Email Alerts
-
Expanded password rules available in System i/OS 6.1
System i/OS 6.1 provides new password security tools that can tighten up security in your AS/400 shop. Rich Loeber shares his favorite new password security tools and describes their implementation.Tip
-
How to tell if you're using the right security level
When your company's CIO suggests that you should upgrade the security level of your AS/400 to 50, you might not think this is necessary, but where do you turn for supporting evidence?Ask the Expert
-
Search400.com Products of the Year 2008
Search400.com invites you to participate in its annual Products of the Year award nomination process. Nominate your favorite product or your company's product. Winning products will be featured in January 2009 on Search400.com.Products of the Year
-
Detecting system changes made by outside IP address
If you suspect that changes are being made by an external source, you can use an exit point program to monitor the activity and trace the IP address.Ask the Expert
-
System values on i: Setting them up and locking i down
AS/400 system values define global, system-wide settings on your platform. Many of these pertain to system security implementation. Take a look at these settings and learn how to lock them down. Many system values are security-related and the operating system designers provided an easy way to review and work with the security settings: The WRKSYSVAL command.Tip
-
A guide to System i security, Part 3: Digging in to the System i security environment
The AS/400 provides many built-in tools to manage the security environment. Find out how to tighten up your System i, and ensure your system is protected from unwanted intrusion. A very important aspect is password settings, which can be the Achilles-heel of IT security.Tip
-
Encrypting files or fields on the iSeries
Encrypting files on iSeries is no trivial undertaking. Using vendor technologies such as those from Linoma Software and nuBridges may be easier than cobbling it all together with IBM tools.Ask the Expert
-
Is your AS/400 secure?: How a hacker could get valuable information from your system
Many AS/400 shops fail to consider the risk of users accessing the platform via desktop application rather than green-screen applications. Shahar Mor explains how AS/400 can be compromised using standard desktop tools. Through a ficticious scenario using QUSER settings, Mor walks readers through how a hacker could gain access if the passwords and security tools are set too loosely.Tip
-
System i security report roundup
The AS/400 System Security Attributes report is useful to review all of the system values and network attributes to make sure that they are still set to the value that you expect based on your security policy. Then, for good measure, see how your settings compare to those that are recommended by IBM. The Print Private Authorities reports can be used to quickly scan to make sure that the proper private authorities are in place on your AS/400.Tip
-
Establish strong OS security to ward off FTP hackers
iSeries expert Richard Loeber offers more FTP server security tips to prevent hacking on your System i.Tip
- VIEW MORE ON : Security Tools
-
Security considerations for IBM i backups
Backups need to be just as physically secure as the System i. Managing a log system for backup tapes, retiring old tapes, and validating third-party storage services are part of what it takes to ensure security with your AS/400 backups.Tip
-
Time for a security checkup for your i
Conducting an annual system security checkup on your AS/400 will prevent you from discovering some unwanted New Year's surprises. Rich Loeber recommends steps including checking security settings, ensuring that your user profiles are up to date with employee rolls, and generating a query report of new files created since your last audit and checking their compliance with your security policies.Tip
-
Recovering your AS/400 security configuration
You need to have your AS/400 security plan built into your disaster recovery process. Step 1: Know the security objects and settings, and how and where they are saved. These objects include private authorities, system values, and user profiles.Tip
-
A guide to System i security, part 2: Landing and establishing access
Once you've developed a security policy for your System i environment, you need to define who will access it and how they will get to their data. The locks on the door include passwords, object security and group settings. Once those are set, it is important who gets which keys. Website settings, firewalls and soft settings are also important in your AS/400 security setup.Tip
-
A guide to System i security: Descending into the heart of darkness of IT security
Developing your company's System i security policy starts with taking a look at what needs to be accomplished. Communication and appropriate access for personnel to data centers are keys to a robust policy.Tip
-
Learning guide: Steps to a secure System i
This organized list will guide you along your way to maintaining a secure iSeries system. Undoubtedly, the iSeries is one of the most secure platforms out there, but don't be mistaken in thinking that it is untouchable. Address the basic security issues now and take the proactive steps needed to prevent having your system compromised.Tip
-
Securing printed output
In today's security conscious environment, most System i shops have already locked down their systems. Object level security is locked down and users are classified as to what they can and cannot do when they are logged onto the system. But, securing files is only part of the problem. If a user can't look at a file, but they can look at processed output sitting in a print spool file, then your hard work of locking up the files is for naught.Tip
-
Are all of your System i (iSeries) doors closed? -- part 1
Security expert Rich Loeber discusses the security risks of leaving doors open on the System i. In the "old" days, the only door you had to be concerned about was the computer terminal. That certainly is not the case today. Are all of your System i doors locked? Are you aware of all the different entry points into your system? If not, it's time to learn.Tip
-
Can you trust all those trigger programs?
Be wary of trigger programs on your system. Here is an easy way to check up on them.Tip
-
Learning guide: Simple steps to a secure iSeries
This organized list will guide you along your way to maintaining a secure iSeries system. Undoubtedly, the iSeries is one of the most secure platforms out there, but don't be mistaken in thinking that it is untouchable. Address the basic security issues now and take the proactive steps needed to prevent having your system compromised.Learning Guide
- VIEW MORE ON : iSeries physical security
-
IBM i security tightening: Preventing data theft
A firewall should be the first line of defense to protect your IBM i system, but not the only security measure you take. Rich Loeber counsels you to not ignore the enemy within. Build strong object level controls and restrict *ALLJOB access.Tip
-
Developing a security incident response system for System i
Any security officers working with IBM System i need to organize a security incident response system to handle incidents of varying severity.Tip
-
Setting up security for programmers on IBM i
Programmers working on an AS/400 need greater security access than a standard user, but determining how much access they should get isn't always easy. Rich Loeber provides tips on what options exist and guidelines for determining which option will work best in a given scenario.Tip
-
Blocking AS/400 DB2 users
To block DB2 users from altering data using WinSQL tool, a security software tool may be the best bet for true protection.Ask the Expert
-
Trouble accessing IFS path from Win2k3 server
What to do when an application is published in IFS from Win2k3 server, and users are unable to access the shared folder on AS/400.Ask the Expert
-
Checking in on your IBM i authorization lists
Have you ever created an object on the AS/400 without making sure the necessary authorization list is attached? By using some common commands, you can secure your IBM i, and audit objects and fix mistakes. The necessary commands include DSPAUTLOBJ AUTL, DSPOBJD OBJ, and OUTPUT(*OUTFILE).Tip
-
Strategies for securing IBM i production files
This tip offers an overview of the process for securing production files on IBM i. Learn how to best secure native objects, including data files, on the AS/400. Walk through the steps from setting system security, access strategy, object level security and libraries.Tip
-
Changing password security levels and upgrading operating systems on the IBM i
Before changing password levels and upgrading operating systems on the AS/400, ensure the clients connecting to the NetServer do not need the old Lanman password and customize the sign-on screen that provides a 128-character password field.Ask the Expert
-
Provide authorization in order for a user to start a subsystem within startup routine
Look in the audit journal (QAUDJRN) on the AS/400 for an authority failure message with the name of the library as the object name. Use the information provided by the DSPAUDJRNE command to solve the problem.Ask the Expert
-
Determine the value of parameter UPPWEI in the DSPUSRPRF field
The UPPWEI field corresponds to the password expiration interval field, and its values "0" and "-1" represent the *SYSVAL and *NOXMAX commands.Ask the Expert
- VIEW MORE ON : iSeries system and application security