cancel
Showing results for 
Search instead for 
Did you mean: 

DAM Use case 2: Database Protection “Brute Force Login”

Database Protection “Brute Force Login”


Prerequisite:

  Installation of the McAfee DAM Sensor at the Database.

  Database monitoring configuration


Scenario:

We need to simulate that a general user or hacker try to login into the database to get the password using tools or social engineering and after many failed logon we have a successful logon.


  He logs in to the core of the database server after a multiple failed login.


  McAfee DAM sends an alert.


  DAM2.png


  Note: McAfee DAM will look that many failed authentications followed by a successful authentication by the same user and same IP address.

   He we can also create a correlation rule at the McAfee SIEM that will detect the Bruce force attack.