|
Chuck, The most secure option would be QPWDLVL = 3 along with a QPWDMINLEN set high enough to make any brute attack non-trivial. Make the minimum too high, and you're effectively requiring a passphrase which is a hassle for entry on each telnet session. A secure shell would make more sense in that kind of environment, but that's another topic. If you simply you perceive an exposure to a Win98(LanMan) attack, then QPWDLVL = 1, might be sufficient. But as others pointed out, the threat is really from within your network. Either a knowledgeable AS/400 person who has the authority to get the stored password hashes or someone with a network monitor. Only you know what your security risks and requirements are. Keith ----- Original Message ----- From: "Chuck Lewis" <clewis@xxxxxxxxxx> To: "'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx> Sent: Thursday, September 30, 2004 2:26 PM Subject: RE: Display User Password? > Thanks Keith. > > I'm it here so I checked with me and all is well :-) If it is ONLY W98 then > we should be OK. > > So what do you normally recommend that be set at ? > > Thanks, > > Chuck > > -----Original Message----- > From: midrange-l-bounces@xxxxxxxxxxxx > [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Keith Carpenter > Sent: Thursday, September 30, 2004 2:44 PM > To: Midrange Systems Technical Discussion > Subject: Re: Display User Password? > > Checking with vendors for 128 byte password support is well advised. Don't > assume they do. Maybe a software upgrade is necessary. > > As far as dropping Win98/lanman password support, you might check with your > windows network admin. They should be able to tell you whether they have to > carry this legacy support. As far as the AS400 is concerned, it's the Win98 > PCs using windows netserver (IFS file server). CA, telnet/ftp, etc. would > not use this authentication. > > > Keith > > > > > > -- > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list > To post a message email: MIDRANGE-L@xxxxxxxxxxxx > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/mailman/listinfo/midrange-l > or email: MIDRANGE-L-request@xxxxxxxxxxxx > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l. > >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.