Project Description

Introduction

The first incident of hacking dates back to Alexander the Great, when he cut open the Gordian knot, which was considered one of the toughest knots to untie. A prophecy said that the one who unties the knot is destined to become the ruler of Asia. Alexander took up the challenge of solving this knotty problem and when he struggled to undo it, cut open the knot with his sword and became the first hacker in the world. He reasoned that since that was a solution to the problem, the method did not matter. Similarly, in today’s hi-tech world where businesses and people in general store trillions of confidential and private information, it is extremely critical to prevent data breaches.

There are hackers spread all over the globe in different locations, coming up with innovative ruses to hack data. This can even compromise national security or bring down a business empire completely when it falls in the wrong hands. IBM i AS/400 iSeries passwords are considered to be as tough and impregnable like the Gordian knot. However, much has been debated about the security of data on IBM i AS/400 iSeries.

How secure is your Data on IBM i AS/400 iSeries?

The Gordian knot is characterized by intricate loops and patterns, which is how passwords are encrypted. However, with a little astuteness, the password can be decrypted through lateral thinking, a concept which was later popularised by Edward De Bono.

The Gordian knot that Alexander solved is also a great example of lateral thinking, where you can find solutions by applying a different perspective on the problem. Similarly, there is a possibility that by applying a different thought perspective, it is possible to hack data protected by the IBM i AS/400 iSeries.

Hackers will not try to obviously breach security directly, instead, they will resort to more misleading methods to trick you and gain access, much like the Trojan horse. By creating a CL program that mimics the user’s sign-on screen by overriding the QDSIGNON display file, the user is tricked into providing their credentials on this screen. The user will not find any difference between their regular sign-on screen and the screen that is mimicked by the program. The Trojan program also closes once the information is retrieved. Yet another method to steal user information on an IBM i AS/400 sig-on screen is through a display file comprising the User-defined Data Stream (USRDFN) keyword. Using a trace command, Trace ICF (TRC-ICF), it is again possible to get the user ID and password details.

Managing IBM i Encryption keys

Though these are common and plain hacking methods that are used, there are other tougher hackers lurking on the internet. Hence it is absolutely essential to implement best practices in information security management such as auditing and compliance checks to identify vulnerable areas and address them. For example, encryption keys should not reside on IBM i with encrypted data. Improper management of encryption keys makes it easy prey for hackers. The implementation of SSO or single sign-on help eliminate a major percentage of threats to password management.