|
For the second part, (locking out IP addresses) I'd recommend a firewall. Granted a purchased application for exit points would help, but you'd probably have to configure every exit point to lock out a particular IP address. As far as finding out historically invalid signon's: - DSPLOG will show you CPF2234 (Password from device PNTACD1F not correct for user xxxxx) messages, but not invalid user id's. - Creating message queue QSYSMSG will show you CPF1397 messages (Subsystem QINTER varied off work station PAPC9S2 for user xxxxx) but not even the CPF2234 messages. - Displaying QSYSOPR isn't much of a help at all. Be nice if there was a way to CHGMSGD ... ALROPT or LOGPRB for all messages containing "user" or "password" that actually worked. For example if I dump CPF1120 (User ROBXYZZD does not exist.) to a session it's meaningless to ALROPT because it didn't go to QHST or QSYSOPR. Rob Berendt -- Group Dekko Services, LLC Dept 01.073 PO Box 2000 Dock 108 6928N 400E Kendallville, IN 46755 http://www.dekko.com "Ken Slaugh" <ken.slaugh@xxxxxxxxxx> Sent by: midrange-l-bounces@xxxxxxxxxxxx 01/10/2005 02:18 PM Please respond to Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx> To "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx> cc Subject Telnet lock down One of our salesman was asked this by a iSeries customer: << I need to monitor all the sign on attempts to the iSeries, this includes attempts that do << not have a real profile on the machine. I looked over the security audit log but did not << find the information I was looking for there. I can monitor for failed log in attempts << but only for profiles that exist, but I could not find a query for profiles that don't << exist. I would like to get at least profile name and IP address. << I am also looking for a way to lock out specific IP addresses, regardless of profile, from << using the system. I thought this group may have some helpful suggestions. Any takers? Thanks, Ken -----Original Message----- From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Chuck Lewis Sent: Monday, January 10, 2005 11:06 AM To: 'Midrange Systems Technical Discussion' Subject: RE: FTP Issue Care to elaborate Rob ? Thanks :-) Chuck -----Original Message----- From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx Sent: Monday, January 10, 2005 1:49 PM To: Midrange Systems Technical Discussion Subject: Re: FTP Issue CPYTOIMPF has had lots of changes in V5R3. Most of them will pi$$ you off. Use CPYTOSTMF if it will work for you. Rob -- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l. -- This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/mailman/listinfo/midrange-l or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
