× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. February 2008

Re: Book on Hacking the iSeries

I would use the term that most accurately portrayed what the issue was. The
term "hacked" rightly or wrongly implies a failure in technology -- i.e. the
administrator did everything right and the attack could not be prevented
because of some failure in the technology which is rarely, if ever, in my
experience the case (and I'm sure I'll get flamed for that statement :-) ).

In the scenario you depict, if someone took control of a system because
QSECOFR password was set to QSECOFR, I personally would not EVER call that
being hacked...I call it being dumb.

The bottom line is that the title of the book caused many people to say "why
doesn't IBM fix this" when AFAIK there was not a single thing in the book
that had anything to do with the technology...


On 2/24/08, Walden H. Leverich <WaldenL@xxxxxxxxxxxxxxx> wrote:

Hacking the iSeries implies exploiting vulnerabilities
in the system itself.

While I don't disagree w/that it implies that, and I would agree that many
of these are "misconfigurations", if a server was effected by this, and
someone took control or stole data would you say that "a common
administrative mistake was exploited" or would you say the machine was
"hacked?" I know which I'd say.

-Walden

--
Walden H Leverich III
Tech Software
(516) 627-3800 x3051
WaldenL@xxxxxxxxxxxxxxx <mailto:WaldenL@xxxxxxxxxxxxxxx>
http://www.TechSoftInc.com <http://www.techsoftinc.com/>
Quiquid latine dictum sit altum viditur. (Whatever is said in Latin seems
profound.)

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.





As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.