The FTP system exit enables the operator of a BS2000-FTP server to extend or modify FTP server functions and to add new functions. Such functions may include:
security checks in addition to the interactive login on accessing the FTP server andfor the FTP commands subsequently received,
logging of verified FTP commands,
modification of FTP commands.
If the system exit is called from the FTP server, the following actions must be performed, depending on the selected installation mode (see "Installing FTP and TELNET" in the chapter “Installing FTP and TELNET”):
A system exit level other than 0 must be set in the SDF command SET-FTP-TELNET-PARAMETERS (see "Configuration of FTP using the SET-FTP-TELNET- PARAMETERS installation command") or
The
-systemExit 1(see "-systemExit | -X") option must be specified in the option file orThe -x 1 option must be specified in the respective enter job.
If FTAC is used at the same time, the system exit is not selected for the subevents FTPLOG and FTPCMD.
In order to protect the BS2000 FTP server, the input of an incorrect LOGON password for the TSOS ID (when FTAC functionality is disabled) is penalized with a time delay, which increases with each further invalid attempt. Following each invalid password entry, the connection request is rejected after about five seconds. It is only on completion of this time that a successful LOGON attempt can be made, regardless of whether or not the correct password was specified in the mean time. The duration of the time penalty remains invisible to potential "intruders".