• Subject: Re: someone is not being straight. Guess who...
  • From: Steve <steve@xxxxxxxxxx>
  • Date: Tue, 30 Jan 2001 21:42:46 +0000

In article <30.fca4168.27a79dfc@aol.com>, DAsmussen@aol.com writes
>    Don, 
>
>    In a message dated 1/29/01 12:32:44 PM Eastern Standard Time, 
>    Don.Schenck@pfizer.com writes: 
>
>
>>       "Can't hack an AS/400." 
>
>
>>       That's a little presumptuous, don't you think. Perhaps I'll pass 
>>       that 
>>       statement along to the "2600" crowd! 
>
>
>    Well, the AS/400 has never been documented as having been hacked.  
>    Wish I'd 
>    had a pen to write down the particulars, but driving from work I 
>    heard on NPR 
>    about an annual hacking tournament for which there was a $50K 
>    reward starting 
>    last week.  This year's target?  A "trusted host" from IBM.  Wonder 
>    what 
>    _that_ could possibly be? 

Two things: I was asked to hack one of our 400s by the CIO about six
months ago in a Group IT managers meeting. Specifically, he told me to
access the machine, and add myself to the J.D. Edwards address book, 
following a debate on security where someone said 'Can't hack an
AS/400'.  I went home, dialed in, and ten minutes later had e-mailed
a dspfm of the address book with myself added to him, and to the IT
manager responsible for the system who had claimed to the meeting that
his machine was 'buttoned up tight'. I have never had a signon on that 
particular AS/400.

Secondly, go to http://security.nerdnet.com/, or search for 'Default
Password lists' or similar - you'll find all the standard passwords
sitting there, and that's without trying.

Security by obscurity is no security
-- 
Steve
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].