× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. September 2000

Re: INCREDIBLE - what am I missing here... ??? !!!

  • Subject: Re: INCREDIBLE - what am I missing here... ??? !!!
  • From: neilp@xxxxxxxxxxx
  • Date: Thu, 28 Sep 2000 21:25:51 -0400
 

Al,

In answer to some of your questions.

If you run DSPAUTUSR you will see most of the IBM "Q" user profiles have no
password (*NONE).
Well, that's what it would have shown before you went and assigned
passwords to profiles that never had any in the first place !  :-)

Exceptions are QSECOFR, QSRV, QSRVBAS, QPGMR, QSYSOPR & QUSER.
I used to have QUSER with password *NONE, until they came out with the host
server jobs that want to user QUSER, so now I just set that one to some
weird string and don't even bother to write it down, just so the server
jobs can use it.
That was a few releases ago.  Not sure if that's still necessary, or if
they can use a *DISABLED  QUSER now (John Earl ?).

Good luck in tracking down the uses of all the Q* user profiles.  I don't
think on-line help would answer that question.
When looking for this a few years ago I found it was poorly (and
incompletely) documented.

Neil Palmer         DPS Data Processing Services Canada Ltd.
                                             AS/400~~~~~
Markham,  Ontario,   Canada    ___________          ___  ~
Phone: (905) 474-4890  x303   |OOOOOOOOOO| ________  o|__||=
Cell.: (416) 565-1682  x303   |__________|_|______|_|______)
Fax:   (905) 474-4898          oo      oo   oo  oo   OOOo=o\
mailto:NeilP@DPSlink.com    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
http://www.DPSlink.com        AS/400e  The Ultimate Business Machine





MacWheel99@aol.com@midrange.com on 2000/09/28 13:44:25

Please respond to MIDRANGE-L@midrange.com

Sent by:  owner-midrange-l@midrange.com


To:   MIDRANGE-L@midrange.com
cc:

Subject:  Re: INCREDIBLE - what am I missing here... ??? !!!


alistairr@tbsa.co.za writes:

> But don't believe me. Forrester group says it's the most secure machine.
>  Gartner says it's the most reliable. The As/400 goes way beyond DoD
Orange
>  Book security. Yes, you can tighten Linux up to an impressive degree,
but I
>  would make an educated guess here and say that 90% of Linux machines are
not
>  set up with impressive security. 90% of AS/400's are.

We do not have the disk space for a lot of IBM Help on-line and I have a
ton
of these IBM Q-Profiles ... Is there some place where they are all
explained,
so I can see if it is safe to deactivate them all or expire their passwords
or something so that no one can sign on as them, but jobs can run with
their
identities?

Ideally I want guidance on how to secure them without having to remember
passwords for each & every one.  I have changed passwords on IBM Q-etc. but
I
had to use a simple algorithm ... it just is not possible for me to
remember
all the passwords without writing them down - there are just too many of
these IBM Q-etc.

Could you update me on URLs so I can look at these reports that you
mention?
I have come across several white papers for sale, but so far have been
looking at the freebies.
The best white paper I have looked at so far, thanks to a lead by someone
on
this forum, is NT vs. AS/400 @ http://www.as400.ibm.com/conslt/nt.htm
I have been on http://www.techrepublic.com/ad_click_in.jhtml?id=1067 & so
far
have not stumbled over Gartner Group white paper on AS/400.
It is possible that the right URL is one on my list of leads here that I
have
not yet explored, but I do not remember Forrester on any of those leads.
By Orange book security, are you referring to C2 of TCSEC or is there
something else out there?

I shot off my mouth again on another of the general forums ... check out
the
eCommerce Discussion List sign-up page at:

    http://www.year2000.com/ecommerce

Archives for the list can be found at
http://maggie.tenagra.com/scripts/lyris.pl?visit=ecommerce-discuss
or by going to the sign up link & selecting the archives ? click READ for
latest & work backwards or fill in SEARCH with a word like "Security" then
click SEARCH to start at postings relevant to your Search.  If you use
"Security" it will take you to my post yesterday about "Computer Security
Myths"

IBM produced a Red Book on Performance Oprimization for BPCS on AS/400.

Are there any equivalent publications or resources on optimizing Security
for
particular software packages on AS/400 ... I don't mean marketing that says
throw out the package & get a more secure one, I mean what is the best
security job we can do if we want to remain on that package?

Al Macintyre  ©¿©
MIS Manager Green Screen Programmer & Computer Janitor of BPCS 405 CD
Rel-02
running on AS/400 V4R3 http://www.cen-elec.com Central Industries of
Indiana--->Quality manufacturer of wire harnesses and electrical
sub-assemblies



+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.