On 11/29/2018 11:52 AM, Paul Gilmartin wrote:
I suspect that some auditors are unaware that many terminal emulators imbed IND$FILE and employees use it to circumvent policies prohibiting data transfer.
Or maybe just to avoid delays in getting what an auditor might call "proper" access. For example, I've used IND$FILE to transfer an entire dumped/xmited 3390 volume to a client site, because getting sftp port access (and the associated big ZFS allocated and mounted) would have probably taken weeks.
How secure is IND$FILE? Probably as secure for transport as the terminal protocol.
Correct. Once a TN3270 SSL session is established, IND$FILE data (and even the underlying TN3270 protocol communication) is all encrypted.
---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
