× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. February 2002

Re: BugTraq Exploit for OS/400

Are we not all missing the point here??

In order to use the use the System Request menu the user has signed on.
They have a user ID and password. If this is an unauthorised person the
system is already compromised. The system has already been hacked!!!

If the signed-on user is authorised to use the system, they probably
know the other User IDs anyway.

If your system has been hacked - 5250 sessions are the least of the
problem - check out FTP and ODBC, these are MUCH more dangerous. If the
installed applications do not allow sufficient flexibility regarding
configuring the security of OS/400, consider using exit point security
programs to close back door access to the system.

Syd Nicholson
Castlehill Computer Services Ltd.


rob@dekko.com wrote:

>The ANZDFTPWD is effective for those with default passwords.
>
>For everyone you can do a DSPUSRPRF to an outfile.  Then you can Query
>that.
>
>We store the employee number in the job accounting field.  Hooks into our
>HR software.  If we get a notice of termination it get's acted upon pretty
>quickly.
>
>Rob Berendt
>--
>"They that can give up essential liberty to obtain a little temporary
>safety deserve neither liberty nor safety."
>Benjamin Franklin
>
>
>
>                    "Wills, Mike N.
>                    (TC)"                     To:     
>"'midrange-l@midrange.com'" <midrange-l@midrange.com>
>                    <MNWills@taylorcorp       cc:
>                    .com>                     Fax to:
>                    Sent by:                  Subject:     RE: BugTraq Exploit 
>for OS/400
>                    midrange-l-admin@mi
>                    drange.com
>
>
>                    02/25/2002 03:11 PM
>                    Please respond to
>                    midrange-l
>
>
>
>
>
>
>How do you get that list?
>
>
>I will also list user profiles and look at the date last signed on, and if
>it's over a month see if we need to delete the account.
>_______________________________________________
>This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
>To post a message email: MIDRANGE-L@midrange.com
>To subscribe, unsubscribe, or change list options,
>visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
>or email: MIDRANGE-L-request@midrange.com
>Before posting, please take a moment to review the archives
>at http://archive.midrange.com/midrange-l.
>
>
>
>
>
>_______________________________________________
>This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
>To post a message email: MIDRANGE-L@midrange.com
>To subscribe, unsubscribe, or change list options,
>visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
>or email: MIDRANGE-L-request@midrange.com
>Before posting, please take a moment to review the archives
>at http://archive.midrange.com/midrange-l.
>

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.