23
Sat, Nov
1 New Articles

Virus Got You Down?

IBM i (OS/400, i5/OS)
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

Defending a system against viruses involves the prevention, detection, and avoidance of attacks.

 

Editor's note: This article introduces the white paper "Virus Got You Down?" available free from the MC White Paper Center.

 

I really should be asking, "Does a virus have your server down?" Perhaps it's the latest worm, Trojan horse, buffer overflow, or denial of service attack that's got you or one of your servers down. While one of these bugs may be affecting one or more of your servers in your enterprise, it is highly unlikely that the server affected is a Power server running IBM i. IBM i may be running your core business applications or it may be hosting your website or running Domino. Whatever its function within your enterprise, IBM i has remained unaffected by virus and malware attacks. Why is that?

 

Viruses and other ailments spread by infecting a host that is vulnerable. Let's take a look at how IBM i and the applications running on it can remain unscathed by the viruses and malware that are so prevalent today. Let me first define each "ailment" and then describe the defenses and protection mechanisms provided by IBM i to ward off the attack.

Definitions

Malware \'mal?we(?)r\ n. Software that is intended to damage or disable computers and computer systems.

 

Malware is a generic term used to describe the software that launches various attacks, including the ones described here.

 

Virus \'vI-r&s\ n. A computer program usually hidden within another seemingly innocuous program that produces copies of itself and inserts them into other programs and usually performs a malicious action (such as destroying data).

 

A virus is usually spread by tricking unsuspecting users into installing and running an infected program on their system. One method is to use an infected email attachment. Another method is to include a link to a website that downloads a "payload" of code that could do anything from log keystrokes to totally take over the computer. Other links lead to a site where the user is asked to enter personal information before sending them to the real site. Some operating systems make it very easy for an external attacker to cause programs to run on your system. Therefore, if the virus writers can get you to save the attachment or go to a link that downloads code directly to your system, they can use any number of mechanisms to cause that program to run.

 

Worm \ 'w&rm\ n. A self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.

 

A worm is typically spread by gaining access to your system externally through a vulnerable interface and installing itself in memory. The worm then attempts to use your system to access the same vulnerable interface on other systems.

 

Trojan horse \ 'trO-j&n 'hors\ n. A seemingly useful computer program that contains concealed instructions that, when activated, perform an illicit or malicious action (such as destroying data files).

 

A Trojan horse attack is often used to help spread viruses. Some use this term interchangeably with virus.

 

Buffer overflow \ 'b&-f&r "O-v&r-'flO\ n. The condition that occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold.

 

A buffer overflow is used by attackers to gain "root" control of your system. Root control means the program has ultimate authority to do anything. For those familiar with IBM i, root control is equivalent to being signed on as QSECOFR. The attack relies on a common programming flaw found in many programs.

 

This attack is particularly onerous because an attacker can randomly choose any vulnerable machine on a network and attempt to gain access to the system. Attackers don't have to spend a lot of time and energy trying to get you to install Trojan horses or dupe you into changing the configuration of an infected machine. They just look for addresses on the Internet and try the attack. If it works, great! If not, they try the next address.

 

Denial of Service Attack \ di-'nI(-&)l &v 's&r-v&s &-'tak\ n. An incident in which a user or organization is deprived of the services of a resource they would normally expect to have.

 

A denial of service (DoS) attack can take many forms, but the objective is the same: to prevent you or your customers from using your IT resources to conduct business. This is a particularly difficult attack to defend against.

Dangerous Combos

In the past, each of the "ailments" or attacks described above was often thought of individually; however, attackers have become more sophisticated. They now use combinations of all of these attacks to wreak their havoc. The term "virus" as commonly used by the general public means any malicious attack that uses one or more of these techniques. For simplicity, we'll use the term "virus" in this way as well.

What Makes IBM i Different?

Companies are spending more and more on malware and virus prevention, yet they continue to permeate the corporate network. Viruses and malware can be very destructive, erasing data or gleaning access to private data stored on the computer. What is the risk of IBM i being infected with common viruses or malware? Highly unlikely. Why? The answer lies in the IBM i architecture, integrated security management, and overall development process.

 

Defending a system against viruses involves the prevention, detection, and avoidance of attacks. It is necessary not only to defend the front door, but also to protect the back door. IBM i protects your backside, while you exploit the rich, full-function, integrated security management features to help detect and avoid attacks that may be trying to waltz in the front door.

Want to Know More?

Download the free white paper "Virus Got You Down?" from the MC White Paper Center.

 

Carol Woodbury

 

Carol Woodbury is IBM i Security SME and Senior Advisor to Kisco Systems, a firm focused on providing IBM i security solutions. Carol has over 30 years’ experience with IBM i security, starting her career as Security Team Leader and Chief Engineering Manager for iSeries Security at IBM in Rochester, MN. Since leaving IBM, she has co-founded two companies: SkyView Partners and DXR Security. Her practical experience and her intimate knowledge of the system combine for a unique viewpoint and experience level that cannot be matched.

Carol is known worldwide as an author and award-winning speaker on security technology, specializing in IBM i security topics. She has written seven books on IBM i security, including her two current books, IBM i Security Administration and Compliance, 3rd Edition and Mastering IBM i Security, A Modern, Step-by-Step Approach. Carol has been named an IBM Champion since 2018 and holds her CISSP and CRISC security certifications.


MC Press books written by Carol Woodbury available now on the MC Press Bookstore.

IBM i Security Administration and Compliance: Third Edition
Don't miss the newest edition by the industry’s #1 IBM i security expert.
List Price $71.95

Now On Sale

Mastering IBM i Security Mastering IBM i Security
Get the must-have guide by the industry’s #1 security authority.
List Price $49.95

Now On Sale

BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: