================================================================ SEARCH400.COM | Security Tip Nov. 26, 2002 ================================================================ FROM OUR SPONSORS:
Free iSeries Security Advice from Wayne Evans: Live Webinar Dec. 10 http://search400.com/r/0,,7942,00.htm?pentasafe =========================================================== Essential explanations and tools to help secure the iSeries. More tips: http://search400.techtarget.com/tipsIndex/0,289482,sid3_tax2f8,00.html =========================================================== In today's technical advice roundup you'll find tips, expert answers and input from your peers to the following iSeries security questions and concerns: Today's Featured Security Tip: -- The danger of indiscriminately assigning special authorities Answers to Other Technical Questions: - Who's disabling user profiles and how? - How does adopted authority work? - Implications of giving a user *SAVSYS special authority - How secure is your iSeries? Important Announcements and Links - Search400.com member survey: What are your plans for 2003? - Tips Contest: Win a Panasonic digital voice recorder - Search400.com member survey: What are your plans for 2003? - Free Book Excerpt: IBM eServer iSeries: Built for e-business - Expert Profile: Carol Woodbury, Search400.com security expert ________________________________________________________________ ****************** SPONSORED BY PentaSafe ********************** Free iSeries Security Advice from Wayne O. Evans: Live webinar Dec. 10. The iSeries is an inherently secure system, but with technology like TCP/IP, ODBC, FTP, Client Access or the Internet your iSeries security can be easily compromised, especially if you don't have the proper configuration in place. Tune in to this webinar on Dec. 10, hosted by PentaSafe and Wayne O. Evans "the Grandfather of iSeries Security," to learn some iSeries security tips, how to pass audits faster, and you can protect your company's critical information from unauthorized access. Click here to register! http://search400.com/r/0,,7942,00.htm?pentasafe ================================================================ Today's Featured Tip ================================================================ The danger of indiscriminately assigning special authorities By Dan Riehl, Search400.com security expert A few months ago as I was perusing an iSeries Internet newsgroup (news://comp.sys.ibm.as400.misc) I was surprised to see a reference to solving spooled file control problems by assigning *SPLCTL (Spool Control) special authority to several end users. I quickly fired back my response saying that granting *SPLCTL special authority makes the user the god of all spooled files on the system, and that sensitive and private information could be compromised. Special authorities are just that ... special. They are NOT object-level authorities that determine what files or programs you can access and manipulate. Instead, they provide the ability to perform certain operational and administrative functions on the iSeries. This article explains the special authorities and points out the main exposures if they are not assigned judiciously. >> CLICK here for the full tip: http://www.search400.com/tip/1,289483,sid3_gci865077,00.html =========================================================== Answers to Other Security Questions =========================================================== Who's disabling user profiles and how? "Joe" came into work one day and discovered that someone had disabled a few user profiles. He checked the history log and msgq qsysopr, but there isn't an audit for this situation. How could this have happened? What special authorities must a user profile have to disable others? How can he figure out who did this? http://search400.techtarget.com/tip/1,289483,sid3_gci854966,00.html How does adopted authority work? Recently a user asked security expert Carol Woodbury the following question: "We don't want to give the *secadm to any user profiles, but still we need some user ID's other than Qsecofr to enable the user ID's. How does adopted authority work in this matter?" Check out what Carol said. http://search400.techtarget.com/ateQuestionNResponse/0,289625,sid3_cid458586_tax288767,00.html Implications of giving a user *SAVSYS special authority What are the implications of giving a user *SAVSYS special authority so they can backup other user's files? Systems management expert Ken Graap tells you. http://search400.techtarget.com/ateQuestionNResponse/0,289625,sid3_cid372945_tax285222,00.html How secure is your iSeries? The iSeries is an extremely secure system, but there are still ways for your data to be compromised. Whether it's a hacker or just a user with too much authority, these resources will help ward off trouble. http://search400.techtarget.com/featuredTopic/0,290042,sid3_gci783697,00.html ________________________________________________________________ :::::::: DON'T MISS THESE IMPORTANT MESSAGES AND LINKS :::::::: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- WHAT ARE YOUR PLANS FOR 2003? | Search400.com member survey Share your comments and feedback about your iSeries needs for next year. Help us to be sure we're providing the most relevant and timely information to you and other members of Search400.com. Please take a few minutes to answer some questions about your 2003 goals and initiatives. Your responses are valuable to us and will make a difference. >> CLICK to respond: http://www.insightexpress.com/s/kle49495.asp =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- WIN A PANASONIC DIGITAL VOICE RECORDER | Submit your tip to win Hurry! Time is ticking away. Don't miss out on this month's awesome Panasonic RR-US320 IC digital voice recorder. If you have a shortcut or time-saving tip that could help out other iSeries users, submit it today. Hey, you never know, you could be our next lucky winner. >> SUBMIT a Tip: http://search400.techtarget.com/tipsSubmit/0,289485,sid3,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- FREE BOOK EXCERPT | IBM eServer iSeries: Built for e-business Search400.com would like to offer our members the opportunity to download for free the first chapter of IBM eServer iSeries: Built for e-business written by Bob Cancilla and published by IBM Press. With this book, author Bob Cancilla provides a road map for iSeries customers to identify and understand the tremendous wealth of e-business software bundled with OS/400. He takes each of the main e-business components and explains what it is, how it works, and how it can be used to improve business environments. Bob focuses on the function available and provides a glimpse into the future by describing function currently under development. >> DOWNLOAD the chapter: http://search400.techtarget.com/whitepaperPage/0,293857,sid3_gci859248,00.html >> BUY the book: http://www.digitalguru.com/DigitalGuru/product_detail.asp?catalog_name=Books&category_name=&product_id=1931182086&partner_id=55 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- EXPERT PROFILE | Carol Woodbury, Search400.com security expert Carol Woodbury is co-founder of SkyView Partners, a security consulting practice focused on the iSeries platform. Carol, prior to holding the position of vice president of Research and Development at PowerTech, served as IBM's security architect for more than 10 years. During her tenure with IBM, Carol led the AS/400 (iSeries) Security Development team and designed many aspects of OS/400's security features. In addition Carol consulted with numerous iSeries business partners and customers. Carol speaks frequently on a variety of security topics at conferences and user groups around the world and is a technical editor for IBM's eServer, iSeries edition magazine. Carol also co-authored Implementing AS/400 Security a widely read book on security. Let Carol's experience work for you. Ask Carol Security-related questions anytime. >> CLICK HERE TO ASK Carol a question: http://Search400.techtarget.com/ateQuestion/0,289624,sid3_cid423497_tax288767,00.html >> CLICK HERE TO READ recent Q&As: http://search400.techtarget.com/ateAnswers/0,289620,sid3_cid423497_tax288767,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- WHITE PAPERS ON ISERIES SECURITY |Free on Search400.com When it comes to securing your iSeries, the more advice and help you have the better. Browse Search400's new white papers section to find informative white papers on security and several other iSeries topics. >> CLICK here to view the white papers: http://search400.techtarget.com/whitepapersByCategory/0,293837,sid3_tax292513_idx0_off10,00.html ________________________________________________________________ :::::::::::::::::::::::: SEARCH400 CONTACTS ::::::::::::::::: TIP MAILBOX, (mailto:[EMAIL PROTECTED]) >> Send us feedback on tips and ideas for new tip content. ________________________________________________________________ MICHELLE DAVIDSON, Site Editor (mailto:[EMAIL PROTECTED]) >> Send us your story ideas and best practices. ________________________________________________________________ DEBRA TART, Assistant Editor (mailto:[EMAIL PROTECTED]) >> Send us your tips and Best Web Links. ________________________________________________________________ DAVID GABEL, Executive Tech Editor (mailto:[EMAIL PROTECTED]) >> Send me your technical tips and tip ideas. ________________________________________________________________ GABRIELLE DERUSSY (mailto:[EMAIL PROTECTED]) >> Sponsor this or any other TechTarget newsletter. ________________________________________________________________ :::::::::::::::::::::: ABOUT THIS NEWSLETTER ::::::::::::::::: Published by TechTarget (http://www.techtarget.com) TechTarget - The Most Targeted IT Media Copyright 2002 TechTarget. All rights reserved. If you no longer wish to receive this newsletter simply reply to this message with "REMOVE" in the subject line. Or, visit http://search400.techtarget.com/register and adjust your subscriptions accordingly.If you choose to unsubscribe using our automated processing, you must send the "REMOVE" request from the email account to which this newsletter was delivered. Please allow 24 hours for your "REMOVE" request to be processed.
