×
Discuss about Archiving, Close of Business, Delivery Setup, Security Management System, Global Processing etc…
Security review
- tsongz
- Topic Author
- Offline
- New Member
-
Less
More
- Posts: 1
- Thank you received: 0
14 years 8 months ago #4528
by tsongz
Security review was created by tsongz
I am a security officer within a bank. I would like to know whether it is possible to bypass the initial server login (LINUX) when logging onto T24.If so, how should I do it? What are the dangers of setting up common server login credentials for all users? Also, how best can you protect system accounts (privileged accounts that run core processes) from being abused by administrators and anyone alike.
I know my questions are too many but I need your help guys.
Gautum
I know my questions are too many but I need your help guys.
Gautum
Please Log in or Create an account to join the conversation.
- VigneshGautam
- Visitor
-
14 years 8 months ago #4549
by VigneshGautam
Replied by VigneshGautam on topic Re:Security review
Hi,
I have worked with GLOBUS version 12 and 13 and not sure if this will hold good for T24 as well.
It is possible to bypass the first level credentials. In the sense, when the first level userid is keyed in, it automatically takes to the second level without the need for a password. Though this is not intended by the LINUX/UNIX administrator and a basic mistake in setting up of IDs, I am sure that you cannot ask for such option as it will violate the Bank norms.
It is possible to have common first level and second credentials for all the staff provided there is a mutual understanding among the people. Both first level and second level will have the option to change the password. Any one can use anyone's credentials after this and so you may not be able to pinpoint the culprit if case of unwanted changes in the system which may be a show stopper.Also, please note that it is possible to use A's first level ID and B's second level ID to login to GLOBUS successfully.
Hope this helps.
I have worked with GLOBUS version 12 and 13 and not sure if this will hold good for T24 as well.
It is possible to bypass the first level credentials. In the sense, when the first level userid is keyed in, it automatically takes to the second level without the need for a password. Though this is not intended by the LINUX/UNIX administrator and a basic mistake in setting up of IDs, I am sure that you cannot ask for such option as it will violate the Bank norms.
It is possible to have common first level and second credentials for all the staff provided there is a mutual understanding among the people. Both first level and second level will have the option to change the password. Any one can use anyone's credentials after this and so you may not be able to pinpoint the culprit if case of unwanted changes in the system which may be a show stopper.Also, please note that it is possible to use A's first level ID and B's second level ID to login to GLOBUS successfully.
Hope this helps.
Please Log in or Create an account to join the conversation.
Time to create page: 0.065 seconds