IBM Support

MA44472 - LIC-SOCKETS AUDIT RECORD SK SUBTYPE A TELNET

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 APAR (Authorized Program Analysis Report)

Abstract

LIC-SOCKETS AUDIT RECORD SK SUBTYPE A TELNET

Error Description

The SK audit record is not generated due to the connection      
happening in a LIC Task.                                        

Problem Summary

When QAUDLVL/QAUDLVL2 is set to include *NETSCK, the SK audit  
records for sub type A do not appear for Telnet connections.    

Problem Conclusion

The socket processing for the Telnet server happens outside the
scope of a job/process which precluded generating the SK audit  
record.  The SK audit record job/process restriction is now    
removed.  Other internal restrictions may still apply but after
applying this APAR there will be additional SK A and C audit    
records created that specify a LIC task name instead of a      
process name.                                                  
                                                               
The Telnet server specific SK audit records will not be audited
by default when *NETSCK is configured.                          
                                                               
Telnet client configuration and the number of clients connecting
to the Telnet server contribute to the rate of audit record    
generation. Connections to the Telnet server could be quite high
and result in corresponding high rates of journal receivers    
filling up.  System configuration and resources should be      
considered before enabling SK auditing for the Telnet server.  
                                                               
Telnet clients configured to retry immediately without any delay
after error will generate audit records as fast as the Telnet  
server can accept the incoming connections.                    
Some common cases where connections end in error after being    
accepted include:                                              
-The Telnet server is active but the QINTER subsystem is not    
-QAUTOVRT rejects connections because there are no available    
devices and it is not able to create new ones                  
-The certificate assigned to the Telnet server has expired, or  
has been renewed and clients are still using the old certificate
                                                               
This APAR provides the ability to enable and disable SK audit  
records for sub type A for incoming Telnet connections.        
                                                               
   To change the SK audit settings for Telnet with the Start    
System Service                                                  
   Tools (STRSST) command, follow these steps:                  
   1. Open a character-based interface.                        
   2. On the command line, type STRSST.                        
   3. Type your service tools user name and password.          
   4. Select option 1 (Start a service tool).                  
   5. Select option 4 (Display/Alter/Dump).                    
   6. Select option 1 (Display/Alter storage).                  
   7. Select option 2 (Licensed Internal Code (LIC) data).      
   8. Select option 14 (Advanced analysis).                    
   9. Select option 1 (IPCONFIG).                              
   10. Enter -h                                                
                                                               
   This will show the help screen that describes the input      
strings to change the SK auditing for Telnet setting            
-skTelnetAudit.                                                

Temporary Fix

Comments

Circumvention


PTFs Available

R610 MF60140 PTF Cover Letter   1000
R611 MF60141 PTF Cover Letter   1000
R710 MF59896 PTF Cover Letter   5317
R720 MF60142 PTF Cover Letter   5310

Affected Modules

         
         

Affected Publications

Summary Information

Status............................................ CLOSED PER
HIPER........................................... No
Component.................................. 9400DG3TC
Failing Module.......................... RCHMGR
Reported Release................... R710
Duplicate Of..............................




System i Support

IBM disclaims all warranties, whether express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. By furnishing this document, IBM grants no licenses to any related patents or copyrights. Copyright © 1996,1997,1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 IBM Corporation. Any trademarks and product or brand names referenced in this document are the property of their respective owners. Consult the Terms of use link for trademark information

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.2.0"},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG15Q","label":"APARs - OS\/400 General"},"Component":"","ARM Category":[],"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"V6R1M0;V6R1M1;V7R1M0;V7R2M0","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG16B","label":"APARs - i5\/OS V6R1 environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"V6R1M0;V6R1M1;V7R1M0;V7R2M0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
23 November 2015