Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerDRAC5 Version 1.60
221222223224225226227228229230
228 Configuring Security Features
IP Blocking
IP blocking dynamically determines when excessive login failures occur from
a particular IP address and blocks (or prevents) the address from logging into
the DRAC 5 for a preselected time span.
The IP blocking parameter uses cfgRacTuning group features that include:
The number of allowable login failures
The timeframe in seconds when these failures must occur
The amount of time in seconds when the "guilty" IP address is prevented
from establishing a session after the total allowable number of failures is
exceeded
As login failures accumulate from a specific IP address, they are "aged" by an
internal counter. When the user logs in successfully, the failure history is
cleared and the internal counter is reset.
NOTE: When login attempts are refused from the client IP address, some SSH
clients may display the following message: ssh exchange
identification: Connection closed by remote host.
See "DRAC 5 Property Database Group and Object Definitions" on page 345
for a complete list of cfgRacTune properties.
Table 12-16 lists the user-defined parameters.
Table 12-16. Login Retry Restriction Properties
Property Definition
cfgRacTuneIpBlkEnable Enables the IP blocking feature.
When consecutive failures
(cfgRacTuneIpBlkFailCount) from a single IP
address are encountered within a specific amount of
time (cfgRacTuneIpBlkFailWindow), all further
attempts to establish a session from that address are
rejected for a certain timespan
(cfgRacTuneIpBlkPenaltyTime).
cfgRacTuneIpBlkFailCount Sets the number of login failures from an IP address
before the login attempts are rejected.
cfgRacTuneIpBlkFailWindow The timeframe in seconds when the failure attempts
are counted. When the failures exceed this limit,
they are dropped from the counter.