Hi Cecelia, You code the DIAL rule on the userid you want to secure. In general, the DIAL rule is designed to limit the terminals that can dial. If your users are using something like TN3270 that randomizes the physical address that they use on the system, it won't work that way.
There is a password option on the rule, so that you can specify a password that the user will have to enter to complete the DIAL. For example: ACCEPT * DAIL (PSWD TOPSECRT Would allow all users to DIAL, as long as they know the TOPSECRT password. ACCEPT 10.199.103.11 DAIL (IPADDR Would permit only the person at IP address 10.199.103.11 to dial in. They would not be prompted for a password. You could even combine them: ACCEPT 10.199.64.19 DIAL (IPADDR PSWD ULTRASCR There are more options, see the VM:Secure Rules Facility Guide for details. -----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of Dusha, Cecelia Ms. WHS/ITMD Sent: July 19, 2006 10:02 To: IBMVM@LISTSERV.UARK.EDU Subject: Restrict DIAL Command Hello, I have VM:Secure as our external security manager. I need to restrict access to one of our level 2 systems. I thought the DIAL command could be used to restrict access. In the VMXRPI CONFIG file I have the following coded: VMXTRAP DIAL CP has been build with this. I have the rule 'ACCEPT * DIAL' in the OVERRIDE file. I know this would need to be removed. What I don't know is how to code the rule to permit one to DIAL for a specific level 2 machine. Is it coded for the userid itself? Once this is implemented, will it prompt me for my userid and password when I invoke the DIAL vmuserid command? Please advice. Thank you. Cecelia Dusha The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of or taking of any action in reliance upon, this information by persons or entities other than the intended recipient or delegate is strictly prohibited. If you received this in error, please contact the sender and delete the material from any computer. The integrity and security of this message cannot by guaranteed on the Internet. The Sender accepts no liability for the content of this e-mail, or for the consequences of any actions taken on basis of the information provided. The recipient should check this e-mail and any attachments for the presence of viruses. The sender accepts no liability for any damage caused by any virus transmitted by this e-mail. This disclaimer is the property of the TTC and must not be altered or circumvented in any manner.
