Intrusion Prevention

Oracle.Application.Server.SID.Brute.Force

Description

This indicates detection of multiple SQL logon attempts during a short period of time.
The repeated login attempts, at a rate of about 300 times in 10 seconds, may indicate that an attacker is attempting a brute force attack. Server responses to failed logins may facilitate this attack.

Affected Products

Oracle Application Server 9.2, 10.1 & 10.2

Impact

Impact of a successful attack could vary, with the worse case being a system compromise.

Recommended Actions

Adjust the threshold to your network.
Monitor the traffic from that network for any suspicious activity.