× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. March 1999

Re: Connecting satellite locations via the Internet

I understand the emotional impact of just putting a company's AS/400 on the 
internet, naked, just waiting for pot-shots from who-knows-where.  

The concerns over line sniffing seem no more serious though then the concerns 
one has with tapped phone-lines and snoopers going through the dumpsters.  The 
threats are real of course, and we do have our lines checked and our dumpsters 
are secure and we do know where the trash goes when it leaves the premises, but 
it is all a normal business operation and we weigh our costs vs. our risks.  We 
all have phones and we all have dumpsters.

I am not against security, but take a good look.  The choices may be wider than 
you suspect.  Mission critical is not the same thing as security-sensitive 
information.  Payroll is critical, but I see no real risk to receiving weekly 
time sheet information from remote locations by having them key into a work 
file on the AS/400, or even Ftping a small file for instance.  The risk is 
certainly no worse than the information being faxed or mailed. 

 Not every piece of company information has the same need for security.  No one 
gathers up the company's sales literature every night and locks it in a vault.



In <000a01be6c92$56b24020$0dc810ac@desktop>, on 03/12/99 
   at 09:12 AM, "Jeffrey Silberberg" <jsilberberg@mindspring.com> said:

>Boy,

>        This is a very scary statement.  I would suggest that you think
>very long and hard about putting a valid public IP address directly on
>your AS/400 IF it is running any mission critical applications.  Rather I
>recommend to my customers that they use a private IP address (RFC-1918)
>for there AS/400 and map the connections they wish people to have from
>the Internet to the AS/400 through a FireWall.  Don't map FTP or Telnet
>if all you want is a SSL Web server connection.

-- 
-----------------------------------------------------------
boothm@ibm.net
Booth Martin
-----------------------------------------------------------

+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.