[613] | 1 | XUSTZIP ;WRJ/DAF,ISF/RWF - Security Twilight Zone, Failed Access Attempts ;03/24/2004 11:12
|
---|
| 2 | ;;8.0;KERNEL;**265,419**;Jul 10, 1995;Build 5
|
---|
| 3 | Q
|
---|
| 4 | ;The subfiles in KSP file.
|
---|
| 5 | ;405.2 List of Terminal Servers, slack, last reset
|
---|
| 6 | ;
|
---|
| 7 | ;^XUSEC(3, (File 3.083) Locked IP's, lock until
|
---|
| 8 | ;^XUSEC(4, (File 3.084) Failed attempts count
|
---|
| 9 | ;$P(^VA(200,DUZ,1.1),U,5) Locked Users
|
---|
| 10 | ;
|
---|
| 11 | CLEAN ;CLEAN UP OLD LOCKED IP NODES, ^XUSEC(3,
|
---|
| 12 | N ZNUM,NOW
|
---|
| 13 | S ZNUM=0,NOW=$$NOW^XLFDT
|
---|
| 14 | L +^XUSEC(3,0):10
|
---|
| 15 | F S ZNUM=$O(^XUSEC(3,ZNUM)) Q:ZNUM'>0 D
|
---|
| 16 | .I $P(^XUSEC(3,ZNUM,0),"^",2)'>NOW D LKDEL(ZNUM)
|
---|
| 17 | L -^XUSEC(3,0),+^XUSEC(4,0):10
|
---|
| 18 | N XUFAC,OV
|
---|
| 19 | S ZNUM=0,NOW=$$H3-90
|
---|
| 20 | F S ZNUM=$O(^XUSEC(4,ZNUM)) Q:ZNUM'>0 D
|
---|
| 21 | .S OV=$$H3($P(^XUSEC(4,ZNUM,0),"^",3)) I OV'>NOW D
|
---|
| 22 | ..N DIK,DA
|
---|
| 23 | ..S DA=ZNUM,DIK="^XUSEC(4," D ^DIK
|
---|
| 24 | L -^XUSEC(4,0)
|
---|
| 25 | Q
|
---|
| 26 | X6IP ;EXAMINE AND ALLOW RESET OF LOCKED IPS
|
---|
| 27 | N I,ZFDA,DIR,XUNOW,ZNM,ZNUM,Y S ZNM="",I=0
|
---|
| 28 | I '$D(^XUSEC(3,"B")) W !,"There are no IP's to Clear" Q
|
---|
| 29 | F S ZNM=$O(^XUSEC(3,"B",ZNM)) Q:ZNM']"" S ZNUM=$O(^XUSEC(3,"B",ZNM,"")) D
|
---|
| 30 | . I '$D(^XUSEC(3,ZNUM,0)) K ^XUSEC(3,"B",ZNM) Q ;419
|
---|
| 31 | . S I=I+1,ZNM(I)=ZNUM_"^"_ZNM
|
---|
| 32 | . W !,I_". ",ZNM," lock out till: ",$$FMTE^XLFDT($P(^XUSEC(3,ZNUM,0),"^",2))
|
---|
| 33 | . Q
|
---|
| 34 | S DIR(0)="N^1:"_I,DIR("A")="Choose the number of the IP to reset" D ^DIR Q:$D(DIRUT)
|
---|
| 35 | S ZNM=$P(ZNM(Y),"^",2),ZNUM=+ZNM(Y)
|
---|
| 36 | ;Call with IEN
|
---|
| 37 | D LKDEL(ZNUM)
|
---|
| 38 | W !,ZNM," Cleared"
|
---|
| 39 | ;Call with IP
|
---|
| 40 | D CLRFAC^XUS3(ZNM) ;Clear access count
|
---|
| 41 | ;if this is a ts reset and then set reset date in site param file
|
---|
| 42 | S ZIEN=$$TSCHK(ZNM)
|
---|
| 43 | I ZIEN>0 S ZFDA(8989.305,ZIEN_",1,",2)=$$NOW D UPDATE^DIE("","ZFDA")
|
---|
| 44 | K DIR,DIRUT
|
---|
| 45 | Q
|
---|
| 46 | ;
|
---|
| 47 | LKSET(IP) ;Set IP Lock Node
|
---|
| 48 | N ZNUM,ZFDA,ZIEN
|
---|
| 49 | Q:'$$ON 0
|
---|
| 50 | S ZIEN="?+2,",ZFDA(3.083,ZIEN,.01)=IP
|
---|
| 51 | S ZFDA(3.083,ZIEN,2)=$$LKTL
|
---|
| 52 | D UPDATE^DIE("","ZFDA","ZIEN")
|
---|
| 53 | D CLRFAC^XUS3(IP) ;Clear the access count
|
---|
| 54 | Q 1
|
---|
| 55 | LKTL() ;Lock until
|
---|
| 56 | Q $$HTFM^XLFDT($$HADD^XLFDT($H,0,0,0,$$LKTME))
|
---|
| 57 | ;
|
---|
| 58 | NOW() ;
|
---|
| 59 | I $G(XUNOW) Q XUNOW
|
---|
| 60 | S XUNOW=$$NOW^XLFDT
|
---|
| 61 | Q XUNOW
|
---|
| 62 | ;
|
---|
| 63 | IP() ;Get a device IP.
|
---|
| 64 | Q $S($D(IP):IP,$D(IO("IP")):IO("IP"),$D(IO("ZIO")):IO("ZIO"),1:"")
|
---|
| 65 | ;
|
---|
| 66 | LKTME() ;Get lock-out time
|
---|
| 67 | I $D(XOPT) Q $P(XOPT,U,3)
|
---|
| 68 | Q $P(^XTV(8989.3,1,"XUS"),U,3)
|
---|
| 69 | ;
|
---|
| 70 | LKCHECK(IP) ;Check if IP is LOCKED
|
---|
| 71 | I '$$ON Q 0 ;Are we doing IP/device locking
|
---|
| 72 | S IP=$$IP() Q:'$L(IP) 0
|
---|
| 73 | N ZREC S ZREC=$$LKREC(IP)
|
---|
| 74 | Q:'$L(ZREC) 0
|
---|
| 75 | ;Found a LOCK record, Check time
|
---|
| 76 | S X=$P(ZREC,"^",2)>$$NOW
|
---|
| 77 | Q X
|
---|
| 78 | ;
|
---|
| 79 | LKREC(IP) ;Get the Lock record
|
---|
| 80 | N ZNUM
|
---|
| 81 | S ZNUM=+$O(^XUSEC(3,"B",IP,0))
|
---|
| 82 | Q $G(^XUSEC(3,ZNUM,0))
|
---|
| 83 | ;
|
---|
| 84 | LKDEL(ZNUM) ;Delete LOCKED IP
|
---|
| 85 | N DIK,DA ;419
|
---|
| 86 | S DIK="^XUSEC(3,",DA=ZNUM D ^DIK
|
---|
| 87 | Q
|
---|
| 88 | ;
|
---|
| 89 | LKWAIT(%) ;How long to wait
|
---|
| 90 | N T1,T2,IP
|
---|
| 91 | S IP=$$IP() Q:'$L(IP) %
|
---|
| 92 | S T1=$$LKREC(IP)
|
---|
| 93 | Q $$FMDIFF^XLFDT($P(T1,U,2),$$NOW^XLFDT,2)
|
---|
| 94 | ;
|
---|
| 95 | TSCHK(IP) ;Check if IP is for a TERMINAL SERVER.
|
---|
| 96 | ;is this IP for a teriminal server.
|
---|
| 97 | N ZNUM S ZNUM=$O(^XTV(8989.3,1,405.2,"B",IP,0))
|
---|
| 98 | Q ZNUM
|
---|
| 99 | ;
|
---|
| 100 | IPCHECK(IP) ;Check if IP should be LOCKED. Called from XUSTZ, and others.
|
---|
| 101 | ;Return 1 if should lock, 0 if No.
|
---|
| 102 | I '$$ON Q 0
|
---|
| 103 | S IP=$$IP Q:'$L(IP) 0
|
---|
| 104 | N LIMIT,TSIEN,ZEND,ZNUM,ZLST,SLK,TFAC,TSREC,Z10
|
---|
| 105 | ;If the IP is locked, Don't relock. Could cause an endless lock.
|
---|
| 106 | I $$LKCHECK(IP) Q 0
|
---|
| 107 | ;is this the IP of a teriminal server. if not lock
|
---|
| 108 | S TSIEN=$$TSCHK(IP) ;Returns TS ien.
|
---|
| 109 | ;If TSIEN<1 lock the IP.
|
---|
| 110 | Q:TSIEN<1 1
|
---|
| 111 | ;count # of failures for this TS in last 10 minutes and compare that
|
---|
| 112 | ;against the established limit. if no limit set, use 2. maybe cut
|
---|
| 113 | ;some slack.
|
---|
| 114 | S Z10=$$HTFM^XLFDT($$HADD^XLFDT($H,0,0,-10)) ;NOW-10
|
---|
| 115 | S TSREC=$G(^XTV(8989.3,1,405.2,TSIEN,0)) ;Get TS record
|
---|
| 116 | S ZLST=$P(TSREC,"^",3) ;Last reset
|
---|
| 117 | S ZEND=$S(ZLST>Z10:ZLST,1:Z10) ;stop at last reset or NOW-10.
|
---|
| 118 | S ZNUM="A",TFAC=0,Y=$S(IP["/":"/",1:":")
|
---|
| 119 | F S ZNUM=$O(^%ZUA(3.05,ZNUM),-1) Q:ZNUM'>0!(ZEND>ZNUM) D
|
---|
| 120 | . I $P($P(^%ZUA(3.05,ZNUM,0),"^",7),Y)=$P(IP,Y) S TFAC=TFAC+1
|
---|
| 121 | S LIMIT=$P($G(^XTV(8989.3,1,405)),"^",6) S:'LIMIT LIMIT=2
|
---|
| 122 | S SLK=$$SLACK(Z10) ;
|
---|
| 123 | Q $S(SLK:TFAC>SLK,1:TFAC>LIMIT)
|
---|
| 124 | ;
|
---|
| 125 | SLACK(TEND) ;SLACK CALCULATOR
|
---|
| 126 | ;if this TS has been reset in last 10 minutes allow 100 tries.
|
---|
| 127 | ;Normal hours return 0, after hours use TS Slack value
|
---|
| 128 | N HRMIN,X,NOW,TS
|
---|
| 129 | S X=$P(TSREC,"^",3) ;Last Reset
|
---|
| 130 | I X>TEND Q 100 ;TEND is Now-10 min
|
---|
| 131 | ;if now is during normal work hours 8am to 4:30 pm, cut no slack
|
---|
| 132 | S HRMIN=$P($H,",",2)
|
---|
| 133 | ; 8am is 28800 and 4:30 pm is 59400
|
---|
| 134 | ; If Normal hours don't give slack unless user locking is on.
|
---|
| 135 | I (HRMIN>28800&(HRMIN<59400)) Q $S($P($G(^XTV(8989.3,1,405)),"^",4)="y":10,1:0)
|
---|
| 136 | ;if TS param says to cut slack, cut amount of slack set up in param.
|
---|
| 137 | Q $S($P(TSREC,"^",2):$P(TSREC,"^",2),1:0)
|
---|
| 138 | ;
|
---|
| 139 | ON() ;ON OR OFF
|
---|
| 140 | Q $P($G(^XTV(8989.3,1,405)),"^",1)="y"
|
---|
| 141 | ;
|
---|
| 142 | H3(%H) ;Make seconds
|
---|
| 143 | S:'$G(%H) %H=$H
|
---|
| 144 | Q %H*86400+$P(%H,",",2)
|
---|
| 145 | ;
|
---|
| 146 | H0(%H) ;
|
---|
| 147 | S:'$G(%H) %H=0
|
---|
| 148 | Q (%H\86400)_","_(%H#86400)
|
---|
| 149 | ;
|
---|
| 150 | DSPTME(%H) ;Convert seconds to display format
|
---|
| 151 | Q $$HTE^XLFDT($$H0(%H),"1P")
|
---|
| 152 | ;
|
---|
| 153 | WATCH ;Watch the globals
|
---|
| 154 | N TIME,C,I,X
|
---|
| 155 | WT2 S TIME=$$HTE^XLFDT($H)
|
---|
| 156 | W @IOF,"Failed access attempts count. Current time: ",TIME
|
---|
| 157 | S I=0,C=0
|
---|
| 158 | F S I=$O(^XUSEC(4,I)) Q:I'>0 S X=^(I,0),C=1 W !,I,?5,"IP: ",$P(X,U,1),?25,"Count: ",$P(X,U,2),?35,"Until: ",$$HTE^XLFDT($P(X,U,3))
|
---|
| 159 | I C=0 W !,?10,"None"
|
---|
| 160 | W !,"Locked IP's. Current time: ",TIME
|
---|
| 161 | S I=0,C=0
|
---|
| 162 | F S I=$O(^XUSEC(3,I)) Q:I'>0 S X=^(I,0),C=1 W !,I,?5,"IP: ",$P(X,U,1),?25,"Until: ",$$FMTE^XLFDT($P(X,U,2))
|
---|
| 163 | I C=0 W !,?10,"None"
|
---|
| 164 | R !,"Refresh: Yes// ",X:30 S:'$T X="Y" G WT2:"Yy"[$E(X)
|
---|
| 165 | I $E(X)="?" W !,"Enter 'Yes' or return to refresh, anyother key will exit" H 2 G WT2
|
---|
| 166 | Q
|
---|