Has anyone read this book? Is it a worthwhile investment?
You can check out some of what he's written at www.venera.com.
I believe it is fair for me to say that most readers of this list believe
that he overstates, at best, the security exposures in certain areas. I
also believe that most of what he exposes would not be relevant at
locations that have actually looked at security using either the IBM
redbook, "Implementing AS/400 Security", or "Experts' Guide to OS/400 and
i5/OS Security". I know the only thing he's pointed out that we haven't
covered here where I work is the ability of an AS/400 programmer to use
Client Access's remote command feature from the iSeries back to the
PC--something we use in house for known purposes anyway.
My personal recommendation is to get the "Experts' Guide..." listed above
by Carol Woodbury and Patrick Botz. Only after you've processed that
should you consider Shalom's. Some on this list may take umbrage with me
for allowing any use of his research, but hey, I'm one of those guys who
Googles "iSeries+hacking" once a week, just to see if anything new is out
there....
As an Amazon Associate we earn from qualifying purchases.