|
||
SecureMyi.com Security and Systems Management Newsletter for the IBM i
October 23, 2013 - Vol 3, Issue 38
|
||
|
||
|
Feature Article
|
|
In This Issue
Quick Links
Our Newsletter Sponsors
Gold Sponsor |
IBM i Security ResourcesIBM i Security Videos - SecureMyi RedBook - Security Guide IBM i |
|
|
|
|
Carsten's Security Code for IBM iCL Command to Manage the IBM i Intrusion Detection SystemDownloadable Source code included!By Carsten Flensburg In this current issue of the SecureMyi Security Newsletter, Dan Riehl presents an article on the Intrusion Detection System for IBM i. As I was doing additional research on the IDS(Intrusion Detection System) topic, I came across the "Control Intrusion Detection and Prevention API". This API(Application Programming Interface) is provided by IBM to allow you to perform some vital IDS management routines. I've wrapped the API up in a new CL command CTLIDS(Control Intrusion Detection System), giving me direct, green-screen access to the IDS functions supported by the API. Here is the command prompt display. Control IDS(CTLIDS) Type choices, press Enter. Option . . . . . . . . . . . . . *STATUS *ACTIVATE, *DEACTIVATE... By pressing F1=Help during the prompt display, the Help Text explains the use of the command, the restrictions and additional information on the IDS. Listed here are selected snippets of the online Help Text. The Control Intrusion Detection and Prevention (CTLIDS) command is used to control the Intrusion Detection System (IDS). It can be used to activate, deactivate, recycle (deactivate and reactivate) the IDS or retrieve the status (active or inactive) of the IDS, and it is provided as an interface to the code that processes the IDS policy file. Note: TCP/IP Connectivity Utilities for i5/OS must be installed in order to use this command. Restrictions: You must have *IOSYSCFG special authority to run the command. The Option (OPTION) Parameter Specifies the requested function. *ACTIVATE Activate the Intrusion Detection System (IDS). *DEACTIVATE Deactivate the Intrusion Detection System (IDS). *RECYCLE Recycle the Intrusion Detection System (IDS). *STATUS Retrieve the status of the Intrusion Detection System (IDS). The current status is returned in an informational message sent to the job running the CTLIDS command. In addition to controlling IDS, the CTLIDS command also verifies that TCP/IP is active and operational. The Source code that comprises the CTLIDS command is listed here. SEC101 RPGLE Control Intrusion Detection Services - CPP SEC101H PNLGRP Control Intrusion Detection Services - Help SEC101M CLP Control Intrusion Detection Services - Build cmd SEC101X CMD Control Intrusion Detection ServicesDownload a zip file containing all of the source code. Additional Resources:Control Intrusion Detection and Prevention (QTOQIDSC, QtoqIDSControl) API for IBM I 6.1 IBM Info Center - Complete coverage of IDS for IBM I 7.1 |
||
|
||
|
||
|
||
Send your IBM i Security and Systems Management News and Events! Send your Questions, Comments, Tips and Stories Copyright 2013 - SecureMyi.com, all rights reserved SecureMyi.com | St Louis MO 63017 |