Tips and tools for securing your iSeries server V5R3 Tips and tools for securing your iSeries server V5R3. Chapter 14. Secure workstation ... x Tips and tools for securing your iSeries server V5R3.

Download Tips and tools for securing your iSeries server V5R3  Tips and tools for securing your iSeries server V5R3. Chapter 14. Secure workstation ... x Tips and tools for securing your iSeries server V5R3.

Post on 02-May-2018

216 views

Category:

Documents

4 download

Embed Size (px)

TRANSCRIPT

  • iSeries

    Tips and Tools for Securing Your iSeries Version 5

    SC41-5300-07

    ERserver

  • iSeries

    Tips and Tools for Securing Your iSeries Version 5

    SC41-5300-07

    ERserver

  • Note Before using this information and the product it supports, be sure to read the information in Notices on page 161.

    Eighth Edition (April 2004)

    This edition applies to version 5, release 3, modification 0 of IBM Operating System/400 (product number 5722-SS1) and to all subsequent releases and modifications until otherwise indicated in new editions. This version does not run on all reduced instruction set computer (RISC) models nor does it run on CISC models.

    This edition replaces SC41-5300-06.

    Copyright International Business Machines Corporation 1996, 2004. All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

    |||

  • Contents

    Figures . . . . . . . . . . . . . . vii

    Tables . . . . . . . . . . . . . . . ix

    About Tips and Tools for Securing your iSeries (SC41-5300-07) . . . . . . . . xi Who should read this book . . . . . . . . . xi How to use this information . . . . . . . . . xii Prerequisite and related information . . . . . . xii How to send your comments . . . . . . . . xiii

    Part 1. Basic iSeries security . . . . 1

    Chapter 1. Basic elements of iSeries security . . . . . . . . . . . . . . . 3 Security levels . . . . . . . . . . . . . . 3 Global settings . . . . . . . . . . . . . . 4 User profiles . . . . . . . . . . . . . . 4 Group profiles . . . . . . . . . . . . . . 5 Resource security . . . . . . . . . . . . . 5 Limit access to program function . . . . . . . 5 Security audits . . . . . . . . . . . . . . 7 Example: System security attributes report . . . . 7

    Chapter 2. iSeries Security Wizard and eServer Security Planner . . . . . . . 11 Security Wizard . . . . . . . . . . . . . 11 eServer Security Planner . . . . . . . . . . 13

    Chapter 3. Control interactive sign-on 15 Set password rules . . . . . . . . . . . . 15 Password levels . . . . . . . . . . . . . 16

    Plan password level changes . . . . . . . 16 Change known passwords . . . . . . . . . 21 Set sign-on values . . . . . . . . . . . . 22 Change sign-on error messages . . . . . . . . 23 Schedule availability of user profiles . . . . . . 24 Remove inactive user profiles . . . . . . . . 25

    Disable user profiles automatically . . . . . 25 Remove user profiles automatically . . . . . 25

    Avoid default passwords . . . . . . . . . . 26 Monitor sign-on and password activity . . . . . 26 Store password information . . . . . . . . . 27

    Chapter 4. Configure the iSeries to use Security Tools . . . . . . . . . . . 29 Operate Security Tools securely . . . . . . . . 29 Avoid file conflicts . . . . . . . . . . . . 29 Save Security Tools . . . . . . . . . . . . 30 Commands and menus for security commands . . 30

    Security Tools menu options . . . . . . . . 30 Use the Security Batch menu . . . . . . . 32 Commands for customizing security . . . . . 37

    Values set by the Configure System Security command . . . . . . . . . . . . . . 38 Functions of the Revoke Public Authority command . . . . . . . . . . . . . . 40

    Part 2. Advanced iSeries security 43

    Chapter 5. Protect information assets with object authority . . . . . . . . . 45 Object authority enforcement . . . . . . . . 45 Menu security . . . . . . . . . . . . . 45

    Limitations of menu access control . . . . . 46 Enhance menu access control with object security 46 Example: Set up a transition environment . . . 47 Use library security to complement menu security . . . . . . . . . . . . . . . 49

    Configure object ownership . . . . . . . . . 49 Object authority to system commands and programs 49 Audit security functions . . . . . . . . . . 50

    Analyze user profiles . . . . . . . . . . 50 Analyze object authorities . . . . . . . . 52 Check for altered objects . . . . . . . . . 52 Analyze programs that adopt authority . . . . 53 Manage the audit journal and journal receivers 53

    Chapter 6. Manage authority . . . . . 55 Monitor public authority to objects . . . . . . 55 Manage authority for new objects . . . . . . . 56 Monitor authorization lists . . . . . . . . . 56

    Use authorization lists . . . . . . . . . . 57 Accessing Policies in iSeries Navigator . . . . 58

    Monitor private authority to objects . . . . . . 59 Monitor access to output and job queues . . . . 59 Monitor special authorities . . . . . . . . . 60 Monitor user environments . . . . . . . . . 61 Manage service tools . . . . . . . . . . . 62

    Chapter 7. Use logical partitions security (LPAR) . . . . . . . . . . . 65 Manage security for logical partitions . . . . . . 66

    Chapter 8. iSeries Operations Console 67 Operations Console security overview . . . . . 68

    Console device authentication . . . . . . . 68 User authentication . . . . . . . . . . . 68 Data privacy . . . . . . . . . . . . . 68 Data integrity . . . . . . . . . . . . . 69

    Use Operations Console with LAN connectivity . . 69 Protect Operations Console with LAN connectivity 69 Use the Operations Console setup wizard . . . . 69

    Chapter 9. Detect suspicious programs 71 Protect against computer viruses . . . . . . . 71

    Copyright IBM Corp. 1996, 2004 iii

  • Monitor usage of adopted authority . . . . . . 73 Limit the use of adopted authority . . . . . . 73

    Prevent new programs from using adopted authority . . . . . . . . . . . . . . 74

    Monitor usage of trigger programs . . . . . . 76 Check for hidden programs . . . . . . . . . 77 Evaluate registered exit programs . . . . . . . 78 Check scheduled programs . . . . . . . . . 79 Restrict Save and Restore capability . . . . . . 79 Check for user objects in protected libraries . . . 80

    Chapter 10. Prevent and detect hacking attempts . . . . . . . . . . . . . . 81 Physical security . . . . . . . . . . . . . 81 Monitor user profile activity . . . . . . . . . 81 Object signing . . . . . . . . . . . . . 82 Monitor subsystem descriptions . . . . . . . 83 Autostart job entries . . . . . . . . . . . 83 Workstation names and workstation types . . . . 84 Job queue entries . . . . . . . . . . . . 84 Routing entries . . . . . . . . . . . . . 84 Communications entries and remote location names 84 Prestart job entries . . . . . . . . . . . . 85 Jobs and job descriptions . . . . . . . . . . 85 Architected transaction program names . . . . . 86

    Architected TPN requests . . . . . . . . . 87 Methods for Monitoring Security Events . . . . . 88

    Part 3. Applications and network communications . . . . . . . . . . 91

    Chapter 11. Use Integrated File System to secure files . . . . . . . . . . . 93 The Integrated File System approach to security . . 93 Root (/), QOpenSys, and user-defined file systems 95

    How authority works . . . . . . . . . . 95 Print private authorities objects (PRTPVTAUT) command . . . . . . . . . . . . . . . 97 Print publicly authorized objects (PRTPUBAUT) command . . . . . . . . . . . . . . . 98 Restrict access to the QSYS.LIB file system . . . . 99 Secure directories . . . . . . . . . . . . 100 Security for new objects . . . . . . . . . . 100

    Use the Create Directory command . . . . . 100 Create a directory with an API . . . . . . 101 Create a stream file with the open() or creat() API . . . . . . . . . . . . . . . . 101 Create an object by using a PC interface . . . 101

    QFileSvr.400 file system . . . . . . . . . . 101 Network file system . . . . . . . . . . . 102

    Chapter 12. Secure APPC communications . . . . . . . . . . 105 APPC Terminology . . . . . . . . . . . 105 Basic elements of APPC communications . . . . 106 Example: A basic APPC session . . . . . . . 106

    Restrict APPC sessions . . . . . . . . . 106 APPC user access to the target system . . . . . 107

    System methods for sending information about a user . . . . . . . . . . . . . . . 107 Options for dividing network security responsibility . . . . . . . . . . . . 108

    Target system assignment of user profiles for jobs 109 Display station passthrough options . . . . . . 110 Avoid unexpected device assignments . . . . . 112 Control remote commands and batch jobs . . . . 112 Evaluate your APPC configuration . . . . . . 112

    Relevant parameters for APPC devices . . . . 113 Parameters for APPC controllers . . . . . . 115 Parameters for line descriptions . . . . . . 116

    Chapter 13. Secure TCP/IP communications . . . . . . . . . . 117 Prevent TCP/IP processing . . . . . . . . . 117 TCP/IP security components . . . . . . . . 117

    Use packet rules to secure TCP/IP traffic . . . 118 HTTP proxy server . . . . . . . . . . 118 Virtual Private Networking (VPN) . . . . . 118 Secure Sockets Layer (SSL) . . . . . . . . 119

    Secure your TCP/IP environment . . . . . . 119 Control which TCP/IP servers start automatically . . . . . . . . . . . . 120

    Security considerations for using SLIP . . . . . 121 Control dial-in SLIP connections . . . . . . 122 Control dial-out sessions . . . . . . . . 124

    Security considerations for point-to-point protocol 125 Security considerations for using Bootstrap Protocol server . . . . . . . . . . . . . 126

    Prevent BOOTP Access . . . . . . . . . 126 Secure the BOOTP server . . . . . . . . 127

    Security considerations for using DHCP server . . 127 Prevent DHCP access . . . . . . . . . . 128 Secure the DHCP server . . . . . . . . . 128

    Security considerations for using TFTP server . . 129 Prevent TFTP access . . . . . . . . . . 129 Secure the TFTP server . . . . . . . . . 130

    Security considerations for using REXEC server 131 Prevent REXEC access . . . . . . . . . 131 Secure the REXEC server . . . . . . . . 131

    Security considerations for using RouteD . . . . 132 Security considerations for using DNS server . . . 132

    Prevent DNS access . . . . . . . . . . 132 Secure the DNS server . . . . . . . . . 133

    Security considerations for using HTTP server for iSeries . . . . . . . . . . . . . . . . 134

    Prevent HTTP access . . . . . . . . . . 134 Control access to the HTTP server . . . . . 135 Security considerations for using SSL with IBM HTTP Server for iSeries . . . . . . . . . 139

    Security considerations for LDAP . . . . . . 140 Security considerations for LPD . . . . . . . 140

    Prevent LPD access . . . . . . . . . . 140 Control LPD access . . . . . . . . . . 141

    Security considerations for SNMP . . . . . . 141 Prevent SNMP access . . . . . . . . . . 141 Control SNMP access . . . . . . . . . . 142

    Security considerations for INETD server . . . . 142 Security considerations for limiting TCP/IP roaming . . . . . . . . . . . . . . . 143

    iv Tips and tools for securing your iSeries server V5R3

  • Chapter 14. Secure workstation access . . . . . . . . . . . . . . 145 Prevent workstation viruses . . . . . . . . 145 Secure workstation data access . . . . . . . 145

    Object authority with workstation access . . . 146 Application Administration . . . . . . . . 147 Use SSL with iSeries Access for Windows . . . 148 iSeries Navigator security . . . . . . . . 148

    Prevent ODBC access . . . . . . . . . . . 149 Security considerations for workstation session passwords . . . . . . . . . . . . . . 149 Protect the server from remote commands and procedures . . . . . . . . . . . . . . 150 Protect workstations from remote commands and procedures . . . . . . . . . . . . . . 151 Gateway servers . . . . . . . . . . . . 151 Wireless LAN communications . . . . . . . 152

    Chapter 15. Security exit programs 155

    Chapter 16. Security considerations for Internet browsers . . . . . . . . 157 Risk: workstation damage . . . . . . . . . 157 Risk: access to iSeries directories through mapped drives . . . . . . . . . . . . . . . . 157 Risk: trusted signed applets . . . . . . . . 158

    Chapter 17. Related information . . . 159

    Notices . . . . . . . . . . . . . . 161 Trademarks . . . . . . . . . . . . . . 163

    Index . . . . . . . . . . . . . . . 165

    Contents v

  • vi Tips and tools for securing your iSeries server V5R3

  • Figures

    1. System Security Attributes Report-Sample 8 2. Schedule Profile Activation DisplaySample 24 3. Private Authorities Report for Authorization

    Lists . . . . . . . . . . . . . . . 56 4. Display authorization list objects report 57 5. User information report: Example 1 . . . . 60 6. User information report: Example 2 . . . . 61

    7. Print user profile-user environment example 62 8. Work with Registration Information-Example 78 9. APPC Device Descriptions-Sample Report 113 10. Configuration List Report-Example . . . . 113 11. APPC Controller Descriptions-Sample Report 115 12. APPC Line Descriptions-Sample Report 116 13. iSeries system with a gateway server 151

    Copyright IBM Corp. 1996, 2004 vii

  • viii Tips and tools for securing your iSeries server V5R3

  • Tables

    1. System Values for Passwords . . . . . . . 15 2. Passwords for IBM-supplied profiles . . . . 21 3. Passwords for dedicated service tools . . . . 22 4. Sign-on system values . . . . . . . . . 22 5. Sign-on error messages . . . . . . . . . 23 6. Tool commands for user profiles . . . . . 30 7. Tool commands for security auditing . . . . 32 8. Commands for security reports . . . . . . 33 9. Commands for customizing your system 37 10. Values set by the CFGSYSSEC command 38 11. Commands whose public authority is set by

    the RVKPUBAUT command . . . . . . . 40 12. Programs whose public authority is set by the

    RVKPUBAUT command . . . . . . . . 40 13. Encryption results . . . . . . . . . . 67

    14. Use Adopted Authority (USEADPAUT) Example . . . . . . . . . . . . . 74

    15. System-Provided Exit Programs . . . . . . 77 16. Exit points for user profile activity . . . . . 81 17. Programs and users for TPN requests . . . . 87 18. Security values in the APPC architecture 107 19. How the APPC security value and the

    SECURELOC value work together . . . . 109 20. Possible values for the default user parameter 110 21. Sample pass-through sign-on requests 110 22. How TCP/IP commands determine which

    servers to start . . . . . . . . . . . 120 23. Autostart values for TCP/IP servers . . . . 121 24. Sources of Sample Exit Programs . . . . . 155

    Copyright IBM Corp. 1996, 2004 ix

  • x Tips and tools for securing your iSeries server V5R3

  • About Tips and Tools for Securing your iSeries (SC41-5300-07)

    The role of computers in organizations is changing rapidly. IT managers, software providers, security administrators, and auditors need to take a new look at many areas that they have taken for granted in the past. iSeries security should be on that list.

    Systems are providing many new functions that are vastly different from traditional accounting applications. Users are entering systems in new ways: LANs, switched lines (dial-up), wireless, networks of all types. Often, users never see a sign-on display. Many organizations are expanding to become an extended enterprise, either with...

Recommended

View more >