IBM OS/400 Asset Protection Standards:

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search

System Console

QCONSOLE value is: DSP03: Console name. This value is set by the system administrator. It is recommended that the system be located in a physically secure location.

Dedicated Service Tools

Security Level

QSECURITY value is: 40, Default value is: 10, System security level. It is recommended that a level of no less than 30 be used.

Allow User Domain Objects

QALWUSRDMN value is: *ALL, Default value is: *ALL: Allow user domain objects in any library on the system.

Password Formatting Rules

QPWDEXPITV value is: 45, Default value is: *NOMAX: Password expiration interval.
QPWDLMTAJC value is: 1, Default value is: 0: Limit adjacent digits in password.
QPWDLMTCHR value is: @#$, Default value is: *NONE: Limit characters in password.
QPWDLMTREP value is: 2, Default value is: 0: Limit repeating characters in password.
QPWDLVL value is: 0, Default value is: 0: Password level.
QPWDMAXLEN value is: 10, Default value is: 8: Maximum password length.
QPWDMINLEN value is: 6, Default value is: 6: Minimum password length.
QPWDRQDDGT value is: 1, Default value is: 0: Require digit in password.
QPWDRQDDIF value is: 6, Default value is: 0: Duplicate password control.

Maximum Sign-On Attempts

QRMTSIGN value is: *FRCSIGNON, Default value is: *FRCSIGNON: Remote sign-on control. If there isn't a need for access, set this value to *REJECT instead.
QMAXSGNACN value is: 3, Default value is: 3: Action to take for failed signon attempts.

Limit Security Officer Access

QLMTSECOFR value is: 1, Default value is: 1, Limit security officer device access.

Remote Sign-On Control

QRMTSIGN value is: *FRCSIGNON, Default value is: *FRCSIGNON: Remote sign-on control. If there isn't a need for access, set this value to *REJECT instead.

Limit Number of Device Sessions

QLMTDEVSSN value is: 1, Default value is: 0: Limit device sessions.
QMAXSGNACN value is: 3, Default value is: 3: Action to take for failed signon attempts.

Automatic Configuration of Local Devices

QAUTOCFG value is: 0, Default value is: 1, Allows the autoconfigure of local devices if this is set to a 0.

Automatic Configuration of Virtual Devices

QMAXSIGN value is: 4, Default value is: 3: Maximum sign-on attempts allowed.
QAUTOVRT value is: 0, Default value is: 0: Autoconfigure virtual devices. This allows for the automatic configuration of virtual devices.

Attention Program


--Mdpeters 07:45, 29 August 2006 (EDT)