================================================================== SEARCH400.COM | Security Tip Dec. 3, 2002 ================================================================== FROM OUR SPONSORS:
Free iSeries Security Advice from Wayne Evans: Live Webinar Dec. 10 http://search400.com/r/0,,8070,00.htm?pentasafe ================================================================== Essential explanations and tools to help secure the iSeries. More tips: http://search400.techtarget.com/tipsIndex/0,289482,sid3_tax2f8,00.html ================================================================== In today's technical advice roundup you'll find tips, expert answers and input from your peers to the following iSeries security questions and concerns: Today's Featured Security Tip: -- A primer to writing TCP/IP exit point programs Answers to Other Technical Questions: - Alternative to "application only" security - What exactly are exit programs? - AUTOFTP reduces security exposure - Restarting TCP/IP within a CL Important Announcements and Links - Search400.com member survey: What are your plans for 2003? - Expert Profile: Carol Woodbury, Search400.com security expert - Monthly Newsletter: Top Expert Advice - Free on Search400.com: White Papers on iSeries security ___________________________________________________________________ ********************* SPONSORED BY PentaSafe ********************** Free iSeries Security Advice from Wayne Evans: Live Webinar Dec. 10 The iSeries is an inherently secure system, but with technology like TCP/IP, ODBC, FTP, Client Access or the Internet your iSeries security can be easily compromised, especially if you don't have the proper configuration in place. Tune in to this webinar on December 10, hosted by PentaSafe and Wayne O. Evans "the Grandfather of iSeries Security," to learn some iSeries security tips, how to pass audits faster, and you can protect your company's critical information from unauthorized access. Click here to register! http://search400.com/r/0,,8070,00.htm?pentasafe =========================================================== Today's Featured Tip =========================================================== A primer to writing TCP/IP exit point programs By Dan Riehl, Search400.com security expert There are a few things that have always bugged me about the TCP/IP services on the iSeries. I want to let you in on one of my pet peeves. You probably have one or more of your own, but here's one of mine: There is no FTP logging facility. Even my shareware version of an MS/Windows FTP Server has a nice logging facility. A typical FTP log contains information about every FTP session running on the system. It tells you what users are logged in, and what they're doing (PUTs, GETs, etc). However, on the iSeries, if someone logs in and transfers a file using FTP, no logging of that event occurs -- anywhere. If Joe Smith from accounting has authority to the Payroll Master file and downloads it to his PC with FTP, I have no way to know. One solution to this problem is to just shut down the FTP server. However, there is a better way. OS/400 enables you to control access to FTP services using TCP/IP exit point programs. You still cannot create a full-blown FTP logging facility, but you can control access, and create a log of the events you're most concerned about, e.g. log-in requests, file transfer requests. This tip shows you what the TCP/IP exit points are, and how to use a TCP/IP exit point program to create a log that records each time a user tries to log in to your FTP server. >> CLICK here for the full tip: http://www.search400.com/tip/1,289483,sid3_gci866583,00.html =========================================================== Answers to Other Security Questions =========================================================== Alternative to "application only" security Search400 member Skumar Parvathaneni provides an alternative to "application only" security. Read this tip to learn more about exit point programs to secure ODBC, FTP, RMTCMD and others. http://search400.techtarget.com/tip/1,289483,sid3_gci838050,00.html What exactly are exit programs? This Search400.com member heard a lot about exit programs but wasn't sure what an exit program was. Application development expert John Brandt offers a quick overview of what they are and how they work. http://search400.techtarget.com/ateQuestionNResponse/0,289625,sid3_cid456436_tax285217,00.html AUTOFTP reduces security exposure AUTOFTP reduces security exposure in traditional FTP transfers Search400.com member Philip Howells has created a command called AUTOFTP that can reduce the main security exposure otherwise present when simply batching together FTP scripts (FTP input read by a CL). The command allows the processing of FTP input scripts to be further automated and scheduled (without the standard iSeries scheduler) and provides a number of clear benefits. http://search400.techtarget.com/tip/1,289483,sid3_gci770308,00.html Restarting TCP/IP within a CL A user, who has more than 70 remote sites to maintain, created password-protected utilities for end users to follow with his instruction. He's trying to create a utility that lets users end and restart TCP, but he can't figure out a good way to have the program check to see if TCP has completed shutting down. Read what other users suggested. http://search400.discussions.techtarget.com/WebX?[EMAIL PROTECTED]^[email protected]/261 ________________________________________________________________ :::::::: DON'T MISS THESE IMPORTANT MESSAGES AND LINKS :::::::: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- WHAT ARE YOUR PLANS FOR 2003? | Search400.com member survey Share your comments and feedback about your iSeries needs for next year. Help us to be sure we're providing the most relevant and timely information to you and other members of Search400.com. Please take a few minutes to answer some questions about your 2003 goals and initiatives. Your responses are valuable to us and will make a difference. >> CLICK to respond: http://www.insightexpress.com/s/kle49495.asp =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- EXPERT PROFILE | Carol Woodbury, Search400.com security expert Carol Woodbury is co-founder of SkyView Partners, a security consulting practice focused on the iSeries platform. Carol, prior to holding the position of vice president of Research and Development at PowerTech, served as IBM's security architect for more than 10 years. During her tenure with IBM, Carol led the AS/400 (iSeries) Security Development team and designed many aspects of OS/400's security features. In addition Carol consulted with numerous iSeries business partners and customers. Carol speaks frequently on a variety of security topics at conferences and user groups around the world and is a technical editor for IBM's eServer, iSeries edition magazine. Carol also co-authored Implementing AS/400 Security a widely read book on security. Let Carol's experience work for you. Ask Carol Security-related questions anytime. >> CLICK HERE TO ASK Carol a question: http://Search400.techtarget.com/ateQuestion/0,289624,sid3_cid423497_tax288767,00.html >> CLICK HERE TO READ recent Q&As: http://search400.techtarget.com/ateAnswers/0,289620,sid3_cid423497_tax288767,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- MONTHLY NEWSLETTER | Top Expert Advice newsletter The Top Expert Advice newsletter was designed to help iSeries professionals manage tasks they deal with regularly. Each month we will give you expert advice on such topics as security, backup and recovery, Web development and application development. To receive this newsletter, simply edit your member profile at http://search400.techtarget.com/editSummary/1,291026,sid3,00.html and check Top Expert Advice newsletter under the Tips section. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- WHITE PAPERS ON ISERIES SECURITY |Free on Search400.com When it comes to securing your iSeries, the more advice and help you have the better. Browse Search400's new white papers section to find informative white papers on security and several other iSeries topics. >> CLICK here to view the white papers: http://search400.techtarget.com/whitepapersByCategory/0,293837,sid3_tax292513_idx0_off10,00.html ________________________________________________________________ :::::::::::::::::::::: SEARCH400 CONTACTS ::::::::::::::::::: TIP MAILBOX, (mailto:[EMAIL PROTECTED]) >> Send us feedback on tips and ideas for new tip content. ________________________________________________________________ MICHELLE DAVIDSON, Site Editor (mailto:[EMAIL PROTECTED]) >> Send us your story ideas and best practices. ________________________________________________________________ DEBRA TART, Assistant Editor (mailto:[EMAIL PROTECTED]) >> Send us your tips and Best Web Links. ________________________________________________________________ DAVID GABEL, Executive Tech Editor (mailto:[EMAIL PROTECTED]) >> Send me your technical tips and tip ideas. ________________________________________________________________ GABRIELLE DERUSSY (mailto:[EMAIL PROTECTED]) >> Sponsor this or any other TechTarget newsletter. ________________________________________________________________ ::::::::::::::::::::: ABOUT THIS NEWSLETTER :::::::::::::::::: Published by TechTarget (http://www.techtarget.com) TechTarget - The Most Targeted IT Media Copyright 2002 TechTarget. All rights reserved. If you no longer wish to receive this newsletter simply reply to this message with "REMOVE" in the subject line. Or, visit http://search400.techtarget.com/register and adjust your subscriptions accordingly.If you choose to unsubscribe using our automated processing, you must send the "REMOVE" request from the email account to which this newsletter was delivered. Please allow 24 hours for your "REMOVE" request to be processed.
