Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Concurrent Login

https://support.nagios.com/forum/viewtopic.php?t=55340

Page 1 of 1

Concurrent Login

Posted: Wed Aug 28, 2019 11:24 am
by sugardaddyz
Hi guys,

Recently our security team has flagged out the below:

A single user account is permitted to login repeatedly to maintain multiple active sessions at a time. Concurrent sessions increase the chances of a user being unable to detect whether his account has been compromised. It also allows an attacker who has gained access once to perpetuate his session, as he will not be logged out upon a valid logon by a legitimate user.


Is there a way to disable concurrent logon?

Re: Concurrent Login

Posted: Wed Aug 28, 2019 11:34 am
by scottwilkerson
sugardaddyz wrote:Is there a way to disable concurrent logon?
Sorry, there is no such feature in Nagios Core

Re: Concurrent Login

Posted: Thu Aug 29, 2019 10:20 pm
by sugardaddyz
Is this feature available in Nagios XI?

Re: Concurrent Login

Posted: Fri Aug 30, 2019 7:00 am
by scottwilkerson
In XI there is some session management where you can set session expiration as well as Admins can view sessions opened, IP addresses that are connected to the session, and take actions (like killing the session)
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited