https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065792#M86236 There are any number of these DCL procedures around, and there are (were) tools that specifically sought various insecurities, attacks or known issues. Here's one starting point, with info on the VMS SRR mentioned earlier:<BR /><BR /><A href="http://64.223.189.234/node/43" target="_blank">http://64.223.189.234/node/43</A><BR /><BR />And it's perfectly fine to have an entry without an identifier.<BR /><BR />If you want to work on your password security, start here:<BR /><BR /><A href="http://64.223.189.234/node/229" target="_blank">http://64.223.189.234/node/229</A><BR /> Fri, 07 Sep 2007 16:48:55 GMT Hoff 2007-09-07T16:48:55Z https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065789#M86233 Years ago I had seen a DCL script which would review a VMS config for some obvious security issues (eg AUTHORIZE entries w/o Identifiers, DECnet accounts with default pwds, etc).<BR /><BR />I don't recall if this was an HP script or a third party script. I've scoured the web without success.<BR /><BR />If anyone remembers this, can they point me to a copy? TIA Wed, 05 Sep 2007 14:58:37 GMT https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065789#M86233 Jack Trachtman 2007-09-05T14:58:37Z https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065790#M86234 Can't post it, darn thing is too big.<BR /><BR />If you have access to a DISA site, or friends in the U.S. Government who have such access, you could look for OPENVMS-SRR-V2R2.COM - but beware that it is terribly buggy. Not to mention that it is a resource hog and takes literally hours to run on a big system.<BR /><BR />I had a copy, ran it, barfed (I barfed just after it did...), and rewrote the bugger to fit our site's configuration a little better.<BR /><BR />There are at LEAST 6 faulty loops and more than a couple of bad variable references, but it IS a starting point.<BR /><BR />Larry Kilgallen might have something more directed, updated, and immediately useful - for a price.<BR /> Thu, 06 Sep 2007 11:42:34 GMT https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065790#M86234 Richard W Hunt 2007-09-06T11:42:34Z https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065791#M86235 Back in the good old days ( |d|i|g|i|t|a|l|, Easynet, Valbonne ) we used, or were told to use 'inspect'.<BR />I believe my dear, late, friend Dave Monahan worked on that for a while.<BR /><BR />Did that become the "Polycenter Security Compliance Manager (PSCM)"<BR />Avaiable through Touch Technologies, Inc?<BR /><BR /><A href="http://www.ttinet.com/products.html" target="_blank">http://www.ttinet.com/products.html</A><BR /><A href="http://www.ttinet.com/doc/pscm/user_guide_003.html" target="_blank">http://www.ttinet.com/doc/pscm/user_guide_003.html</A><BR /><BR /><BR />Hope this helps some,<BR />Hein van den Heuvel (at gmail dot com)<BR />HvdH Performance Consulting<BR /><BR /> Thu, 06 Sep 2007 17:38:01 GMT https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065791#M86235 Hein van den Heuvel 2007-09-06T17:38:01Z https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065792#M86236 There are any number of these DCL procedures around, and there are (were) tools that specifically sought various insecurities, attacks or known issues. Here's one starting point, with info on the VMS SRR mentioned earlier:<BR /><BR /><A href="http://64.223.189.234/node/43" target="_blank">http://64.223.189.234/node/43</A><BR /><BR />And it's perfectly fine to have an entry without an identifier.<BR /><BR />If you want to work on your password security, start here:<BR /><BR /><A href="http://64.223.189.234/node/229" target="_blank">http://64.223.189.234/node/229</A><BR /> Fri, 07 Sep 2007 16:48:55 GMT https://community.hpe.com/t5/operating-system-openvms/security-review-script/m-p/4065792#M86236 Hoff 2007-09-07T16:48:55Z