Support User Manuals

Lucent Technologies 555-233-119 Home Theater Server User Manual

Open as PDF

of 1872

DEFINITY ECS Release 8.2 Maintenance for R8.2csi

555-233-119 Issue 1

April 2000

Maintenance Objects

3-761LOG-SVN (Login Security Violation)

3

d. The affected login ID will be disabled as a result of detection of the

security violation, unless it is the last enabled INADS type login on the

system. The provision to disable a login ID following detection of a security

violation involving that login ID is administrable on a login ID basis.

e. The

enable login

command is used to both enable a login that has been

disabled, and to retire any login security violation alarms associated with

the login ID.

f. Use of the

enable login

command to enable a login and/or retire alarms

must be executed using a login ID with greater service level hierarchy

permissions.

g. Access to the

enable login

command is controlled through the

Administer Permissions

field on the Command Permission

Categories form. This field (Administer Permissions) must be set to

y

to

access the enable login command.

h. The

Port

alarm report field will set to the port where the final invalid login

attempt, involving the alarmed login ID, was detected. Valid port values for

the CMC include:

— MGR1 — Dedicated manager 1 or G3 management terminal

connection

— NET-n — Network controller dial up port

— INADS — INADS port

— EPN — EPN maintenance EIA port

—EIA — Other EIA port

i. The

Svc State

alarm report field will be set to OUT if the login ID is in the

disabled state as a result of detection of a security violation involving the

login ID. Once the login ID has been enabled, the field is set to

IN

.

j. The source or reason of the failed login attempts should be identified and

the cause corrected prior to re-enabling a login ID and/or retiring any

alarms associated with the login ID. The cause may be something as

innocuous as the failure of the services automatic login software, to

something as insidious as a hacker attempting to gain access to the

switch system management interface.

The login ID associated with that alarm is displayed in the

Alt Name

field of the

alarm report.

Prior to retiring an SVN alarm and enabling the associated login ID, the

monitor

security-violations login

command can be used to access information about

the invalid login attempts that caused the security violation. This information can

be useful in determining the source of the invalid attempts and analyzing why

they occurred.

previous next