cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
592
Views
0
Helpful
2
Replies

Guest Login Multiple Attempts - Criteria

mcavinat
Cisco Employee
Cisco Employee

Hello folks,

 

One of our customers is saying that, when implementing Multiple Failure Login attempts (configured to 3) it gets shun by 20 minutes. However, if using a different laptop, within the 20min range, same user can login with right password.

 

This, naturally, makes us think that the shun criteria is based on MAC-Address, and not on the Guest name.

 

This opens space (thinking of Audit) to saying that you can easily spoof the MAC-Address to bypass the "Maximum failed login attempts before rate limiting" feature.

 

Any comments?

1 Accepted Solution

Accepted Solutions

Surendra
Cisco Employee
Cisco Employee
I believe this feature is in place to prevent brute force attacks using javascript or something similar. However, as @hslai mentioned, please put in any other additional security in place to prevent mac-spoofing attacks.

View solution in original post

2 Replies 2

hslai
Cisco Employee
Cisco Employee

If MAC spoof is an issue, then please put additional security in place and not rely solely on MAC-based authentication.

Surendra
Cisco Employee
Cisco Employee
I believe this feature is in place to prevent brute force attacks using javascript or something similar. However, as @hslai mentioned, please put in any other additional security in place to prevent mac-spoofing attacks.