SECTCP home | Easy400 | IBM i home
Public-Source
 
Introduction
FTP settings
TELNET settings
Access-Reject Messages
HTTP logs
 
Download
 
 

 
previous page page 12 out of 16 next page
Access-Reject Messages 
Independently from FTP and/or TELNET log enablements, one may want warning messages () be sent to some non-program message queues every time SECTCP detects a FTP and/or TELNET access violation.

This can be done through command SECTCP/NFYACSRJT (Notify Access Rejection) command:

                       Notify Access Rejection (NFYACSRJT)            
                                                                      
 Type choices, press Enter.                                           
                                                                      
 Type of access . . . . . . . . . ACCTYPE                  *FTP, *TELNET, *BOTH
 Set it ... . . . . . . . . . . . SET        *ON           *ON, *OFF           
 For message queue  . . . . . . . MSGQ       QSYSOPR       Name                
   Library  . . . . . . . . . . .              QSYS        Name, *LIBL         
                    
Command NFYACSRJT


Use this command to enable or disable the SECTCP sending of FTP/TELNET access-reject messages to a given message queue.
All message queues are eligible: QSYSOPR (default), workstations, user profiles, etc.

Type of access (ACCTYPE) - The type of access to be monitored. Select one of the following:

  • *FTP to monitor FTP access-reject messages.
  • *TELNET to monitor TELNET access-reject messages.
  • *BOTH to monitor both FTP and TELNET access-reject messages.

Set it ... (SET) - Whether the sending of access-reject messages should be enabled or disabled. Select:

  • *ON to enable the sending of access-reject messages.
  • *OFF to disable the sending of access-reject messages.

For message queue (MSGQ) - Qualified name of the message queue where access-rejection messages should be sent.

Notes

  1. You may repeat command NFYACSRJT to send messages to another message queue.
    There is no limit to the number of message queues intended to receive messages.
  2. Messages sent to message queue QSYS/QSYSOPR will also show up in the history log.
  3. Ending messages to a message queue (nfyacsrjt ... set(*off) ...) can be performed only by the user profile that started that function (nfyacsrjt ... set(*on) ...).
(♣) Example of a warning FTP rejection-message:
  SECTCP - Rejected *FTP request from IP=112.74.14.78,
USRPRF=QTCP, request-type=Initialize session.
IP address 112.74.14.78 is "China, Zhejiang Sheng, Hangzhou".
previous page next page
    Contact