If it happens on 1 system, that is 1 too many. People need to think about the potential consequences of not heeding the advice that can be found almost everywhere about not leaving the starter system passwords on directory entries.
Before things became so shrink-wrapped, I made it a habit of not putting any system into production with a starter-system id, except for OPERATOR, into production. There was no VMSERVx, RSCS, MAINT or other such userid on the system unless it was a NOLOG user that acted simply as a disk owner. If it was not needed in that capacity, it simply was not left in the directory. Regards, Richard Schuh -----Original Message----- From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On Behalf Of David Kreuter Sent: Tuesday, April 24, 2007 11:40 AM To: IBMVM@LISTSERV.UARK.EDU Subject: Re: Hackers Richard Schuh said: >Anyone who leaves the default passwords on the maintenance ids is a fool >and deserves whatever happens, especially if it is a highly privileged >userid. ... happens more often on more systems than it should ... even today ...
