Type: MAJOR

Object ID1.3.6.1.4.1.2879.2.8.1.2.1.12.0.15

Description

This alarm is generated when an account is locked after a potential brute force attack.

Repetition

N/A

Objects

  • sonusAlarmNodeID
  • sonusAlarmLevel
  • sonusAlarmSequenceId
  • sonusAlarmTime
  • sonusAlarmDescription
  • sonusUserName
  • sonusUnlockType

Action

Wait until the account is automatically unlocked, or is manually enabled, before attempting to access the account again.

Impact

The account is not accessible until unlocked.

Clearing

Automatic

  • sonusSystemSecurityAccountAutoReEnabled
Note

The account lockout status and number of failed login attempts are preserved even after the server is rebooted. The 'linuxadmin' account is locked like other OS accounts, but only for 10 seconds, and will then unlock automatically.


  • No labels