I have a bunch of user profiles on a client system that have 100's of
invalid signon attempts attached to them. These are not the standard IBM Q*
profiles either, but rather normal profiles like BOBA, or TWIECK or
whatever.
Normally I might think that someone is physically standing there trying to
get onto the system when I see an invalid signon attempt. But in this case,
this AS/400 is on a VPN and I wouldn't think that the outside world could be
trying some brute force attacks like this.
So this makes me wonder if it really is someone on the network who either
knows these old profile names or is trying to guess them.
But some of them have like 900+ invalid attempts to log on.
It is slightly possible that a former vendor, who was kicked out of this
location, may be responsible for trying to get past these disabled profiles,
but there are just soooo many attempts it seems incredible that these could
be done manually.
Can you think of any other ways/reasons for so many invalid logon attempts?
Thanks,
Shannon O'Donnell
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.