1.  Home
  2. MIDRANGE-L
  3. January 2004

RE: Scanning the iSeries (IFS) for Viruses

In most points you are right.
- We are using an FTP exit program.
- We do have shares assigned to the various restricted by exit point 
directories.
- The PC's that access these directories all have virus scanning software 
on them.
- We have a business reason.  Well, partially.  Some of our ftp is 
immediately converted using CPYFRM... to a DB2 file and posted into our 
business data.  I can't see how a virus would affect that.  Some is just 
raw ftp serving.  But some may argue that in general that the iSeries is 
the least cost effective solution on the market, but I tend to disagree 
with them using my own "lies, damned lies, and statistics".  :-)

But scanning these directories themselves are not done.

Hmm, I wonder if any of the exit point vendors have a virus solution? 
Perhaps it would be as simple as on the ftp exit point, simply calling the 
byteware package, or some other scanning solution for that single file. 
Granted, you have to wait until the file is all uploaded and the exit 
point is called immediately prior to the upload.  Then perhaps all the 
exit point vendors duty is to allow you to call something else when a put 
operation is completed.

We do have an email virus scanning package, but not a 'ftp virus scanning 
package'.

Rob Berendt
-- 
Group Dekko Services, LLC
Dept 01.073
PO Box 2000
Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com





"Joe Pluta" <joepluta@xxxxxxxxxxxxxxxxx> 
Sent by: midrange-l-bounces@xxxxxxxxxxxx
01/29/2004 12:14 PM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
"'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx>
cc

Fax to

Subject
RE: Scanning the iSeries (IFS) for Viruses






> From: rob@xxxxxxxxx
> 
> Technically that's true.  However 1)  A virus could be placed on a
directory that's not shared, via FTP, etc.

Yeah, that's true.  But then how would it infect another machine, except
again through FTP?  And if you're distributing stuff through your
network via FTP without scanning it, you've got bigger problems.

Also, allowing unfettered access to your IFS via FTP is asking for
trouble.  If it were me, I'd lock FTP down tight with an exit program.

Of course, I have a general issue with using the iSeries as an FTP file
repository.  It's about the LEAST cost-effective storage medium on the
planet, but if you're using it to back up those files, then you may have
a valid business reason.  At that point, I'd designate a specific folder
for FTP access and make sure it's mapped specifically for scanning
purposes.

If on the other hand you allow unregulated FTP access to your IFS and
you don't really know who is putting what where, then I'd agree you have
a security issue.  But it's a lot bigger than a virus.

Joe

_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing 
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.