× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2004

IFS // security vulnerability #1 of 2

Dear Vikas ...                                                      +> vendor 
response

Think of the IFS like the public library downtown

   If you've got a public library card, you have the same right as any other
   cardholder to visit the library building and use the resources in that
   building. In like manner, if you have access to the corporate network,
   your right to enter the iSeries' "Integrated File System" is the same
   as any other employee on the corporate network.

   The Integrated File System holds directories which have been made
   available to the network through a process called "File Shares." When
   your box arrived from IBM, the authority settings for the File Shares
   were wide open. Therefore, if these settings have never been scaled
   back to much more modest levels, then anyone with access to the
   corporate network would automatically have powerful/unguarded
   access to any IFS directory that File Shares have opened to the network.

   The objective is to make the File Share authorities very modest so that
   exposure of IFS directories to the entire network is no longer viewed
   as a vulnerability.

   Here's more information about identifying all File Shares, including the
   default File Shares that were delivered with the box and how to access
   the File Shares through iSeries Navigator.
         http://www.unbeatenpathintl.com/BOH/source/1.html

If you would like to arrange a free security assessment for your
system, including this IFS topic, please contact me off-line.

Warm regards and Merry Christmas,
Milt Habeck

North America: (888) 874-8008
International: (262) 681-3151
mhabeck@xxxxxxxxxx
www.unpath.com




+++++++    +++++++    +++++++    +++++++    +++++++
From: Vikas Bhat
To: 'Midrange Systems Technical Discussion'
Sent: Friday, December 17, 2004 2:59 AM
Subject: RE: Alternate to iSeries....IFS?

Hi all,

I just wanted to ask you a curious question, the answer to which might come
easily to some of you, as I don't know as much - what about attacks from
hackers, viruses to the IFS on the iSeries? Can any of you throw some light
on this for me? Isn't the IFS more susceptible? And what kind of protection
do we have on the iSeries for the IFS?

Regards,
Vikas

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.