They must be running a macro on their 5250 login screen? Inadvertantly
or otherwise...

Regards,

Scott Ingvaldson
Senior IBM Support Specialist
Fiserv Midwest


-----Original Message-----
From: rob@xxxxxxxxx [mailto:rob@xxxxxxxxx]
Sent: Wednesday, September 17, 2008 2:45 PM
To: Midrange Systems Technical Discussion
Subject: RE: CPF1397 - Subsystem QINTER varied offwork station
QPADEV001Tfor user ERBERBERBE.

Well, they are internal users. And, they are in a valid subnet. So, I
am thinking all we can do is log them. I gave the information to one
gentleman. He was able to pretty much pinpoint the culprit down. But
he's not going to act on it anymore until given permission to KSA.

Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





"Ingvaldson, Scott" <scott.ingvaldson@xxxxxxxxxx>
Sent by: midrange-l-bounces@xxxxxxxxxxxx
09/17/2008 03:11 PM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
"Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
cc

Subject
RE: CPF1397 - Subsystem QINTER varied off work station QPADEV001Tfor
user
ERBERBERBE.






Click!

You're right that the initial program won't help you, but what about a
previous post about the telnet exit point? IIRC PowerTech has software
that can monitor and restrict telnet sessions by IP address. So if
someone's trying to get in from outside you can block them before they
get to the signon screen.

Of course that won't help if these are internal users, unless they're on
a subnet that shouldn't have access in the first place. I do think that
the PowerTech software has some tracking and reporting mechanism in it
as well.

Maybe John Earl will chime in...

Regards,

Scott Ingvaldson
Senior IBM Support Specialist
Fiserv Midwest


-----Original Message-----
From: rob@xxxxxxxxx [mailto:rob@xxxxxxxxx]
Sent: Wednesday, September 17, 2008 1:18 PM
To: Midrange Systems Technical Discussion
Subject: Re: CPF1397 - Subsystem QINTER varied off work station
QPADEV001Tfor user ERBERBERBE.

That wouldn't buy us a darned thing. If they can't log on they cannot
execute INLPGM(...), eh?

Rob Berendt
--
Group Dekko Services, LLC
Dept 01.073
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com






This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].