× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. May 2009

RE: Is someone trying to hack my system?

Jerry, I know, believe me I know. The thing is that insurance department
auditors have this book that I swear is 12" thick. My first experience
with them was when I was delivered a 9" think audit questionnaire and
told answer it or else. We are private so no SOX involved. BUT, we are
regulated. Our "company" auditors require a penetration test every 6
months. They could not care less that is costs 5K. They want it, they
get it.

From the results of the penetration tests, I would venture to say we are
as tight as Rob's referenced rat's orifice.......I am still gasping for
air over that one........

Rob is dead serious on all counts.

Scary......

Bentley Pearson
Vice President - Information Services
Southland National Insurance Corporation
1812 University Blvd
Tuscaloosa, Al
35403
205 345 7410
bpearson@xxxxxxxxxxxxxxxxxxxxx


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jerry Adams
Sent: Wednesday, May 20, 2009 3:46 PM
To: Midrange Systems Technical Discussion
Subject: RE: Is someone trying to hack my system?

Unless you are part of a very large company, or have to pass something
like a SOX audit, normal (accounting) auditors don't know squat about
system security - even the I.T. auditors.

I get the most idiotic questions about the system during our annual
audit, but nothing worth blowing smoke at. These guys are Windows
savvy, but not IBM i savvy. Do they care (or even know) that I have
*AllObj security on production and development? "We're running at
security level 40," I say; blank stares.

That said, I have been audited in the past by highly competent and
thorough auditors. But those were D/P specific audits ("Financials? I
don't need to see no steenking financials."). And I've learned a lot
from those guys and gals; most notably not to volunteer something unless
you want it to show up in the audit letter.

Jerry C. Adams
IBM System i Programmer/Analyst
--
B&W Wholesale
office: 615-995-7024
email: jerry@xxxxxxxxxxxxxxx


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Bentley Pearson
Sent: Wednesday, May 20, 2009 3:16 PM
To: Midrange Systems Technical Discussion
Subject: RE: Is someone trying to hack my system?

Hey Rob, I know a couple of security consultants who would like to know
about that company! LOL.

SHOCKING.

Auditors would lock my doors over something like that. WOW.

Maybe I'm just paranoid.

Bentley Pearson
Vice President - Information Services
Southland National Insurance Corporation
1812 University Blvd
Tuscaloosa, Al
35403
205 345 7410
bpearson@xxxxxxxxxxxxxxxxxxxxx


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of rob@xxxxxxxxx
Sent: Wednesday, May 20, 2009 3:08 PM
To: Midrange Systems Technical Discussion
Subject: RE: Is someone trying to hack my system?

And I've heard of a local company with telnet open to the net and
QSECOFR/QSECOFR. Stunning.

Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.