|
Your signon with Mark makes the AS/400 connection for you. The connection does not need to have a session associated with it. Check your Client Access and Windows Start configurations. Mark is set up to auto connect and HACKER isn't. This is why Mark can execute RMTCMD. You may want to look at PowerLock. You can download a free intrusion detection copy from http://www.400security.com Hope this helps. ----- Original Message ----- From: Mark Allen <markallen@kellyskids.com> To: 'MIDRANGE-L <MIDRANGE-L@midrange.com> Sent: Thursday, May 18, 2000 10:16 AM Subject: RMTCMD Anomaly???? > I think I have found a potential "hole" but maybe I am missing something, > and one of the "experts" out here can help. > > Scenario1: > > Sign on to Microsoft Windows with User=Mark (same as 400 user id) and no > password (I know bad, but......) > > At this point no Client Access session program has been started from client > PC. > > Do RMTCMD /I d:\web\Command.lst > > Commands execute as specified but no AS/400 sign on is required. > > > If I do a DSPLOG after executing command I see > > > Additional Message Information > > Message ID . . . . . . : CPIAD0B Severity . . . . . . . : 00 > Message type . . . . . : Information > Date sent . . . . . . : 05/18/00 Time sent . . . . . . : > 12:04:09 > > Message . . . . : *SIGNON server job 704972/QUSER/QZSOSIGN processing > request for user MARK on 05/18/00 12:04:09 in subsystem QSYSWRK in QSYS. > Cause . . . . . : The *SIGNON server is processing request 1 for user > MARK. > The types of requests supported are as follows: > 1 -- Retrieve Signon Information > 2 -- Change Password > > > Other msg's that appear: > > *SIGNON server job 704972/QUSER/QZSOSIGN processing request for user MARK on > Job 704981/QUSER/QZSCSRVS started on 05/18/00 at 12:04:12 in subsystem > QSYSWR > Servicing job 704974/QUSER/QZSCSRVS for user MARK on 05/18/00 12:04:12 in > sub > Job 704982/QUSER/QZSCSRVS started on 05/18/00 at 12:04:12 in subsystem > QSYSWR > > If I sign on to my PC as HACKER (BTW not a valid AS/400 signon) and try the > rmtcmd I get the Client Access pop up window asking for userid and password. > > Short of requiring/enforcing every one to have Windows passwords is there > any other way to restrict RMTCMD?? > I do want specific user profiles to be able to execute w/o having to sign on > to the as/40 (i.e. scheduled running of .BAT at specified time from a PC). > > > > > > > Mark Allen > IS Manager > Kelly's Kids > markallen@kellyskids.com > > +--- > | This is the Midrange System Mailing List! > | To submit a new message, send your mail to MIDRANGE-L@midrange.com. > | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. > | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. > | Questions should be directed to the list owner/operator: david@midrange.com > +--- +--- | This is the Midrange System Mailing List! | To submit a new message, send your mail to MIDRANGE-L@midrange.com. | To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com. | To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com. | Questions should be directed to the list owner/operator: david@midrange.com +---
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
