× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. November 2004

RE: iSeries buffer overflow immunity?

On Mon, 2004-11-08 at 14:36, Chris Bipes wrote:
> Well in order to do any of this, you need to get a hold of the application,
> reverse engineer it, identify the weakness, then build the program to
> attach.  Easy to do with cheap MS applications that are generally available.
> But to do so I the iSeries will take a lot of money and effort.  Yes it can
> be done.  If I want to attach the Apache server on the iSeries, I could
> start with the open source for Apache on my windows platform.  But will the
> same attach on the same program work on the iSeries?  Now for my custom
> socket server that does not reside on any computer outside of the
> organization, well it would be more difficult to attach since you know
> nothing about my application and cannot get the program object or source to
> reverse engineer.
I generally agree with this line of thinking.  And, I'm much more
worried about the possible result of a C program (e.g. Apache) than any
RPG code as a result.

> 
> Most attacks are on wide spread internet services.  I.e. IIS, Exchange,
> SMTP, Cisco Routers, VPN server, FTP servers and others.  So I would not
> worry about custom applications that you put on the internet but on those
> standard packages that are widely used.  I do not think that one can break
> the actual IP stack provide by IBM that we all use.  But again, maybe there
> are holes in the low level stuff that can be hacked.
No, my investigation is making it clear to me that one would have to
work awful hard to open up some kind of flaw in RPG.  C, I don't know
about...
--
Regards,
Rich

Current Conditions in Des Moines, IA
Clear
Temp 39.2F, Windchill 33.1F
Winds out of the Southeast at 9mph

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.