Kisco Systems

IBM i Security Tips

Home : Blog : Network Security

Network Security

Network Intrusion - An Allegory

If you don't keep track, you'll never know what's going on in your yard. You could be getting attacked on a regular basis and never know it.

Read more

Can NAT and IP Packet Filtering Work For You?

NAT stands for "Network Address Translation". Among other things, NAT will allow you to provide public access to your system even though it sits behind a firewall.

Read more

Hacking Report For Our IBM i - A Current Update

Thanks to our SafeNet/i exit point network control software, we successfully thwarted all unauthorized accesses. Of these, 351 were attempts to gain access via FTP and another 6,009 attempts were to get a Telnet signon session during the analysis period.

Read more

Hiding Places for Malicious Code

To review the current contents of the system job scheduler, use the i/OS command Work with Job Schedule Entries (WRKJOBSCDE). This command will display information about every job in the system job scheduler. It will tell you what the job is, how it is invoked and when it is next scheduled to run.

Read more

Reporting A Break In - My Experience

Recently, we identified a new phenomenon where a hacker (or hackers) are attempting to break into our system using Telnet. The pattern is always the same. Exactly twenty seven attempts are made to open a Telnet session on the server. The attack lasts for 2-3 minutes and then stops.

Read more

Tracking Remote Access Users On Your IBM i

In the IBM i world, it has always been possible to track access to the system by user profile. It is just a simple matter of activating and configuring the system audit journal and sitting back to wait for some information to be accumulated. Then, using the DSPJRN judiciously, you can get a list of who signed on to your system and when they did so.

Read more

Controlling Remote Access to your IBM i

The thing that makes remote work possible is the Internet and remote access technology. But, as you think about it, while you have access remotely to off site computing resources, so does anyone else who is connected to the Internet. That is a huge security exposure to your IBM System i. Even the much touted security on this exceptional system will have exposures.

Read more

Hacking Report For Our IBM i - 2013 in Review

For the full year, our server posted close to 1 million network transactions. This is nothing in today's computing environment, some of our customer's servers can record that level of activity in just a few minutes. But, taken as a whole for the year, 0.5% of those network access attempts were not authorized by us.

Read more

And More Tips for Securing FTP on your IBM i

there are lots of good reasons why you want to allow FTP access to your system. So, don't be afraid of it, but use it wisely.

Read more

Hacking Report For Our IBM i - 3rd Qtr 2013

During this quarter, we saw that brute force FTP attacks using a large number of different common user profiles disappeared. In its place, we are seeing repeated attempts to gain access using very common user profiles but cycling through multiple passwords on each attempt.

Read more

More Tips for Securing IBM i FTP

A few weeks ago, I published a tip about the security exposure that FTP represents on your IBM i platform. That tip has generated some interesting feedback along with some ideas from readers on how they address the issue. This tip features some additional ideas for you to protect yourself from FTP abusers.

Read more

Watch Out For FTP On Your IBM i

With FTP on your IBM i, you can transfer files to other systems, including other IBM i's, with ease. You can also use it to move programs and files between systems, all with relative ease. But, increasingly, FTP is also becoming the hackers weapon of choice when cruising the Internet. And, with FTP's QUOTE command (among others), a knowledgeable hacker could do some serious damage to your system.

Read more