LISTSERV - HP3000-L Archives

HP3000-L Archives

September 1999, Week 4

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L September 1999, Week 4

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Need to Lock Console
From:	Paul Courry <[log in to unmask]>
Reply To:	Paul Courry <[log in to unmask]>
Date:	Thu, 23 Sep 1999 20:45:46 -0700
Content-Type:	text/plain
Parts/Attachments:	text/plain (44 lines)

My .02 cents:

Solution 1:
*If* you are using a dumb terminal for the system console I believe they still have a key sequence you can type that locks and
unlocks the keyboard. This feature was implemented a couple of decades ago with the HP264X series of terminals and never
taken out I believe. I believe the sequence is Escc to lock and Escb to unlock, (upper and lower cases are critical). You will
have to verify this in the back of your terminal manual. It will defeat even SM capability, however please test this thoroughly a
power on reset *may* defeat it (YMMY).
If you are using a PC for the console, don't bother because they can simply start a new session.

Solution 2:
Establish a systemlevel NOBREAK LOGON NOHELP UDC that only applies to LDEV 20, make it require an additional
password as follows:

LOGON
OPTION LOGON NOBREAK NOHELP
XEQ FUBAR.SECRET.SYS
***************************

The code resides in FUBAR
The group secret is setup for GU access
The operator is required to sign as HELLO OPERATOR.SYS,SECRET
Only someone who can sign on to the SYS account can even look at FUBAR unless they have OP or SM capability.
If they do have SM or OP capability then make it a program instead of an XEQ and keep the source code on tape in your desk.
A smart programmer could still crack the password by reading the binary program though.
Note: to keep someone from using HELLO ......;PARM=-1 though you must go into the MISC section of SYSGEN though and
turn ENFORCELOGONUDCS ON.

Solution 3:
Lock the keyboard in your desk.

Hopefully at least 1 of my solutions is unique enough to merit consideration. Remember, sometimes security is obtained
through obscurity!

On Thu, 23 Sep 1999 09:16:28 -0400, Joseph Rosenblatt wrote:

>My computer room has been invaded by people that I do not want touching my
>system console. Is there a way to lock the console keyboard? Is there
>another security measure I can take. The solution needs to be cheap (read
>free) because the goons I am trying to protect myself from control the purse
>strings. Thanks in advance.
>

ATOM RSS1 RSS2

RAVEN.UTC.EDU