At 12:01 PM 7/16/98 -0400, Stigers, Greg ~ AND wrote:
<snip>
>My concern is that unless one also
>secures ftp thru SECURITY / 3000, this still leaves one exposed to
>bypassing SECURITY / 3000 and session names, however obliquely, and
>thought this worth mentioning.
<snip>

Since the majority of the electronic world is familiar with ftp
and telnet, we chose not to enable those features on our HP3000.
Our users connect through NS/VT or through a serial connection.
But you can use VESOFT session passwords to secure programmatic
logons also, which we had to setup for use with Qedit.

But Greg has a very good point that you need to insure that if
an MPE user password is not used, it doesn't open up other
doors! Let an auditor find a door like this, and he will forget
all about the "visible" MPE passwords!

Chris


Chris



***************************************************************

Christopher H. Boggs         email:  [log in to unmask]
Programmer/Analyst                   [log in to unmask]
  & Systems Administrator    phone:  540/376-1041
Clinch Valley College        fax #:  540/328-0115
1 College Ave.
Wise, VA 24293            <http://www2.clinch.edu/cvc/c_boggs>