Re: [FW-1] disable Provider-1 account after four or five unsuccessful lo

Subject:	Re: [FW-1] disable Provider-1 account after four or five unsuccessful login attempts?
From:	Adam BE <adamb_e AT YAHOO DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Thu, 23 Mar 2006 16:47:53 -0800

Well actually such a feature could work by blocking *by IP* instead of *by 
user* from logging in for a certain amount of time (similar to the block 
intruder feature in SmartView Tracker).  Sounds like a good security 
enhancement to me against brute forcing of user / pass   in SmartCenter and 
Provider-1.

Adam.

"Covington, Chris" <Chris.Covington AT PLUSONE DOT COM> wrote: So if you know 
someone's login, you can just try to login as them a
couple of times and then that person can't do any more work? 


---
Chris Covington
IT
Plus One Health Management
75 Maiden Lane Suite 801
NY, NY 10038
646-312-6269
http://www.plusoneactive.com


-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of
cisco4ng
Sent: Monday, March 20, 2006 2:12 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] disable Provider-1 account after four or five
unsuccessful login attempts?

Hi Gurus,
   
  Aside from using External authentication (RSA SecurID, Radius,etc...),
is it possible to implement disabling Provider-1/CMAs login access
after, for example, five unsuccessfully login attempt, using
Provider-1 internal password authentication.  For example, if a user log
into Provider-1/CMAs with his/her Provider-1 internal username/password,
if a user has five consecutive unsucessfully login, the account get
disabled and the Provider-1 Super User (me) will have to reset his/her
account.
   
  With RSA SecurID, Radius and MS Active Directory, the acount logout
function is handle by that application, not provider-1.  Can it be done
with Provider-1 internal users as well?  By the way, I am using
Provider-1 NGx R60 with HFA02
   
  I am thinking of making the Provider-1 MLM/CLM may be SmartPortal
available over the Internet so that customer can log in and see the
security/log in real time but I
  want to reduce the risk of being hacked so that the account will be
disabled after let say four or five different unsuccessfully login
attempts.
   
  Is this possible with Provider-1 NGx internal account?  
   
  As always, TIA
   
  cisco4ng

  
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail  makes sharing a breeze. 

=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================

!DSPAM:1,441efffe142301595768666!

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================


                
---------------------------------
New Yahoo! Messenger with Voice. Call regular phones from your PC and save big.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] disable Provider-1 account after four or five unsuccessful login attempts?, cisco4ng Re: [FW-1] disable Provider-1 account after four or five unsuccessful login attempts?, Covington, Chris Re: [FW-1] disable Provider-1 account after four or five unsuccessful login attempts?, Raj Re: [FW-1] disable Provider-1 account after four or five unsuccessful login attempts?, Adam BE <=

Previous by Date:	Re: [FW-1] VPN acceleration card is disabled and wants to turn it on duringboot up., Adam BE
Next by Date:	Re: [FW-1] NGX Upgrade issue, Lino Eduardo Avila Rodríguez
Previous by Thread:	Re: [FW-1] disable Provider-1 account after four or five unsuccessful login attempts?, Raj
Next by Thread:	[FW-1] NGX Upgrade issue, Ramki Security
Indexes:	[Date] [Thread] [Top] [All Lists]