×
The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.
It is old discussion, but I do not read the list regularly...
To those of you who use FTP and remote command. (well, I admit I do...) I
ran a sniffer and saved it's log to a file, wich I then filtered through my
Perl script which makes it more readable. Remote command run from AS/400 on
PC gives you the SAME AMOUNT OF INFORMATION: user profile, password, what
command you run, what did PC answer etc.
If you will still like to use remote command, do not run the server all the
time. OK, listen to example scenario: You have remote command server on a PC
running. I start a sniffer and wait for as/400 to run a command on your PC.
You do use user profile and password, yes? I sniff them and can run any
command on your PC, like deleting files. I can ftp word documents from your
PC to mine. I can install key logger on your machine and will be able to
know your every keystroke!
OK, here is the transcript of the session I got. Anyone can explain to me
how can I still use FTP, but in secure way? Any simple (and free of charge)
trick to find out whether anybody runs sniffer on the network? (maybe off
the list, as it is not AS/400 related)
David
***************************
Janusz David Prusaczyk
janusz.prusaczyk@big.pl
tel. +48 (22) 657 57 48
***************************
_______________________ BEGIN TRANSCRIPT _________________
[10.2.1.63:21] -> [10.2.1.105:1335]
.@220-QTCP at CENTRALA. 220 Connection will close if idle more than 5
minutes.
[10.2.1.105:1335] -> [10.2.1.63:21]
USER davidopr
[10.2.1.63:21] -> [10.2.1.105:1335]
331 Enter password.
[10.2.1.105:1335] -> [10.2.1.63:21]
PASS issecret
[10.2.1.63:21] -> [10.2.1.105:1335]
230 DAVIDOPR logged on.
[10.2.1.105:1335] -> [10.2.1.63:21]
CWD david
[10.2.1.63:21] -> [10.2.1.105:1335]
250 "DAVID" is current library.
[10.2.1.105:1335] -> [10.2.1.63:21]
PORT 10,2,1,105,5,56
[10.2.1.63:21] -> [10.2.1.105:1335]
200 PORT subcommand request successful.
[10.2.1.105:1335] -> [10.2.1.63:21]
LIST
[10.2.1.63:20] -> [10.2.1.105:1336]
@@@@@@@@
[10.2.1.63:21] -> [10.2.1.105:1335]
125 List started.
[10.2.1.63:20] -> [10.2.1.105:1336]
IBISOPR 20480 13/04/00 09:34:42 *FILE BP IBISOPR
*MEM BP.BP IBISOPR 245760 21/06/00 16:35:14 *FILE CLKI
IBISOPR *MEM CLKI.CLKI ADAMOPR
32768 17/04/00 22:13:50 *FILE CMEBSB ADAMOPR
*MEM CMEBSB.CMEBSB ADAMOPR 32768 17/04/00 22:13:53 *FILE
CMEBSBKONT ADAMOPR *MEM
CMEBSBKONT.CMEBSBKONT ADAMOPR 20480 17/04/00 22:11:13 *FILE
CMEINT ADAMOPR *MEM CMEINT.CMEINT
ADAMOPR 36864 17/04/00 22:11:15 *FILE CMEKAS ADAMOPR
*MEM CMEKAS.CMEKAS ADAMOPR 36864 17/04/00 22:12:45 *FILE
CMELIFOA ADAMOPR *MEM
CMELIFOA.CMELIFOA ADAMOPR 28672 17/04/00 22:12:47 *FILE
CMELIFOV ADAMOPR *MEM
CMELIFOV.CMELIFOV IBISOPR 45056 26/11/99 08:14:19 *FILE
CMEPAL02 IBISOPR *MEM
CMEPAL02.CMEPAL02 IBISOPR 45056 25/10/99 10:56:21 *FILE
CMEPAL02A IBISOPR *MEM
CMEPAL02A.CMEPAL02A ADAMOPR 20480 17/04/00 22:12:43 *FILE
CMEPROF ADAMOPR *MEM CMEPROF.CMEPROF
ADAMOPR 32768 17/04/00 22:11:16 *FILE CM
[10.2.1.63:21] -> [10.2.1.105:1335]
250 List completed.
[10.2.1.63:20] -> [10.2.1.105:1336]
ESBB ADAMOPR *MEM CMESBB.CMESBB
ADAMOPR 32768 17/04/00 22:12:42 *FILE CMESBBKONT ADAMOPR
*MEM CMESBBKONT.CMESBBKONT ADAMOPR 28672 17/04/00 22:13:49
*FILE CMESPR2PD ADAMOPR *MEM
CMESPR2PD.CMESPR2PD IBISOPR 20480 19/10/99 12:06:44 *FILE
CMESPR2PF IBISOPR *MEM
CMESPR2PF.CMESPR2PF IBISOPR 135168 02/03/00 10:32:16 *FILE
FXG01G IBISOPR *MEM FXG01G.FXG01G
IBISOPR 45056 06/06/00 13:01:45 *FILE HP IBISOPR 36864
26/11/99 13:36:17 *FILE LOKMBANK IBISOPR
*MEM LOKMBANK.LOKMBANK ADAMOPR 20480 17/04/00 22:12:53 *FILE
LOKMBANK1 ADAMOPR *MEM
LOKMBANK1.LOKMBANK1 ADAMOPR 20480 17/04/00 22:12:54 *FILE
LOKMBANK10 ADAMOPR *MEM
LOKMBANK10.LOKMBANK10 ADAMOPR 20480 17/04/00 22:12:54 *FILE
LOKMBANK11 ADAMOPR *MEM
LOKMBANK11.LOKMBANK11 ADAMOPR 20480 17/04/00 22:12:53 *FILE
LOKMBANK2 ADAMOPR *MEM
LOKMBANK2.LOKMBANK2 ADAMOPR 20480 17/04/00 22:12:48 *FILE
LOKMBANK3 ADAMOPR *MEM
LOKMBANK3.LOKMBANK3 ADAMOPR 20480 17/04/00 22:12:48 *FILE
LOKMBANK4 ADAMOPR *MEM
LOKMBANK4.LOKMBANK4 ADAMOPR 20480 17/04/00 22:12:49 *FILE
LOKMBANK5 ADAMOPR *MEM
LOKMBANK5.LOKMBANK5 ADAMOPR 20480 17/04/00 22:12:50 *FILE
LOKMBANK6 ADAMOPR *MEM
LOKMBANK6.LOKMBANK6 ADAMOPR 20480 17/04/00 22:12:50 *FILE
LOKMBANK7 ADAMOPR *MEM
LOKMBANK7.LOKMBANK7 ADAMOPR 20480 17/04/00 22:12:51 *FILE
LOKMBANK8 ADAMOPR *MEM
LOKMBANK8.LOKMBANK8 ADAMOPR 20480 17/04/00 22:12:52 *FILE
LOKMBANK9 ADAMOPR *MEM
LOKMBANK9.LOKMBANK9 IBISOPR 61440 09/05/00 17:40:13 *FILE
OBIEKTY IBISOPR *MEM OBIEKTY.OBIEKTY
DAVIDOPRO 7393280 22/11/00 14:51:37 *FILE PROFILE DAVIDOPRO
*MEM PROFILE.PROFILE IBISOPR 28672 11/04/00 13:40:38 *FILE
PROW IBISOPR *MEM PROW.PROW QDFTOWN
24576 11/04/00 13:29:45 *FILE QCLSRC QDFTOWN
*MEM QCLSRC.CPYSPLFPDF QDFTOWN 20480 11/04/00 13:29:45 *FILE
QCMDSRC QDFTOWN *MEM
QCMDSRC.CPYSPLFPDF IBISOPR 749568 29/08/00 08:18:55 *FILE
ROSNERGIFT IBISOPR 671744 21/06/00 16:33:42 *FILE RPGI IBISOPR
*MEM RPGI.RPGI IBISOPR 77824 26/06/00 15:14:15 *FILE
SNDMAIL IBISOPR 1085440 22/11/00 14:03:06 *FILE SOURCES IBISOPR
*MEM SOURCES.BANKOWOSC IBISOPR *MEM
SOURCES.CHKIFSOBJ IBISOPR *MEM
SOURCES.CHKIFSOBJC IBISOPR *MEM
SOURCES.CLOBRDETS IBISOPR *MEM
SOURCES.CLODSOVR IBISOPR *MEM
SOURCES.CLPROWIZJE IBISOPR *MEM
SOURCES.CPYSPLFPDF IBISOPR *MEM
SOURCES.CPYTOHTML IBISOPR *MEM
SOURCES.CSWP IBISOPR *MEM
SOURCES.CSWPD IBISOPR *MEM
SOURCES.DAVIDSPL IBISOPR *MEM
SOURCES.DDSTEST IBISOPR *MEM
SOURCES.EMAILLOG IBISOPR *MEM
SOURCES.EPFTP IBISOPR *MEM
SOURCES.GENERAL IBISOPR *MEM
SOURCES.MKPASS IBISOPR *MEM
SOURCES.MNURAP IBISOPR *MEM
SOURCES.MNURAPQQ IBISOPR *MEM
SOURCES.MO_IN IBISOPR *MEM
SOURCES.MO_INCMD IBISOPR *MEM
SOURCES.MO_INPGM IBISOPR *MEM
SOURCES.NIEPOLOMIC IBISOPR *MEM
SOURCES.NIEPOLOMUP IBISOPR *MEM
SOURCES.OBRDETS IBISOPR *MEM
SOURCES.ODDZILEKWP IBISOPR *MEM
SOURCES.ODSOVR IBISOPR *MEM
SOURCES.PROWIZJE IBISOPR *MEM
SOURCES.QRYOBRDETS IBISOPR *MEM
SOURCES.QRYODSOVR IBISOPR *MEM
SOURCES.QRYPROWIZJ IBISOPR *MEM
SOURCES.RTL33G IBISOPR *MEM
SOURCES.RTVMIME# IBISOPR *MEM
SOURCES.SCSWP IBISOPR *MEM
SOURCES.SNDEMAIL IBISOPR *MEM
SOURCES.SNDEMAILC IBISOPR *MEM
SOURCES.SNDEMAILR IBISOPR *MEM
SOURCES.SNDMAIL IBISOPR *MEM
SOURCES.SNDMAILCMD IBISOPR *MEM
SOURCES.SNDMAILR IBISOPR *MEM
SOURCES.SNIFFRPG IBISOPR *MEM
SOURCES.TELDRUK IBISOPR *MEM
SOURCES.TELMAIN IBISOPR *MEM
SOURCES.TELMENU IBISOPR *MEM
SOURCES.TELMST IBISOPR *MEM
SOURCES.TELMSTL1 IBISOPR *MEM
SOURCES.TELMSTL2 IBISOPR *MEM
SOURCES.TELMSTL3 IBISOPR *MEM
SOURCES.TELNPMNU IBISOPR *MEM
SOURCES.TELSNAMMNU IBISOPR *MEM
SOURCES.TELSNAZ IBISOPR *MEM
SOURCES.TELTST IBISOPR *MEM
SOURCES.TELTSTDD IBISOPR *MEM
SOURCES.WCG IBISOPR *MEM SOURCES.WCGPS
IBISOPR *MEM SOURCES.WCGPSF IBISOPR
*MEM SOURCES.WIN IBISOPR 28672 12/04/00 09:44:15 *FILE
STOGO IBISOPR *MEM STOGO.STOGO IBISOPR
57344 03/02/00 22:29:14 *FILE TELMST IBISOPR
*MEM TELMST.TELMST IBISOPR 32768 15/06/99 07:06:58 *FILE
TELMSTL3 IBISOPR *MEM
TELMSTL3.TELMSTL3 IBISOPR 7360512 03/08/00 12:33:05 *FILE WCG
IBISOPR *MEM WCG.WCG IBISOPR
4214784 03/08/00 13:04:03 *FILE WCGPS IBISOPR
*MEM WCGPS.WCGPS IBISOPR 57344 09/08/00 14:03:55 *FILE
WCGPSH IBISOPR *MEM WCGPSH.WCGPSH
ADAMOPR 20480 17/04/00 22:13:08 *FILE WGDWL ADAMOPR
*MEM WGDWL.WGDWL IBISOPR 20480 24/11/99 14:34:05 *FILE
WGDWL_WL6 IBISOPR *MEM
WGDWL_WL6.WGDWL_WL6 ADAMOPR 20480 17/04/00 22:13:01 *FILE
WGDWLPLN ADAMOPR *MEM
WGDWLPLN.WGDWLPLN ADAMOPR 20480 17/04/00 22:13:14 *FILE WGDWL1
ADAMOPR *MEM WGDWL1.WGDWL1 ADAMOPR
20480 17/04/00 22:13:21 *FILE WGDWL2 ADAMOPR
*MEM WGDWL2.WGDWL2 ADAMOPR 20480 17/04/00 22:13:28 *FILE
WGDWL3 ADAMOPR *MEM WGDWL3.WGDWL3
ADAMOPR 20480 17/04/00 22:13:41 *FILE WGDWL5 ADAMOPR
*MEM WGDWL5.WGDWL5 ADAMOPR 20480 17/04/00 22:13:48 *FILE
WGDWL6 ADAMOPR *MEM WGDWL6.WGDWL6
IBISOPR 49152 17/04/00 11:14:15 *FILE WYDRUK IBISOPR
*MEM WYDRUK.WYDRUK Å@@@@@
[10.2.1.105:1335] -> [10.2.1.63:21]
XPWD
[10.2.1.63:21] -> [10.2.1.105:1335]
257 "DAVID" is current library.
[10.2.1.105:1335] -> [10.2.1.63:21]
PORT 10,2,1,105,5,57
[10.2.1.63:21] -> [10.2.1.105:1335]
200 PORT subcommand request successful.
[10.2.1.105:1335] -> [10.2.1.63:21]
RETR telmst
[10.2.1.63:20] -> [10.2.1.105:1337]
Co331 En
[10.2.1.63:21] -> [10.2.1.105:1335]
150 Retrieving member TELMST in file TELMST in library DAVID.
[10.2.1.63:20] -> [10.2.1.105:1337]
�ZIELI]SKI KONRAD WARSZAWA BB INFORMATYKI
NIENACZELNIK CK 6575797
8380185 601286372 �GRUDZI]SKI WOJCIECH WARSZAWA BB
INFORMATYKI SPECJALISTA CK
6575004 7877340 601370226 �RYBCZY]SKI RAFA[ WARSZAWA BB
INFORMATYKI OPERATOR CK
6575823 6786419 602762123 |KRASUSKI MARCIN WARSZAWA BB
INFORMATYKI PROGRAMISTA
6771262 8152033 601342483 200 PO���?ãÁ
[10.2.1.63:21] -> [10.2.1.105:1335]
250 File transfer completed successfully.
[10.2.1.105:1335] -> [10.2.1.63:21]
QUIT
[10.2.1.63:21] -> [10.2.1.105:1335]
221 QUIT subcommand received. 125 LiIBISOP
_________________________ END TRANSCRIPT ________________
Rob,
rob@dekko.com wrote:
> Well I'll be dipped! I swore that I read that this was patched.
FTP remote command was "fixed" in V4R2. Client Access Remote command (which
uses
DDM) will likely never be "fixed".
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact
[javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
