× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. February 2002

Re: BugTraq Exploit for OS/400

I think the history of the box proves it is a very secure system when
properly
set up. IBM has provided the commands and interfaces to tighten security to
the level your company desires. But this subject is far more complex than
the "high, medium, low" levels in products like MS Internet Exploder.
Any sys admin who has not read and implemented the Tips and Tools for
Securing Your iSeries is most likely not secure. It has taken IBM years to
come from the default no password security level 10 days of V1 & V2 to
where we are today. IBM has been providing the Tips book with every release
(one of the few books we actually got) since approx V3. It is now in the
Info Center
and IBM continues to enhance it. It should be required reading for every new
release. btw-the changing the signon msgd warning is in the book!
Check out the Security Wizard in Ops Nav also.
jim

----- Original Message -----
From: "Hall, Philip" <phall@spss.com>
To: <midrange-l@midrange.com>
Sent: Monday, February 25, 2002 3:15 PM
Subject: RE: BugTraq Exploit for OS/400


> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> --
> [ Picked text/plain from multipart/alternative ]
>
>
> > Can't you change the message to say that?
>
> Like I said, for a secure system that the iSeries touts itself to be I
> shouldn't have to.
>
> Giving the least information possible is Security 101.
>
> --phil
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> or email: MIDRANGE-L-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.
>

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.