>Our ASE database version is 184.108.40.206 on NT. An internal
>audit questioned our inability to time-out inactive users as
>well as locking logins after n- number of unsuccesfull
>attempts. Does anyone have workarounds for these.
>Is there some means of creating a table keeping i/o, cpu
>count info and killing those users who show no gains in i/o
>during, say a two hour period. What are some of the columns
>I can query that give i/o, cpu, mem usage results?
cpu physical_io memusage in sysprocesses. In 11.9.2, you don't have dynamic
SQL, so you would probably have to write a script to prepare the kill
statements based on info in syslogins, then run the script. You
probably want to put the kill in an IF statement to make sure the
total cpu and io has not creeped up in the mean time. It is still
somewhat dangerous because there is a nonzero amount of time between
the IF and the Kill. ie, there is a small chance that the process
actually logs out, and you kill a brand new process. Also, you want to
make sure this process is not idle because of being blocked by someone else.
Quote:>I know that version 12 addresses the max failed logins
>problem, however our application vendor has not certified 12
>yet and probably wont for at least 6 months.
Does your application have an error handler in the login process? You
can write failed logins to a table, and use that to count the failed
logins. Loggin in can then be blocked using the application for anyone
who exceeded the limit.
A similar thing can be done using an Open Server as a passthrough server.
The application does not have to change, it points at the open server
and all SQL is passed through. The Open server intercepts any return code
from a bad login, and updates the table we talked about earlier. It also
disallows logins if the count is too high.
10000+ Humorous Quotes http://www.tomkoinc.com/quotes.html
"Even if you can deceive people about a product through misleading statements,
sooner or later the product will speak for itself." - Hajime Karatsu