× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. November 2001

RE: Security Password violation?

... of course what you really need is a webcam on every terminal, the AS/400
can then take a snapshot of the prospective intruder and store it in the
Journal Entry for you ... then I woke up.

        Seriously though, you should start worrying when these 'attacks'
stop, cause that means the  password may have been cracked!

        If the display device and times of the attempts are consistent
enough to be predictable, a secreted webcam or observation is an option.  Of
course, you must make the call whether you value your data enough to take
such measures.

Jeff Bull

-----Original Message-----
From: afvaiv [mailto:afvaiv@wanadoo.es]
Sent: 20 November 2001 22:00
To: MIDRANGE-L
Subject: Security Password violation?


Hi, quite often one of our people gets his User disabled... I've
activated
Auditing, and after any of these occassions I can see (DSPAUDJRNE  with
type PW) that there were some attempts to use his userID and a failing
Password.

But the audit journal entry gives no more info than date and time...

Joblog for job QZSOSIGN also gives only
 Message ID . . . . . . :   CPIAD06       Severity . . . . . . . :   10
 Message type . . . . . :   Information
 Date sent  . . . . . . :   19/11/01      Time sent  . . . . . . :
13:24:12
 Message . . . . :   Password not correct for user profile.
 Cause . . . . . :   The password received for user FERNANAN was not
correct.
 Recovery  . . . :   Correct the password and try the request again.

I'd like to see, at least, the IP address the intent came from, maybe
even
the userID that was signed to Windows at the PC the request came from...

any additional info that can enlighten the path to find what's going on.

Maybe it's even the user himself doing something wrong without even
knowing
it! But how to get to know it if there si such small info.

I've considered writing my own ExitProgram for the SignOnServer, but was

hoping there'll be a direct way of getting that info without having to
reinvent the wheel?
-------------------------
Antonio Fernandez-Vicenti
afvaiv@wanadoo.es


_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


_____________________________________________________________________
This message has been checked for all known viruses by Star Internet
delivered through the MessageLabs Virus Scanning Service. For further
information visit http://www.star.net.uk/stats.asp or alternatively call
Star Internet for details on the Virus Scanning Service.


DISCLAIMER

Any opinions expressed in this email are those of the
individual and not necessarily the Company. This email
and any files transmitted with it, including replies and
forwarded copies (which may contain alterations)
subsequently transmitted from the Company, are
confidential and solely for the use of the intended recipient. If you are not 
the intended recipient or the
person responsible for delivering to the intended recipient,
be advised that you have received this email in error and
 that any use is strictly prohibited.

If you have received this email in error please notify the IT
manager by telephone on +44 (0)208 4762000 or via
email to Administrator@itm-group.co.uk, including a copy
of this message. Please then delete this email and
destroy any copies of it.

_____________________________________________________________________
This message has been checked for all known viruses by Star Internet
delivered through the MessageLabs Virus Scanning Service. For further
information visit http://www.star.net.uk/stats.asp or alternatively call
Star Internet for details on the Virus Scanning Service.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.