HOME

FORUM

UPLOAD SOURCE

RPGLE/RPG

CLLE

SQLRPGLE

DDS

API

OTHER

JAVA

IFS

HTML

JAVA SCRIPT

PHP

MYSQL

XML

OLE DB



    
Enter keyword to search code examples.


Welcome to Code400.com   

Okay...We all like to get free stuff..Right?!? Well thats what we are offering here....Free Stuff
  1. Free storage for your source code.
    Post Your Source

  2. Free access to code samples. (site search)

  3. Free place to ask questions or just say what you want. 
    Share your thoughts

We are interested in what you have to say. If you can’t find what your’e looking for on this site....   Tell us  We will add it.

The small print says: We provide the source code on this site as only a guide. We do not recommend that anyone run any of the code provided on this site without first testing it. If you choose to download source from this site directly onto your production box without testing....Well, YOU are completely to blame and we don’t want to hear about it.

Random Quote

There are no warlike people, just warlike leaders --Ralph Bunche 










    
The IBM® OS/400® or IBM® i5/OS™ operating system is not 
susceptible to PC virus attacks. Viruses attack a 
specific computer architecture. The architecture of 
the IBM® iSeries™ family of servers makes it highly 
unlikely that a virus could be written to attack it. 
PC-based viruses will not infect (or run on) OS/400® 
or i5/OS. There are no IBM anti-virus programs 
available for OS/400® or i5/OS although virus scan 
enablement is provided with V5R3M0 . 


    
Although OS/400® or i5/OS can not be infected by a 
PC virus, if the Integrated File System on OS/400® 
or i5/OS is used as a file server for PC files, 
the files stored on the Integrated File System may 
carry viruses. An infected file that is moved or 
saved from a PC to the Integrated File System and 
then redistributed to another PC can transmit a 
virus to the new PC. Likewise, if a network drive 
is mapped to the Integrated File System, a virus 
running on a PC 
(and which can damage files on a network drive)
can damage any file stored on the Integrated 
File System.


    
All PC clients should run anti-virus programs. 
With V5R3 it is recommended that the new Integrated 
File System virus scan enablement feature be used. 
Virus Scanning Enablement allows anti-virus business 
partner products to 'hook' into the OS/400® or i5/OS 
operating system and detect if an Integrated File 
System file is a virus carrier when the object is opened 
or closed. This enablement runs the anti-virus product 
through OS/400® or i5/OS exit points. These exit points 
allow real-time (when object is accessed) and manually 
started scanning. If the accessed object has a virus and 
cannot be repaired, the operation fails and prevents the 
virus from being propagated. Additionally APIs, CL commands, 
and system values are provided for the business partner and 
user to customize the scanning environment and levels of 
protection. An anti-virus package that runs on OS/400® 
or i5/OS and makes use of the virus scanning enablement 
is available from Bytware. A trial version of the product is 
shipped with V5R3M0 IBM® i5/OS™. Bytware also provides a 
native OS/400® or i5/OS anti-virus product for older releases 
of the iSeries family systems. For information and support 
on these products, contact Bytware directly. 


    
For additional information on V5R3M0 Virus Scanning Enablement, 
link to V5R3M0 iSeries InfoCenter at the following Web site:


    
 V5R3 Info Center (IBM)


    
What to Do If a Virus Is Found in the IFS 

    
Keep PC users out of the Integrated File System by disconnecting 
any drives mapped to the Integrated File System. See the section 
below Restricting PC Access to the Integrated File System during 
a Virus Scan using a PC Anti-Virus Product for directions on how 
to restrict Integrated File System access.

    
A single user must map a drive to each Integrated File System 
share or directory and run a PC Anti-virus program against each. 

    
The following file systems should not be included in the scan:

    
QFileSvr.400 provides access to file systems and directories that 
reside on remote iSeries family systems. A virus scan must be run 
from a PC that connects a network drive directly to the Integrated 
File System on the remote iSeries family system. A virus scan run 
against QFileSvr.400 may appear to complete normally; however, 
it does not scan the Integrated File System on a remote iSeries 
family system even if the remote system has been mounted in 
QFileSvr.400.

    
QNetware provides access to local or remote data and objects 
that are stored on a server that runs Novel NetWare 4.10 or 4.11 
or to standalone PC Servers running Novel NetWare. A virus scan 
should be run from the Novel server rather than from a mapped 
network drive.

    
QNTC is the Microsoft Windows NT® server file system. This file 
system provides access to Windows servers - both servers running 
on an Integrated Netfinity or xSeries server and those on PC 
servers. The virus scan should be run on the Windows server 
rather than on drives mapped to QNTC shares.

    
QOPT is the Optical file system. This file system provides 
access to stream data that is stored on optical media (a CD). 
Because QOPT points to a CD rather than an area on the Integrated 
File System, a virus scan should not be run on QOPT.

    
QSYS.LIB is the file system that contains OS/400 or i5/OS libraries 
and database files. This file system does not use the same sort of 
architecture that PCs use and is immune to viruses. In addition, 
its size makes a scan very time-consuming. 


One way to keep PC users out of the Integrated File System while 
running a PC virus scan is to end all NetServer™ and File Server 
jobs. Then, start one NetServer job only to do the virus scan. 

o To end all NetServer and File Server jobs, run the 
following commands:


ENDTCPSVR *NETSVR
ENDPJ SBS(QSERVER) PGM(QSYS/QZLSFILE) OPTION(*IMMED) 
ENDPJ SBS(QSERVER) PGM(QSYS/QPWFSERVSO) OPTION(*IMMED) 
ENDPJ SBS(QSERVER) PGM(QSYS/QPWFSERVSS) OPTION(*IMMED)
ENDPJ SBS(QSERVER) PGM(QSYS/QPWFSERVS2) OPTION(*IMMED) 
ENDPJ SBS(QSERVER) PGM(QSYS/QPWFSERV) OPTION(*IMMED)  


o To start one job to run the virus scan over a NetServer 
network drive and restart NetServer, do the following:

Change the QZLSFILE prestart job description to allow 
only one NetServer job to start and start that job. 
Run the following commands:

CHGPJE SBSD(QSERVER) +
PGM(QSYS/QZLSFILE) INLJOBS(1) THRESHOLD(1) ADLJOBS(0)

STRPJ SBS(QSERVER) PGM(QSYS/QZLSFILE) 
STRTCPSVR *NETSVR 

o The user who is running the scan must map a network drive 
to the iSeries family system and follow Step 2 and Step 3 
from the section above entitled What to Do If a Virus Is 
Found in a File in the Integrated File System. 

o After scanning and disinfecting the Integrated File System 
and all PCs on the network, return the NetServer QZLSFILE 
prestart job parameters to their original values. Run the 
following commands:

ENDTCPSVR *NETSVR
ENDPJ SBS(QSERVER) PGM(QSYS/QZLSFILE) OPTION(*IMMED) 

CHGPJE SBSD(QSERVER) +
PGM(QSYS/QZLSFILE) INLJOBS(1) THRESHOLD(1) ADLJOBS(5) 


o Restart the NetServer and File Server Host Server 
jobs by running the following commands:

STRPJ SBS(QSERVER) PGM(QSYS/QZLSFILE) 
STRPJ SBS(QSERVER) PGM(QSYS/QPWFSERVSO) 
STRPJ SBS(QSERVER) PGM(QSYS/QPWFSERVSS)
STRPJ SBS(QSERVER) PGM(QSYS/QPWFSERVS2) 
STRPJ SBS(QSERVER) PGM(QSYS/QPWFSERV)

STRTCPSVR *NETSVR 

Option 2: Restricting Integrated File System access 
by preventing access to the ports used by NetServer 
drives

An alternate way to keep PC users out of the Integrated 
File System while running a PC virus scan is to 
restrict access to the ports used by the NetServer 
drives. To restrict the ports, do the following:

1 End the NetServer by running the following command:

ENDTCPSVR SERVER(*NETSVR) 

Note: All active NetServer and Client Access network 
drive users are dropped when these commands are issued. 
Any user trying to map a new network drive after these 
commands have been issued will receive an error message.
 
2 End the File Server daemon job QPWFSERVSD by running 
the following command:

ENDHOSTSVR SERVER(*FILE)

Run the following commands to end all File Server 
prestart jobs:

ENDPJ SBS(QSERVER) PGM(QSYS/QPWFSERVSO) OPTION(*IMMED)
ENDPJ SBS(QSERVER) PGM(QSYS/QPWFSERVSS) OPTION(*IMMED)
ENDPJ SBS(QSERVER) PGM(QSYS/QPWFSERVS2) OPTION(*IMMED)
 
3 Restrict the TCP/IP ports by running the following command:

CFGTCP

Select Option 4, Work with TCP/IP port restrictions
Select Option 1, Add 
Add ports 137, 138, 139, and 8473. This must be done once 
for *TCP and once for *UDP. Ports 137 through 139 can be 
combined using 137 as the lower entry in the port range 
and 139 as the upper entry. The user profile specified 
must be the profile that will be running the virus scan. 
Do not use the QUSER profile to run the scan. 

4 Follow Step 2 and Step 3 from the section entitled 
What to Do If a Virus Is Found in a File the 
Integrated File System. 

5 After disinfecting the Integrated File System and 
all PCs on the network, run the following command:

CFGTCP

Select Option 4, Work with TCP/IP port restrictions
Select Option 4, Remove
Remove all port restrictions on ports 137, 138, 139, and 8473.

Restart the File Server host server, prestart jobs, and NetServer 
by running the following commands:

STRPJ SBS(QSERVER) PGM(QSYS/QPWFSERVSO)
STRPJ SBS(QSERVER) PGM(QSYS/QPWFSERVSS)
STRPJ SBS(QSERVER) PGM(QSYS/QPWFSERVS2)
STRHOSTSVR SERVER(*FILE)
STRTCPSVR SERVER(*NETSVR) 



    

More....

About Code400.com | resume | Search | Site Map | Suggestions
© Copyright 2003-2008 Code400.com



Monday May 12, 2008 @ 8:14 AM