× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. BPCS-L
  3. September 2002

RE: Group Profile Security

Dee Dee

There is also a midrange.com forum just on 400 Security topics ... I
subscribing to very few midrange.com lists, but recently started some
midrange.com lists that I am not subscribing to RSS into my Radio News
Aggregation (introduction to THAT topic at
http://radio.weblogs.com/0107846/stories/2002/08/17/understandRadioNewsAggregation.html
and what specifically I did to get the midrange.com links into my weblog
review at
http://radio.weblogs.com/0107846/categories/400OnRadioDial/2002/09/01.html#a185
- the comments not supposed to be activated - there is a bug there someplace.)

At Global Wire Technologies dot com, we are at security level 30 with 2/3
to 3/4 of our users having command line access, and the BPCS 405 CD
security rather liberal letting most people into most programs of most
applications, but 90% of the users have as their 2nd IBM option (after BPCS
MENU) *SIGNOFF which means that if they F3 out of BPCS they less likely to
get into OS/400 options trouble.  Now that works when you trust your staff
to know what they are doing, but as we move towards more and more employees
having PCs connected to the 400 and also they can dial in from home using
PC anywhere or some other arrangement, and when I ask "Hey if you can dial
in, what is to prevent a hacker from dialing in?" and they say there is
still the 400 password, but you know, some of those people have play keys
on their PC that does the password for them, so I figure if a hacker can
read their keyboard stream from home PC ... bottom line I periodically get
nervous (another recent piece of 400 security education shared at
http://radio.weblogs.com/0107846/stories/2002/09/18/ev429Sec.html which =
my notes on the last local AS/400 user group meeting where another company
was reporting on their use of an ethical hacker in a security audit).

We do have a nitely menu outside of BPCS which is used for backup options,
and it also has some menu options that look at security messages sent to
DSPLOG, so I can check to see if we had a bunch of virtual addresses
created (this should never happen unless we had some tech support person
dial in on the ECS line, but sometimes someone hooks up a PC incorrectly,
and of course if a hacker ever gets in, I would expect a flood of them,
because as they guess password, it would disconnect that virtual address,
and they would keep guessing with some other one.).  I check these logs
regularly, and periodically add to the spectrum of messages they monitoring
for.


Hi Al,

I've also read a lot of your documents in archive concerning security; they
too are helpful.  Did you modify all your BPCS programs from USRPRF(*USER)
to USRPRF(*OWNER) in 4.05CD?

We are at security level 40; all are user profiles are setup w/ Limit
capabilities LMTCPB(*YES)... Just want to take security a step further.

Thanks.

DeeDee Virgei
Nelson Stud Welding, Inc.
7900 West Ridge Rd
Elyria, OH 44036

 -----Original Message-----
From:   Al Mac [mailto:macwheel99@sigecom.net]
Sent:   Friday, September 27, 2002 4:05 PM
To:     bpcs-l@midrange.com
Subject:        RE: Group Profile Security

Dee Dee

We also 405 CD but no longer on OSG ... I have been running IBM Security
Auditing now for a couple months (I want to increase our IBM security only
if nothing we now running needs fixing first) and so far DSPAUDJRNE is
coming up roses (no hits) ... this weekend will be EOQ (End of Quarter is
not identical to EOM or EOY for us) and Physical at one facility, neither
of which have been through the IBM security audit yet.  If we go all the
way through EOY with no hits, I plan to raise our IBM security.

In the past we had a lot of security problems, that I now believe were due
to the Y2K conversion software and not base BPCS.

>Before posting, please take a moment to review the archives
>at http://archive.midrange.com/bpcs-l.

-
Al Macintyre (macwheel99@sigecom.net via Eudora)
Al's diary http://radio.weblogs.com/0107846/
Cure cancer. http://members.ud.com/about/



_______________________________________________
This is the SSA's BPCS ERP System (BPCS-L) mailing list
To post a message email: BPCS-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/bpcs-l
or email: BPCS-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/bpcs-l.
_______________________________________________
This is the SSA's BPCS ERP System (BPCS-L) mailing list
To post a message email: BPCS-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/bpcs-l
or email: BPCS-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/bpcs-l.

-
Al Macintyre (macwheel99@sigecom.net via Eudora)
Al's diary http://radio.weblogs.com/0107846/
Cure cancer. http://members.ud.com/about/

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.