CA VM:Secure creates two types of journal entries for invalid logon attempts: one covering any terminal attempting to log on to a specific user ID, and another covering a specific terminal attempting to log on to any user ID. These two entries prevent a person from using a series of terminals to guess a logon password or from using the same terminal to guess the logon password for a series of user IDs.
The two entries below with LOGON in the command column are examples of these two types of entries. You can use the CA VM:Secure audit data to prove that terminal L0007 was the terminal that issued three invalid passwords. The entry with DIAGA0 in the command column indicates that VMANAGER attempted password verification for user ID PAM two times. To display the current journal information, enter the JOURNAL command with the LIST parameter:
vmsecure journal list
CA VM:Secure responds:
3 WOODYH XAUTOLOG VMANAGER 3 * LOGON VMANAGER 3 L0007 LOGON * 2 CARLAT VMXLOGON 1 USER098 LINK VMSECURE 01B0 1 DIANEC VMXLOGON 4 DIANEC VMXLINK VMSYS1 199 2 VMANAGER VALIDATE PAM
The output reflects the order of the variables in the command syntax, prefixed by the number of occurrences of each journal entry.
|
Copyright © 2014 CA.
All rights reserved.
|
|