× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Rob, The whole FSP on the LAN is where the heartbleed issue comes up. The
ASMI ssl-protected web-server is vulnerable (on p7+ if the IBM info is
correct), the same happens to the web-interface of the HMC (i wonder which
version of HMC is affected).
In the case of the FSP it's an obscure but big problem. Figure somebody
dumps enough FSP memory to figure out the login for admin. they can turn
off your server, screw with the PoD/MoD/CoD codes, etc... never mind
getting login credentials for the HMC...


On Tue, Apr 22, 2014 at 3:13 PM, <rob@xxxxxxxxx> wrote:

Keeping in mind that many people think that the only nefarious attacks
you'll ever get are from outside of your company I can maybe see if that's
where Mr. Draper is coming from. Supposing that mythological beast is
true, there is always the risk that someone's PC could get infected and
start scanning your network, take advantage of that weakness and report
the results to the outside.

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755
http://www.dekko.com

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.