Anything that you can do to discourage unwanted access to your IBM i system is a good idea. So, when I heard about Port Restrictions, I immediately thought that it would be a great idea to just shut down all the unused ports on our test box.
Have you ever wondered who is connected to your system with a network connection? In these days of interconnected systems, this should be a concern for all IBM i security officers. Even if you have fully deployed firewalls and exit point security, the answer to the above question might contain some surprises.
Many IBM i shops keep the SMTP server active on their system to support host-based applications that format and send e-mail messages directly from their IBM i system. With the SMTP server active, you could leave your system open to spammers who could take over the SMTP server to relay their spam messages. This tip describes how to control SMTP relay on your system.