Using cwbrxd without an AS/400
Posted on 2008-10-24
I am developing a soluting using RUNRMTJOB command in conjunction with cwbrxd. The question has arisen about where the cwbrxd service should be running. My choices are either running it on a central Windows 2003 server OR running on the PC's that will actually be requesting the application.
I have a concern about running it on a Windows 2003 server from a security perspective. I think there is less chance of a security hole if the service is run on the workstation. My manager is of the opinion that is more efficient to run it on the server as you only have to install it once instead of on several workstations. In essence, I agree. However, the security aspect concerns me.
Is it possible to send a command to the server running this service without using the AS/400 runrmtjob command. Can any computer send a remote command to this service and if so, how? I would like to do a benign test to show my manager the vulnerability of running it on the server.
I would like to send a command from a PC to that server without using the AS/400 (such as copying a file). Can this be done?