Everyone asks us exactly what we do to accomplish an IBM i Pen Test. In this video, Carol Woodbury goes into a brief but detailed description of how we go about the task of Pen Testing the IBM i. She discusses various roles that we test and how we work with customers to make sure we are testing the areas that cause them the greatest concern.Want to learn more about the benefits of Pen Testing your IBM i? Contact us today at www.dxrsecurity.com Read More
A Moment with Carol Woodbury: Introduction to Pen Testing mcpressonline
Ever wonder what the difference is between Risk Assessments and Pen Testing for your IBM i? In this video, Carol Woodbury explains her experience with Risk Assessments and how Pen Testing gives “proof” of vulnerabilities, helping clients to know exactly what to address to reduce risk and improve security.Want to learn more about the benefits of Pen Testing your IBM i? Contact us today at www.dxrsecurity.com Read More
How To Eliminate Dependency On Tape For IBM i Backups LaserVault
Using manual tape is no longer the best option for backup and recovery at most companies. Learn how you can step-up backup operations and strengthen your overall data protection through eliminating your dependency on using manual tape. During the session we cover why the switch from using tape makes strategic sense, and demonstrate the multitude of benefits gained from using a virtual tape solution instead. Read More
Personalised SQL error logging, SELF Simon Hutchinson
Introduced as part of IBM i 7.5 Technology Refresh 1 and IBM i 7.4 TR7, is a mechanism to capture details of SQL errors into a separate log table. I can decide which errors I want to capture in the log, by use of the SQL code. The SQL codes to capture are set at the SQL session level, rather than at the IBM i job level.
This is called the SQL Error Logging Facility, or SELF for short. It consists of several parts, the parts I am going to explain in detail are:
SQL_ERROR_LOG: A View that is used to display the logged errors
SELFCODES: A Global Variable that needs to contain the SQL codes I wish to log
VALIDATE_SELF: A scalar function that validates SQL codes
Read more » Read More
Security Bulletin: IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP response splitting and denial of service attacks (CVE-2022-37436, CVE-2006-20001)
IBM HTTP Server (powered by Apache) for IBM i is vulnerable to HTTP response splitting attacks due to a use of malicious backend and a denial of service attack due to an out-of-bounds read or write as described in the vulnerability details section. IBM i has addressed the CVEs by providing fixes to the Apache HTTP Server implementation as described in the Remediation/Fixes section. Read More
