Re: User Accounts Loccked After Accessing FTP Site

From: Tim Hellebuyck (thellebuyck@federalapd.com)
Date: 10/28/02 

From: "Tim Hellebuyck" <thellebuyck@federalapd.com>
Date: Mon, 28 Oct 2002 14:44:18 -0500

The security policy for lockout is 3 failed login attempts. I looked at the
configuation settings for this particular ftp site ( I am relatively new at
the company and still figuring out all configs) and anonymous users are
prohibited from accesssing the site. I also looked at the log files and
noticed that a recently locked out users is sending his login credentials as
well as anonymous requests from the same ip address. If anonymous access is
prohibited, would this cause a lockout since the request is from the same
destination as the authorized user? Also, excluding anonymous access causes
passwords and user accounts to be sent in clear text. Is this correct?

Thanks

"Farida Bharmal" <farida@online.microsoft.com> wrote in message
news:fzDuRIqfCHA.1896@cpmsftngxa09...
> What is the account lockout policy for domain users?
> You can check this by going to domain security settings and checking the
account lockout policy.
>
> Does this happen even with local accounts try to access ftp server?
(accounts that are not domain accounts?)
>
> Thank You
> Farida Bharmal
> IIS Support
>
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> You assume all risk for your use. © 2001 Microsoft Corporation. All rights
reserved.
> Please do not send email directly to this alias. This is our online
account name for newsgroup participation only.
>
> --------------------
> | From: "Tim Hellebuyck" <thellebuyck@federalapd.com>
> | Subject: User Accounts Loccked After Accessing FTP Site
> | Date: Mon, 28 Oct 2002 09:56:59 -0500
> | Lines: 5
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
> | Message-ID: <OJi4TIpfCHA.1756@tkmsftngp12>
> | Newsgroups: microsoft.public.inetserver.iis.security
> | NNTP-Posting-Host: 63.99.119.20
> | Path: cpmsftngxa08!tkmsftngp01!tkmsftngp12
> | Xref: cpmsftngxa08 microsoft.public.inetserver.iis.security:11865
> | X-Tomcat-NG: microsoft.public.inetserver.iis.security
> |
> | Has anyone seen this? Our domain users access our FTP site and then
return
> | to the domain to find that their accounts have been locked out. Kind of
a
> | strange problem. Any insight would be greatly appreciated.
> |
> |
> |
>
>

Relevant Pages

  • Re: Welcome Logon Screen locks out accounts
    ... consider a lockout count of 15-25 tries. ... > 30 minutes your accounts will not lock out. ... >> I am using the Welcome logon screen on my XP Pro system. ... >> password before the account is locked out using security policies. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: [Full-disclosure] Secure OWA
    ... Running an active event log monitor (Symantec's ITA comes to mind as a ... quick example) will catch both the brute forcer and/or the lockouts ... accounts, and your OWA page is available from anywhere on the Internet, ... But a temporary lockout period would deter brute-force ...
    (Full-Disclosure)
  • Re: GPO Question
    ... Account Lockout and Password policy is domainwide - you cannot define it on ... > I have a OU called App and under App, ... > type of GPO per category. ... > -Service Accounts ...
    (microsoft.public.windows.server.security)
  • Re: Password Protected
    ... yeah i tried setting up 3 accounts like that. ... I just tried accessing the ftp site from the outside using one of those ... >> i entered the username and password it wouldnt allow me in, ... >> using an admin account. ...
    (microsoft.public.inetserver.iis.ftp)
  • Re: Lockout of all acounts
    ... > accounts, including Administrator, have been locked out. ... > have a single domain controller and cannot get console access. ... is the lockout from repeated failed ...
    (microsoft.public.win2000.general)