I have this case opened with IBM. There are certain clients attaching to the system where it starts 10,000+ port 23 (telnet) connections to our system. All using the same 1-3 workstation id's. Totally blows our activity level out of the water and is quite an effective denial of service attack.

-- Some TCP connections do not spawn "jobs". Therefore we'll use a different service.
select local_port, remote_address, count(*) as nbrconnections
from gdihq.qsys2.NS_INFO
where local_port = 23
group by local_port, remote_address
having count(*) > 10

Messing with things like QAUTOCFG, QAUTOVRT has ZERO effect on stopping this.

IBM's reply has been basically put on a patch to that version of the deprecated Client Access or upgrade to iACS.

Since most of these are Windows 7 VM sessions our Windows admins are leaning towards the patch. When they are ready to upgrade to Windows 10 on the 'gold' image they'll upgrade to iACS.

Rob Berendt
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 2505 Dekko Drive
Garrett, IN 46738
Ship to: Dock 108
6928N 400E
Kendallville, IN 46755

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.