09-16-2014 02:21 AM - edited 03-10-2019 10:01 PM
Hi there
I think this is a bug but wanted to check, if someone knows a good reason why failed authentication attemps with non-existing user account are not logged on ISE 1.2 (CWA).
The different cases:
Case 1: existing user / wrong password -> logged
Case 2: no user / any password -> logged
Case 3: no user / no password -> logged
Case 4: non-existing user / any password -> not logged
In my opinion this is a critical case to be logged because this could be an indicator of a DoS attack or a password penetration test.
Thanks in advance and best regards
Dominic
Solved! Go to Solution.
09-16-2014 05:56 AM
check this bug listed CSCuh49137
09-16-2014 05:56 AM
check this bug listed CSCuh49137
09-16-2014 06:09 AM
Hi vatullu
thanks man, you helped me a lot.
Regards
Dominic
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide