× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



A windows security expert CAN configure a windows system to not be
susceptible to known attacks. Despite unsubstantiated claims that it is
not possible.

An i5/OS security expert CAN configure an i5/OS system to not be
susceptible to known attacks.

The only difference between the two systems is how much it will cost each
expert to do this on their respective systems.

I assert that buffer overflow attacks can be successful on i5/OS systems
in certain situations are much more common than some people want to admit.
Bind Version 8, is one example of something that i5/OS had to patch
because it IS the AIX version that runs in PASE (by the operating system,
not at the discretion of the user or administrator) and the AIX version
was susceptible to buffer overflow attacks, and one could take over the
entire i5/OS system as a result of this. That's why IBM had to patch it.
The PASE, MI, SLIC experts were the ones that made the determination that
this was possible.

To claim that buffer overflows cannot happen on i5/OS is ludicrous. To
claim that this is a fatal flaw in i5/OS is also ludicrous. But
recognizing an issue allows you to address it appropriately (no matter how
trivial it might be to address it). Claiming it doesn't exist, is the
equivalent of burying your head in the sand.


Thanks.

Patrick Botz
IBM STG Lab Services Security Practice
botz@xxxxxxxxxx
work: 507 253 0917 mobile: 507 250 5644
http://www.ibm.com/systems/services/labservices

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.