× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: Re: ODBC Security Concerns
  • From: John Earl <johnearl@xxxxxxxxxx>
  • Date: Wed, 04 Mar 1998 23:29:43 -0800

John Cirocco wrote:

<snip>

>  1)  There was a great thread on NEWS400.COM regarding ODBC security
> concerns and was to solve for them.  Since they redid their site I cannot find
> that great discusion.  Did anyone happen to save the details???

I was a participant in that thread, and I'm sure I have some of the details
around.  Paul Conte spokeill of Exit programs in a Newswire (how dare he!  :) 
and I
submitted a rebuttal.  That began a storm
of protest at his attack and NEWS/400 published all of them on theore web site.

Look in the Newswire archives, and if you don't find it there, I'm sure I have 
most
of it in my old
email program.  SDrop me a line and I'll forward what I have.


>  2) Secondly, I would appreciate any details on securing ODBC updates
> from occuring globally.  My concern is not with read access as I understand 
>how
> to solve that issue.  As for update access, I would rather not place a trigger
> on every file that will be open to viewing.

You can prevent OBDC updates by writing or buying exit programs that block all 
of
the various file
update tools.  This includes the SQL and Native Database interfaces.  While 
you're
at it, you may
want to block some other kinds of accesses such as remote command, file 
transfer,
and DDM.  You  must also be sure that you are blocking both the Original as 
well as
the Optimized servers.

Obligatory disclosure.  Our company sells an Exit Point security package.  You 
can
learn more
about it at www.lns400.com.


jte


--
John Earl Lighthouse Software Inc.
8514 71st NW Gig Harbor, WA 98335
253-858-7388 johnearl@lns400.com

Without Lighthouse Network Security/400, your AS/400 is wide open.
--


+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.