× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. September 2001

Re: User Profile

This is a multipart message in MIME format.
--
[ Picked text/plain from multipart/alternative ]
Well, if it helps, the job reporting it is QZSOSIGN and our report says
it's the AS/400's *SIGNON Server.  I don't think it's trying to TELNET,
just make a connection.

Steven Donnellan
AS/400 Systems Manager
IBM Certified Specialist - AS/400 Professional Operator
Simon Jersey Ltd

http://www.simonjersey.com




"John Earl" <johnearl@powertechgroup.com>
Sent by: midrange-l-admin@MIDRANGE.COM
12/09/01 17:19
Please respond to midrange-l


        To:     <midrange-l@midrange.com>
        cc:
        Subject:        Re: User Profile


It depends on what interface the request is coming through - If the
request is coming through Telnet, a Telnet exit program will tell you
the remote IP address of the requester.  Ditto for FTP and Workstation
Gateway.

If the request is from an SNA device, the Job name in the journal
should correspond to the remote location name (device) of the
requester.

For many of the other Client Access Host servers, you will need to
look in the joblog of the server job.  ODBC servers (and some others)
will write the IP address's into the joblog and they can be retrieved
from there.

Sorry that there isn't just one place, but as usual, the answer is "It
depends".  In this case it depends on what access method is being
attempted.

jte


----- Original Message -----
From: <steven.donnellan@simonjersey.com>
To: <midrange-l@midrange.com>
Sent: Wednesday, September 12, 2001 8:59 AM
Subject: User Profile


> This is a multipart message in MIME format.
> --
> [ Picked text/plain from multipart/alternative ]
> Our security software is reporting that a user called ADMIN is
trying to
> sign on to my AS/400.  There is no such user on the AS/400.  Is
there
> anyway I can find the IP address that this sign on is coming from? I
> suspect that this is some DEVICE on our network, not actually a
bona-fide
> hack attempt.
>
> Steven Donnellan
> AS/400 Systems Manager
> IBM Certified Specialist - AS/400 Professional Operator
> Simon Jersey Ltd
>
> http://www.simonjersey.com
> --
>
>
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing list
> To post a message email: MIDRANGE-L@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> or email: MIDRANGE-L-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>

_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


--

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.