× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2000

Re: Security question

  • Subject: Re: Security question
  • From: Rob Berendt <rob@xxxxxxxxx>
  • Date: Tue, 30 May 2000 14:12:25 -0500
 
I am at V4R4.  Try GO SECTOOLS.  Option 1 uses the command 
'Analyze Default Passwords (ANZDFTPWD)'.

Message ID . . . . . . :   CPC2232       Severity . . . . . . . :   00        
Message type . . . . . :   Completion                                         
Date sent  . . . . . . :   05/30/00      Time sent  . . . . . . :   14:07:33  
                                                                              
Message . . . . :   201 user profiles have default passwords of which 199 have
  the status of *ENABLED.                                                     
Cause . . . . . :   There are 201 user profiles on the system with default    
  passwords. Of the profiles with default passwords, 199 currently have the   
  status of *ENABLED.                                                         
Recovery  . . . :   If there are any user profiles with default passwords,    
  enter the Work with Spooled Files (WRKSPLF) command and display the spool   
  file QPSECPWD to determine which profiles have a default password.          

From the spool file:
User                                         
Profile        STATUS         PWDEXP     Text
...
QD1SRM4        *DISABLED       *NO       ManageWare/400                     
QD1SRM4DLO     *DISABLED       *NO       ManageWare/400                     
QOTHPRDOWN     *ENABLED        *NO       LANSA OWNER - *** DO NOT DELETE ***
QRBC           *ENABLED        *NO       Internal userid for RBC            
QTFTP          *ENABLED        *NO       IBM-supplied User Profile          
...






corbett@asresources.com on 05/30/2000 02:05:30 PM
Please respond to MIDRANGE-L@midrange.com@Internet
To:     midrange-l@midrange.com@Internet
cc:      
Fax to: 
Subject:        Security question

Does anyone remember where the utility to check for IBM-supplied
userids--passwords which have not been changed from default?  I ran this
once, but I need to find and run it again...I lost it.
It compares the passwords on default userids to ensure that they are not
the default passwords.  I'm trying to tighten up security, I believe
I've caught all the default passwords, but I'd like to check.

Thanks

--
William A.(Tony) Corbett
corbett@asresources.com
http://www.asresources.com
http://www.cbt400.com


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.