• How Fresche Fills Security Gap with Trinity Guard

  March 21, 2022 Alex Woodie

  We live in a world full of security threats. Black hat hackers – some working for themselves and some working for the governments of China and Russia – are constantly probing the Internet, looking for weak links in the information supply chain. With its acquisition of Trinity Guard, Fresche Solutions is determined to prevent your IBM i server from being one of them.

  It can be hard to fathom the impact that cybersecurity attacks have on the world, and the enormous pains that some organizations are taking to thwart them. In 2021, ransomware grabbed our attention thanks to large attacks …

  Read more

• IBM i PTF Guide, Volume 24, Number 11

  March 16, 2022 Doug Bidwell

  This Log4j security vulnerability just keeps being more and more pesky. If you haven’t seen it yet, there is an update to a Security Bulletin called Due to use of Apache Log4j, OmniFind Text Search Server for DB2 for i is vulnerable to arbitrary code execution (CVE-2021-4104), which you can read all about at this link.

  The patches for each release are described in full here:

  OmniFind V1R5M0:

  • SI78753
  • SI78754
  • SI78755

  OmniFind V1R4M0

  • SI78756
  • SI78757
  • SI78758

  OmniFind V1R3M0

  • SI78751
  • SI78759
  • SI78760
  • SI78761

  To help you with the Log4j security vulnerability, we have created a supplemental spreadsheet as a companion …

  Read more

• Log4j Security Hole Found In OmniFind Text Search Server

  March 14, 2022 Timothy Prickett Morgan

  Who would have thought that a logging utility written in Java and available for more than two decades could cause so much trouble? But that is the nature of the Log4j security vulnerability, which has been installed in all kinds of systems software and which had a Log4Shell vulnerability that was discovered by Chinese computing giant Alibaba on November 24 last year and that was revealed to the world on December 9 as a zero-day vulnerability.

  There are several areas of the IBM i software stack that use the Log4j logging utility, which is one of the many Apache open …

  Read more

• IBM i PTF Guide, Volume 24, Number 10

  March 7, 2022 Doug Bidwell

  This week, there are a bunch of security bulletins about yet more new vulnerabilities, this time in the HTTP Server and the Samba Windows file server clone that are embedded in the IBM i operating system. There is also a partial mitigation against Log4j/Log4Shell vulnerabilities, and you may get a laugh or a cry out of this one. Maybe both. OK, probably both. Let’s go through them all.

  First, there is Security Bulletin: IBM HTTP Server (powered by Apache) for i is vulnerable to CVE-2021-44224, which you can read about here at this link. With this vulnerability, the Apache …

  Read more

• IBM Accelerates New Nav Development Following Log4j Issue

  February 23, 2022 Alex Woodie

  When IBM launched the new version of Navigator for i last fall, executives figured they had time to fill out the new product’s functionality as customers gradually adopted it. But those plans were upended when Log4j rendered the old version vulnerable to a serious security flaw, and now IBM finds itself needing to accelerate the build out of New Nav while simultaneously ramping up promotion and outreach.

  IBM launched the new version of Navigator for i back in September 2021, when it announced the latest Technology Refreshes (TRs) for IBM i 7.3 and 7.4. New Nav, as the product …

  Read more

• IBM i PTF Guide, Volume 24, Number 7

  February 16, 2022 Doug Bidwell

  To help you deal with the Log4j security vulnerability, we have created a supplemental spreadsheet as a companion to the IBM i PTF Guide that has the latest information on what you need to worry about and do about it when it comes to this vulnerability.

  You can down the Log4j spreadsheet at this link.

  And just a reminder that there is a new version of Navigator for i, which you can find out more about at this link. This modern user interface can be accessed from http://hostname:2002/Navigator.

  Here is the rundown of PTF Groups by IBM i …

  Read more

• The State Of The IBM i Base 2022, Part One: The Operating System

  February 14, 2022 Timothy Prickett Morgan

  You probably already figured this out, but we love data here at The Four Hundred, and we are always particularly keen on any data that helps us to understand the IBM i ecosystem better. And that is why we always look forward to the annual IBM i Marketplace Survey report that comes out in January each year from HelpSystems, and because we are thankful for the data they gather, we help push the survey every year and also participate in the webinar for it as well as a donation to the IBM i community.

  IT Jungle co-editor Alex Woodie …

  Read more

• Some Good Advice About Log4j Mitigation Gotchas

  January 24, 2022 Timothy Prickett Morgan

  The Apache Log4j logging utility written in Java and available since the end of the Dot Com Boom in early 2001, has been installed far and wide into many systems and systems software packages in the more than two decades it has been available. And that is why the zero-day security vulnerability discovered by Chinese computing giant Alibaba on November 24 last year and revealed on December 9 has caused so much concern.

  Log4j is everywhere and that means the Log4Shell vulnerability that Alibaba described makes it particularly scary. But before we get into some of the mitigation advice that …

  Read more

• No Plan To Support New Nav on Older IBM i Releases, IBM Says

  January 19, 2022 Alex Woodie

  IBM has no plans to support the new version of Navigator for i (i.e., “New Nav”) with older releases of the operating system, despite the existence of the severe Log4j security flaw in the heritage version of Navigator (“Old Nav”). The early, unexpected death of Old Nav also will hasten the adoption of New Nav for customers on current releases, and New Nav will become the default version with an update in March, IBM says.

  Earlier this month, IBM announced that no security patches would be forthcoming for Old Nav, which uses the Log4j code at the heart of a …

  Read more

• IBM i Community Predictions For 2022, Part 3

  January 17, 2022 Alex Woodie

  Due to an unprecedented response from the community, we are running a third installment of 2022 predictions. The third (and final) round of predictions kicks off with an optimistic prophecy from Charles Guarino, the president of Central Park Data Systems, who has a very bright outlook for the year ahead in IBM i land.

  “As business confidence and optimism rallies, IT budgets will become less restrained,” Guarino tells IT Jungle. “Even those with the least maintained and enhanced legacy systems will experience modernization pressure. This will come from all sources, internal, external and industry compliance, all demanding swift …

  Read more

Previous Articles Next Articles