Chris Bartram asked:

> I admittedly haven't looked into whether SAFE or even Security/3000 do
> this, but how about the IP address where login attempts come from? MPE, of
> course, only records an ldev#, which is 100% utterly useless for network
> connections.
>
> What do you do when you see 5000 invalid password messages on ldev#xxx
> (where xxx is a random VT pseudo-terminal)? Ya gotta go elsewhere;
> firewall or router logs, or just shut down the network (and likely a big
> piece of your business). :-(  Mighty UNSAT IMNSHO.

SECURITY/3000 can record the IP address in it's own log file, and prohibit
access from that IP address after some number of invalid attempts.  I leave
"how" as an exercise for the reader (I don't have time right now).

To give credit where due, I left something very important out of my last
post: SAFE/3000 includes a file-access security module (kind of like super-
enhanced ACDs); SECURITY/3000 has something like that for IMAGE databases
only.

Personally, I'd rather throw the users into logon menus.  That way, the only
access they will have to any files is via the application programs, and I can
control access at the record (or even field) level within the application.

---
Michael D. Hensley       | mailto:[log in to unmask]
Allegro Consultants Inc. | Visit scenic http://www.allegro.com
408/252-2330             | "Support Bill of Rights Enforcement"