× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



One point of note about sniffing software -
"unless" things have changed in the last two
or three years (which they could have)

A sniffer program MUST be run on your connection,
which means that you have a hacker working in-house,
or there is a hacker working at your ISP -
not to say that it could not be happening,
but last time I discussed with security people,
a sniffer just hanging on the internet can only
snif traffic there - (but be "warned" that means
if your people working on your AS/400 do not have
virus protection, a virus could be placed on their PC
which would allow the sniffing to occur - this is even
a danger if you only allow dial-up access)

All communications runs the risk of being hacked -
go as secure as you can (SSL and run 128 byte encryption -
the lower ones(40/56) are crack able in a reasonable amount of time)




-----Original Message-----
From: midrange-l-admin@midrange.com
[mailto:midrange-l-admin@midrange.com]On Behalf Of Justin Haase
Sent: Wednesday, December 04, 2002 8:59 AM
To: 'midrange-l@midrange.com'
Subject: RE: Remote Access (Again)


Thank you.  Well put.

jch

-----Original Message-----
From: Adam Lang [mailto:aalang@rutgersinsurance.com]
Sent: Wednesday, December 04, 2002 8:57 AM
To: midrange-l@midrange.com
Subject: Re: Remote Access (Again)


To sum up everything Scott said:

The problem with Telneting across the internet is that login information is
clear text.

So, anyone sniffing packets can grab your as/400 username and password, as
well as other info going across.

Also, they will know the destination port and ip address.

Which means they can now connect to your as/400 with a valid account.

Think of Telnetting over the internet like sending cash in the mail.  All it
takes is someone between you and the letter's address to hold the envelope
up to the light, see money in it, open it up and take it.

Not to mention it allows brute force attacks on your system too.

As far as:
> > I've worked with two iSeries machines that were on the
> > internet for over 5 years with zero troubles.
>
> This is like saying "I went five years without any health insurance or
> other coverage, and I never got sick!"  Or "I drove my motorcycle without
> a helmet for 5 years, and I never got hurt!"
>
> You were lucky.  That doesn't mean it should be recommended.

Thsi is relatively accurate also, except even further saying you were never
sick, when in reality you have terminal cancer.  If someone has effectively
compromised your system and they are pros, you WON'T know you have had a
problem.

How would you knwo if a malicious person logged into your system, and
printed out information that was on your system?

Not all crackers destroy things.

It's not about if the AS/400 can handle being conencted to the Internet.  t
can.  But NOTHING should allow telnet access to it over the internet.

Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company
http://www.rutgersinsurance.com

_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@midrange.com
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
or email: MIDRANGE-L-request@midrange.com
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.




As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.