![]() Right click on the logs directory for ColdFusion and select "Properties".Ģ. The log directory and log file permissions can be set by:ġ. The location can be found in the Administrator Console within the "Logging Settings" page under the "Debugging & Logging" menu. Locate the logs directory for ColdFusion. This is critical when investigating an issue or an attack. By forcing each user to authenticate using a unique account, each auditable event can be tied to a user, and a sequence of events for the user can be determined. Without this identification, events cannot be traced to a particular user, and a forensic investigation cannot be conducted to determine what exactly happened and who caused the event to occur. This is critical when investigating an issue or an attack.Įnforcing non-repudiation of actions requires that each user be uniquely identified. By forcing users to authenticate, each auditable event can be tied to a user, and a sequence of events for the user can be determined. Without this identification, events cannot be traced to a user, and a forensic investigation cannot be conducted to determine what exactly happened and who caused the event to occur. Non-repudiation protects individuals against later claims by an author of not having authored a particular document, a sender of not having transmitted a message, a receiver of not having received a message, or a signatory of not having signed a document.Įnforcing non-repudiation of actions requires that each user be identified. Examples of particular actions taken by individuals include creating information, sending a message, approving information (e.g., indicating concurrence or signing a contract), and receiving a message. Non-repudiation of actions taken is required in order to maintain application integrity. By limiting the IP addresses that can connect, the administration console can be hosted to a management network and only accessed via that network, further reducing the exposure of the Administrator Console. single password, separate user name and password per user, or no authentication needed), any user from any network is capable of accessing the console and making changes to the server configuration relying only on the authentication method configured for the installation. Depending on the authentication method (i.e. ![]() Automated monitoring and control of remote access sessions allows organizations to detect cyber attacks and also ensure ongoing compliance with remote access policies by logging connection activities of remote users.īy default, localhost and all IP addresses can access the Administrator Console. Application servers provide remote access capability and must be able to enforce remote access policy requirements or work in conjunction with enterprise tools designed to enforce policy requirements. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |