Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Where are FAILED_LOGIN_ATTEMPTS recorded?

Re: Where are FAILED_LOGIN_ATTEMPTS recorded?

From: DA Morgan <damorgan_at_psoug.org>
Date: Tue, 16 Oct 2007 22:43:22 -0700
Message-ID: <1192599791.620665@bubbleator.drizzle.com> 





Steve Howard wrote:


> On Oct 16, 11:04 am, "deebe..._at_gmail.com" <deebe..._at_gmail.com> wrote:


>> Hi,
>>
>> Using 10gR2 - trying to find out where FAILED_LOGIN_ATTEMPTS are
>> recorded.
>> FAILED_LOGIN_ATTEMPTS is currently set to 10 as per the Default
>> profile.
>>
>> There is no auditing in place but failed logins for users must be
>> recorded somewhere (ie internal table) for the profile to work.
>>
>> Cheers
>> D




> 

> Hi,

> 

> LCOUNT in user$ holds this information.

> 

> HTH,


> 

> Steve




If you assume that the user name is known and the password is wrong then
you are correct. If, on the other hand, someone is trying a brute force
attack that information is only recorded if you create an AFTER LOGON
trigger trapping for the appropriate server errors.



I have a demo that does this in Morgan's Library at www.psoug.org under
System Event Triggers.

-- 
Daniel A. Morgan
University of Washington
damorgan_at_x.washington.edu (replace x with u to respond)
Puget Sound Oracle Users Group
www.psoug.org


Received on Wed Oct 17 2007 - 00:43:22 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US