To Larry’s point, high authority is needed, but the malware I’ve seen is smart enough to achieve that. In all the cases I’ve seen, the hackers have been setting it for some time before they pull the trigger on it. Private security companies showed us how they penetrated the network sometimes for a month or two.

Jim Oberholtzer
Agile Technology Architects



On Jun 1, 2021, at 2:20 PM, Rob Berendt <rob@xxxxxxxxx> wrote:

Some of us want MORE access. I could have sworn you could do a DSPF '/QSYS.LIB/ROB.LIB/MYDTAARA.DTAARA' but I can't do that now. DSPF might be a nice way to dump a dtaq.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 7310 Innovation Blvd, Suite 104
Ft. Wayne, IN 46818
Ship to: 7310 Innovation Blvd, Dock 9C
Ft. Wayne, IN 46818
http://www.dekko.com


-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Larry "DrFranken" Bolhuis
Sent: Tuesday, June 1, 2021 2:59 PM
To: Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxxxxxxxx>; Patrik Schindler <poc@xxxxxxxxxx>
Subject: Re: ifs security and qpwfserver autl change gotchas?

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.



Malware that encrypts directories certainty CAN encrypt QSYS.LIB given a share. I’ve seen it done.

Interesting. I wonder how IBM i maps these record-oriented files to the stream environment on the other side.

Yeah that is the question. How, and more importantly why, would IBM
allow a record oriented option against an object. For example an
Authorization list or a user profile or a device description or a
program or .... There wouldn't seem to be any reason to do such a
thing and clearly there are good reasons not to do so. Of what value is
the ability to read the contents of any of those (and many many other)
objects as stream files. More importantly allowing them to be written
has a significant downside and I am at a loss to see any upside!

- DrF

--
IBM Champion for Power Systems

www.iInTheCloud.com - Commercial IBM i and Power System Hosting
www.iDevCloud.com - Personal IBM i Hosting
www.Frankeni.com - IBM i and Power Systems Consulting.
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.