× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. November 2003

RE: how we will program in the future

Yet, iSeries were shipped by the hundreds, if not thousands, to numerous 
sites that simply ran Domino or some other application package(s) and had 
neither a developer or system administrator on site.  And only recently 
did IBM change some of the defaults like security level 10. I would bet 
that a vast majority of iSeries have no exit point programs in place.  I 
would also bet that even numerous programmers, etc would not know why you 
would want to run at level 40 or 50.  I would also be willing to wager 
that several shops still count on 5250 menu security for a bulk of their 
security.

I bet that IBM still ships iSeries with if I start TCP/IP then start a 
bulk of other applications automatically, like telnet, ftp, etc.

Rob Berendt
-- 
"They that can give up essential liberty to obtain a little temporary 
safety deserve neither liberty nor safety." 
Benjamin Franklin 




"Joe Pluta" <joepluta@xxxxxxxxxxxxxxxxx> 
Sent by: midrange-l-bounces@xxxxxxxxxxxx
11/10/2003 11:52 AM
Please respond to
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>


To
"'Midrange Systems Technical Discussion'" <midrange-l@xxxxxxxxxxxx>
cc

Subject
RE: how we will program in the future






> From: Walden H. Leverich III
> 
> I submit to the argument that: most machines are "hacked" and "taken
over"
> not because the hacker knew the correct string of 7613 bytes to send
to a
> port to get Windows to run injected code, but rather because the
> administrator didn't properly secure the machine in the first place.

This is a change of subject!  Any computer is vulnerable to bad security
administration, from OS/400 to Windows.  But there are entire classes of
security breaches that are largely or wholly specific to Windows and
that require additional security patches just to counteract them, and
the "malicious website" problem is just one of them.

As to the issue of whether the administrator didn't secure the machine,
Nimda and its many brethren couldn't have flourished if it took an overt
act of bad administration on every one of the thousands or millions of
affected machines.  Instead, they were SHIPPED unsecured and vulnerable
to a host of worms and viruses.  And while you can easily argue that an
OS/400 machine needs to be locked down the moment it is installed, it is
asking a lot to expect Joe User to perform arcane and undocumented
system security tasks on his home PC.

Joe

_______________________________________________
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing 
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.