Advertisement

05.08.2008 at 11:42AM PDT, ID: 23387194 | Points: 500
[x]
Attachment Details

Log Passthrough session on OS400/AS400?

Zones: AS / 400, Operating Systems Network Security
Does anyone know how I can log passthrough sessions on an AS400. We have a vendor that passes through for support, but I do not know how to track when they pass through. Thanks.
Start your free trial to view this solution
Question Stats
Zone: OS
Question Asked By: ainselyb
Question Asked On: 05.08.2008
Participating Experts: 3
Points: 500
Views: 0
Translate:
Loading Advertisement...
05.08.2008 at 02:55PM PDT, ID: 21528804
LewisPower:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
05.08.2008 at 09:02PM PDT, ID: 21530336

Rank: Master

tliotta:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
05.08.2008 at 09:04PM PDT, ID: 21530338
_b_h:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
05.08.2008 at 09:16PM PDT, ID: 21530361

Rank: Master

tliotta:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
05.09.2008 at 07:10AM PDT, ID: 21532974
ainselyb:

All comments and solutions are available to Premium Service Members only.

Start your 7-day free trial and see for yourself why Experts Exchange is the easiest and most proven technology resource in the world. Get Started

Already a member? Login to view this solution.

 
 
Loading Advertisement...
Microsoft
  • Internet Protocols
  • Applications
  • Development
  • OS
  • Hardware
  • Windows Security
Apple
  • Operating Systems
  • Hardware
  • Programming
  • Networking
  • Software
Internet
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Spy / Ad Blockers
  • Web Browsers
  • New Net Users
  • Web Development
  • Chat / IM
  • Anti Spam
  • Web Servers
  • Anti-Virus
  • Email Clients
Gamers
  • Tips
  • Online / MMORPG
  • Puzzle
  • Emulators
  • Action / Adventure
  • Role Playing
  • Consoles
  • Game Programming
  • Strategy
  • Sports
  • Misc
  • Computer Games
Digital Living
  • Hardware
  • Automotive
  • New Net Users
  • New Users
  • Software
  • Digital Music
  • Gaming World
  • Home Security
  • Apple
  • Networking Hardware
Virus & Spyware
  • Vulnerabilities
  • IDS
  • Encryption
  • Anti-Virus
  • Operating Systems Security
  • Software Firewalls
  • WebApplications
  • Cell Phones
  • Operating Systems
  • Internet
  • Hardware Firewalls
Hardware
  • Displays / Monitors
  • Handhelds / PDAs
  • Components
  • Peripherals
  • Laptops/Notebooks
  • Servers
  • Misc
  • Apple
  • Embedded Hardware
  • Networking Hardware
  • Storage
  • Desktops
  • New Users
Software
  • System Utilities
  • Industry Specific
  • Network Management
  • Photos / Graphics
  • Page Layout
  • VMware
  • Misc
  • Web Development
  • OS
  • CYGWIN
  • Voice Recognition
  • Virtualization
  • Message Queue
  • Quality Assurance
  • Security
  • Firewalls
  • MultiMedia Applications
  • Development
  • Database
  • Office / Productivity
  • Business Management
  • OS/2 Apps
  • Server Software
  • Internet / Email
ITPro
  • OS
  • Storage
  • Encryption
  • Operating Systems Security
  • Apple Hardware
  • Laptops & Notebooks
  • Servers
  • Networking Hardware
  • Peripherals
  • Devices
  • Displays / Monitors
  • WebTrends / Stats
  • Search Engines
  • Firewalls
  • Web Computing
  • WebApplications
  • IDS
  • Vulnerabilities
  • Email Clients
  • File Sharing
  • Spy / Ad Blockers
  • Web Browsers
  • Web Servers
  • Networking
  • Anti-Virus
  • Consulting
  • Chat / IM
  • Anti Spam
Developer
  • Web Servers
  • Web Browsers
  • Game Programming
  • Dev Tools
  • Industry Specific
  • Office / Productivity
  • Database
  • CYGWIN
  • Web Development
  • Search Engines
  • File Sharing
  • WebTrends / Stats
  • Programming
  • Content Management
  • Application Servers
  • Protocols
Storage
  • Removable Backup Media
  • Storage Technology
  • Servers
  • Grid
  • Remote Access
  • Backup / Restore
  • Misc
  • Hard Drives
OS
  • Miscellaneous
  • Security
  • Development
  • Linux
  • VMware
  • MainFrame OS
  • Unix
  • Apple
  • OS / 2
  • AS / 400
  • BeOS
  • Microsoft
  • VMS / OpenVMS
Database
  • Oracle
  • Miscellaneous
  • MySQL
  • Software
  • Sybase
  • Contact Management
  • PostgreSQL
  • Data Manipulation
  • Clarion
  • InterSystems Cache
  • Siebel
  • MUMPS
  • OLAP
  • SQLBase
  • SAS
  • GIS & GPS
  • 4GL
  • Berkeley DB
  • DB2
  • Informix
  • Interbase / Firebird
  • FoxPro
  • Reporting
  • LDAP
  • Filemaker Pro
  • MS SQL Server
  • dBase
  • MS Access
Security
  • Misc
  • Web Browsers
  • Software Firewalls
  • Operating Systems Security
  • File Sharing
  • Spy / Ad Blockers
  • Vulnerabilities
  • WebApplications
  • IDS
  • Anti-Virus
  • Encryption
  • Anti Spam
  • Email Clients
  • VPN
  • Chat / IM
Programming
  • Editors IDEs
  • Installation
  • Handhelds / PDAs
  • Multimedia Programming
  • System / Kernel
  • Automation
  • Algorithms
  • Game
  • Signal Processing
  • Project Management
  • Open Source
  • Database
  • Misc
  • Languages
  • Processor Platforms
  • Theory
Web Development
  • Scripting
  • Blogs
  • Web Servers
  • Software
  • Search Engines
  • Web Graphics
  • Web Services
  • Images
  • Internet Marketing
  • Images and Photos
  • Components
  • Document Imaging
  • Web Languages/Standards
  • Illustration
  • WebApplications
  • Fonts
  • WebTrends / Stats
  • Authoring
  • Digital Camera Software
  • Miscellaneous
Networking
  • Protocols
  • Apple Networking
  • Network Management
  • Message Queue
  • Application Servers
  • Content Management
  • File Servers
  • Email Servers
  • Misc
  • Java Editors & IDEs
  • Wireless
  • Networking Hardware
  • Backup / Restore
  • System Utilities
  • ISPs & Hosting
  • Web Servers
  • Storage Technology
  • Removable Backup Media
  • Servers
  • Web Computing
  • Broadband
  • Grid
  • OS / 2
  • Novell Netware
  • Unix Networking
  • Windows Networking
  • Security
  • Telecommunications
  • Operating Systems
  • Linux Networking
Other
  • Lounge
  • Business Travel
  • Community Support
  • New Net Users
  • Philosophy / Religion
  • Math / Science
  • Miscellaneous
  • URLs
  • Expert Lounge
  • Politics
  • Puzzles / Riddles
  • Automotive
Community Support
  • Suggestions
  • New to EE
  • New Topics
  • CleanUp
  • Announcements
  • General
  • Feedback
  • Input
  • EE Bugs
 
05.08.2008 at 02:55PM PDT, ID: 21528804
LewisPower:
Hi Ainselyb,

Do you really want to do a 'passthrough' or you just want to connect to another system ?
Cause you can do a Telnet by example... This require not much... Just the IP address (and connection between the 2 systems).

But, if you really want to do passthrough and if I remember right, you must create those things in both systems you want to connect (and the network should be opened to let the traffic goes if it's outside of your company):

1-Distribution queue:
ADDDSTQ    DSTQ(&DSTQ) RMTLOCNAME(&RMTNAME)  DSTQTYPE(*SNADS)
2-Distribution route:
ADDDSTRTE  SYSNAME(&RMTCIE) FAST(&DSTQ) STATUS(&DSTQ) DATAHIGH(&DSTQ) DATALOW(&DSTQ)
3-Directory entry:
ADDDIRE USRID(*ANY &RMTNAME) USRD('SNADS user') SYSNAME(&RMTNAME)

PS To do a passthrough, the command is STRPASTHR RMTLOCNAME(&RMTNAME).
PPS For tracking, they must have a user and password. And you can see them with wrkactjob as any other users.

Lewis
 
05.08.2008 at 09:02PM PDT, ID: 21530336

Rank: Master

tliotta:
First, minor note...

Lewis:

Why be concerned about any SNA/DS objects? Although distributions _might_ be useful for remote support, AFAIK, queues, distribution routing and directory entries aren't used by passthru at all. However, as long as passthru is the mechanism, distribution services is a reasonable added element.

Second...

Passthru is initiated how? What type of support? Is this via STRRMTSPT? SDLC over dialup? Passthru via internet and AnyNet? Passthru through another system on your network?

And logging what? Connections? Actions taken? Do they use a common IBM profile, e.g., QSECOFR, or do they have profiles dedicated to them?

And, as Lewis indicated, why not telnet/ftp/etc.? (I personally prefer SNA and APPN/APPC, but TCP/IP does have advantages.)

Tom
 
05.08.2008 at 09:04PM PDT, ID: 21530338
_b_h:
Hi Ainselyb,

1) You should be command auditing these users.
Log their commands to the audit journal:
CHGUSRAUD USRPRF(profile)  AUDLVL(*CMD)    
Display the entries:
DSPAUDJRNE ENTTYP(CD)  USRPRF(profile)
If this is what you need, there are more details on setting up auditing here:
http://www-912.ibm.com/s_dir/slkbase.nsf/1ac66549a21402188625680b0002037e/a6254a668067bf0f862566f10077a850?OpenDocument

2) You could alter their initial program or use an exit program to track when they sign on. This could log that fact, or be used to alert you.

As an aside, be very careful if they are using SNA passthru to connect to your system. One time, I had a vendor passed thru to a customers system, I passed thru back to the vendor system, and guessed a password. I then saw another customer connected to the vendor system, and was able to pass thru to that customer's system. The vendor used the same password on that customer system as on my customer's system, so I was able to sign on. In short, customers could see each other's data. I immediately reported that problem to the vendor to have it fixed.

Hope this helps
Barry
 
05.08.2008 at 09:16PM PDT, ID: 21530361

Rank: Master

tliotta:
Barry's got a good point about hopping across systems -- if you can do it outbound, then inbound might be just as open. But the same can be said about telnet -- communications can work both ways regardless of protocol. Guessing passwords is viable either way if not restricted. The vendor must take proper care.

Tom
 
05.09.2008 at 07:10AM PDT, ID: 21532974
ainselyb:
Barry,

What you describe is exactly what I am afraid of. I am almost certain that oour vendor uses the same passwords across systems. The use SNA to passthru to provide support and that is why I am questioning the security. Not only do they passthrough, but I have no auditing of when they do. I have not turned on auditing because I found it overwhelming and was worried about the overhead. I will look into this again. THanks.
 
 
20080236-EE-VQP-29 / EE_QW_2_20070628