• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Prevent account lockouts

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Prevent account lockouts Page: [1]
Login
Message << Older Topic   Newer Topic >>
Prevent account lockouts - 12.Nov.2008 9:47:00 AM   
tmauro23

 

Posts: 3
Joined: 30.Jul.2008
Status: offline
I am wondering if there is a way to prevent an account from being authenticated (or attempting to be authenticated) by ISA 2006.  I know you can restrict access to a rule by exception but what I am looking for is whether or not you can prevent a user from even being authenticated. 

For example, we have several service accounts which, if locked out, can cause web site / server outages.  If a malicious user gets the names of these service accounts and tries to log in using them with bad passwords, they will become locked and our site will go down.  Since these accounts should NEVER be authenticating through ISA for the given rules, can they be restricted so that an account lockout does not occur?

Thanks in advance for any help or suggestions!
Post #: 1
RE: Prevent account lockouts - 12.Nov.2008 10:48:22 AM   
ferrix

 

Posts: 547
Joined: 16.Mar.2005
Status: offline
To partially solve this you can use LockoutGuard.

It will still allow the first few attempts though; it's designed to prevent lockouts of real user accounts.

If you're *really* into the idea of blocking authentication attempts for some accounts, it'd be possible to catch the requests with an IsaScript and replace the username with something known to be non-existant.

(in reply to tmauro23)
Post #: 2

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Web Publishing >> Prevent account lockouts Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts