Re: Public Windows share not seen on QNTC

Long ago, I asked a security specialist how to access an AS/400 (it was
then) and he told me that he runs a program in the windows pc to find
pairs user-password and then he used that in the AS/400 and that often
there was a match.  I do not know if the method is still valid with
newer windows.


On 12/18/2017 02:30 PM, Rob Berendt wrote:

I think one of the biggest problems is that people have this belief that
the user id's and passwords between IBM i and Windows should not match.
That it increases security if they do not match. Some are under the
belief that Windows is this huge security hole.
My argument is that this drastically increases complexity and really does
not increase security. What you end up doing is creating local profiles
with passwords which never change and other things which are a gross
security violation. Basically, what you think is increasing security is
actually DECREASING security.

That and IBM i, as shipped, is not much more secure.

crtusrprf dummy password(xyz)
STRCMNTRC CFGOBJ(LANLIN) CFGTYPE(*LIN)
TELNET thislpar
Sign on as DUMMY
ENDCMNTRC CFGOBJ(LANLIN) CFGTYPE(*LIN)
PRTCMNTRC CFGOBJ(LANLIN) CFGTYPE(*LIN) FMTTCP(*YES)
DSPSPLF FILE(QPCSMPRT) SPLNBR(*LAST)
.DUMMY...XYZ.
Of course, you have to look at the hex data at the left to get the correct
case
C4E4D4D4E8110735 A7A8A9FFEF

Basically any fool with a sniffer can get that data.



Rob Berendt

-- Este e-mail fue enviado desde el Mail Server del diario ABC Color --
-- Verificado por Anti-Virus Corporativo Symantec --