|
... of course what you really need is a webcam on every terminal, the AS/400 can then take a snapshot of the prospective intruder and store it in the Journal Entry for you ... then I woke up. Seriously though, you should start worrying when these 'attacks' stop, cause that means the password may have been cracked! If the display device and times of the attempts are consistent enough to be predictable, a secreted webcam or observation is an option. Of course, you must make the call whether you value your data enough to take such measures. Jeff Bull -----Original Message----- From: afvaiv [mailto:afvaiv@wanadoo.es] Sent: 20 November 2001 22:00 To: MIDRANGE-L Subject: Security Password violation? Hi, quite often one of our people gets his User disabled... I've activated Auditing, and after any of these occassions I can see (DSPAUDJRNE with type PW) that there were some attempts to use his userID and a failing Password. But the audit journal entry gives no more info than date and time... Joblog for job QZSOSIGN also gives only Message ID . . . . . . : CPIAD06 Severity . . . . . . . : 10 Message type . . . . . : Information Date sent . . . . . . : 19/11/01 Time sent . . . . . . : 13:24:12 Message . . . . : Password not correct for user profile. Cause . . . . . : The password received for user FERNANAN was not correct. Recovery . . . : Correct the password and try the request again. I'd like to see, at least, the IP address the intent came from, maybe even the userID that was signed to Windows at the PC the request came from... any additional info that can enlighten the path to find what's going on. Maybe it's even the user himself doing something wrong without even knowing it! But how to get to know it if there si such small info. I've considered writing my own ExitProgram for the SignOnServer, but was hoping there'll be a direct way of getting that info without having to reinvent the wheel? ------------------------- Antonio Fernandez-Vicenti afvaiv@wanadoo.es _______________________________________________ This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@midrange.com To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l or email: MIDRANGE-L-request@midrange.com Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l. _____________________________________________________________________ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service. DISCLAIMER Any opinions expressed in this email are those of the individual and not necessarily the Company. This email and any files transmitted with it, including replies and forwarded copies (which may contain alterations) subsequently transmitted from the Company, are confidential and solely for the use of the intended recipient. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use is strictly prohibited. If you have received this email in error please notify the IT manager by telephone on +44 (0)208 4762000 or via email to Administrator@itm-group.co.uk, including a copy of this message. Please then delete this email and destroy any copies of it. _____________________________________________________________________ This message has been checked for all known viruses by Star Internet delivered through the MessageLabs Virus Scanning Service. For further information visit http://www.star.net.uk/stats.asp or alternatively call Star Internet for details on the Virus Scanning Service.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.