DOCUMENT:Q193487 10-JUL-1999 [sna] TITLE :SNACFG Displays APPC Session Security Key in Clear Text PRODUCT :Microsoft SNA Server PROD/VER:WINDOWS:3.0,3.0SP1,3.0SP2,3.0SP3,4.0,4.0SP1 OPER/SYS: KEYWORDS: ====================================================================== ------------------------------------------------------------------------------- The information in this article applies to: - Microsoft SNA Server, versions 3.0, 3.0SP1, 3.0SP2, 3.0SP3, 4.0, 4.0SP1 ------------------------------------------------------------------------------- SYMPTOMS ======== SNA Server supports LU6.2 session security, where a hex or character security key is configured as part of the Remote APPC LU definition. When you use the SNACFG command-line tool to display the configuration, this security key is displayed in clear text, which compromises security. CAUSE ===== The SNACFG command-line tool was designed to display the full Remote APPC LU definition, including the session security key. RESOLUTION ========== SNA Server 3.0 -------------- To resolve this problem, obtain the latest service pack for SNA Server version 3.0. For additional information, please see the following article in the Microsoft Knowledge Base: Q184307 How to Obtain the Latest SNA Server Version 3.0 Service Pack SNA Server 4.0 -------------- This problem was corrected in the latest SNA Server version 4.0 U.S. Service Pack. For information on obtaining this Service Pack, query on the following word in the Microsoft Knowledge Base (without the spaces): S E R V P A C K STATUS ====== Microsoft has confirmed this to be a problem in SNA Server version 3.0 (through SP3) and SNA Server version 4.0 (through SP1). This problem was first corrected in SNA Server 3.0 Service Pack 4. MORE INFORMATION ================ The updated Snacfg.exe command-line tool behaves as follows: - The encrypted key may now be input and output using the new /SECURITYEX: option. - The unencrypted security key (/SECURITY option) is no longer displayed. - It is still possible to enter an unencrypted key using the /SECURITY option. Additional query words: ====================================================================== Keywords : Technology : kbAudDeveloper kbSNAServSearch kbSNAServ300 kbSNAServ400 Version : WINDOWS:3.0,3.0SP1,3.0SP2,3.0SP3,4.0,4.0SP1 Issue type : kbbug Solution Type : kbfix ============================================================================= THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. Copyright Microsoft Corporation 1999.