Blog Host: Shahar Mor - president, Barmor Information Systems READ ENTIRE BIO

Detecting and defending against DDoS is difficult because the traffic is very similar to "normal" users' activity. Furthermore, the target system is not capable of using protective measurements under the attack since it is flooded.

The normal methods to defend against DDoS are not always sufficient, and recognition of DDoS attack is not trivial. Defending against the attack in network hardware "close to the target" is not always practical, and I fear that the future holds big "promise" to DDoS developers.
Posted by Shahar Mor Open source -- I like it
02 JUN 2005 17:39 EDT (21:39, GMT)
When looking into Web statistics, one can see that the most used Web server is Apache. Linux is all over, and many people uses mySQL, JBoss, Samba -- you name it.

I think this is very good news for all of us, not just because of the "spirit" of open source, but also because of the following advantages:

• Open source is developed by many skilled programmers, so more is probably better.

• Open source is low cost (there are "hidden" costs but it is still cheaper).

• You can enhance and tailor the software to your needs.

• Open source projects have worldwide support and a huge knowledge base.

• You are free from locking yourself to a specific vendor (this is very important when it comes to a specific well-known vendor ƒº).

Since RPG can easily work with C functions, iSeries programmers are very interested in developing socket programs in "pure" RPG. See Scott Klement's excellent tutorial on RPG socket programming.

So if the question is "Is RPG good choice for developing socket programs?" the answer is "Not really." Mainly socket servers need multi-threading, which is not supported in RPG (unless you call support for thread serialization). RPG data types are restricted, and it is not easy to code handlers in RPG.

But if the question is "Is it possible to code good enough socket client programs in RPG and simple server?" the answer is "You bet." It is possible, people are doing it and it is easy for them because, after all, they use RPG, the easiest programming language on Earth.

Editor's Note: The topic of this blog was suggested by Greg S. If you have ideas for a blog you'd like to see, let me know!
Posted by Shahar Mor Mainframe and AS/400 FTP: Is it really difficult?
31 MAY 2005 17:14 EDT (21:14, GMT)
Many people are asking questions concerning FTP on the mainframe and AS/400 machines. It is interesting to understand the reason for this "oddity." After all, since FTP is standard, you would expect it to be "equally misused" on all platforms.

I think we need to blame the FTP usage patterns of many mainframe users. I have seen FTP being used for:

• sending messages and receiving answers in an online application
• submitting jobs to be performed
• distributing print and spool files
• sending flat files to database files that call a trigger program that do something
• transferring an entire database to remote the data warehouse environment (including the impossible mission of translating different data types and EBCDIC to ANSI to Unicode).

Just look at what Trojan horse can "do for you":

• Set up your humble PC to be an open FTP server to the world
• Record your keystrokes and transmit this information to the attacker
• Play with your file system (not just read your data)

So internet is risky (what else is new?), and we have to prepare ourselves because the network is as strong as the weakest computer on it.

For some good practice usage of computer ("safe hex") you may read this collection of safe computing tips.
Posted by Shahar Mor IPv6 -- penetration rates
26 MAY 2005 21:27 EDT (01:27, GMT)
Everybody knows that current TCP/IP protocol is limited, we need more address space, better security and better QOS options. That is the reason for IPv6 developments and efforts; however, the deployment of IPv6 is slower then expected and current markets are taking the attitude that IP is working and moving to IPv6 is complex, so why bother?

However, since developing countries and regions are much more interested in IPv6 and need larger address spaces, the transition to IPv6 will be lengthy. Strategies are needed in order to allow IPv4 and v6 coexistence. In the end IPv6 will dominate.

So common sense says IPV6, yet reality dictates the use of IPv4 for now.
Posted by Shahar Mor FTP exits -- an important addition
25 MAY 2005 13:16 EDT (17:16, GMT)
Since FTP is not very young and many aspects of today's needs are not built into the protocol, many FTP servers offers you exits to FTP.

An exit is the ability to call a user program during the FTP session (connection, connection termination and specific verbs such as put and get) and it allows for creative additions to the protocol.

Exit to FTP can be used for the following purposes:

• to log FTP activity differently then "standard log in"
• to perform activity upon arrival of file (i.e., rename the file and process it)
• to allow/ reject requests according to "in house" policy
• to allow/ reject specific FTP verbs

Java speaks sockets fluently, it works easily with multi-threading environments and has many available, ready-to-use components that can simplify your networking programming task. Furthermore, Java works everywhere so example code from all over the Internet can be used on a legacy environment.

So even for us old guys, take a look at this resource and see how simple sockets are in Java.
Posted by Shahar Mor FTP is still here
23 MAY 2005 06:06 EDT (10:06, GMT)
Even FTP'S biggest fans will admit that FTP is not very modern. It has severe limitations, including VERY poor security, limited data type representation, basic scripting and difficult-to-manage error handling. But despite all this, FTP is widely used by many users and is very popular on intranet environments.

So what is the secret of survival of FTP protocol? Since the FTP protocol can be implemented free of charge in an organization, it is implemented all over (Windows, Unix, mainframe, AS/400, Tandem, open VMS -- you name it) and is extremely simple to implement. Because it works fine, nobody ever touches it (FTP scripts are not broken and if not broken why on earth fix it?).

My opinion is that FTP can be used, but sparingly and with some extra steps such as working over secured networks (or via FTPS), using passive mode and checking for errors during the FTP session (do not wait for the end of a session to check the results in the standard output). I also discourage the usage of FTP script for an "entire application" such as a script to the AS/400 that is transferring a file and then run a command:

Put my file
Quote rcmd call process