Archives of the TeradataForum
Message Posted: Thu, 24 Feb 2005 @ 14:58:28 GMT
Subj: | | Logon Security and generic passwords |
|
From: | | Anomy Anom |
<-- Anonymously Posted: Thursday, February 24, 2005 09:58 -->
We have been told to tighten our system security by eliminating generic passwords, particularly for system-installed userids (even though many
of these have very few access rights) or other commonly-used userids. As for system-installed, we know that there are several: crashdumps,
dbcmanager, sys_calendar, etc. Most of these are no problem.
Question 1. Teradata uses CRASHDUMPS to generate dumps. I see that DBC.LOGONRULES shows that CRASHDUMPS can log on from the AWS
with NULL password. So if I change the password for CRASHDUMPS, am I right in thinking it would have no effect on its ability to generate a
dump?
Question 2. What are Teradata DBAs doing to prevent unauthorized system & data access from mainframe hosts? We are unsure of how
to implement such security and would like to know if anyone has any such "bullet-proof" approaches to authentication from an IBM mainframe running
MVS.
Thanks.
|