Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Where are FAILED_LOGIN_ATTEMPTS recorded?

Re: Where are FAILED_LOGIN_ATTEMPTS recorded?

From: DA Morgan <damorgan_at_psoug.org>
Date: Tue, 16 Oct 2007 22:43:22 -0700
Message-ID: <1192599791.620665@bubbleator.drizzle.com>


Steve Howard wrote:
> On Oct 16, 11:04 am, "deebe..._at_gmail.com" <deebe..._at_gmail.com> wrote:

>> Hi,
>>
>> Using 10gR2 - trying to find out where FAILED_LOGIN_ATTEMPTS are
>> recorded.
>> FAILED_LOGIN_ATTEMPTS is currently set to 10 as per the Default
>> profile.
>>
>> There is no auditing in place but failed logins for users must be
>> recorded somewhere (ie internal table) for the profile to work.
>>
>> Cheers
>> D

>
> Hi,
>
> LCOUNT in user$ holds this information.
>
> HTH,
>
> Steve

If you assume that the user name is known and the password is wrong then you are correct. If, on the other hand, someone is trying a brute force attack that information is only recorded if you create an AFTER LOGON trigger trapping for the appropriate server errors.

I have a demo that does this in Morgan's Library at www.psoug.org under System Event Triggers.

-- 
Daniel A. Morgan
University of Washington
damorgan_at_x.washington.edu (replace x with u to respond)
Puget Sound Oracle Users Group
www.psoug.org
Received on Wed Oct 17 2007 - 00:43:22 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US