Most IBM i shops have not secured their DDM implementation. Carol discusses why that’s putting those shops at risk.
Written by Carol Woodbury
Distributed Data Management (DDM) comes in two flavors: an ancient implementation that runs over SNA and one that runs over TCP/IP. The version I’m going to discuss is the implementation over TCP/IP. While the default setting for DDM over TCP/IP is to require a valid user ID and password to make a connection to a target server, most IBM i shops have changed this setting and require only a valid user ID. In other words, when a DDM connection is established, the user making the DDM connection must have the same user profile name on the target server. When that’s the case, the connection is established.