View Single Post
Old 06-22-2017, 08:34 AM
ChuckS@CAM-Ohio's Avatar
ChuckS@CAM-Ohio ChuckS@CAM-Ohio is offline
Registered User
Join Date: Jun 2017
Location: Ohio, USA
Posts: 6
As you may have assumed, we have one large trigger-script, vshell-trigger for this example, which uses command-line arguments to determine specific functionality. You may have also noticed our trigger script runs with the security context of a special user account, 'app_user' for this example. This way any short-comings or exploits in the trigger script are localized to that user's context. A remote process connects to this account to perform automated file transfers. Therefore the script determines which actions are taken depending on the trigger type and user class - self, for the automated process; admins, for internal staff; users, for our external business partners.

Currently the FailedAuth call only writes to an application-specific log file, which is retrieved daily. Can you show us the vshelld_config settings required to achieve the scenario you mentioned, where the threshold effectively is 1 failed attempt for root and3 (or more) for other users?

Reply With Quote