HPE Community
Operating System - OpenVMS
1753280 Members
5721 Online
108792 Solutions
New Discussion юеВ

Security Recommendation

 
Walaa Salah
New Member

тАО07-11-2004 02:09 AM

тАО07-11-2004 02:09 AM

Security Recommendation

1)I need to know how to check for the accounts created without passwords?
2)I also need to know how to disable the inactive sessions?
0 Kudos
Reply
5 REPLIES 5
Martin P.J. Zinser
Honored Contributor

тАО07-11-2004 04:45 AM

тАО07-11-2004 04:45 AM

Re: Security Recommendation

Hello Wallaa,

just to make sure, we are talking about the hp OpenVMS operating system here, aren't we?

Your questions are pretty terse, a bit more detail would help us providing good answers to you

1.) While you can create a normal user account in VMS without specifying a password, that user will not be able to login, since you can not enter this at the password prompt. There are ways to get password less logins via ALF. Is this what you are refering to?

2.) Inactive sessions as in users not having logged in to the system for a long time (check the last login fields in UAF) or users walking away from an application? For the last one e.g. watcher can be used (see e.g.
http://zinser.no-ip.info/vms/sw/water.htmlx )

Greetings, Martin

0 Kudos
Reply
Ian Miller.
Honored Contributor

тАО07-11-2004 04:48 AM

тАО07-11-2004 04:48 AM

Re: Security Recommendation

you could use one of the following to look though the UAF for usernames with no passwords

ftp://ftp.process.com/vms-freeware/fileserv/scanuaf.zip
ftp://ftp.process.com/vms-freeware/fileserv/uaf.zip
____________________
Purely Personal Opinion
0 Kudos
Reply
Walaa Salah
New Member

тАО07-11-2004 06:45 PM

тАО07-11-2004 06:45 PM

Re: Security Recommendation

Hello Martin
Thanks for ur fast response, and yes we r talking about Open VMS Operating system (7.3 Alpha server )
my question was how to find out if i already have accounts created without having a password ( i mean how to check by commands like in UNIX u can type 'LOGINS -P' to get the password less accounts I just want u to till me the know how of checking that)

about my second question ur 2'nd assumption was the nearest one to my question but unfortunately I couldn't open any one of the attached links.

Best Regards,
Walaa
0 Kudos
Reply
H_Bachner
Regular Advisor

тАО07-11-2004 08:34 PM

тАО07-11-2004 08:34 PM

Re: Security Recommendation

Re: Martin's posting
> While you can create a normal user account in VMS without specifying a
> password, that user will not be able to login, since you can not enter this at
> the password prompt.

If you create a user with /NOPASSWORD, the user won't be prompted for a password at login time - after entering the username, (s)he will receive the usual login messages and the DCL prompt.

Of course, this is not recommended practice - except maybe for captive accounts under specific circumstances.

Hans
0 Kudos
Reply
Ian Miller.
Honored Contributor

тАО07-11-2004 08:55 PM

тАО07-11-2004 08:55 PM

Re: Security Recommendation

error opening the link by Martin
Could not open file for '/public$root/www/vms/sw/water.htmlx' HTML pre-processing
i/o error

WATCHER - an idle terminal killer can be downloaded from
ftp://ftp.process.com/vms-freeware/fileserv/watcher.zip
____________________
Purely Personal Opinion
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.