Active Account Under Heavy Attack

Detects successful logins from an IP address associated with probing attempts against other accounts in the organization. A user will fail this check if Oort detects more than 5 probing attempts.

Recommended Actions

Contact the end user to verify the origin of the actions. If you cannot verify the login, log the user out.

Default Check Settings

Maximum Number of Probing IP Addresses: 5

Compatibility

PreviousAccounts With Unusually High Activity NextActivity From Untrustworthy ISP

Last updated 4 months ago