General discussion


DoS on Active Directory Account

By Ty_Sec ·
Is there a way to avoid a DoS attack on an Active Directory account so an attacker can't intentionally lock out an account that is set for maybe like 7 attempts allowed?

I know you can set it to not lockout an account, but you would have to setup a mechanism to monitor number of attempts on the accounts in order to know if it is a DoS type of attack or have the account get reset after xx time.

I'm just looking to see if there is any settings or a simple way for an attacker not be able to lockout an account easily when a company policy may allow for only 7 attempts before a lockout.

Any help would be appreciated.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Related Discussions

Related Forums