starboy9

Bad Credential Monitoring

Recommended Posts

Hello,

I have recently seen an issue with the LM service taking down a few ESX hosts.  The issue appears to have been caused by inadvertently applying ESXi credentials from the parent group.  What had happened was that once the systems were moved into monitoring, the credentials that were imported to the root directory were used for discovery.  This caused the root account to be locked out and then hostd service to become so overwhelmed that the hosts needed to be restarted.  Esentially it was DDoS'ing the systems so they needed to be rebooted after the LM services were stopped.  Below is the KB from VMware regarding the issues that were caused.

https://kb.vmware.com/s/article/67920

Are we able to put in place something that will stop the authentication requests if there is "X" number of failed login attempts?

Thanks in Advance.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.