HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

5 VOTE

Status No Plans to Implement

Workspace Domino

Categories Security

Created by Guest

Created on Dec 24, 2018

Email notification on Domino Admin login

Can we add a login alert email notification in Domino when domino admin account login? Or any log can i refer when admin login?

Attach files

Enter a subject

Guest

Reply
| Dec 24, 2018

Our customer reported their domino server was down in 17 Dec at 20:02. After review the log, find hacker use Admin account to submit exit via Webadmin, the log information as below:

[0AB4:108A-0CB8] 2018-12-17 08:02:38 PM Traveler: Number of enabled registered users: exit[11AC:004F-1350] 2018-12-17 08:02:45 PM Webadmin: xxxxxxxxxxx issued remote console command: 'exit'

And the hacker also submit below command before exit domino:

> show stat Domino.Requests*.Domino.Command*,HTTP -xml

> show

> show stat Platform -xml

> show help

> show outlook

> tell traveler users enabled

> show server -xml

> show server -xml

> show directory "D:\Lotus\Domino\data\" -xml

> show stat disk -xml

> show directory "D:\Lotus\Domino\data\iNotes\" -xml

> show directory "D:\Lotus\Domino\data\traveler\ntsdb\log\" -xml

> show users -xml

We're already follow http://www-01.ibm.com/support/docview.wss?uid=swg21661476 to delete webadmin.nsf into Domino server.

0 reply Hide replies

Copyright © 2023 HCL Technologies Limited