Environment
Novell Access Manager 3
Situation
It has been reported by a customer that the Identity Server might
be affected by a situation when a Microsoft Active Directory server
configured and used as User Store is under a condition of a Denial
of Service (DoS) attack from a of a virus or worm in the
network.
Identity Server might be not respond properly, User Store configuration page in the Admin Console is not accessible and many of the following messages are shown in the catalina.out of the Identity Server:
<amLogEntry> 2012-06-04T20:09:07Z WARNING NIDS Application: Exception: NIDPLOGGING.300101037 </amLogEntry>
Identity Server might be not respond properly, User Store configuration page in the Admin Console is not accessible and many of the following messages are shown in the catalina.out of the Identity Server:
<amLogEntry> 2012-06-04T20:09:07Z WARNING NIDS Application: Exception: NIDPLOGGING.300101037 </amLogEntry>
Resolution
This issue has been reported by a customer specifically due to the
affection of the worm "worm.kido" in the Microsoft network. This
worm exploits a Microsoft Security Vulnerability and compromises
the attacked machine which becomes very slow and unable to process
all the incoming requests.
Please see Microsoft Security Bulletin MS08-067 for further information to remove this affection.
It is possible this condition might happen in general when a User Store server is extremely overloaded or there is a bottleneck of any other kind by other viruses or worms.
Please see Microsoft Security Bulletin MS08-067 for further information to remove this affection.
It is possible this condition might happen in general when a User Store server is extremely overloaded or there is a bottleneck of any other kind by other viruses or worms.