× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. October 2008

RE: Telnet concerns from auditors

We do client access under ssl but did not need to issue a certificate for each user/workstation. We do have a verisgn certificate server side. I think issuing client certificates is only necessary if you want the server to be able to validate that the client is allowed to connect. If you just want to encrypt the password being sent at signon you do not need client certificates

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of John.BresinaJr
Sent: Thursday, October 02, 2008 3:43 PM
To: Midrange Systems Technical Discussion
Subject: RE: Telnet concerns from auditors

Larry,

We ran into the same issue with the auditors. Yes it was the ID/Password being sent in clear text that they were concerned about. We ended up implementing IPSec on all our regulated iSeries, AIX and Widows machines. IPSec is a VPN tunnel. During this implementation we found that IBM was not following the ratified standard for handling digital certificates and fought with them and got them to provide a V5R4 PTF to fix their issues. The solution works great but is a slight pain to setup.


John Bresina | Sr Server Engineer | Target Technology Services - iSeries| ¤Target | 33 S. 6th St, CC-1175 | Minneapolis, MN 55402 | 612 304 3665 (ph) |

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Ketzes, Larry
Sent: Thursday, October 02, 2008 2:17 PM
To: 'Midrange Systems Technical Discussion'
Subject: Telnet concerns from auditors





Has anyone had to explain to an auditor the use of telnet by users to get to
the iSeries? Our auditors are saying they are very concerned about our use
of telnet.
Would I be correct in saying the risk the auditors are concerned
about is the ID and Password being sent in clear text? This is corrected,
of course, by using the 'bypass signon' feature in iSeries Navigator.
Is there any other thing about telnet that they would be concerned
about?

Thanks, Larry


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.