It's probably a bug in SORT.
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Thomas David Rivers
Sent: Friday, January 15, 2021 3:15 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: No BPX-level interface for __passwd_applid? Was: Re: Code to verify
LOGON password
Kirk Wolf wrote:
/*
Check password for a userid.
Note: requires program-controlled environment
To build:
c99 -o checkpass checkpass.c i
extattr +p checkpass
*/
#define _POSIX_SOURCE
#include
#include
#include
#include
#include
#include
int main(int argc, char** argv) {
if
, January 14, 2021 7:31 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Code to verify LOGON password
It isn't just UACC(READ) or UID(*). Why does ~anyone~ have read access to the
database? (To say nothing of update.)
At a client I served a while back, I pointed out that a lot of people had read
It isn't just UACC(READ) or UID(*). Why does ~anyone~ have read access to the
database? (To say nothing of update.)
At a client I served a while back, I pointed out that a lot of people had read
access, and quite a few had update. They argued that it was necessary so that
their admins could
W dniu 12.01.2021 o 06:42, Timothy Sipples pisze:
Radoslaw Skorupka wrote:
That's what we call brute force attack.
There is no way to protect against it ...or maybe there are some
things to help.
1. Do not give your RACF db to hackers. Never.
2. Enforce periodic password change.
3. Use KDFAES.
W dniu 11.01.2021 o 17:44, Charles Mills pisze:
https://en.wikipedia.org/wiki/John_the_Ripper
There is a downloadable plugin for RACF -- old RACF hashing only, I *think*.
@R.S. writes
1. Do not give your RACF db to hackers. Never.
No one "gives" their RACF DB to anyone (I would hope). The
Radoslaw Skorupka wrote:
>That's what we call brute force attack.
>There is no way to protect against it ...or maybe there are some
>things to help.
>1. Do not give your RACF db to hackers. Never.
>2. Enforce periodic password change.
>3. Use KDFAES.
>4. Use passphrases.
Here are some more
ginal Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Tom Brennan
Sent: Monday, January 11, 2021 6:40 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Code to verify LOGON password
Isn't there a program someone wrote (talked about here many years ago
@LISTSERV.UA.EDU
Subject: Re: [IBM-MAIN] Code to verify LOGON password
[External Email: Use caution with links and attachments]
Isn't there a program someone wrote (talked about here many years ago) that can
try various passwords until something matches the hashed value?
If that's the case
That's what we call brute force attack.
There is no way to protect against it ...or maybe there are some things
to help.
1. Do not give your RACF db to hackers. Never.
2. Enforce periodic password change.
3. Use KDFAES.
4. Use passphrases.
First is obvious.
Effectiveness of the second is
Isn't there a program someone wrote (talked about here many years ago)
that can try various passwords until something matches the hashed value?
If that's the case, hashing doesn't really do as much good as people
think it does, once someone gets hold of the RACF dataset of course.
On
Sam Golob asked:
>Does anyone have user-written code for RACF, so that if the user
>types in a password, the code will verify if it is the user's actual
>LOGON password?
Here's a pedantic point: RACF doesn't actually know what the user's
password is -- thank goodness. RACF can only determine
What is wrong with
RACROUTE REQUEST=VERIFY,ENVIR=CREATE,ACEE=@ACEE
followed by
RACROUTE REQUEST=VERIFY,ENVIR=DELETE,ACEE=@ACEE
if the create worked?
Should work on all security systems.
On Sat, 9 Jan 2021 20:03:07 -0500 Sam Golob wrote:
:>Dear Folks,
:>
:> I am just trying to
Dear Folks,
I am just trying to get a very old program to work. It is so old,
that it mucks with the TSB password field, and I don't want to deal with
that. I don't care to reveal the password anywhere. I just want the
user to enter a password, and the security system should say "GO"
ibrary.
www.ibm.com
From: IBM Mainframe Discussion List on behalf of
Paul Gilmartin <000433f07816-dmarc-requ...@listserv.ua.edu>
Sent: Saturday, January 9, 2021 11:14 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Code to verify LOGON password
On Sat, 9 Ja
On Sat, 9 Jan 2021 00:12:07 -0600, Brian Westerman wrote:
>
>With some restrictions, I think that just issuing the RACROUT request=verify,
>would be okay. There should probably be some mechanism to revoke the ID if
>there are two many guesses though.
>
Among these, I wonder about MFA. Does
2:19 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Code to verify LOGON password
**CAUTION EXTERNAL EMAIL**
**DO NOT open attachments or click on links from unknown senders or
unexpected emails**
Dear Folks,
Does anyone have user-written code for RACF, so that if the
user types in a password,
>> Rapids, MI 49546
>>> 616.653.8429 | fax: 616.653.2717
>>>
>>>
>>> -Original Message-
>>> From: IBM Mainframe Discussion List On
>>> Behalf Of Sam Golob
>>> Sent: Friday, January 8, 2021 12:19 PM
>>> To: IBM-M
; Fifth Third Bank | 1830 East Paris Ave, SE | MD RSCB2H | Grand
> Rapids, MI 49546
> >> 616.653.8429 | fax: 616.653.2717
> >>
> >>
> >> -Original Message-
> >> From: IBM Mainframe Discussion List On
> Behalf Of Sam Golob
> >
--Original Message-
From: IBM Mainframe Discussion List On Behalf Of Sam
Golob
Sent: Friday, January 8, 2021 12:19 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Code to verify LOGON password
**CAUTION EXTERNAL EMAIL**
**DO NOT open attachments or click on links from unknown senders or unexpect
IBM Mainframe Discussion List On Behalf Of
>Sam Golob
>Sent: Friday, January 8, 2021 12:19 PM
>To: IBM-MAIN@LISTSERV.UA.EDU
>Subject: Code to verify LOGON password
>
>**CAUTION EXTERNAL EMAIL**
>
>**DO NOT open attachments or click on links from unknown senders or unexpec
12:19 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Code to verify LOGON password
**CAUTION EXTERNAL EMAIL**
**DO NOT open attachments or click on links from unknown senders or unexpected
emails**
Dear Folks,
Does anyone have user-written code for RACF, so that if the user types in
a password
/*
Check password for a userid.
Note: requires program-controlled environment
To build:
c99 -o checkpass checkpass.c i
extattr +p checkpass
*/
#define _POSIX_SOURCE
#include
#include
#include
#include
#include
#include
int main(int argc, char** argv) {
if (argc != 3) {
On Fri, 8 Jan 2021 at 12:19, Sam Golob wrote:
> Does anyone have user-written code for RACF, so that if the user
> types in a password, the code will verify if it is the user's actual
> LOGON password?
More detailed specs, please.
Are you fundamentally looking for sample code to learn
avoiding revocation.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Sam Golob
Sent: Friday, January 8, 2021 9:19 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Code to verify LOGON password
Dear Folks,
Does anyone have user
The code I have was / is very old for mid 90's to validate CATIA userid's using
RACF, if you want I can provide as is
Carmen Vitullo
-Original Message-
From: Sam
To: IBM-MAIN
Date: Friday, 8 January 2021 11:20 AM CST
Subject: Code to verify LOGON password
Dear Folks
On Fri, 8 Jan 2021 12:19:28 -0500, Sam Golob wrote:
>
> Does anyone have user-written code for RACF, so that if the user
>types in a password, the code will verify if it is the user's actual
>LOGON password?
>
> I'd like to see code that does this, for ACF2 and Top Secret as
>well, but I'm
Dear Folks,
Does anyone have user-written code for RACF, so that if the user
types in a password, the code will verify if it is the user's actual
LOGON password?
I'd like to see code that does this, for ACF2 and Top Secret as
well, but I'm primarily interested in RACF.
Thank
28 matches
Mail list logo
