Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
This is a probe of current network activity, showing what non-SSL interfaces are being used by users who have *ALLOBJ special authority. The idea here is to raise awareness to sensitive data being accessed over unencrypted interfaces.
--
-- Reference: https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_74/rzajr/rzajrservicesandports.htm
--
-- description: Which users with *ALLOBJ (either directly or indirectly via group profile membership) are accessing the IBM i via a non-SSL interface right now?
--
select authorization_name as user_name, j.*
from qsys2.netstat_job_info j
where local_port in (23, 446, 449, 2001, 4402, 5544, 5555, 8470, 8471, 8472, 8473, 8474, 8475, 8476)
and j.authorization_name in (select authorization_name text_description
from qsys2.user_info
where special_authorities like '%*ALLOBJ%'
or authorization_name in (select user_profile_name
from qsys2.group_profile_entries
where group_profile_name in (select authorization_name
from qsys2.user_info
where special_authorities like '%*ALLOBJ%')));
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.