× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. August 2007

RE: script to change Client Access .ws profiles

Thanks Steve,

And I guess my comments stem from the fact that I have turned very, very
sour on QDSIGNON. It is a big problem, and has been for many years, and
I don't see any better solution than bypassing the signon screen.

I'm working with two customers now who are forcing SSL on all telnet
sessions because of the @%#$@!&! unencrypted and unsecured QDSIGNON
screen.

jte

--
John Earl, VP and Chief Technology Officer
PowerTech: 253-872-7788
Direct: 253-479-1408
Mobile: 206-669-3336
John.Earl@xxxxxxxxxxxxx




Email is an excellent way to communicate material that is not time
sensitive. If your communication is of a more urgent nature, please
call.

===========================
This email message and any attachments are intended only for the use of
the intended recipient named above and may contain information that is
privileged and confidential. If you are not the intended recipient, any
dissemination, distribution, or copying is strictly prohibited. If you
received this email message in error, please immediately notify the
sender by replying to this email message or by telephone and delete the
message from your email system. Thank you.

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-
bounces@xxxxxxxxxxxx] On Behalf Of Steve Martinson
Sent: Wednesday, August 15, 2007 7:39 AM
To: midrange forum
Subject: RE: script to change Client Access .ws profiles

"I would submit that the best protection point here is the desktop
screen
saver, and not the OS/400 clear text QDSIGNON screen..."

John - Clearly in one of my previous posts, where I mentioned that I
was
once charged to actually visit desktops and verify screensavers, I
advocate balanced controls, with the desktop control considered as one
of
them (this would also reduce or eliminate the need for the
green-screen
inactivity control).

I bring up the consideration of risk only because too many
organizations
don't consider it before jumping on some bandwagon and fixing things
with
a band-aid solution, something I see far too often in the i5/OS
security
world.

Best regards,

Steven W. Martinson, CISSP, CISM
Sheshunoff Management Services, LP.
Senior Consultant - Technology & Risk Management
2801 Via Fortuna, Suite 600 | Austin, TX 78746
Direct: 281.758.2429 | Mobile: 512.779.2630
e.Mail: smartinson@xxxxxxxxx





As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.