LISTSERV - HP3000-L Archives

HP3000-L Archives

February 2006, Week 2

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L February 2006, Week 2

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives
Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]
Subject:	Re: passwords
From:	Art Bahrs <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Wed, 8 Feb 2006 11:38:00 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (159 lines)
Hi Duane :)
   This is exactly why you must have Policy & Procedure for securing backup
tapes immediately after they are made!

    Note to everyone.... Never Ever let the auditor doing your EDP/EDI/DP
audit see Duane's posting... You will never get out of the finding about
passwords being insecurely stored :(

Art "Audit is a four letter word hehe" Bahrs

=======================================================
Art Bahrs, CISSP           Information Security          The Regence Group
(503) 225-4992              FAX (503) 220-3806


                                                                           
                "Duane Percox"                                             
                <[log in to unmask]                                             
                >                                                       To 
                Sent by:               [log in to unmask]              
                "HP-3000                                                cc 
                Systems                                                    
                Discussion"                                        Subject 
                <HP3000-L@RAVE         Re: [HP3000-L] passwords            
                N.UTC.EDU>                                                 
                                                                           
                                                                           
                02/08/2006                                                 
                08:02 AM                                                   
                                                                           
                                                                           
                Please respond                                             
                      to                                                   
                "Duane Percox"                                             
                <[log in to unmask]                                             
                      >                                                    
                |------------|                                             
                | [ ] Secure |                                             
                |     E-mail |                                             
                |------------|                                             
                                                                           




Gary, et al:

Everyone is working way too hard :-)

If your operator can log onto operator.sys:

file xt=mytape;dev=disc
file syslist=$stdlist
store command.pub;*xt;directory;show

Using your favorite editor or other utility search for
the string: "ALTUSER MANAGER  SYS"

You will notice: PAS=<the pwd>  which is your clue :-)

duane




> -----Original Message-----
> From: [log in to unmask]
> [mailto:[log in to unmask]] On Behalf Of Shahan, Ray
> Sent: Wednesday, February 08, 2006 7:48 AM
> To: [log in to unmask]
> Subject: RE: [HP3000-L] passwords
>
>
> There are times when one must not mince words - Paul
> understands that this was just such a time.
>
> ;-D
>
> (BTW Gary, you have our sympathy).
>
>
> Ray Shahan
>
> -----Original Message-----
> From: HP-3000 Systems Discussion
> [mailto:[log in to unmask]] On Behalf Of Paul Edwards
> Sent: Wednesday, February 08, 2006 9:41 AM
> To: [log in to unmask]
> Subject: Re: [HP3000-L] passwords
>
> Gary,
>   1. You do run BULDACCT prior to each full backup so you can
> look in BULDJOB1 for the passwords, don't you?
>   2. You have another user on the system with SM capability
> and a different password as a backup in case this happens, don't you?
>   3. Your operator used LISTUSER MANAGER.SYS;PASS just after
> changing the password to verify the accuracy as spelled out
> in the Operations Procedures section in your Systems Manager
> Notebook, didn't he/she?
>   4. You do have a Systems Manager Notebook as discussed in
> detail in my papers on Homesteading on my web site, don't you?
>
> Otherwise,
>   1. Fire the operator.
>   2. Update your resume.
>   3. Decide what are your last words just before the big bang.
>
> ***************************************************************
>  CDR Paul Edwards USNR Ret.       HP 3000/9000 Certified Consultant
>  Paul Edwards & Associates        Phone: (972) 242-6660
>  1506 Estates Way                 Fax  : (972) 446-9022
>  Carrollton TX 75006              Cel  : (214) 384-8728
>  Email: [log in to unmask]          Web  : www.peassoc.com
> ***************************************************************
>
> -----Original Message-----
> From: HP-3000 Systems Discussion
> [mailto:[log in to unmask]]On Behalf Of > Gary Sielaff
>
> Sent: Wednesday, February 08, 2006 9:21 AM
> To: [log in to unmask]
> Subject: [HP3000-L] passwords
>
>
> My operator, in his infinite wisdom, decided to change
> passwords on Manager.sys.  Of course he forgot, or
> fingerchecked... I don't know.  At any rate I need some help.
>  Any suggestions.. Other than a blindfold and cigarette.
>
>
>
> Tks
>
> Gary in Moses Lake
>
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *




 =============================================================================
IMPORTANT NOTICE: This communication, including any attachment, contains information that may be confidential or privileged, and is intended solely for the entity or individual to whom it is addressed.  If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message is strictly prohibited.  Nothing in this email, including any attachment, is intended to be a legally binding signature.
 =============================================================================

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
ATOM RSS1 RSS2
RAVEN.UTC.EDU