RE: No single case of hacking...

Leif, while I agree my machine doesn't prove much about AS/400 security, it
does prove a lot about Internet security. <grin>

My machine is not "locked down too tight".  It is a fully functional web
server, and can also be used to run web-enabled applications.  What more do
you think "should" be open?  Certainly not Telnet or FTP.  It just so
happens that I know full well that the only thing an anonymous user should
be able to do over the web is access the HTTP server.  Anything more and
you're an accident waiting to happen.

On the other hand, if I were to give you the appropriate passwords, etc.,
you could also access my machine through 5250 - I just don't make that sort
of information public.  Which is the way it's supposed to be.

On the third hand, if this were a Microsoft IIS server, you could break
through one of the many known security holes and get into my server and thus
my system, even with just port 80 access.  In this regard, the IBM HTTP
server is a much more secure web server than IIS.

Joe



> -----Original Message-----
> From: owner-mi400@midrange.com [mailto:owner-mi400@midrange.com]On
> Behalf Of Leif Svalgaard
> Sent: Thursday, June 07, 2001 9:18 AM
> To: MI400@midrange.com
> Subject: Re: No single case of hacking...
>
>
> Joe's machine is locked down too strongly for this.
> No ping, no ftp, no telnet, only serving webpages.
> It's like saying: "I'm secure, I allow noone on my machine,
> no programmers, no signons, no restore, no nothing.
> sure in this way you can be secure. Also as an additional
> measure: turn off the machine.
> So this is an extreme case and therefore does not
> prove that the AS/400 is vastly ahead re security.
>

+---
| This is the MI Programmers Mailing List!
| To submit a new message, send your mail to MI400@midrange.com.
| To subscribe to this list send email to MI400-SUB@midrange.com.
| To unsubscribe from this list send email to MI400-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: dr2@cssas400.com
+---