Home
Unix
MVS
iSeries
Win NT/2K
Security
Publications
Internet Dev
Rants/Raves   >>
Downloads
Links
About Site

Hack an AS/400?

This was a posting to NetNews in regards to the question of whether or not the AS/400 could be hacked. The newsgroup was Alt.binaries.hacking.utilities

Read on...

Konnichi-wa,
I would like to add my 2 cents here.
Hack Proof is a misnomer. Their is no such thing, there is only a degree of
security. The higher the security the more difficult and costly it is to
hack (crack). This being said, the machines that are plugged in and on a
network are vulnerable to a number of different attacks, everything from
packet fragmentation, DOS, Brute-force password hacking, etc..

The only thing that is different is the degree of knowledge/skill necessary
to "get in" to the system. The AS/400 is not unlike many other systems. Like
NT, Linux, AIX, HP/UX, SUN Solaris, and OS/390, there are different levels
of security that a system can be set at. The AS/400 supports C2 security
when it operates at level 50. At a minimum it requires a userid and
password. (this didn't use to be the case.)

The operating systems security capabilities start to diminish as you add
more "vulnerable" services such as SAMBA, FTP and/or HTTPD. A generic AS/400
running Client/Access clients and DB400 with RPG applications on the backend
with level 50 security AND strict adherence to security policies and
physical security stands little to no chance of being hacked without an
extreme amount of effort on the hackers(crackers) end. With all the said
security in place the hackers(crackers) would have to be of governement
level status. The resources and time required to pull such a thing off is
beyond the above average hackers(crackers) means. Whereas a unix system or
an NT system under the same constraints could be compromised with not such a
high degree of effort.


Remember, security is only as good as you make it.


In the end its only a matter of financial resources and determination that
will allow someone(or group) to hack into an AS/400. But for the amount of
work necessary to break into an AS/400, might as well break into a few Unix boxes or a couple dozen/hundred NT machines.


Sayonara,

E

 

Comments? Questions? Rants? Raves? Please send to the WebMaster