, Rich Jesse <rjoralist3_at_society.servebeer.com
> wrote:

> Hey all,
>
> I'm expecting to get dinged on an audit because I have
> FAILED_LOGIN_ATTEMPTS
> set to 10 in a profile (11.2.0.3, if that matters). On our new DBs, I plan
> on changing that to UNLIMITED. The initial feedback from the auditors is
> that "the recommended is 3 to 5".
>
> I reasoned that instead of a malicious attempt to break in to our ERP DB,
> it's much more likely that someone (in IT) will accidentally choose our
> Production ERP DB when they meant to choose Development (which has a
> different password), causing login failures which could lockout the
> account,
> effectively causing a denial of service. This has already happened, but
> with a non-existent user, so no harm done.
>
> I have EM12c paging me for EVERY login failure in Production, since there
> are no user logins other than for the DBA (me).
>
> What do others do? Take the audit hit and just move on?
>
> TIA!
> Rich
>
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>

-- 
Don Seiler
http://www.seiler.us

--
http://www.freelists.org/webpage/oracle-l
Received on Fri Dec 06 2013 - 17:19:42 CET

Original text of this message