We are making some security changes on our system, and want
to enforce stronger password techniques.
We are on a 2100 running 3.2c (Although hopefully 4.0 sometime later in
Jan).
How can I tell the system, if someone logs since dd/mm/yyyy hh:mm:ss
to force them to change their password?
Do I need to change the account settings for EACH account? I didn't see
any global buttons (I tried changing the parameters without first
calling up
a user account hoping it would change all).
As a side question.....
How hard is it to setup login restrictions...IE (not after 7pm or
weekends)
and an exception file if possible.
and.....
Can all login attempts (both successfull & unsuccesfull) be logged to
a file
and will the IP address be stored?. For example, if I logon it will tell
me my
last successfull & unsuccsessfull attempts, but the IP is only display
for the
successfull attempts, I would also like to know the unsuccessfull
logins.
TCP wrappers would be helpfull to eliminate bad IP's, but I am
looking more
to trapping where internal bad logins are coming from. Also we have two
forms
of logins (TCP/IP & LAT), I don't know of any LAT wrappers.
Thanx
George Gallen
ggallen_at_slackinc.com
Received on Mon Dec 29 1997 - 21:53:43 NZDT