Nortel Networks 555-4001-135 User Manual
Appendix A: Password security 225
Nortel Integrated Conference Bridge Service Implementation Guide
Unsuccessful login attempt handling
Procedure 52 shows how the system handles unsuccessful login
attempts.
attempts.
Procedure 52
Unsuccessful login operation
1
No action is required for this procedure. However, observe the activities in the
following steps and report any system discrepancies to your support
technician.
following steps and report any system discrepancies to your support
technician.
2
For each faulty login, the system issues a message in the error log and the
CLI. This applies to all access types: BUI; TUI; CLI; and Telnet. The following
is an example of the message format (for more information on error
messages, see
CLI. This applies to all access types: BUI; TUI; CLI; and Telnet. The following
is an example of the message format (for more information on error
messages, see
).
0024: WARNING MNGMMI114 12-06 15:42:55:612 FTP login FAILED from
152.217.111.234
3
The ICB counts consecutive login attempts. When the count reaches the
“maximum faulty login attempts” parameter set by the administrator, the
system performs the following:
“maximum faulty login attempts” parameter set by the administrator, the
system performs the following:
a
BUI user and administrator access – After five consecutive faulty login
attempts in which the login name is correct, but the password is wrong,
the system blocks this login name. The administrator must reset the
name to resume normal login operation.
attempts in which the login name is correct, but the password is wrong,
the system blocks this login name. The administrator must reset the
name to resume normal login operation.
b
CLI access – After the maximum allowed login attempts, the system
blocks the CLI for a period of time. The administrator can define the
blocking time period.
blocks the CLI for a period of time. The administrator can define the
blocking time period.
FTP
(server access)
1
Remote access using FTP requires a dedicated login name and password. The
name and password can contain letters and digits.
name and password can contain letters and digits.
2
The system records every successful login as an informational message in the
error log. The CLI terminal prints this message.
error log. The CLI terminal prints this message.
3
The system times out and closes the session after a period of inactivity. The
administrator defines the time-out parameter.
administrator defines the time-out parameter.
General
1
The system always encrypts files containing passwords.
2
An administrator defines the minimum length of the login name and password.
The system enforces the minimum requirement when a user changes their
login name or password. This rule applies to all the passwords that this table
describes. It does not apply to the conference and chairperson passwords set
up in the BUI scheduling window.
The system enforces the minimum requirement when a user changes their
login name or password. This rule applies to all the passwords that this table
describes. It does not apply to the conference and chairperson passwords set
up in the BUI scheduling window.
3
The maximum password length is 16 characters, which is hard-coded.
4
The IP/LAN connectivity provides access through the LAN using HTTP, Telnet
and FTP only.
and FTP only.
Table 58
Access permissions (Continued)
Access type
Description of permissions