× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. October 2011

Re: want to allow easy home access to iSeries

Booth,

Most security breaches are employees that have normal access to systems, therefore the answer to your questions in order is no and yes, there is an inherent risk to allowing anyone to access the system. That said, you have some control with employees, particularly if you have made them sign non-disclosure and electronic use policies that provide strict guidelines about what is acceptable or not. Now the US and state laws will help enforce the security.

With non-employees you might have some of the same protections providing you have a strong contract with them that specifies what is allowable and what is not, but not the same.

The question really is, how much security is enough, and too much. When humans are involved, everything is a calculated risk.

Jim Oberholtzer
Chief Technical Architect
Agile Technology Architects


On 10/4/2011 12:40 PM, Booth Martin wrote:
I am curious: Without sounding like a wise guy with this question, is
there something inherently safer in allowing employees to access the
machine, but not non-employees?

I am asking that badly. Let me try it this way: If the box is so
insecure as to cause fright about connecting it to the Internet, then is
there inherent risk in the box that is a concern for employee access, too?



On 10/4/2011 12:21 PM, Jerry Draper wrote:
> Don't kid yourself about tricking up the telnet port.
>
> It's sniffable in a nanosecond.
>
> J
>
> On 10/4/2011 10:10 AM, Richard Schoen wrote:
>> Why not use Logmein.com ?
>>
>> Set up an internal desktop with just the apps on it that are needed and let them at it.
>>
>> No cost and no open firewall ports.
>>
>> If you decide to open up Telnet, you might want to open up Port 21023 and map to Port 23 or similar so it doesn't sniff like a Telnet port if someone hits the address.
>>
>> Regards,
>> Richard Schoen
>> RJS Software Systems Inc.
>> Where Information Meets Innovation
>> Document Management, Workflow, Report Delivery, Forms and Business Intelligence
>> Email:richard@xxxxxxxxxxxxxxx
>> Web Site:http://www.rjssoftware.com
>> Tel: (952) 736-5800
>> Fax: (952) 736-5801
>> Toll Free: (888) RJSSOFT
>>
>> ----------------------------------------------------------------------
>> From:midrange-l-bounces@xxxxxxxxxxxx
>> [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Burns, Bryan
>> Sent: Tuesday, October 04, 2011 10:50 AM
>> To: Midrange Systems Technical Discussion
>> Subject: RE: want to allow easy home access to iSeries
>>
>> Thanks for the input david. We do have a VPN and I can use client access and the VPN to get on from home.
>>
>> We have a handful of distributors that need to get on to do forecasting and don't have any network credentials so a VPN isn't something management wants to set up for them.
>>
>> It's hard to tell from the Mochasoft advocates whether they're using a VPN or opening up port 23.
>>
>> Bryan
>>
>>
>
-- Booth Martin 802-461-5349 http://www.martinvt.com
--

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.