|  | 
    | 
            |  |  |  | by Giovanni B. Perotti (Italy) |  | This documentation applies to SECTCP release dated February 1, 2019. Always refer to this online document for the latest features.
 The PDF version of this document may be obsolete.
 |  |  |  | 
    |  | 
    | Introduction SECTCP (secure TCP) is an IBM i public-source utility 
            that may be used to control and restrain access to the following TCP servers:
 
            FTP
            TELNET
             SECTCP adds an extra protection layer between a firewall (if you have one) and the OS/400 security.
            This extra layer is much more flexible than any firewall and can be easily controlled and changed as needed.
            Changes to SECTCP settings do not require restarting the FTP or the TELNET server.
             | 
    |  | 
    |              
            | 
                    | About WSECTCP |  | If you are currently running SECTCP and you are willing to host a CGI application on an HTTP instance,
                           then you may install a WEB interface for SECTCP. |  | Its name is WSECTCP. |  | This WEB interface makes SECTCP so easy that you would never go back to a 5250 session. Go to this download page and install WSECTCP today.
 Sample screens |  |  | 
                    | About ESECTCP |  | If you already installed SECTCP and WSECTCP, you may then install also ESECTCP. |  | ESECTCP provides you with the names (country, region, city) and google maps of all the locations where undesired client IP addresses tried with no success to login to your FTP or TELNET server. |  | Read about ESECTCP. Go to this download page to install ESECTCP.
 Sample screens |  |  |  |  | 
                    | About SECTCPTEST |  | SECTCPTEST is a small utility - authored by Helge Bichel, Denmark - that helps you in finding out
                           if an IP address would be able to login via SECTCP to your IBMi TELNET and/or FTP servers.
                     |  |  | 
    |  | 
    | Prerequisites 
            Operating system release V5R2 or subsequent
            ILE-RPG compiler
             | 
    |  | 
    | Installation procedure 
            Note - To re-install SECTCP on a box without the ILE-RPG compiler:Signon to the IBM i with a class *SECOFR user profile
            CRTSAVF FILE(QGPL/SECTCP) AUT(*ALL)
            From the Easy400 download page
                download file sectcp.zip to your PC and unzip it
            Use FTP to copy PC file sectcp.sav to save file QGPL/SECTCP
            RSTLIB SAVLIB(SECTCP) DEV(*SAVF) SAVF(QGPL/SECTCP)
            STRREXPRC SRCMBR(INSTALL) SRCFILE(SECTCP/QREXSRC)It will perform the following:
 
                creates a compile program in library SECTCP
                runs command SECTCP/COMPILE that creates the necessary modules and programs
                runs command SECTCP/INSTALL to complete the installation by
                    
                    During the installation process will stop two times:restoring directory /sectcp
                    creating and populating library SECTCPDATA with local files
                     
                    The first time, to ask the name of the user profile (SECTCP owner) authorized to change the SECTCP settings
                    The second time, to display the HTTP directives that you may install later on in an 
                        Apache HTTP instance of your choice. 
                        These directives allow to display the SECTCP documentation 
                        (the one you are currently reading. They are in the IFS stream file
                        /sectcp/apache/httpdirectives.txt.
                        If you like, you may press this
                        to display them.
                 
            Save library SECTCP
            Restore library SECTCP on the other box
            On this other box:
                 
                 signon with a class *SECOFRE user profile
                 run command SECTCP/INSTALL
                  | 
    |  | 
    | Setting up SECTCP To define the SECTCP settings, you must
 
            You will then receive the following screen:signon with the user profile authorized for this operation during the installation process
            enter command SECTCP/SECTCP .
             
            (Please note that help text is available from any SECTCP screen)|  |  | Figure 1 - No protections yet |  | 
    |  | 
    |  |