• Subject: Re: Firewalls Vs Exit programs
  • From: John Earl <johnearl@xxxxxxxxxxxxxxxxxx>
  • Date: Wed, 15 Sep 1999 07:20:03 -0700
  • Organization: The PowerTech Group

All,

I just got a note from the knowledgable Mr Glanstein who reminded me that DDM 
does
not always require that the user supply a valid UserID and  password.  Also, an 
FTP
exit program can be configured (either on purpose or through sloppy 
misunderstanding)
to allow access without an valid UserID and Password.

I'm guessing that Steve's concern was that some folks would read this portion 
of my
post and get lulled into complacency.

John Earl wrote:

> Exit Programs are usefull for limiting the functions of users who already have
> access to your AS/400.  All of the exit points require that the user login 
>with a
> valid Usrprf and Password, so what you're trying to do here is limit their 
>access
> via tools such as FTP, DDM, OBDC, etc.

Steve is correct that there DDM and FTP are just two of several methods that can
allow access to the AS/400 without a password.  Properly configured Exit 
Programs can
protect against these two threats, but  as shipped the AS/400 will allow DDM 
access
without a password.

I still stand by the broad deliniation between Firewalls (controls external 
network
traffic) and Exit programs (controls internal network access to AS/400s).   The
purpose of my post was to stress that Firewalls and Exit Programs are not 
mutually
exclusive, they're complimentary.


jte


--
John Earl                                           johnearl@powertechgroup.com
The PowerTech Group                        206-575-0711
PowerLock Network Security              www.400security.com
The 400 School                                www.400school.com
--


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.