× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. December 2002

Re: Remote Access (Again)

I agree.  Saying <Internet> --- (23)Anything is more accurate

Adam Lang
Systems Engineer
Rutgers Casualty Insurance Company
http://www.rutgersinsurance.com
----- Original Message -----
From: "Booth Martin" <Booth@MartinVT.com>
To: <midrange-l@midrange.com>
Sent: Wednesday, December 04, 2002 12:56 PM
Subject: RE: Remote Access (Again)


> --
> --
> [ Picked text/plain from multipart/alternative ]
> "**BAD Solution**
> <Internet> ---> (23)iSeries"
>
> Please, lets not make these generic statements.  The iSeries machine is
just
> great as a internet server.  It serves webpages, does all sorts of good
> things.   In this discussion though you are relegating the AS/400 to
> back-office duty.
>
> In the back-office role the rules are a great deal different and have
> nothing to do with the platform.  Whether the  Company's books are kept
with
> Quicken on a PC or on a Mainframe in a bunkered silo, security is a
business
> issue, not a platform issue.
>
>
> ---------------------------------------------------------
> Booth Martin   http://www.MartinVT.com
> Booth@MartinVT.com
> ---------------------------------------------------------
>
> -------Original Message-------
>
> From: midrange-l@midrange.com
> Date: Wednesday, December 04, 2002 10:46:00 AM
> To: 'midrange-l@midrange.com'
> Subject: RE: Remote Access (Again)
>
> > last time I discussed with security people,
> > a sniffer just hanging on the internet can only
> > sniff traffic there
>
> So if your iSeries is on the internet (port 23 or any port for that
matter)
> then the sniffer could sniff it. Internal network with no direct internet
> access, no. Access to internet, fair game.
>
> Turning ICMP off is the first step in effective security (no ping
> responses).
>
> Long and the short of it is that any open port from any type of system
open
> to the internet is a vulnerability and needs to be weighed against risk
and
> potential damage. A firewall is a good step. An intermediary server is
> even better - running some sort of terminal emulator which is web/java
> based.
>
> **Good Solution**
> <Internet> ---> (443)Firewall(443) ---> (443)Intermediary(23) --->
> (23)iSeries
>
> **BAD Solution**
> <Internet> ---> (23)iSeries
>
> jch
> .
> --
> [ IMSTP.gif of type image/gif deleted ]
> --
>
> _______________________________________________
> This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
> To post a message email: MIDRANGE-L@midrange.com
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l
> or email: MIDRANGE-L-request@midrange.com
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.