• The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
Menu
  • The Four Hundred
  • Subscribe
  • Media Kit
  • Contributors
  • About Us
  • Contact
  • Guru: The Finer Points of Exit Points

    June 27, 2022 Bruce Bading

    Many years ago, we received a call from an IBM i customer stating that all exit points were gone and the QAUDJRN and receivers were missing. Then the question, “Do you think we’ve been hacked?” Truth was, the exit points weren’t gone; the associated programs had been de-registered. Conclusion, they had most likely been compromised.

    The IBM i platform is a very securable system that can be secured (Secure vs Secured – What’s the difference?, WikiDiff), if you take steps to secure it.

    On the IBM i, a limited number of functions provide an exit so that your …

    Read more
  • IBM i PTF Guide, Volume 24, Number 16

    April 20, 2022 Doug Bidwell

    It is a new week, and there are two new security vulnerabilities in the IBM i platform. First, there is Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to spoofing and clickjacking attacks due to swagger-ui (CVE-2018-25031, CVE-2021-46708), which you can read more about here. The IBM i PTF numbers containing the fix for the CVEs:

    IBM i Release      5770-SS1 PTF Number      PTF Download Link

    7.4                          SI78971                                https://www.ibm.com/support/pages/ptf/SI78971

    7.3                          SI78972                                https://www.ibm.com/support/pages/ptf/SI78972

    7.2                          SI78973                                https://www.ibm.com/support/pages/ptf/SI78973

    Then there is Security Bulletin: OpenSSL for IBM i is vulnerable to a denial of service due to a flaw in …

    Read more
  • Top Five Failures In State of IBM i Security For 2022

    April 18, 2022 Alex Woodie

    HelpSystems last week officially unveiled its annual State of IBM i Security report, the 18th straight year for the series. Like with past reports, the 2022 version highlights some of the continuing challenges that IBM i customers face when trying to secure their systems. A few key areas stand out above the rest.

    The IBM i server is a bit of an enigma when it comes to security. While it is widely perceived to be one of the most secure computing platforms on the planet – and “virus-proof” to boot – the reality is that a good number of IBM …

    Read more
  • Glimpsing Hope in the IBM i Security Situation

    April 6, 2022 Alex Woodie

    These are dark days in the security business, thanks to the boom in ransomware, the looming threat of cyberwar with Russia, and the poor security of IBM i servers. But just as it’s darkest before the dawn, there could be some preliminary indications that the IBM i community is finally starting to wake up when it comes to securing their most important applications, systems, and data.

    It’s hard to be optimistic in the face of repeated failures. When it comes to IBM i security, those failures have been well-documented in annual State of Security reports for nearly two decades by …

    Read more
  • IBM i Community Predictions For 2022, Part 1

    January 10, 2022 Alex Woodie

    While the month and year ostensibly are just values in the date field, when the calendar flips over from December to January, things feel different. There’s a greater sense of hope and optimism for what the new year will bring. Coming off another calamitous year filled with COVID-19, perhaps it’s we need that even more so this year.

    It has become an IT Jungle tradition to ask members of the IBM i community at the start of the year for their predictions. This year is no different, and so we’ll kick off the first part of our (most likely) two-part …

    Read more
  • Security Threats, They Are a Changin’

    November 17, 2021 Alex Woodie

    Ransomware came into 2021 like a lion, but rather than going out like a lamb, it seemed to get bigger and meaner. Even IBM i shops, which so often are protected from the wider security storm, felt the panic and sense of helplessness of having their previous data held for ransom. But early indications are that the security threat we’re talking about this time next year may be entirely different.

    It’s tough to overestimate the impact that ransomware had on American businesses and other institutions through the course of the year. We had indications that something big was unfolding a …

    Read more
  • Want to Talk IBM i OSS? Head Up the Ryver

    September 1, 2021 Alex Woodie

    The world of open source moves quickly, and it’s no different on the IBM i platform, where open source is being rapidly adopted by companies large and small. IBM i professionals who want to keep up to speed with the latest may want to check out a community of IBM i open source enthusiasts that was created on Ryver.

    Ryver (pronounced “river”) is a next-gen communications portal that’s taking on Slack, Microsoft Teams, and others. Like chatrooms and mailing lists, Ryver allows people to have open discussions, as well as private chats and focused conversations. There is also the …

    Read more
  • One IBM i Shop’s Close Call With Ransomware

    July 28, 2021 Alex Woodie

    Think the ransomware epidemic won’t affect you, that it’s somebody else’s problem? After reading this story about one IBM i shop’s recent experience with cybercriminals, it may have you thinking twice about your approach to security.

    Greg is the IT manager at a midsize distribution company located in the South. IT Jungle is abiding by his request to keep his last name and the name of his company out of this article. But Greg was determined to share his story with the wider IBM i community, in the hopes that it will spur them to take the ransomware threat seriously, …

    Read more
  • Controlling IBM i Access With Exit Points

    March 29, 2021 Bill Hammond

    Today, the job of managing security on IBM i can be complicated, requiring dynamic technologies and processes that can respond quickly to ever-evolving threats and new regulations. Ransomware and other malware can, and has, infected IBM i systems and effective access control is a major weapon in the battle to secure your IBM i. There are many different approaches and technologies you can use to keep your IBM i secure.

    Using the exit points provided by the IBM i operating system can be a powerful tool to monitor and secure four important levels of access within the IBM i:

    • Networks
    …

    Read more
  • Locking Down Exit Point And IFS Vulnerabilities On IBM i

    March 24, 2021 Pauline Brazil Ayala

    It’s true that the IBM i server is among the most securable servers on the planet. But all too often, customers do not take the time to secure their environments properly. This is particularly true for two of the most oft-neglected components of the IBM i environment: exit points and the IFS.

    IBM introduced exit points with the launch of OS/400 V3R1 way back in 1994. We remember that version well here at Trinity Guard, because soon after that, we developed the industry’s first exit point monitoring software for the AS/400 at PentaSafe, the spiritual predecessor of our company. …

    Read more

Previous Articles

Content archive

  • The Four Hundred
  • Four Hundred Stuff
  • Four Hundred Guru

Recent Posts

  • IBM Mulls Using DataMigrator as Cloud Warehouse Pipeline
  • PowerTech AV Automatically Detects Ransomware Activity
  • Infor Puts CM3 Project On Hold
  • Four Hundred Monitor, June 29
  • IBM i PTF Guide, Volume 24, Number 26
  • Guild Mortgage Takes The 20-Year Option For Modernization
  • IBM i Licensing, Part 3: Can The Hardware Bundle Be Cheaper Than A Smartphone?
  • Guru: The Finer Points of Exit Points
  • Big Blue Tweaks IBM i Pricing Ahead Of Subscription Model
  • We Still Want IBM i On The Impending Power E1050

Subscribe

To get news from IT Jungle sent to your inbox every week, subscribe to our newsletter.

Pages

  • About Us
  • Contact
  • Contributors
  • Four Hundred Monitor
  • IBM i PTF Guide
  • Media Kit
  • Subscribe

Search

Copyright © 2022 IT Jungle