• Shield Delivers Monitoring Solution for FTP on IBM i

  June 19, 2024 Alex Woodie

  Shield Advanced Solutions last month delivered FT4i, a new utility that helps to secure File Transfer Protocol (FTP) activity on IBM i. The new tool not only controls who is allowed to use FTP, but also logs all FTP activity to uncover possibly criminal activity after the fact.

  FTP is one of the most heavily used Internet protocols in the world. Across every industry, organizations use FTP to send and receive what is likely petabytes worth of data every single day. If the Internet is a “super highway,” then FTP is the 20-lane workhorse of an Interstate freeway, facilitating information …

  Read more

• More Critical Security Vulns Reported In IBM i Components

  March 4, 2024 Alex Woodie

  The run of serious security vulnerabilities in IBM i components continues in early 2024, as IBM reported 10 new flaws exist across OpenSSH, the Apache Web Server, ISC, and Facsimile Support for IBM i in February and early March. All of the flaws impact IBM i 7.2 through 7.5 and all have been patched by IBM via PTFs.

  The most critical of the recent batch of security flaws exists in OpenSSH, the open source security utility for establishing encrypted communications between hosts and clients. As described by IBM in this February 23 security bulletin, the vulnerability (CVE-2023-51385) is caused …

  Read more

• New Run SQL Scripts Features in ACS Update

  August 23, 2023 Alex Woodie

  If you’re a fan of the Run SQL Scripts features in IBM i Access Client Solutions, then there’s good news: IBM has adopted several suggestions on how to improve the functionality in the latest release of ACS.

  IBM quietly released ACS version 1.1.9.3 last month, enabling a series of new functions in the popular Java-based utility used by IBM i professionals to interact with the platform, as well as a handful of fixes.

  At the top of the list, according to an IBM Support document on the new release, are enhancements to Run SQL Scripts (RSS), the handy facility that …

  Read more

• Midsummer Security Indicators: Hot and Gloomy

  August 2, 2023 Alex Woodie

  The hot summer heat is smothering Americans like a tight polyester jacket these days. Also having big impacts on Americans are hackers, security vulnerabilities, spam, and malicious emails, which seem to be peaking with the seasonal fry.

  Security software company Securin scanned 8 million addressable IPs among US state government systems, and discovered 119,000 instances of high-risk services that could be easily exploited, according to a report released yesterday, dubbed “The State of Cybersecurity in America.”

  All told, Securin found 3,700 exposed databases (Db2 among them), 3,400 exposed Secure Shell (SSH) endpoints, 2,780 exposed File Transfer Protocol (FTP) systems, and …

  Read more

• White Hats Completely Dismantle Menu-Based Security

  February 6, 2023 Alex Woodie

  Think menu-based security can prevent cybercriminals from accessing the most important parts of your IBM i system? Think again, as the white hat hacking group Silent Signal recently demonstrated in a real-world penetration test of a bank’s IBM i system through a seemingly restricted green-screen interface.

  Life was demonstrably simpler for midrange administrators before the Internet took off. Before we had all these different protocols providing access to applications and data – ODBC, FTP, SQL, Remote Command, etc. – an administrator could feel somewhat confident that users weren’t accessing things they shouldn’t by simply configuring their menus in a restrictive …

  Read more

• The Global State of Cybersecurity Is Not Good

  September 14, 2022 Alex Woodie

  “It’s a jungle out there” may be the best way to summarize the state of cybersecurity at the moment, as recent global events coalesce into a melting pot of politically motivated hackers, the criminal underground, foreign scammers, and widespread domestic vulnerabilities.

  Let’s start with everybody’s favorite topic: scams. If you’re longing for the simple days of the Nigerian 419 scams, you’re not alone, as the playing field for scams has evolved considerably in recent years. That’s not to minimize the continued threat of the 419 scam, which sometimes resulted in a physical kidnapping, or worse. But the idea of getting …

  Read more

• Reader Feedback On Guru: The Finer Points of Exit Points

  July 12, 2022 Bruce Bading

  Hey, Alex:

  Hope you are doing well. I was reading this article about exit points and found some technical inaccuracies.

  The Socket Exit can be used to cover the following: You can use exits block all unwanted ports blocked. I will be happy to talk with author of this article to explain how this works.

  • Not all services have exit points available.
  • User defined ports do not have exit points associated.

  Best regards,

  — Tony Perera, Trinity Guard, a division of Fresche Solutions

  ---

  Hey, one and all:

  As the article states, exit points are an enhancement to cybersecurity on the …

  Read more

• Guru: The Finer Points of Exit Points

  June 27, 2022 Bruce Bading

  Many years ago, we received a call from an IBM i customer stating that all exit points were gone and the QAUDJRN and receivers were missing. Then the question, “Do you think we’ve been hacked?” Truth was, the exit points weren’t gone; the associated programs had been de-registered. Conclusion, they had most likely been compromised.

  The IBM i platform is a very securable system that can be secured (Secure vs Secured – What’s the difference?, WikiDiff), if you take steps to secure it.

  On the IBM i, a limited number of functions provide an exit so that your …

  Read more

• New Extension Brings IBM i Closer to VS Code

  August 11, 2021 Alex Woodie

  When it comes to integrated development environments (IDEs), Microsoft is best known for its full-featured Visual Studio offering. But many developers have grown attached to its younger, free-er, and lighter weight cousin, Visual Studio Code (VS Code). And with the new VS Code for IBM i extension recently unveiled by Liam Allan, the skinny IDE’s integration with the midrange server is getting better.

  VS Code for IBM i is an open source extension that allows developers to work with IBM i languages like RPG, COBOL, and CL within VS Code. Allan first released the product in February, but largely kept …

  Read more

• Controlling IBM i Access With Exit Points

  March 29, 2021 Bill Hammond

  Today, the job of managing security on IBM i can be complicated, requiring dynamic technologies and processes that can respond quickly to ever-evolving threats and new regulations. Ransomware and other malware can, and has, infected IBM i systems and effective access control is a major weapon in the battle to secure your IBM i. There are many different approaches and technologies you can use to keep your IBM i secure.

  Using the exit points provided by the IBM i operating system can be a powerful tool to monitor and secure four important levels of access within the IBM i:

  • Networks

  …

  Read more

Previous Articles