Comments on: Auditing an AS/400 Server http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/ Sat, 18 May 2013 14:11:18 +0000 hourly 1 By: happydayforus2000 http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-70366 happydayforus2000 Fri, 13 Nov 2009 05:55:44 +0000 #comment-70366 Hi Gilly400:

please, is there any way to know who viewed or accessed my spoolfile???????

]]> By: mcl http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61787 mcl Thu, 02 Apr 2009 18:46:24 +0000 #comment-61787 Tools – well, you can invest $$$ in something like Net IQ. Of course, then you have to learn how to use it.

The IT Security folks where I work scan the systems with AppDetective, Webinspect and Foundstone – but they tell me that AppDetective won’t scan the AS 400 systems.

DanD mentioned the security menu. When you get to Option #8 (the Security Tools menu) you may need *SECADM and *AUDIT authority. You should also check the HELP on each option BEFORE you run it. Unfortunately, the report options only generate printed reports – so you would have to do as Martin suggested with DSPUSRPRF to and outfile to get something for Excel.

That white paper from NetIQ is pretty standard stuff and is a good guideline for what you should have set up.

Regards
Mike

]]> By: dand http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61773 dand Thu, 02 Apr 2009 17:24:36 +0000 #comment-61773 On all iSeries there is the IBM supplied Security menu. Type Go Security and you will get a large number of security reports.

Also, here is a link to a “best practices” security White Paper from NetIQ

http://download.netiq.com/CMS/WHITEPAPER/NetIQ_WP_iSeriesSec_BestPractices.PDF

]]> By: gilly400 http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61745 gilly400 Thu, 02 Apr 2009 09:23:25 +0000 #comment-61745 Hi,

Sorry, I don’t know of any such tool. There seem to be plenty of commercial tools available, but I suspect these can be quite expensive.

Regards,

Martin Gilbert.

]]> By: backtrack http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61742 backtrack Thu, 02 Apr 2009 08:10:41 +0000 #comment-61742 Good Morning Martin
Can you tell me, is there any tool (free or open source like nessus) that can passively scan an AS400 server and report the vulnerabilies ?

THANK YOU

]]> By: backtrack http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61709 backtrack Wed, 01 Apr 2009 15:43:00 +0000 #comment-61709 THANKS

]]> By: gilly400 http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61707 gilly400 Wed, 01 Apr 2009 15:11:59 +0000 #comment-61707 Hi,

My mistake – that should be DSPUSRPRF instead of WRKUSRPRF….

The command should list user class and special authorities.

Regards,

Martin Gilbert.

]]> By: backtrack http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61704 backtrack Wed, 01 Apr 2009 14:46:15 +0000 #comment-61704 Hi Martin

I have another question please

Can the command “WRKUSRPRF USRPRF(*ALL) OUTPUT(*OUTFILE) OUTFILE(Yourlib/Yourfile)” show me the special authorities of all users.

Regards
Mohamed Habib

]]> By: backtrack http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61703 backtrack Wed, 01 Apr 2009 14:42:39 +0000 #comment-61703 Thank you

]]> By: gilly400 http://itknowledgeexchange.techtarget.com/itanswers/auditing-an-as-400-server/#comment-61701 gilly400 Wed, 01 Apr 2009 14:26:29 +0000 #comment-61701 Hi,

Yes, you can import it into excel, no problem.

If you have client access/i-series access, there is a plug-in for excel which you can use. Alternatively you can use the CPYTOIMPF command to create a comma delimited file that you can then import into excel.

Regards,

Martin Gilbert.

]]>