|
Hello everybody....just a few comments about securing a PC (ha ha ha ha) > [snip snip] > > No offense, but no, no, no, no, NOOOOOOOOOO! Password cache is one > of my biggest gripes with Win '95, and a detriment to the already > vulnerable OS/400. You're better off allowing anonymous sign on via > QUSER, and moving files with which you are not concerned with the > upload to a library to which QUSER has upload authority. You should > NOT allow passwords with access to the /400 to be stored on a > machine with which so many people (especially hackers) are > familiar... I agree with password cache but disagree with giving the entire public access to a QUSER via an anonymous sign-on. > While I agree (wholeheartedly) with your NO PASSWORD CACHE sentiment, > (I disable it on all PCs that I setup) it can be used securely. You > just have to set up the PC properly. Once the PC is secured (see > below), an unauthorized user won't be able to get to the 400 through > the PC unless they know the right PC passwords AND an AS/400 password > (since re-booting the PC flushes the password cache). Any financial betting here? > Steps to follow to secure a PC: Drive over it with a municipal bus...(Just kidding!) > 1. There are quite a few shareware programs that password-secure a > Win95 PC; get one & use it. THIS STEP IS CRITICAL, since the other > steps only add to the security provided here. Not familiar. > 2. Assign a screen saver, then assign a password to it. Put a short > (1 minute?) time into it. Helps a "little" bit. > 3. Put it in the StartUp folder so it executes when Windoze starts > up (you'll have to add /S to the end of the line, like this: > SSMARQUE.SCR /S) > 4. In your CMOS setup, disable bootup from drive A: > (so a hacker can't get into the PC w/ a bootable floppy). This gets real exciting when you need to boot from a floppy thanks to a CONFIG.SYS problem or destroyed COMMAND.COM > 5. Also in the CMOS, assign a password to the PC. Sometimes there > are 2 passwords: one to change the CMOS settings, one to access the > PC. If your PC has both, then use both. Extremely simple to bypass, in more ways than one. The ideas are helpful, certainly better than nothing. Don't forget. The design of a PC is not very secure. Hopefully, the security level of the information on the PC is not high. Certainly, no security officer passwords should be cached in this case. Steve Glanstein mic@aloha.com * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * This is the Midrange System Mailing List! To submit a new message, * * send your mail to "MIDRANGE-L@midrange.com". To unsubscribe from * * this list send email to MAJORDOMO@midrange.com and specify * * 'unsubscribe MIDRANGE-L' in the body of your message. Questions * * should be directed to the list owner / operator: david@midrange.com * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.