Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
592
Views
0
Helpful
2
Replies

Guest Login Multiple Attempts - Criteria

Go to solution
mcavinat
Cisco Employee
Cisco Employee

‎12-19-2018 03:52 AM

Hello folks,

 

One of our customers is saying that, when implementing Multiple Failure Login attempts (configured to 3) it gets shun by 20 minutes. However, if using a different laptop, within the 20min range, same user can login with right password.

 

This, naturally, makes us think that the shun criteria is based on MAC-Address, and not on the Guest name.

 

This opens space (thinking of Audit) to saying that you can easily spoof the MAC-Address to bypass the "Maximum failed login attempts before rate limiting" feature.

 

Any comments?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Surendra
Cisco Employee
Cisco Employee

‎12-19-2018 07:14 AM

I believe this feature is in place to prevent brute force attacks using javascript or something similar. However, as @hslai mentioned, please put in any other additional security in place to prevent mac-spoofing attacks.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
hslai
Cisco Employee
Cisco Employee

‎12-19-2018 06:44 AM

If MAC spoof is an issue, then please put additional security in place and not rely solely on MAC-based authentication.

0 Helpful

Go to solution
Surendra
Cisco Employee
Cisco Employee

‎12-19-2018 07:14 AM

I believe this feature is in place to prevent brute force attacks using javascript or something similar. However, as @hslai mentioned, please put in any other additional security in place to prevent mac-spoofing attacks.
0 Helpful
Customers Also Viewed These Support Documents