RE: as/400 Domino

2002-02-13 Thread Hudson, Ed (ISS San Francisco)
ECTED]] Sent: Monday, February 11, 2002 7:01 PM To: [EMAIL PROTECTED] Subject: RE: as/400 Domino I am not a "security wizard" (yet), but I have had some experience in convincing reluctant CEO's and CFO's. I think that the only way to convince management is to show them the $$

RE: as/400 Domino

2002-02-12 Thread Douglas Gullett
I am not a "security wizard" (yet), but I have had some experience in convincing reluctant CEO's and CFO's. I think that the only way to convince management is to show them the $$. Find out what it would cost them to lose their data, or lose their services for X hours. Their CFO should be ab

Re: as/400 Domino

2002-02-09 Thread 'ken'@FTU
Yeah, but this calculator does not answer whether or not there should be a firewall in front of the box. I believe that is the question and he seeks proof. 'ken' [EMAIL PROTECTED] wrote: > I have found this useful. > > This Link was posted previously. Thanks ??? > > http://www.as400.ibm.co

RE: as/400 Domino

2002-02-09 Thread [EMAIL PROTECTED]
ecurity Consultant Louprey International Original Message: - From: LK-FM Tech Assistances [EMAIL PROTECTED] Date: Wed, 06 Feb 2002 14:46:08 +0600 To: [EMAIL PROTECTED] Subject: as/400 Domino This may be a very silly question. But I am desperate for advice from one of you &qu

Re: as/400 Domino

2002-02-08 Thread Radoslav Dejanović
On Wednesday 06 February 2002 09:46, LK-FM Tech Assistances wrote: > Their argument is that the servers are AS/400 and they claim that the > platform does not have any security holes or vulnerabilities that a > potential hacker could exploit. So they feel they don't need a firewall. > Although I a

Re: as/400 Domino

2002-02-08 Thread Bill Barrett
No system like that should be left out on the internet like that without a firewall. While I don't personally know of a way to break into this system you can be sure that somebody out there does, and they are just as likely to be malicious as not. Personally I wouldn't want my corporate data han

Re: as/400 Domino

2002-02-08 Thread 'ken'@FTU
OK, here is my AS/400 rant. I've worked on the 400 for almost 4 year now. It's true: the 400 architecture eliminates many! common security problems, including buffer overflows. One can think of the 400 like a giant JVM actually. Here's the rant part: It seems to me that because the 400 is not

Re: as/400 Domino

2002-02-08 Thread monk
Take a look at the Exploit info on: http://packetstormsecurity.nl/9905-exploits/ibm.as400.smtp.DoS.txt Also, check these two, right from Security Focus... http://www.securityfocus.org/bid/3518 http://www.securityfocus.org/bid/173 Though this is passed, it does show that someone knows

Re: as/400 Domino

2002-02-08 Thread dross
I have found this useful. This Link was posted previously. Thanks ??? http://www.as400.ibm.com/tstudio/secure1/advisor/secwiz.htm iSeries Security Advisor Welcome to the iSeries Security Advisor! If you are new to the iSeries, new to security implementation on the iSeries, or the environment i

as/400 Domino

2002-02-07 Thread LK-FM Tech Assistances
This may be a very silly question. But I am desperate for advice from one of you "security wizards", as I need to convince a client to immediately evaluate altanative security solutions ASAP, as they are exposing their internal network to the Internet without a firewall. Their argument is that t