For the second part, (locking out IP addresses) I'd recommend a firewall. 
Granted a purchased application for exit points would help, but you'd 
probably have to configure every exit point to lock out a particular IP 
address.

As far as finding out historically invalid signon's:
- DSPLOG will show you CPF2234 (Password from device PNTACD1F not correct 
for user xxxxx) messages, but not invalid user id's.
- Creating message queue QSYSMSG will show you CPF1397 messages (Subsystem 
QINTER varied off work station PAPC9S2 for user xxxxx) but not even the 
CPF2234 messages.
- Displaying QSYSOPR isn't much of a help at all.

Be nice if there was a way to CHGMSGD ...  ALROPT or LOGPRB for all 
messages containing "user" or "password" that actually worked.  For 
example if I dump CPF1120 (User ROBXYZZD does not exist.) to a session 
it's meaningless to ALROPT because it didn't go to QHST or QSYSOPR.

Rob Berendt
-- 
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





"Ken Slaugh" <ken.slaugh@xxxxxxxxxx> 
Sent by: midrange-l-bounces@xxxxxxxxxxxx
01/10/2005 02:18 PM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
"Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
cc

Subject
Telnet lock down






One of our salesman was asked this by a iSeries customer:

<< I need to monitor all the sign on attempts to the iSeries, this
includes attempts that do << not have a real profile on the machine.  I
looked over the security audit log but did not << find the information I
was looking for there.  I can monitor for failed log in attempts << but
only for profiles that exist, but I could not find a query for profiles
that don't  << exist.  I would like to get at least profile name and IP
address.

<< I am also looking for a way to lock out specific IP addresses,
regardless of profile, from << using the system.

I thought this group may have some helpful suggestions. Any takers?

Thanks, Ken

 

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Chuck Lewis
Sent: Monday, January 10, 2005 11:06 AM
To: 'Midrange Systems Technical Discussion'
Subject: RE: FTP Issue

Care to elaborate Rob ?

Thanks :-)

Chuck

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Monday, January 10, 2005 1:49 PM
To: Midrange Systems Technical Discussion
Subject: Re: FTP Issue

CPYTOIMPF has had lots of changes in V5R3.  Most of them will pi$$ you
off.  Use CPYTOSTMF if it will work for you.

Rob 

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe,
unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a
moment to review the archives at http://archive.midrange.com/midrange-l.


-- 
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing 
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.