July 19, 2022
New password strength report feature identifies user profile passwords that are contained in available lists of cracked passwords.
Updated to Log4j 2.17 to resolve vulnerabilities.
Product Information menu now shows correct product version.
SKYASSESS report now accurately indicates when QPWDEXPWRN deviates from the recommended value.
Fixed MCH1210 error that occurs when there are over 9999 User Profiles without *PUBLIC EXCLUDE authority.
Fixed issue with print files that were missing.
Fixed issue that caused the Security Assessment job log to wrap.
Fixed issue reporting on user and supplemental groups.
Fixed issue when setting the Certificate Store Password.
June 1, 2020
- The member file size for Risk Assessor files has been adjusted.
April 14, 2020
- A problem causing ‘/’ to be incorrectly listed in place of ‘/QOpenSys’ in the SKYASSESS document has been corrected.
- An issue causing the SKYGRPPTF report to be empty when the IBM i does not have an Internet connection has been resolved. The report is now populated with the group PTFs that are currently installed.
- In the System Value table of the SKYASSESS document, the QATNPGM value is no longer incorrectly flagged as deviating from the Recommended setting. (It is at the recommended setting.)
- An issue causing the PTF Group SF99333 to be incorrect in the SKYGRPPTF report in some cases has been corrected.
- A CPF3309 error caused by a large number of trigger programs on the system has been addressed, and no longer results in assessment failures.
- When emailing supplemental reports, they are now sent as a zip file attachments rather than individual .txt attachments reducing the chance they are too large to be emailed off the system.
- A ‘From’ parameter has been added to the email option in order to specify a valid email address when the sender’s user profile@system name is not a valid email address.
Additions and changes to the SKYASSESS.RTF document:
- System Value Section:
- QATNPGM has been added to the first system value table.
- The QSSL* system values now only retrieves the current values and does not provide guidance on specific settings, due to rapidly changing requirements in this area.
- User Section:
- QSECOFR is now listed in the table of IBM profiles with a password, along with its last sign-on date.
- Telnet Section:
- Whether the telnet server only allows secure communications is now listed.
- Miscellaneous Section:
- Dates are included for the last System save and Save Security Data (SAVSECDTA).
- The text for sign-on messages CPF1120 and CPF1107 has been updated.
- Options are now provided when you press System Request.
- An additional recommendation to modify the sign-on display has been added, leaving only the User profile and Password fields.
- A report listing all exit programs registered to exit points (SKYREGINF).
- A report showing the list of certificates in DCM (Digital Certificate Manager), with their expiration date (SKYCERTINF).
- A report of EIM (Enterprise Identity Mapping) associations (SKYEIMUSER).
- A report of group PTFs and whether the most recent version has been installed (SKYGRPPTF).
- Proxy commands are no longer listed in the SKYQSYSUSR report. (SKYQSYSUSR lists user objects created into QSYS.)
- Licensing: The traditional HelpSystems license is now used.
- The calculation for how many additional users have a special authority from their group has been fixed.