× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2000

RE: RMTCMD Anomaly????

  • Subject: RE: RMTCMD Anomaly????
  • From: "McCallion, Martin" <MccalliM@xxxxxxxxxxxxxxxx>
  • Date: Fri, 19 May 2000 16:03:36 +0100
 
I think there's another step involved as well.  Presumably, Mark, you're
using Windows 95 (or, presumably, 98) if you can have no password on
your windows logon.  The AS/400 however, needs a password, and it is
probably getting this from the Windows password list file.  At some
point you have checked the "Remember my password" box for your AS/400
logon, and Windows has done exactly that.  If you change your AS/400
password, or delete the file mark.pwl on your PC, your AS/400 logon
prompt will come back, I think.

Cheers,

Martin.

>-----Original Message-----
>From: Gary Monnier [mailto:GaryMon@powertechgroup.com]
>Sent: Thursday, May 18, 2000 9:17 PM
>To: MIDRANGE-L@midrange.com
>Subject: Re: RMTCMD Anomaly????
>
>
>Your signon with Mark makes the AS/400 connection for you.  
>The connection
>does not need to have a session associated with it.  Check your Client
>Access and Windows Start configurations.  Mark is set up to 
>auto connect and
>HACKER isn't.  This is why Mark can execute RMTCMD.
>
>You may want to look at PowerLock.  You can download a free intrusion
>detection copy from http://www.400security.com
>
>Hope this helps.
>
>----- Original Message -----
>From: Mark Allen <markallen@kellyskids.com>
>To: 'MIDRANGE-L <MIDRANGE-L@midrange.com>
>Sent: Thursday, May 18, 2000 10:16 AM
>Subject: RMTCMD Anomaly????
>
>
>> I think I have found a potential "hole" but maybe I am 
>missing something,
>> and one of the "experts" out here can help.
>>
>> Scenario1:
>>
>> Sign on to Microsoft Windows with User=Mark (same as 400 
>user id) and no
>> password (I know bad, but......)
>>
>> At this point no Client Access session program has been started from
>client
>> PC.
>>
>> Do RMTCMD /I d:\web\Command.lst
>>
>> Commands execute as specified but no AS/400 sign on is required.
>>
>>
>> If I do a DSPLOG after executing command I see
>>
>>
>>                          Additional Message Information
>>
>>  Message ID . . . . . . :   CPIAD0B       Severity . . . . . 
>. . :   00
>>  Message type . . . . . :   Information
>>  Date sent  . . . . . . :   05/18/00      Time sent  . . . . . . :
>> 12:04:09
>>
>>  Message . . . . :   *SIGNON server job 
>704972/QUSER/QZSOSIGN processing
>>    request for user MARK on 05/18/00 12:04:09 in subsystem QSYSWRK in
>QSYS.
>>  Cause . . . . . :   The *SIGNON server is processing 
>request 1 for user
>> MARK.
>>    The types of requests supported are as follows:
>>      1 -- Retrieve Signon Information
>>      2 -- Change Password
>>
>>
>> Other msg's that appear:
>>
>> *SIGNON server job 704972/QUSER/QZSOSIGN processing request 
>for user MARK
>on
>> Job 704981/QUSER/QZSCSRVS started on 05/18/00 at 12:04:12 in 
>subsystem
>> QSYSWR
>> Servicing job 704974/QUSER/QZSCSRVS for user MARK on 
>05/18/00 12:04:12 in
>> sub
>> Job 704982/QUSER/QZSCSRVS started on 05/18/00 at 12:04:12 in 
>subsystem
>> QSYSWR
>>
>> If I sign on to my PC as HACKER (BTW not a valid AS/400 
>signon) and try
>the
>> rmtcmd I get the Client Access pop up window asking for userid and
>password.
>>
>> Short of requiring/enforcing every one to have Windows 
>passwords is there
>> any other way to restrict RMTCMD??
>> I do want specific user profiles to be able to execute w/o 
>having to sign
>on
>> to the as/40 (i.e. scheduled running of .BAT at specified 
>time from a PC).
>>
>>
>>
>>
>>
>>
>> Mark Allen
>> IS Manager
>> Kelly's Kids
>> markallen@kellyskids.com

--                                                                     
Martin McCallion                 
Midas-Kapiti International
Work:  mccallim@midas-kapiti.com
Home: martin.mccallion@ukonline.co.uk

Apologies for the length of this sig, but company policy says:
This email message is intended for the named recipient only.  It may be
privileged and/or confidential.  If you are not the intended named
recipient of this email then you should not copy it or use it for any
purpose, nor disclose its contents to any other person.  You should
contact Midas-Kapiti International as shown below so that we can take
appropriate action at no cost to yourself.

Midas-Kapiti International Ltd, 1 St George's Road, Wimbledon, London,
SW19 4DR, UK
Email: Postmaster@midas-kapiti.com Tel: +44 (0)208 879 1188 Fax: +44
(0)208 947 3373
Midas-Kapiti International Ltd is registered in England and Wales under
company no. 971479

.:. 
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.