在使用 OPENVAS對內部電腦進行弱點掃描,發現一個問題,就是會造成一些AD帳號因輸入太多次錯號密碼被鎖住。
個人猜測是在做掃描時,可能會隨便找一些帳號做登入測試,剛好有人的帳號就是一樣的,所以就被鎖了。
帳號被鎖,可以參考下列這個網站的教學,來查是哪一台設備在在做登入驗證的行為。
https://evotec.xyz/active-directory-how-to-track-down-why-and-where-the-user-account-was-locked-out/
OPENVAS(GVM) Vulnerability Scanning Causing Domain Account Lockouts
During the use of OPENVAS for vulnerability scanning on internal computers, I encountered an issue where it resulted in some AD accounts getting locked due to multiple incorrect password attempts. My personal speculation is that during the scanning process, the tool may attempt to log in using random accounts, and if there happens to be a match with a valid account, it leads to the account being locked.
To determine the source of the account lockouts, you can refer to the tutorial provided on the following website. It explains how to track down the device responsible for the login authentication attempts:
https://evotec.xyz/active-directory-how-to-track-down-why-and-where-the-user-account-was-locked-out/
沒有留言:
張貼留言