This is interesting...First, I installed a software vendor's program many
years ago. I didn't realize that it diverted the RPG compiler to another
program via an alternate system entry point table.

When I found out about it (About 1994) I became furious at the security on
the AS/400. When I taught security all over the place, the break-in
demonstration shows a restore of a program and subsequent signing on as
QSYS to an AS/400. I believe it took about a minute and nine seconds! The
AS/400 was also at level 50 security.

I did an authorized demo several years ago on a telephone line with NO
USERID or PASSWORD and a simple SDLC connection where the devices were
active. Time to signon as QSECOFR was about 5 minutes. (It was a 2400 baud
modem!)

Did you know that the SNA protocol used on the ECS line has the potential
to startup DDM or other jobs on your inhouse computer without a password?

What about the APPC connections made when service director is transferring
information? 

Did you know that there are some startup requests that have NO EXIT PROGRAM
control?

The IBM reference Tips and Tools on Securing your AS/400 has a lot of meat.
Unfortunately most people don't spend the necessary time to properly secure
an AS/400.

Steve Glanstein
mic@aloha.com


>>Date: Tue, 14 Sep 1999 19:44:43 -0400
>>From: "Bill Paris" <bparis@sccmail.com>
>>Subject: Re: Fw: Rewarding challenge AS/400...
>>Has anybody "ever" had a intruder(other than an insider) get to their
>>system ???
>Nope, never. Then again our system, sans modems, can't be touched from the
outside.
> What changes does one make when their machine is on the net? We expect to
have ours on > by the end of this year.
>Bill Paris
>Sorrento Cheese Co. Inc.
>716-823-6262 x376
>bparis@sccmail.com


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.