4. Other networks
(1) remote job Logon)
The remote job entry system provides a set of programs and corresponding hardware, allowing UNIX systems to communicate with JES on IBM hosts. you can use the send and usend commands to access volume E. the send command is a common job provider of ipve. It will provide files to JES, just as these job files are "punched cards" read from card readers. the usend command is used to transfer files between UNIX systems that use the ipve system. It creates a "job" (a virtualized stacked card ), and provide the job to JES in the same way as the send command. the control card in the stacked job card tells the JES where the data is transferred (here, the data is a file being transferred ). the destination of file transfer is UNIX, but JES considers it a "Row printer ". the ipve system usually communicates with JES at a rate of 9600 bits per second. the syntax of a typical usend command is as follows:
usend -d system -u login file(s) |
System is another UNIX system name mounted to ibm jes, login is the login name of the receiving user on another system, and file (s) is the file that the user wants to transmit.
Several security questions about ipve:
◆ Saving time due to lack of time. RJE will send the file to the rje directory in the HOME directory of the recipient. this directory must be writable to other people and executable. This means that the files stored in the "rje" directory are easy to check, move, and modify. however, if the permission for this directory is 733, other users cannot use the ls column directory to find files of interest. the created file is readable to the owner, group, or others. Therefore, the security files transmitted through the ipve network are readable on the system. why are these problems different from the UCP and/usr/uucppublic directories? * UCP regularly clears the content in the/usr/spool/uucppublic directory. The old files a few days ago or a few weeks ago will be deleted. Generally, you will remove your files from the uucppublic directory, in this case, files are not deleted, but the files in the "cmde" directory are not cleared. Therefore, some users never move their files to other directories.
* The uucppublic directory is a public directory. Before storing important information, you must encrypt it. however, it is easy for users to forget that their javase directory is actually a public directory and often forgets to encrypt important files.
◆ The usend command creates a file in a directory that can be written by another user and overwrites the file that can be written by another user .. the javase service subroutine is used to execute some functions rather than performing file transfer. the ipve system also executes remote commands like UUCP. Most systems running ipve use remote commands to send emails. because the transfer rate of ipve is usually higher than that of UUCP. unfortunately, javase does not have the ability to restrict executable commands and accessible files like UUCP. A good experience is to connect to a group of systems in the same JES, and think that these systems are on the same system.
(2) NSC Network System
The NSC (network systems corporation) wide channel network is a high-speed local area network (LAN ). NSC can connect thousands of systems with a maximum distance of 5000 feet, with a transmission rate of up to 50 MBIT/S. NSC can also connect different systems through communications such as microwave or satellite lines.
UNIX users can use the nusend command to access the NSC wide channel. the syntax of the nusend command is the same as that of the usend command. In most cases, apart from using the-c option to send files that are not accessible to others, the usage of nusend is the same as that of usend. In other words, if the-c option is not available, the file is readable, and all directories listed in the file path name are searchable to others, the considerations about the security of ipve discussed earlier are also suitable for NSC networks.
You can view the NSC record file to see if NSC is executing any commands that should not be executed. record files are stored in the/usr/nsc/log directory. the following command prints all the commands executed by NSC on the system (except rmail ):
grep execute /usr/nsc/log/LOGFILE|grep -v rmail |
5. Communication Security
There are two ways to provide secure communication: the first is to ensure the physical security of the transmission media, even if no one can connect their own passwords or "eavesdropping" on the transmission media ", the second method is to encrypt important data.
