Kisco Systems

Kisco U

Free training to secure every IBM i

We sell software, but we give away knowledge for free!
Sign up to receive an email update when we add new content to Kisco U


  • Monitoring IBM i licensing status

    With IBM's move towards an IBM i subscription model, tracking license status is now more important than ever. Here's how to stay on top of IBM i licensing.

    Read more

  • Listing installed certificates

    Here are a couple of procedures to view the list of SSL certificates that are installed on your IBM i.

    Read more

  • Finding Security Fixes for Apache on IBM i

    The Apache-based IBM HTTP Server for i is a vital defense in web and API security for IBM i. As such, it requires regular attention.

    Read more

  • What IBM i Users Should Check When Learning of a Security Vulnerability

    Use this procedure to check the version of libwebp or any other open source package on IBM i.

    Read more

  • Basic Authentication Credentials are Encrypted with TLS

    You may have heard claims that HTTP “basic” authentication leaves credentials unencrypted and exposed. While it’s true that basic auth itself doesn’t encrypt credentials, this doesn’t matter in practice. Modern sites and APIs should be using HTTPS, which encrypts everything over the wire, protecting basic authentication credentials in transit.

    Read more

  • Controlling FTP with IBM i Function Usage

    The IBM i OS includes a feature called Function Usage that will let you control FTP. Function Usage controls who is allowed to connect with your system using FTP from a remote location, what FTP commands they are allowed to use and who can initiate an FTP session from your IBM i to a remote server.

    Read more

  • Journaling Data Areas

    Because data areas can be handled by multiple programs, it is often difficult to understand how a setting changed and when it happened. Did you know you can use IBM i journaling technology on data areas? Find out how to set this up and interpret the data.

    Read more

  • IBM i Remote Program Security Loopholes

    Users with limited capabilities can STILL execute IBM i commands and programs in various network connected contexts such as ACS "Run SQL Scripts" and FTP.

    Read more

  • Audit journal record types

    As with any journaling technology from IBM, the audit journal data can be incomprehensible. And IBM logs a lot of data points. The entries are logged as various record types with a two character type code. From a security monitoring and alerting perspective, we only really care about a subset of these records.

    Read more