Maintenance Object Repair Procedures
555-233-123
10-1016 Issue 4 May 2002
d. The affected login ID will be disabled as a result of detection of the security
violation, unless it is the last enabled INADS type login on the system. The
provision to disable a login ID following detection of a security violation
involving that login ID is administrable on a login ID basis.
e. The enable login command is used to both enable a login that has been
disabled, and to retire any login security violation alarms associated with
the login ID.
f. Use of the enable login command to enable a login and/or retire alarms
must be executed using a login ID with greater service level hierarchy
permissions.
g. Access to the enable login command is controlled through the Administer
Permissions field on the Command Permission Categories form. This field
(Administer Permissions) must be set to “y” to access the enable login
command.
h. The Port alarm report field will set to the port where the final invalid login
attempt, involving the alarmed login ID, was detected. Valid port values for
G3i products include:
— MGR1 — Dedicated manager 1 or G3 management terminal
connection
— NET-n — Network controller dial up port
— INADS — INADS port
— EPN — EPN maintenance EIA port
— EIA — Other EIA port
Valid port value for G3r products include:
— SYSAM_LOC — Local administration port
— YSAM_RMT — Remote administration port
— SYS_PORT —
— MAINT — Maintenance port
i. The Svc State alarm report field will be set to OUT if the login ID is in the
disabled state as a result of detection of a security violation involving the
login ID. Once the login ID has been enabled, the field will be set to IN.
j. The source or reason of the failed login attempts should be identified and
the cause corrected prior to re-enabling a login ID and/or retiring any
alarms associated with the login ID. The cause may be something as
innocuous as the failure of AT&T services automatic login software, to
something as insidious as a hacker attempting to gain access to the switch
system management interface.
The login ID associated with that alarm is displayed in the Alt Name field of the
alarm report.
To Next Page
Loading...
