|
The one classic I remember was getting a 3 month contract at a company, when I got there the IT manager went on and on about security and how my left hand would be chopped off if I told anyone my password, he also showed me the 'secondary' security level, basically a second password screen whenever you went into one of the applications. Now this was in the days before PC's took hold and everyone had dumb terminals (can't remember the model), I noticed that the first thing everyone did on coming in was to use the play keys, I thought "Naaaaaaaaaahhhh they can't be that daft" but sure enuf, I got in early one morning and EVERYONE had put their profile and password on play keys, INCLUDING the manager. When I pointed this out to him, he went many pretty shades of red. I also gave him a list of all his secondary passwords, pointless creating a file to hold these things if it has *PUBLIC *ALL authority, apparently he had paid over 2,000GBP for that. For some reason they never extended my contract. :-) -----Oorspronkelijk bericht----- Van: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx]Namens ChadB@xxxxxxxxxxxxxxxxxxxx Verzonden: woensdag 8 november 2006 14:20 Aan: Midrange Systems Technical Discussion Onderwerp: Re: iSeries Security in Computerworld I'd have to call that one a classic. rob@xxxxxxxxx Sent by: midrange-l-bounce To s@xxxxxxxxxxxx Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx> 11/08/2006 08:16 cc AM Subject Re: iSeries Security in Please respond to Computerworld Midrange Systems Technical Discussion <midrange-l@midra nge.com> Had that same issue here, only it was with check stubs. Had a gal complained that her check was wrong. Found out she was looking at the wrong stub and associating it with her paycheck. All while looking at the spool file. They promoted her to director of personnel. Rob Berendt -- Group Dekko Services, LLC Dept 01.073 PO Box 2000 Dock 108 6928N 400E Kendallville, IN 46755 http://www.dekko.com pnelson@xxxxxxxxxx Sent by: midrange-l-bounces@xxxxxxxxxxxx 11/03/2006 04:17 PM Please respond to Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx> To Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx> cc Subject Re: iSeries Security in Computerworld I once had a client who swore she was secure. She gave me *user authority. A few minutes later I remarked (somewhat jokingly) that she was overpaid. She had output queues named for previous years, and those output queues contained saved W2 spool files. *SPLCTL -- Paul Nelson Arbor Solutions, Inc. 708-670-6978 Cell pnelson@xxxxxxxxxx -----midrange-l-bounces@xxxxxxxxxxxx wrote: ----- To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx> From: Don <dr2@xxxxxxxx> Sent by: midrange-l-bounces@xxxxxxxxxxxx Date: 11/03/2006 04:13PM Subject: Re: iSeries Security in Computerworld I'll never forget back several years ago when I walked into the head of accounting for a municipality in the SE, walked up to her terminal, created my own USRPRF on the fly from a signon screen and in 4 minutes was playing in her payroll and G/L....I think they were at seclvl(10) or lower...forget back then... The problem here was that their business pudnah had set it up that way and told them to leave it alone so that they could dial in easily...or some other stupid stuff... Well, they changed a few things the next day... Not sure if they're still with the same pudnah... :) Don in DC ------------------------ At 02:53 PM 11/3/2006 -0600, you wrote: >I remember being able to log on remotely to another state agency's >system as QSECOFR QSECOFR not too many years ago. They thought they >could achieve security through obscurity until I pointed out how >vulnerable they were. -- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l. -- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l. -- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l. _____________________________________________________________________________ Scanned by IBM Email Security Management Services powered by MessageLabs. For more information please visit http://www.ers.ibm.com _____________________________________________________________________________ ForwardSourceID:NT0005842E
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
