I have a client that runs their business on an IBM AS/400 (i, iSeries). All the programs are 5250 (green screen) applications. Their sales reps have been accessing the system using Client Access (telnet) directly over the internet for years (almost 10). I do work for them a few times a year and am getting ready to make a trip there to replace some hardware and integrate credit card processing into their Invoicing and A/R applications. I want to try and convince them move to a VPN, especially since they are going to start processing credit cards. I have suggested it in the past, but they never went for it.
I know there is the other option of using the telnet with SSH, but I have never attempted to set that up before. They are running V5R2 BTW.
I am looking for some suggestions on how to persuade them to really go for this now. Maybe using some scare tactics on what could happen if some hacked into their system.
Also I am not sure on this, but isn’t the data stream for the telnet sent in clear text? Is so couldn’t someone, somehow see the data being passed back and forth?