Problem with NODSI program
Hi, In the past, I’ve used Jan Jaeger’s NODSI program to delete datasets that had an enque against them. Since we move to z/OS 1.11, the program has stopped working correctly. The JCL I am using is: //NODSIEXEC PGM=NODSI,PARM='IEHPROGM,LINECNT=66' //VOLDDDD UNIT=3390,VOL=SER=Z1BD05,DISP=OLD //SYSPRINT DD SYSOUT=* //SYSINDD * SCRATCH DSNAME=SYS1.VTAMLST,VOL=SER=Z1BD05 The result I get is: SYSTEM SUPPORT UTILITIES IEHPROGM SCRATCH DSNAME=SYS1.VTAMLST,VOL=SER=Z1BD05 IEH210I YOUR REQUEST CANNOT BE SERVICED IEH211I REQUIRED VOLUME COULD NOT BE MOUNTED ... UNUSUAL END UTILITY END Is my error in the JCL, or is there something wrong with NODSI. I re assembled it under z/OS 1.11, but that didn’t help. Thanks Gadi לשימת לבך, בהתאם לנהלי החברה וזכויות החתימה בה, כל הצעה, התחייבות או מצג מטעם החברה, מחייבים מסמך נפרד וחתום על ידי מורשי החתימה של החברה, הנושא את לוגו החברה או שמה המודפס ובצירוף חותמת החברה. בהעדר מסמך כאמור (לרבות מסמך סרוק) המצורף להודעת דואר אלקטרוני זאת, אין לראות באמור בהודעה אלא משום טיוטה לדיון, ואין להסתמך עליה לביצוע פעולה עסקית או משפטית כלשהי. Please note that in accordance with Malam's signatory rights, no offer, agreement, concession or representation is binding on the company, unless accompanied by a duly signed separate document (or a scanned version thereof), affixed with the company's seal. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Jobname colums was lost in the sdsf joblog on ZOS1.11.
Dear all One system has been migrated from z/OS 1.9 to z/OS 1.11 in ZOS 1.9 sdsf joblog,the information of a job will be like: JOB61899 -JOBNAME STEPNAME PROCSTEPRC EXCP CONNTCBSRB JOB61899 -NBJRDBH DEL531 00246442 551177.00 JOB61899 -NBJRDBH NBPO531 00 1015479 551177.00 but in ZOS 1.11,it will be like: JOB13600 -STEPNAME PROCSTEPRC EXCP CONN TCB JOB13600 -STEP100 7 1 .00 We could see that jobname colums lost in the sdsf joblog of ZOS1.11. When we migrated the system,we copy IEEACTRT from the sys1.samplib of z/OS 1.11 We don't change it and reassemble it to sys1.linklib. Could you help us? Any suggestions is higly appreciated! Thanks a lot! Best Regards, Jason Cai -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Problem with NODSI program
I don't know if this applies to your situation. But it does relate to left over ENQs. http://www-01.ibm.com/support/docview.wss?uid=isg1OA32615 2011/4/13 גדי בן אבי gad...@malam.com: Hi, In the past, I’ve used Jan Jaeger’s NODSI program to delete datasets that had an enque against them. Since we move to z/OS 1.11, the program has stopped working correctly. deleted -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Problem with NODSI program
No, That relates to NFS, which we don't use at all. Thanks Gadi -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Mike Schwab Sent: Wednesday, April 13, 2011 9:15 AM To: IBM-MAIN@bama.ua.edu Subject: Re: Problem with NODSI program I don't know if this applies to your situation. But it does relate to left over ENQs. http://www-01.ibm.com/support/docview.wss?uid=isg1OA32615 2011/4/13 גדי בן אבי gad...@malam.com: Hi, In the past, I’ve used Jan Jaeger’s NODSI program to delete datasets that had an enque against them. Since we move to z/OS 1.11, the program has stopped working correctly. deleted -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html לשימת לבך, בהתאם לנהלי החברה וזכויות החתימה בה, כל הצעה, התחייבות או מצג מטעם החברה, מחייבים מסמך נפרד וחתום על ידי מורשי החתימה של החברה, הנושא את לוגו החברה או שמה המודפס ובצירוף חותמת החברה. בהעדר מסמך כאמור (לרבות מסמך סרוק) המצורף להודעת דואר אלקטרוני זאת, אין לראות באמור בהודעה אלא משום טיוטה לדיון, ואין להסתמך עליה לביצוע פעולה עסקית או משפטית כלשהי. Please note that in accordance with Malam's signatory rights, no offer, agreement, concession or representation is binding on the company, unless accompanied by a duly signed separate document (or a scanned version thereof), affixed with the company's seal. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: IBM Announcements Today
Radek, with every integrated solution you can say you can buy individual things and put them together. Of course. It is the controlling logic that makes it integrated, in this case zManager. Power blades in zBX - I don't think there are other than IBM Power blades, IBM decided to support one kind of blade in three (IIRC) possible configurations. And if you use a supported blade, it will work because it was tested. When you plug the blade, its firmware will be customized so that zManager can talk to it. You can buy the blade from IBM or from BP. x86 blades - I admit I have not studied the announcement yet, I assume there will be again some set of blades which are supported, presumably IBM blades. I don't know if you can mix IBM/HP/Dell/etc blades in one bladecenter anywhere (please correct me if I am wrong). So when you get bladecenter from one vendor you use its blades there. ISAOPT - again, customized firmware, customized OS with application. For ISAOPT purposes you really want to have a full control over hardware, firmware, OS and application, it is a black box, you want everything to work as expected, without deviations. (BTW, in these days I am at customer implementing ISAOPT). All hw (z196, blades, switches, bladecenters) firmware is updated from one place, so when there are new MCLs you get them from IBM, from one place. How many times you had problems that some servers/switches/whatever were on old firmware and it was recognized only when problem occurred ? Many distributed people ignore firmware updates. Marian Gasparovic IBM Slovakia On Tue, Apr 12, 2011 at 10:22 PM, R.S. r.skoru...@bremultibank.com.pl wrote: W dniu 2011-04-12 21:33, Marian Gasparovic pisze: cabinet. Even connected to the mainframe using dedicated link. What's the value added? ISAO (IBM Smart Analytic Optimizer) is probably first application running on zBX. Couldn't it run on loosely connected powerBlades? (To be more accurate: part ot ISAO runs on z/OS+DB2, part runs on power blades.) Radoslaw Skorupka Lodz, Poland tej wiadomo ci mo e ISAOPT runs on x blades, not Power. But they are not general purpose x blades as announced today, they are part of a blackbox ISAOPT solution. So, IBM simply closed way for independent vendor blades. This is not a reason, it is result of someone's decision. Added value - management by zManager for virtual servers, servicebility/waranty as for System z, integrated 10 Gbps network managed from HMC, dedicated management network which handles also firmware updates (blades are updated from HMC when CE comes with MCLs). Yes, management. What does it mean??? I can manage my blades without using HMC. Yes, centralized management could be a value added, but it's NOT crucial for the application. Couldn't ISAO live without such management? I strongly doubt. 10Gbps OSA - available without zBX. In botH mainframe and PC. Regards Radoslaw Skorupka Lodz, Poland tej wiadomo ci mo e zawiera informacje prawnie chronione Banku przeznaczone wy cznie do u ytku s bowego adresata. Odbiorc e by jedynie jej adresat z wy czeniem dost pu os b trzecich. Je eli nie jeste adresatem niniejszej wiadomo ci lub pracownikiem upowa nionym do jej przekazania adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie, rozprowadzanie lub inne dzia anie o podobnym charakterze jest prawnie zabronione i mo e by karalne. Je eli otrzyma wiadomo omy kowo, prosimy niezw ocznie zawiadomi nadawc wysy c odpowied oraz trwale usun wiadomo czaj c w to wszelkie jej kopie wydrukowane lub zapisane na dysku. This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorised to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive. BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00, fax +48 (22) 829 00 33, e-mail: i...@brebank.pl d Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego Rejestru S dowego, nr rejestru przedsi biorc w KRS 025237, NIP: 526-021-50-88. ug stanu na dzie 01.01.2011 r. kapita zak adowy BRE Banku SA (w ca ci wp acony) wynosi 168.346.696 z otych. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Jobname colums was lost in the sdsf joblog on ZOS1.11.
Dear all I checked the PMR and found the following result: I have checked several of our systems and the default, at z/OS 1.11 1.10 and 1.8 does not show JOBNAME. We have other systems at 1.10 and 1.11 which have local modifications which do show the JOBNAME. You will need to look at modifying this to include JOBNAME. - My question: How to modifying IEEACTRT to include JOBNAME? Thanks a lot! Begards, Jason Cai 发件人: ibmnew 发送时间: 2011-04-13 14:08:58 收件人: IBM-MAIN 抄送: 主题: Jobname colums was lost in the sdsf joblog on ZOS1.11. Dear all One system has been migrated from z/OS 1.9 to z/OS 1.11 in ZOS 1.9 sdsf joblog,the information of a job will be like: JOB61899 -JOBNAME STEPNAME PROCSTEPRC EXCP CONNTCBSRB JOB61899 -NBJRDBH DEL531 00246442 551177.00 JOB61899 -NBJRDBH NBPO531 00 1015479 551177.00 but in ZOS 1.11,it will be like: JOB13600 -STEPNAME PROCSTEPRC EXCP CONN TCB JOB13600 -STEP100 7 1 .00 We could see that jobname colums lost in the sdsf joblog of ZOS1.11. When we migrated the system,we copy IEEACTRT from the sys1.samplib of z/OS 1.11 We don't change it and reassemble it to sys1.linklib. Could you help us? Any suggestions is higly appreciated! Thanks a lot! Best Regards, Jason Cai -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: IBM Announcements Today
W dniu 2011-04-13 08:26, Marian Gasparovic pisze: [...] It is the controlling logic that makes it integrated, in this case zManager. It's still managemnet for management. While centralized management is fine, it's still not crucial for the applications to run. (see also end of my post) Power blades in zBX - I don't think there are other than IBM Power blades, IBM decided to support one kind of blade in three (IIRC) possible configurations. And if you use a supported blade, it will work because it was tested. It is not my intention to look for competitor vendors or manufacturers. In this case single provider means single and consistent responsibility for the solution it is important, but still not crucial for the application. [...] I don't know if you can mix IBM/HP/Dell/etc blades in one bladecenter anywhere (please correct me if I am wrong). Marian, you should know it! ;-) Obviously it is alway proprietary solution! HP blade does not fit the Dell cabinet. Blades are incompatible in hardware meaning. (Of course every Intel/AMD based blade is regular PC from OS point of view.) All hw (z196, blades, switches, bladecenters) firmware is updated from one place, so when there are new MCLs you get them from IBM, from one place. How many times you had problems that some servers/switches/whatever were on old firmware and it was recognized only when problem occurred ? Many distributed people ignore firmware updates. And again: management. BTW: you mentioned switches. I think you mean Ethernet switches, however that remains me another kind of switches used in mainframe environment: FICON switches. IBM sells (but not produce) such switches, they are supported for mainframe FICON applications. Obviously such switches are very important piece of mainframe hardware. Why IBM does not provide centralized management on HMC or MCL updates? Why can't I have such switches integrated with the system z? (Hint: System Automation is not applicable here. It is separately paid, it is nt HMC based, it does not provide many features like MCL updates). I see serious inconsistency here: zBX, ethernet switches are centrally managed, but not FICON switches. The only answer that comes to mind is: it is political issue, not technical. -- Radoslaw Skorupka Lodz, Poland -- Tre tej wiadomoci moe zawiera informacje prawnie chronione Banku przeznaczone wycznie do uytku subowego adresata. Odbiorc moe by jedynie jej adresat z wyczeniem dostpu osób trzecich. Jeeli nie jeste adresatem niniejszej wiadomoci lub pracownikiem upowanionym do jej przekazania adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie, rozprowadzanie lub inne dziaanie o podobnym charakterze jest prawnie zabronione i moe by karalne. Jeeli otrzymae t wiadomo omykowo, prosimy niezwocznie zawiadomi nadawc wysyajc odpowied oraz trwale usun t wiadomo wczajc w to wszelkie jej kopie wydrukowane lub zapisane na dysku. This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorised to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive. BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00, fax +48 (22) 829 00 33, e-mail: i...@brebank.pl Sd Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, nr rejestru przedsibiorców KRS 025237, NIP: 526-021-50-88. Wedug stanu na dzie 01.01.2011 r. kapita zakadowy BRE Banku SA (w caoci wpacony) wynosi 168.346.696 zotych. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Problem with NODSI program
Have you tried SCRATCH DSNAME=SYS1.VTAMLST,VOL=3390=Z1BD05 ? Date: Wed, 13 Apr 2011 09:07:16 +0300 From: gad...@malam.com Subject: Problem with NODSI program To: IBM-MAIN@bama.ua.edu Hi, In the past, I’ve used Jan Jaeger’s NODSI program to delete datasets that had an enque against them. Since we move to z/OS 1.11, the program has stopped working correctly. The JCL I am using is: //NODSI EXEC PGM=NODSI,PARM='IEHPROGM,LINECNT=66' //VOLDD DD UNIT=3390,VOL=SER=Z1BD05,DISP=OLD //SYSPRINT DD SYSOUT=* //SYSIN DD * SCRATCH DSNAME=SYS1.VTAMLST,VOL=SER=Z1BD05 The result I get is: SYSTEM SUPPORT UTILITIES IEHPROGM SCRATCH DSNAME=SYS1.VTAMLST,VOL=SER=Z1BD05 IEH210I YOUR REQUEST CANNOT BE SERVICED IEH211I REQUIRED VOLUME COULD NOT BE MOUNTED ... UNUSUAL END UTILITY END Is my error in the JCL, or is there something wrong with NODSI. I re assembled it under z/OS 1.11, but that didn’t help. Thanks Gadi -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Problem with NODSI program
Thanks, I guess you have better eye sight than I do. Gadi -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of J R Sent: Wednesday, April 13, 2011 10:24 AM To: IBM-MAIN@bama.ua.edu Subject: Re: Problem with NODSI program Have you tried SCRATCH DSNAME=SYS1.VTAMLST,VOL=3390=Z1BD05 ? Date: Wed, 13 Apr 2011 09:07:16 +0300 From: gad...@malam.com Subject: Problem with NODSI program To: IBM-MAIN@bama.ua.edu Hi, In the past, I’ve used Jan Jaeger’s NODSI program to delete datasets that had an enque against them. Since we move to z/OS 1.11, the program has stopped working correctly. The JCL I am using is: //NODSI EXEC PGM=NODSI,PARM='IEHPROGM,LINECNT=66' //VOLDD DD UNIT=3390,VOL=SER=Z1BD05,DISP=OLD //SYSPRINT DD SYSOUT=* //SYSIN DD * SCRATCH DSNAME=SYS1.VTAMLST,VOL=SER=Z1BD05 The result I get is: SYSTEM SUPPORT UTILITIES IEHPROGM SCRATCH DSNAME=SYS1.VTAMLST,VOL=SER=Z1BD05 IEH210I YOUR REQUEST CANNOT BE SERVICED IEH211I REQUIRED VOLUME COULD NOT BE MOUNTED ... UNUSUAL END UTILITY END Is my error in the JCL, or is there something wrong with NODSI. I re assembled it under z/OS 1.11, but that didn’t help. Thanks Gadi -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html לשימת לבך, בהתאם לנהלי החברה וזכויות החתימה בה, כל הצעה, התחייבות או מצג מטעם החברה, מחייבים מסמך נפרד וחתום על ידי מורשי החתימה של החברה, הנושא את לוגו החברה או שמה המודפס ובצירוף חותמת החברה. בהעדר מסמך כאמור (לרבות מסמך סרוק) המצורף להודעת דואר אלקטרוני זאת, אין לראות באמור בהודעה אלא משום טיוטה לדיון, ואין להסתמך עליה לביצוע פעולה עסקית או משפטית כלשהי. Please note that in accordance with Malam's signatory rights, no offer, agreement, concession or representation is binding on the company, unless accompanied by a duly signed separate document (or a scanned version thereof), affixed with the company's seal. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
AMATERSE and BatchPipes/MVS and SMF
Short version of the question: Does anyone know which access method AMATERSE uses to write untersed data out? Longer version: Does anyone have any practical experience of using it with BatchPipes/MVS aka Pipes? Particularly with SMF. Here's why I ask: The first thing I do when I get a customer's SMF data is to UNTERSE it and the second is to split it, based on eg record type. I'd like to combine the two - without asking Development to provide exits to AMATERSE. (I've not asked - they may be amenable.) Now, I know SMF is VBS not VB and therefore not supported with Pipes. However, in many cases I can get away with characterising it as VB and then Pipes could work. (I'd have to work on making AMATERSE believe it's writing VB, of course.) Thoughts? Any other way to save the disk space involved? I might actually try this. I'm spurred on by the enormous amount of data I get in support of CICS, DB2 and Batch studies these days. Thanks, Martin Martin Packer, Mainframe Performance Consultant, zChampion Worldwide Banking Center of Excellence, IBM +44-7802-245-584 email: martin_pac...@uk.ibm.com Twitter / Facebook IDs: MartinPacker Blog: https://www.ibm.com/developerworks/mydeveloperworks/blogs/MartinPacker Unless stated otherwise above: IBM United Kingdom Limited - Registered in England and Wales with number 741598. Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: DB2 SMF Records
They're not the easiest records to parse, BTW. But then again they're not the hardest. :-) Martin Martin Packer, Mainframe Performance Consultant, zChampion Worldwide Banking Center of Excellence, IBM +44-7802-245-584 email: martin_pac...@uk.ibm.com Twitter / Facebook IDs: MartinPacker Blog: https://www.ibm.com/developerworks/mydeveloperworks/blogs/MartinPacker IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu wrote on 12/04/2011 21:28:57: From: Matthew Stitt mathwst...@bellsouth.net To: IBM-MAIN@bama.ua.edu Date: 12/04/2011 21:30 Subject: Re: DB2 SMF Records Sent by: IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu Try looking in SDSNMACS, members starting with DSNDQW.. I remember looking at these records several years ago and almost throwing up my hands due to the layouts. On Tue, 12 Apr 2011 15:09:43 -0500, Hal Merritt hmerr...@jackhenry.com wrote: Anyone know I could find the layouts (DSECTs) of DB2 SMF records? Specifically Type 100, 101, 102 ? Thanks!! -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html Unless stated otherwise above: IBM United Kingdom Limited - Registered in England and Wales with number 741598. Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: RMF rec 74 subtype 7 FCD
Thanks Ravi. I was going to post the same answer. But it begs the question: What's a connector in this context? (Yes, I've mapped this record before and am still attempting to understand what it's telling me.) Thanks, Martin Martin Packer, Mainframe Performance Consultant, zChampion Worldwide Banking Center of Excellence, IBM +44-7802-245-584 email: martin_pac...@uk.ibm.com Twitter / Facebook IDs: MartinPacker Blog: https://www.ibm.com/developerworks/mydeveloperworks/blogs/MartinPacker From: Ravi Gaur gaur.ravi2...@gmail.com To: IBM-MAIN@bama.ua.edu Date: 13/04/2011 01:46 Subject: Re: RMF rec 74 subtype 7 FCD Sent by: IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu SMF747PO--- /*OFFSET TO PORT*/ SMF747CO--- /*OFFSET TO CONNECTOR*/ -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html Unless stated otherwise above: IBM United Kingdom Limited - Registered in England and Wales with number 741598. Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: moving extends for allocated VSAM linear data set
Mark, I'm suitably impressed. You can do this with some of the database reorg software, but they aren't part of the base OS. I can understand some of the OP's frustration now. Ron If it was a file on a Linux system using LVM, I could move the physical extents that hold that file anywhere I want with one pvmove command. The application will never be aware of it happening (hence the logical in Logical Volume Manager). I've done it a number of times. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AMATERSE and BatchPipes/MVS and SMF
Martin Packer martin_pac...@uk.ibm.com wrote on 04/13/2011 04:04:36 AM: Short version of the question: Does anyone know which access method AMATERSE uses to write untersed data out? Short answer to the short version of the question: QSAM Jim Mulder z/OS System Test IBM Corp. Poughkeepsie, NY -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: RMF rec 74 subtype 7 FCD
Did a simple Google trick .. http://www.pacsys.com/smf/smf74_subtype7.htm and it explain SMF747CO 4 binary Offset to connector data section. Purpose: Record type 74 has several subtypes. Subtype 7 — FICON Director Statistics FCD connector data section : Contains configuration data for additional control units. hope this helps.. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
-Original Message- From: IBM Mainframe Discussion List On Behalf Of Gibney, Dave That's a couple of big ifs - that's why we can't use it. Our workstation IP addresses, even if fixed (like mine - most are not), cannot be accessed from z/OS. I would think most real-world shops are that way - if not, well, they may need to hire some networking personnel to setup proper security. I am curious, why do some of the powers that be fear connecting their mainframe to the network. With proper vpn, there should be no reason to block z/OS from reaching out to users work stations. I wouldn't even insist on vpn if WSA would do SSL or SSH tunneling. And presumably much of this traffic would be on an intranet, not the wild and wooly Internet. There is no fear of virii, well maybe an application in java, but certainly not the system. Properly secured, a user can get anywhere they don't belong not matter what port or door they come in on. I'd truly hate the (IMO unneeded) extra steps to do Shopzseries or CA MSM without direct connection to IBM and CA's sites. Is there a real reason, not PHB paranoia that I'm missing? Institutional inertia. -jc- -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Cool Things You Can Do in z/OS
-Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Dick Bond Sent: Tuesday, April 12, 2011 5:19 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Cool Things You Can Do in z/OS That's a couple of big ifs - that's why we can't use it. Our workstation IP addresses, even if fixed (like mine - most are not), cannot be accessed from z/OS. I would think most real-world shops are that way - if not, well, they may need to hire some networking personnel to setup proper security. Quiet! I can access both my Linux and Windows desktops outbound from z/OS. And I do. Don't go giving the Network TSA goons any ideas! -- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: IBM-MAIN Digest - 11 Apr 2011 to 12 Apr 2011 (#2011-102)
I would submit that the plural of virus is probably Windows. From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of IBM-MAIN automatic digest system Sent: Wednesday, April 13, 2011 12:00 AM To: IBM-MAIN@bama.ua.edu Subject: IBM-MAIN Digest - 11 Apr 2011 to 12 Apr 2011 (#2011-102) /PREThis email may contain confidential and privileged material for the sole use of the intended recipient. If you are not the intended recipient, please contact the sender and delete all copies. Any review or distribution by others is strictly prohibited. Personal emails are restricted by policy of the State Employees' Credit Union (SECU). Therefore SECU specifically disclaims any responsibility or liability for any personal information or opinions of the author expressed in this email. /P -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
From personal experience here: Our z/OS network person campaigned for no outbound connections (other than whitelisted) because he knows that the majority of the corporate information resides on the z/OS system. So he felt this was a good security thing. But then we allow anybody to do an ftp client connection from their desktop to z/OS and that kills the reason. My orientation is like the RACF group says: Secure the data using RACF rules. Don't depend on a secure channel to protect the data (except in flight - but we don't encrypt on the internal LAN). John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Gibney, Dave Sent: Tuesday, April 12, 2011 5:38 PM To: IBM-MAIN@bama.ua.edu Subject: Fear the Internet, was Cool Things You Can Do in z/OS -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Dick Bond Sent: Tuesday, April 12, 2011 3:19 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Cool Things You Can Do in z/OS That's a couple of big ifs - that's why we can't use it. Our workstation IP addresses, even if fixed (like mine - most are not), cannot be accessed from z/OS. I would think most real-world shops are that way - if not, well, they may need to hire some networking personnel to setup proper security. I am curious, why do some of the powers that be fear connecting their mainframe to the network. With proper vpn, there should be no reason to block z/OS from reaching out to users work stations. I wouldn't even insist on vpn if WSA would do SSL or SSH tunneling. And presumably much of this traffic would be on an intranet, not the wild and wooly Internet. There is no fear of virii, well maybe an application in java, but certainly not the system. Properly secured, a user can get anywhere they don't belong not matter what port or door they come in on. I'd truly hate the (IMO unneeded) extra steps to do Shopzseries or CA MSM without direct connection to IBM and CA's sites. Is there a real reason, not PHB paranoia that I'm missing? Dave Gibney Information Technology Services Washington State University -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: The plural of 'virus'
After that last effort I decided I'd better see who had trodden on Johns corns and caused him to fire up again. Dave, Dave, Dave ... Next time we bump into each other in a bar this should keep us suitably entertained. Shane ... -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
LISTCAT command
Hello, How do I check that all the dataset in the Target volumes are indirectly cataloged. For the single datset, I can go to ISPF 3.4 and against the datset listcat ent(/) all command will give me volser information , catalog information and device type detai. But in listcat command is there any parameter which can be used against volume and check detail about all the dataset. Regards Saurabh -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: TSO Profile NUM and PACK
-Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Donnelly, John P Sent: Tuesday, April 12, 2011 3:35 PM To: IBM-MAIN@bama.ua.edu Subject: TSO Profile NUM and PACK We had some difficulties with a critical FTP transmission over this past weekend caused by the in card columns 73-80. Our Application Business Manager has posed two questions: Can you share with me any compelling reasons for the NUM ON and PACK ON? Not really. NUM ON is for history so that if you ever physically punch the cards and drop them, you can put them back in order using your handy card sorter! grin. PACK ON just saves some DASD. Like, who care? You know? If no compelling reasons, what can be done to make NUM OFF and PACK OFF as the default in any programmer's profile? Yes. Start reading here about how to set up the ISPF defaults. http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/ISPZPC80/2.2.9 In particular, consider: quote SITE_WIDE_INITIAL_MACRO Site-wide Edit initial macro. The macro specified here will be run before any user-specified macros. This can allow you to alter or disallow edit sessions. You may want to use a macro that does a PROFILE RESET to force all new profiles to use the settings in this configuration table. The default is NONE (no macro). /quote to set a site initial macro which will then force specific edit attributes such as NUM OFF and PACK OFF. Do we have a global setting that we might invoke? Thankyou John Donnelly -- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: IBM-MAIN Digest - 11 Apr 2011 to 12 Apr 2011 (#2011-102)
snip From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Frisbie, Jim Sent: Wednesday, April 13, 2011 7:38 AM To: IBM-MAIN@bama.ua.edu Subject: Re: IBM-MAIN Digest - 11 Apr 2011 to 12 Apr 2011 (#2011-102) I would submit that the plural of virus is probably Windows. /snip More precisely Microsoft Outlook -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: LISTCAT command
Saurabh, I use a two step process for this. 1) I execute an IEHLIST against the volume that I wish to validate all data sets are indirectly cataloged (normally a SYSRES and/or DLIB volume) 2) I then execute a Rexx execute that I wrote which will perform a LISTC against the data set name (extracted from the IEHLIST) and then check its volume to see if it is cataloged to the CATPARM parameter passed to the EXEC. This allows me to validate really any style catalog entry (direct or indirect). If the catalog entry does not match; it is reported as being bad and then IDCAMS statements are generated to perform a DELETE NOSCRATCH and CATALOG with the passed CATPARM value. This allows me to review both the reports (I report on good and bad entries) and the IDCAMS statements before correcting. Craig Pace SAURABH KHANDELWAL saurabh.khandel...@oracle.com Sent by: IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu 04/13/2011 07:45 AM Please respond to IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu To IBM-MAIN@bama.ua.edu cc Subject LISTCAT command Hello, How do I check that all the dataset in the Target volumes are indirectly cataloged. For the single datset, I can go to ISPF 3.4 and against the datset listcat ent(/) all command will give me volser information , catalog information and device type detai. But in listcat command is there any parameter which can be used against volume and check detail about all the dataset. Regards Saurabh -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ** This communication contains information which is confidential and may also be privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, copying or use of this communication or the information in it is strictly prohibited. If you have received this communication in error, please notify the sender immediately and then destroy any copies of it. ** -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
SMPWKDIR puzzle
Hi, All, In a RECEIVE FROMNETWORK job stream that has worked flawlessly for centuries, the following DD statement today spewed a JCL error: SMPWKDIR DD PATH='/tmp/gimsmp/', PATHOPTS=(ORDWR,OCREAT,OEXCL), PATHMODE=(SIRWXU,SIRGRP) The /tmp filesystem is a real ZFS, and the SMPWKDIR filesystem is an HFS mounted at /tmp/gimsmp. The system is z/OS 1.11. The JCL error messages: IEF344I jobname SMPER1 SMPWKDIR - ALLOCATION FAILED DUE TO DATA FACILITY SYSTEM ERROR IGD17501I ATTEMPT TO OPEN A HFS FILE FAILED, RETURN CODE IS (0075) REASON CODE IS (05620063) Explanations for the Return and Reason codes: 0075 | JRSpFileExists | The file specified on the mknod service already existed. | Action: A file by this name exists. The mknod service request | cannot be processed. Correct the name and retry the | operation. And 0063 | JRFileExistsExclFlagSet | The file exists, but O_EXCL is specified on the open call. | Action: The open service request cannot be processed. | Correct the name or the open flags and retry the operation. The question: WHY has this never been a problem before today??? TIA, -jc- -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Copy OMVS file system after service to production system
On 4/13/2011 6:36 AM, Anthony Thompson wrote: We had a similar issue here: occasionally a mountpoint directory and/or associated symbolics went missing after an OS upgrade and a new root file system was moved into production / development systems. This is not a good answer for upgrades, but for regular maintenance, however, take a look at the z/OS ABCs of Systems Programming redbook containing the chapter(s) on Unix Systems Services, as well as the z/OS USS Planning guide. Somewhere therein you will find details on setting up a read-only system root... may also be referred to as sysplex root. Even in a monoplex, IMHO it is worth the effort. If this is done well, With very few exceptions (some IBM products being notorious for it), there is little reason to modify the system root as supplied with z/OS. There might even be some samples in the ServerPac or in SAMPLIB to set this up. One of the system programmers had written a job that fired off after IPL; that job called a REXX that scanned the current BPXPRM's and issued a console message if expected filesystems were not mounted. If you are z/OS 1.10 (maybe a little earlier), look at D OMVS,MF (Mount Failures) and the Health Check for missing mounts. I extended that by writing a REXX that was called from /etc/rc that went a step further. If an expected filesystem was not mounted, it consulted another parm file that listed the necessary mountpoints/symbolics for the filesystems and attempted to create them and then remount the missing filesystem. If the remount failed an email was issued. Now that's cool. It might be possible to extend the Health Check or take put the fix-it code into System Rexx after a D OMVS,MF and parse the response. Then again, I'm old-school, and every shop I've been in thus far has had systems programmers on site for maintenance and release upgrades. That works quite well for us, provided the parm file is updated whenever BPXPRM's are changed... I put a big comment box at the top of BPXPRM's as a reminder. The newer z/OS features might obviate the need for another parm file... Regards, Arthur Gutowski Abend-Aid Development Compuware Corporation -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
No supported release of z/OS® honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
snip z/OS V1R11.0 Migration - All supported migration paths z/OS V1R11.0 GA22-7499-16 Description: No supported release of z/OS® honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets. /snip Our z/OS 1.11 system is allowing the IMBED attribute for new VSAM data sets. Is this WAD? DATA --- BZ.CICSVSAM.SYSA.DATA IN-CAT --- CATALOG.USERCAT4 HISTORY DATASET-OWNER-(NULL) CREATION2011.097 RELEASE2 EXPIRATION--.000 ATTRIBUTES KEYLEN-4 AVGLRECL--13 BUFSPACE9728 CISIZE--4096 RKP0 MAXLRECL--13 EXCPEXIT--(NULL) CI/CA168 SHROPTNS(1,3) SPEED UNIQUE NOERASE INDEXED NOWRITECHK IMBED NOREPLICAT UNORDEREDNOREUSE NONSPANNED Regards, John K -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
I would think that 'allowing' and 'honoring' are two different things. That is, the cluster may have the attribute in the catalog entry but the code no longer does anything with it. You see this in other contexts for depreciated keywords: '...checked for syntax and ignored...' HTH and good luck. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of John P Kalinich Sent: Wednesday, April 13, 2011 9:05 AM To: IBM-MAIN@bama.ua.edu Subject: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets snip z/OS V1R11.0 Migration - All supported migration paths z/OS V1R11.0 GA22-7499-16 Description: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets. /snip Our z/OS 1.11 system is allowing the IMBED attribute for new VSAM data sets. Is this WAD? DATA --- BZ.CICSVSAM.SYSA.DATA IN-CAT --- CATALOG.USERCAT4 HISTORY DATASET-OWNER-(NULL) CREATION2011.097 RELEASE2 EXPIRATION--.000 ATTRIBUTES KEYLEN-4 AVGLRECL--13 BUFSPACE9728 CISIZE--4096 RKP0 MAXLRECL--13 EXCPEXIT--(NULL) CI/CA168 SHROPTNS(1,3) SPEED UNIQUE NOERASE INDEXED NOWRITECHK IMBED NOREPLICAT UNORDEREDNOREUSE NONSPANNED Regards, John K -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information. Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
Some might argue that a LAN cannot be considered 'secure' if there is a Windows box anywhere in the path :-) As near as I can tell, PCI does not currently require encryption on internal LANs. However, I've read about internal networks being penetrated and compromised, so I wonder if that the encryption requirement is not far off. I do seem to recall such a rule that was proposed then quickly withdrawn a year or two ago. Point is that it might be prudent to anticipate the requirement sooner than later. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of McKown, John Sent: Wednesday, April 13, 2011 7:40 AM To: IBM-MAIN@bama.ua.edu Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS From personal experience here: Our z/OS network person campaigned for no outbound connections (other than whitelisted) because he knows that the majority of the corporate information resides on the z/OS system. So he felt this was a good security thing. But then we allow anybody to do an ftp client connection from their desktop to z/OS and that kills the reason. My orientation is like the RACF group says: Secure the data using RACF rules. Don't depend on a secure channel to protect the data (except in flight - but we don't encrypt on the internal LAN). John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Gibney, Dave Sent: Tuesday, April 12, 2011 5:38 PM To: IBM-MAIN@bama.ua.edu Subject: Fear the Internet, was Cool Things You Can Do in z/OS -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Dick Bond Sent: Tuesday, April 12, 2011 3:19 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Cool Things You Can Do in z/OS That's a couple of big ifs - that's why we can't use it. Our workstation IP addresses, even if fixed (like mine - most are not), cannot be accessed from z/OS. I would think most real-world shops are that way - if not, well, they may need to hire some networking personnel to setup proper security. I am curious, why do some of the powers that be fear connecting their mainframe to the network. With proper vpn, there should be no reason to block z/OS from reaching out to users work stations. I wouldn't even insist on vpn if WSA would do SSL or SSH tunneling. And presumably much of this traffic would be on an intranet, not the wild and wooly Internet. There is no fear of virii, well maybe an application in java, but certainly not the system. Properly secured, a user can get anywhere they don't belong not matter what port or door they come in on. I'd truly hate the (IMO unneeded) extra steps to do Shopzseries or CA MSM without direct connection to IBM and CA's sites. Is there a real reason, not PHB paranoia that I'm missing? Dave Gibney Information Technology Services Washington State University -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information. Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the
TSSO help please
I am trying to get TSSO running, and I have run into a problem the worst of which is being a newbie to TSSO. The OSCMD command works fine in a CLIST, but I prefer to use REXX. I originally tried setting CMDRESP= 'CLIST' but found out with a Instruction trace that while the code finds the variable, the value is inaccessable from the code. I spend most of the day learning a valuable lesson that in a SLIP instruction fetch trace, just because you can see a memory location in the trace does not mean that the code can see it. Anyway, after discovering this, the section of the documentation about using SYSAUTH_MAXCMDOUT finally made sense. So I set SYSAUTH_AUTHCMDOUT = 200, and made it past the code that was failing. Unfortunately, the code is now failing in the JCEVCTDB routine with the exact same problem I had before. The address of the value is being passed to the routine, and the trace shows it is correct, but I get a S0C4 in the DECCHKCLI 0(1),C'0' instruction, and R1 is pointing to the correct value of 200. I thought the SYSAUTH_MAXCMDOUT value was supposed to be readable, but it appears that the storage containing the value is not. Does anybody have any insights in using OSCMD in a REXX program and what might be causing my issue? Oh yes, all the TSSO commands are in the AUTHCMD section of IKJTSO00, and the TSSO library is in the LINKLIST. Thanks, Neal -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
IIRC no new dataset can be created with those attributes (keywords ignored) but if an existing dataset has them it is still processed accordingly. If the dataset is recreated (delete/define) or restored the attributes will be removed. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Hal Merritt Sent: Wednesday, April 13, 2011 10:26 AM To: IBM-MAIN@bama.ua.edu Subject: Re: [IBM-MAIN] No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets I would think that 'allowing' and 'honoring' are two different things. That is, the cluster may have the attribute in the catalog entry but the code no longer does anything with it. You see this in other contexts for depreciated keywords: '...checked for syntax and ignored...' HTH and good luck. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of John P Kalinich Sent: Wednesday, April 13, 2011 9:05 AM To: IBM-MAIN@bama.ua.edu Subject: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets snip z/OS V1R11.0 Migration - All supported migration paths z/OS V1R11.0 GA22-7499-16 Description: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets. /snip Our z/OS 1.11 system is allowing the IMBED attribute for new VSAM data sets. Is this WAD? DATA --- BZ.CICSVSAM.SYSA.DATA IN-CAT --- CATALOG.USERCAT4 HISTORY DATASET-OWNER-(NULL) CREATION2011.097 RELEASE2 EXPIRATION--.000 ATTRIBUTES KEYLEN-4 AVGLRECL--13 BUFSPACE9728 CISIZE--4096 RKP0 MAXLRECL--13 EXCPEXIT--(NULL) CI/CA168 SHROPTNS(1,3) SPEED UNIQUE NOERASE INDEXED NOWRITECHK IMBED NOREPLICAT UNORDEREDNOREUSE NONSPANNED Regards, John K -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information. Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
JC that was a good question, I was a network guy in a past life, I think some of the fear is not justified if the companies have the right firewalls in place. I worked a place that had 3 firewalls to separate companies, etc. This was a maintenance nightmare. But this issue was of poor design. The issue you are speaking of, I dont get why ppl are afraid. I assume viruses, but I have NEVER seen a virus on a mainframe or unix or AS400. Scott J Ford From: McKown, John john.mck...@healthmarkets.com To: IBM-MAIN@bama.ua.edu Sent: Wed, April 13, 2011 8:39:48 AM Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS From personal experience here: Our z/OS network person campaigned for no outbound connections (other than whitelisted) because he knows that the majority of the corporate information resides on the z/OS system. So he felt this was a good security thing. But then we allow anybody to do an ftp client connection from their desktop to z/OS and that kills the reason. My orientation is like the RACF group says: Secure the data using RACF rules. Don't depend on a secure channel to protect the data (except in flight - but we don't encrypt on the internal LAN). John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Gibney, Dave Sent: Tuesday, April 12, 2011 5:38 PM To: IBM-MAIN@bama.ua.edu Subject: Fear the Internet, was Cool Things You Can Do in z/OS -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Dick Bond Sent: Tuesday, April 12, 2011 3:19 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Cool Things You Can Do in z/OS That's a couple of big ifs - that's why we can't use it. Our workstation IP addresses, even if fixed (like mine - most are not), cannot be accessed from z/OS. I would think most real-world shops are that way - if not, well, they may need to hire some networking personnel to setup proper security. I am curious, why do some of the powers that be fear connecting their mainframe to the network. With proper vpn, there should be no reason to block z/OS from reaching out to users work stations. I wouldn't even insist on vpn if WSA would do SSL or SSH tunneling. And presumably much of this traffic would be on an intranet, not the wild and wooly Internet. There is no fear of virii, well maybe an application in java, but certainly not the system. Properly secured, a user can get anywhere they don't belong not matter what port or door they come in on. I'd truly hate the (IMO unneeded) extra steps to do Shopzseries or CA MSM without direct connection to IBM and CA's sites. Is there a real reason, not PHB paranoia that I'm missing? Dave Gibney Information Technology Services Washington State University -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
The creation date was 2011.097 according to LISTCAT. Regards, John K From: Ken Porowski ken.porow...@cit.com To: IBM-MAIN@bama.ua.edu Date: 04/13/2011 10:02 AM Subject:Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets IIRC no new dataset can be created with those attributes (keywords ignored) but if an existing dataset has them it is still processed accordingly. If the dataset is recreated (delete/define) or restored the attributes will be removed. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Hal Merritt Sent: Wednesday, April 13, 2011 10:26 AM To: IBM-MAIN@bama.ua.edu Subject: Re: [IBM-MAIN] No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets I would think that 'allowing' and 'honoring' are two different things. That is, the cluster may have the attribute in the catalog entry but the code no longer does anything with it. You see this in other contexts for depreciated keywords: '...checked for syntax and ignored...' HTH and good luck. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of John P Kalinich Sent: Wednesday, April 13, 2011 9:05 AM To: IBM-MAIN@bama.ua.edu Subject: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets snip z/OS V1R11.0 Migration - All supported migration paths z/OS V1R11.0 GA22-7499-16 Description: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets. /snip Our z/OS 1.11 system is allowing the IMBED attribute for new VSAM data sets. Is this WAD? DATA --- BZ.CICSVSAM.SYSA.DATA IN-CAT --- CATALOG.USERCAT4 HISTORY DATASET-OWNER-(NULL) CREATION2011.097 RELEASE2 EXPIRATION--.000 ATTRIBUTES KEYLEN-4 AVGLRECL--13 BUFSPACE9728 CISIZE--4096 RKP0 MAXLRECL--13 EXCPEXIT--(NULL) CI/CA168 SHROPTNS(1,3) SPEED UNIQUE NOERASE INDEXED NOWRITECHK IMBED NOREPLICAT UNORDEREDNOREUSE NONSPANNED Regards, John K -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: The plural of 'virus'
-Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Shane Sent: Wednesday, April 13, 2011 5:44 AM To: IBM-MAIN@bama.ua.edu Subject: Re: The plural of 'virus' After that last effort I decided I'd better see who had trodden on Johns corns and caused him to fire up again. Dave, Dave, Dave ... That's a plan. I never had the opportunity to drop into Latin, let alone drop out. At the risk of another language lesson, c'est la vie. Next time we bump into each other in a bar this should keep us suitably entertained. Shane ... -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
Perhaps network/PC people simply can't conceive of a server being that secure/robust. Indeed, I know of a network guy who firmly believes that the MF would fail if presented with enough network traffic. To be fair, the burden of dealing with Windows security has fallen to the network folks, and, as they say, if you aren't paranoid, then you just don't understand :-) Further, it might be prudent to temper our confidence with the knowledge that no security is without holes. And the MF holds the crown jewels of the company and more. Extra layers of security are easy to justify. But a 'no outbound' position speaks to the fear that folks may catch on that the MF may be the best platform by far and work would start migrating back from the tinker toy farm to the citadel. Just my $0.02 -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Scott Ford Sent: Wednesday, April 13, 2011 10:03 AM To: IBM-MAIN@bama.ua.edu Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS ..snip The issue you are speaking of, I dont get why ppl are afraid. I assume viruses, but I have NEVER seen a virus on a mainframe or unix or AS400. Scott J Ford NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information. Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
On Wed, 13 Apr 2011 10:06:36 -0500, John P Kalinich wrote: The creation date was 2011.097 according to LISTCAT. I think that's the restore date not the true creation date. The IMBED attribute is not removed by DFSMSdss/hsm during restore. Norbert Friemel -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
Norbert, We use ABR instead of HSM, but the create date was from an IDCAMS DEFINE. Regards, John K From: Norbert Friemel nf.ibmm...@web.de To: IBM-MAIN@bama.ua.edu Date: 04/13/2011 11:29 AM Subject:Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets On Wed, 13 Apr 2011 10:06:36 -0500, John P Kalinich wrote: The creation date was 2011.097 according to LISTCAT. I think that's the restore date not the true creation date. The IMBED attribute is not removed by DFSMSdss/hsm during restore. Norbert Friemel -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
W dniu 2011-04-13 17:06, John P Kalinich pisze: The creation date was 2011.097 according to LISTCAT. Can it be result of RESTORE? -- Radoslaw Skorupka Lodz, Poland -- Tre tej wiadomoci moe zawiera informacje prawnie chronione Banku przeznaczone wycznie do uytku subowego adresata. Odbiorc moe by jedynie jej adresat z wyczeniem dostpu osób trzecich. Jeeli nie jeste adresatem niniejszej wiadomoci lub pracownikiem upowanionym do jej przekazania adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie, rozprowadzanie lub inne dziaanie o podobnym charakterze jest prawnie zabronione i moe by karalne. Jeeli otrzymae t wiadomo omykowo, prosimy niezwocznie zawiadomi nadawc wysyajc odpowied oraz trwale usun t wiadomo wczajc w to wszelkie jej kopie wydrukowane lub zapisane na dysku. This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorised to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive. BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00, fax +48 (22) 829 00 33, e-mail: i...@brebank.pl Sd Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, nr rejestru przedsibiorców KRS 025237, NIP: 526-021-50-88. Wedug stanu na dzie 01.01.2011 r. kapita zakadowy BRE Banku SA (w caoci wpacony) wynosi 168.346.696 zotych. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
On Wed, 13 Apr 2011 12:14:45 -0500, John P Kalinich jkali...@csc.com wrote: Norbert, We use ABR instead of HSM, but the create date was from an IDCAMS DEFINE. Regards, John K John, you may want to verify that is a fact. I just attempted to do a DEFINE with IMBED and REPLICATE and the LISTCAT shows NOIMBED and NOREPLICAT. 1.11. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: The plural of 'virus'
Latin is a dead language It's dead as it can be First it killed the Romans And now it's killing me. Tom Puddicombe Mainframe Performance Capacity Planning CSC 71 Deerfield Rd, Meriden, CT 06450 ITIS | (860) 428-3252 | tpudd...@csc.com | www.csc.com This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. From: Gibney, Dave gib...@wsu.edu To: IBM-MAIN@bama.ua.edu Date: 04/13/2011 11:11 AM Subject: Re: The plural of 'virus' -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Shane Sent: Wednesday, April 13, 2011 5:44 AM To: IBM-MAIN@bama.ua.edu Subject: Re: The plural of 'virus' After that last effort I decided I'd better see who had trodden on Johns corns and caused him to fire up again. Dave, Dave, Dave ... That's a plan. I never had the opportunity to drop into Latin, let alone drop out. At the risk of another language lesson, c'est la vie. Next time we bump into each other in a bar this should keep us suitably entertained. Shane ... -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
Mea culpa. Yes, it was the result of a FDR/ABR restore. Regards, John K From: R.S. r.skoru...@bremultibank.com.pl To: IBM-MAIN@bama.ua.edu Date: 04/13/2011 12:27 PM Subject:Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets W dniu 2011-04-13 17:06, John P Kalinich pisze: The creation date was 2011.097 according to LISTCAT. Can it be result of RESTORE? -- Radoslaw Skorupka Lodz, Poland -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets
You are correct, it was from an ABR RESTORE. Sorry to bother the list. Regards, John K From: Patrick Lyon ptl...@midamerican.com To: IBM-MAIN@bama.ua.edu Date: 04/13/2011 12:37 PM Subject:Re: No supported release of z/OS(r) honors the IMBED, REPLICATE, and KEYRANGE attributes for new VSAM data sets On Wed, 13 Apr 2011 12:14:45 -0500, John P Kalinich jkali...@csc.com wrote: Norbert, We use ABR instead of HSM, but the create date was from an IDCAMS DEFINE. Regards, John K John, you may want to verify that is a fact. I just attempted to do a DEFINE with IMBED and REPLICATE and the LISTCAT shows NOIMBED and NOREPLICAT. 1.11. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
null out MGMTCLAS
I need to run an ALTER on a number of datasets that nullifies the MANAGEMENTCLASS. I've tried IDCAMS ALTER with MGMTCLAS(), MGMTCLAS(''), MGMTCLAS(-), and a number of other combinations. Nothing seems to be allowed in batch, whereas I can specifiy a '-' in MANAGEMENTCLASS in the ISMF panels and it works just fine. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: The plural of 'virus'
wow - good thing I didn't say I thought it was 4th declension. but then I don't trust most 50yr old memories even those from Latin School. I toured my high school 2 yrs ago during 50th reunion and the thing looks a lot smaller inside than I remember. It was nice to see places in the building that had never been remodeled :-) IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu wrote on 04/12/2011 07:53:45 PM: We have been around this way before. The latin word 'virus' is an uncommon 2nd-declension neuter noun. (Most 2nd-declension neuter nouns end in 'um' in the nominative singular.) Thus 'virus' has no latin plural. If one is needed in English 'viruses' is available. The very common latin word 'vir', man, has the nominative plural 'viri', men. Moreover, 'ii' is impossible qua suffix: it can occur only when a stem ends in 'i', as in radius==radii. Latin dropouts would indeed be well advised to avoid attempting to form the plural of -us words. They are too problematic: the singular 'opus' has the plural 'opera'; the singular 'octopus' has the plural 'octopodes', etc., etc. It is far better, albeit subliterate, to speak of octopuses than of octopi. John Gilmore Ashland, MA 01721-1817 USA - The information contained in this communication (including any attachments hereto) is confidential and is intended solely for the personal and confidential use of the individual or entity to whom it is addressed. If the reader of this message is not the intended recipient or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this communication in error and that any review, dissemination, copying, or unauthorized use of this information, or the taking of any action in reliance on the contents of this information is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail, and delete the original message. Thank you -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: The plural of 'virus'
Latin is not dead. Many people converse in Latin around the world, especially within Vatican City. There is also a radio news broadcast in Latin: http://en.wikipedia.org/wiki/Nuntii_Latini At least one American public high school has conversational Latin classes: http://www.youtube.com/watch?v=GVBN0_UOL6I Thomas Jefferson began studying Latin and Greek when he was six years old. This was normal in the 1740s. Bill Fairchild Rocket Software -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Thomas H Puddicombe Sent: Wednesday, April 13, 2011 12:41 PM To: IBM-MAIN@bama.ua.edu Subject: Re: The plural of 'virus' Latin is a dead language It's dead as it can be First it killed the Romans And now it's killing me. Tom Puddicombe Mainframe Performance Capacity Planning CSC 71 Deerfield Rd, Meriden, CT 06450 ITIS | (860) 428-3252 | tpudd...@csc.com | www.csc.com This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. From: Gibney, Dave gib...@wsu.edu To: IBM-MAIN@bama.ua.edu Date: 04/13/2011 11:11 AM Subject: Re: The plural of 'virus' -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Shane Sent: Wednesday, April 13, 2011 5:44 AM To: IBM-MAIN@bama.ua.edu Subject: Re: The plural of 'virus' After that last effort I decided I'd better see who had trodden on Johns corns and caused him to fire up again. Dave, Dave, Dave ... That's a plan. I never had the opportunity to drop into Latin, let alone drop out. At the risk of another language lesson, c'est la vie. Next time we bump into each other in a bar this should keep us suitably entertained. Shane ... -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Ported tools for z/OS on ADCD
According tohttp://dtsc.dfw.ibm.com/MVSDS/%27HTTPD2.ADCD.GLOBAL.HTML%28READM112%29%27#Header_04http://dtsc.dfw.ibm.com/MVSDS/%27HTTPD2.ADCD.GLOBAL.HTML%28READM112%29%27#Header_04 the Ported tools for z/OS (HOS1120) is part of the ADCD. A scan through SMP/E indicates it's installed. However, I can't find evidence of the tools in the file hierarchy when I login to USS. There are directory names like /usr/lpp/ported and /usr/lpp/perl but they are empty. Is there some step I have to go through to make these accessible? Neale
Re: Ported tools for z/OS on ADCD
Is it possible there are filesystems that have not been properly mounted? On Wed, Apr 13, 2011 at 2:28 PM, Neale Ferguson ne...@sinenomine.netwrote: According to http://dtsc.dfw.ibm.com/MVSDS/%27HTTPD2.ADCD.GLOBAL.HTML%28READM112%29%27#Header_04 http://dtsc.dfw.ibm.com/MVSDS/%27HTTPD2.ADCD.GLOBAL.HTML%28READM112%29%27#Header_04 the Ported tools for z/OS (HOS1120) is part of the ADCD. A scan through SMP/E indicates it's installed. However, I can't find evidence of the tools in the file hierarchy when I login to USS. There are directory names like /usr/lpp/ported and /usr/lpp/perl but they are empty. Is there some step I have to go through to make these accessible? Neale CONFIDENTIALITY/EMAIL NOTICE: The material in this transmission contains confidential and privileged information intended only for the addressee. If you are not the intended recipient, please be advised that you have received this material in error and that any forwarding, copying, printing, distribution, use or disclosure of the material is strictly prohibited. If you have received this material in error, please (i) do not read it, (ii) reply to the sender that you received the message in error, and (iii) erase or destroy the material. Emails are not secure and can be intercepted, amended, lost or destroyed, or contain viruses. You are deemed to have accepted these risks if you communicate with us by email. Thank you. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: LISTCAT command
My approach is brute force. 1 - Run a LISTCAT VOL against the catalog(s) of interest. 2 - Edit the resulting listing (usually using SDSF SE command) 3 - Issue multiple X ALL VOLSERvv commands where vv is each indirect (including **) or actual volume I'm not interested in. 4 - Issue F NV VOLSER- command to find any directly catalogued dataset. (At this point I frequently go back to step 3 to issue another exclude.) -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of SAURABH KHANDELWAL Sent: Wednesday, April 13, 2011 5:44 AM To: IBM-MAIN@bama.ua.edu Subject: LISTCAT command Hello, How do I check that all the dataset in the Target volumes are indirectly cataloged. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Jobname colums was lost in the sdsf joblog on ZOS1.11.
Copy the IEFACTRT source you were using on the old system and reassemble it. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of ibmnew Sent: Tuesday, April 12, 2011 11:34 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Jobname colums was lost in the sdsf joblog on ZOS1.11. Dear all I checked the PMR and found the following result: I have checked several of our systems and the default, at z/OS 1.11 1.10 and 1.8 does not show JOBNAME. We have other systems at 1.10 and 1.11 which have local modifications which do show the JOBNAME. You will need to look at modifying this to include JOBNAME. - My question: How to modifying IEEACTRT to include JOBNAME? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: LISTCAT command
That should be NX, not NV. -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Schwarz, Barry A Sent: Wednesday, April 13, 2011 11:44 AM To: IBM-MAIN@bama.ua.edu Subject: Re: LISTCAT command My approach is brute force. 1 - Run a LISTCAT VOL against the catalog(s) of interest. 2 - Edit the resulting listing (usually using SDSF SE command) 3 - Issue multiple X ALL VOLSERvv commands where vv is each indirect (including **) or actual volume I'm not interested in. 4 - Issue F NV VOLSER- command to find any directly catalogued dataset. (At this point I frequently go back to step 3 to issue another exclude.) -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of SAURABH KHANDELWAL Sent: Wednesday, April 13, 2011 5:44 AM To: IBM-MAIN@bama.ua.edu Subject: LISTCAT command Hello, How do I check that all the dataset in the Target volumes are indirectly cataloged. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AC (authorization code) change
Over the years many modules with unnnecessary AC=1 attributes have been changed to be AC=0. I thought the original post asserted that there was a problem when this module was not AC=1. Did anyone explain what that problem was? Obviously if it needs to do authorized things *and* if it can be a jobstep program then it needs AC=1. Peter Relson z/OS Core Technology Design -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: TSO Profile NUM and PACK
For global settings, check the ISPF Configuration Table section of the ISPF Planning and Customization manual (my copy is GC34-4814-08, chapter 2, figure 8). -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Donnelly, John P Sent: Tuesday, April 12, 2011 1:35 PM To: IBM-MAIN@bama.ua.edu Subject: TSO Profile NUM and PACK We had some difficulties with a critical FTP transmission over this past weekend caused by the in card columns 73-80. Our Application Business Manager has posed two questions: Can you share with me any compelling reasons for the NUM ON and PACK ON? If no compelling reasons, what can be done to make NUM OFF and PACK OFF as the default in any programmer's profile? Do we have a global setting that we might invoke? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: null out MGMTCLAS
Are you getting an error message on the attempt? Can you post it? Greg Shirey Ben E. Keith Company -Original Message- From: IBM Mainframe Discussion List On Behalf Of Eric Gustavison Sent: Wednesday, April 13, 2011 12:42 PM I need to run an ALTER on a number of datasets that nullifies the MANAGEMENTCLASS. I've tried IDCAMS ALTER with MGMTCLAS(), MGMTCLAS(''), MGMTCLAS(-), and a number of other combinations. Nothing seems to be allowed in batch, whereas I can specifiy a '-' in MANAGEMENTCLASS in the ISMF panels and it works just fine. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Mark your calendar for VM Linux Summer Workshop (July 2011)
Hi, just wanted to get this on your calendarswork is underway to relaunch the VM Workshop as the VM and Linux Workshop. July 28-30, 2011 at Ohio State University in Columbus Ohio. When they tell me that the new workshop web site is ready I will add the link to it on the VM events calendar. http://www.vm.ibm.com/events/ For now...just mark your calendar. If you would like to be involved in the planning now or later, feel free to speak up (we'll give your name to Len Diegel who has been gathering people together on planning calls). Regards, Pam C -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: IBM-MAIN Digest - 11 Apr 2011 to 12 Apr 2011 (#2011-102)
snip-- I would submit that the plural of virus is probably Windows. /snip More precisely Microsoft Outlook -unsnip- Don't ignore IE (Internet Express). More holes than a screen door! Rick -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: LISTCAT command
-snip Saurabh, I use a two step process for this. 1) I execute an IEHLIST against the volume that I wish to validate all data sets are indirectly cataloged (normally a SYSRES and/or DLIB volume) 2) I then execute a Rexx execute that I wrote which will perform a LISTC against the data set name (extracted from the IEHLIST) and then check its volume to see if it is cataloged to the CATPARM parameter passed to the EXEC. This allows me to validate really any style catalog entry (direct or indirect). If the catalog entry does not match; it is reported as being bad and then IDCAMS statements are generated to perform a DELETE NOSCRATCH and CATALOG with the passed CATPARM value. This allows me to review both the reports (I report on good and bad entries) and the IDCAMS statements before correcting. Craig Pace unsnip--- Craig, could you chare that EXEC with me, via private E-Mail? I'm a babe in the woods when it comes to REXX. Rick -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
-snip Perhaps network/PC people simply can't conceive of a server being that secure/robust. Indeed, I know of a network guy who firmly believes that the MF would fail if presented with enough network traffic. To be fair, the burden of dealing with Windows security has fallen to the network folks, and, as they say, if you aren't paranoid, then you just don't understand :-) Further, it might be prudent to temper our confidence with the knowledge that no security is without holes. And the MF holds the crown jewels of the company and more. Extra layers of security are easy to justify. But a 'no outbound' position speaks to the fear that folks may catch on that the MF may be the best platform by far and work would start migrating back from the tinker toy farm to the citadel. Just my $0.02 unsnip--- Hal, you're right in that no security is without holes. However, RACF, physical security and staff training and standards can make the MF security far tighter than anything we've seen on x86 based servers so far. Emphasis on SO FAR. I won't say that the MF is unbreakable, because as soon as I do, an ingenious idiot will prove me wrong. It would be very interesting to see a RACF-like product for the X86 world, but how many so-called System Administrators would be able to grasp the concepts, much less the mechanics? Rick -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: LISTCAT command
My LISTCAT output shows the symbolic (SYSR1) for the volume name the datasets reside on. So you should be able to parse the IDCAMS LISTCAT output looking for the dataset and symbolic volume name. On Wed, 13 Apr 2011 14:45:36 -0500, Rick Fochtman rfocht...@ync.net wrote: -snip Saurabh, I use a two step process for this. 1) I execute an IEHLIST against the volume that I wish to validate all data sets are indirectly cataloged (normally a SYSRES and/or DLIB volume) 2) I then execute a Rexx execute that I wrote which will perform a LISTC against the data set name (extracted from the IEHLIST) and then check its volume to see if it is cataloged to the CATPARM parameter passed to the EXEC. This allows me to validate really any style catalog entry (direct or indirect). If the catalog entry does not match; it is reported as being bad and then IDCAMS statements are generated to perform a DELETE NOSCRATCH and CATALOG with the passed CATPARM value. This allows me to review both the reports (I report on good and bad entries) and the IDCAMS statements before correcting. Craig Pace unsnip--- Craig, could you chare that EXEC with me, via private E-Mail? I'm a babe in the woods when it comes to REXX. Rick -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
-Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Rick Fochtman Sent: Wednesday, April 13, 2011 2:58 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS snip Hal, you're right in that no security is without holes. However, RACF, physical security and staff training and standards can make the MF security far tighter than anything we've seen on x86 based servers so far. Emphasis on SO FAR. I won't say that the MF is unbreakable, because as soon as I do, an ingenious idiot will prove me wrong. It would be very interesting to see a RACF-like product for the X86 world, but how many so-called System Administrators would be able to grasp the concepts, much less the mechanics? Rick Try running Linux with the SELinux enhancements fully implemented. That makes Linux very difficult (to me) to break. SELinux implements MAC controls instead of DAC controls. And it can even make it impossible for root to modify some things without the proper SELinux authorities. One example is that it can prevent execution of code on the stack or even in malloc'd (GETMAINed) storage. The former is a common way for malware to get control with buffer overflows. Oh, and it can also prevent the code from modifying itself in memory as well. -- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
On Wed, Apr 13, 2011 at 3:18 PM, McKown, John john.mck...@healthmarkets.com wrote: Try running Linux with the SELinux enhancements fully implemented. That makes Linux very difficult (to me) to break. SELinux implements MAC controls instead of DAC controls. And it can even make it impossible for root to modify some things without the proper SELinux authorities. One example is that it can prevent execution of code on the stack or even in malloc'd (GETMAINed) storage. The former is a common way for malware to get control with buffer overflows. Oh, and it can also prevent the code from modifying itself in memory as well. -- John McKown Writing the SE Linux was done with a National Security Agency (No Such Agency) (NSA) research grant. http://www.nsa.gov/research/selinux/ -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
-Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Mike Schwab Sent: Wednesday, April 13, 2011 3:25 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS snip Writing the SE Linux was done with a National Security Agency (No Such Agency) (NSA) research grant. http://www.nsa.gov/research/selinux/ -- Mike A Schwab, Springfield IL USA I thought NSA (according to NUMB3RS) was Never Say Anything. -- John McKown Systems Engineer IV IT Administrative Services Group HealthMarkets(r) 9151 Boulevard 26 * N. Richland Hills * TX 76010 (817) 255-3225 phone * john.mck...@healthmarkets.com * www.HealthMarkets.com Confidentiality Notice: This e-mail message may contain confidential or proprietary information. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. HealthMarkets(r) is the brand name for products underwritten and issued by the insurance subsidiaries of HealthMarkets, Inc. -The Chesapeake Life Insurance Company(r), Mid-West National Life Insurance Company of TennesseeSM and The MEGA Life and Health Insurance Company.SM -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
mike.a.sch...@gmail.com (Mike Schwab) writes: Writing the SE Linux was done with a National Security Agency (No Such Agency) (NSA) research grant. http://www.nsa.gov/research/selinux/ also from long ago and far away: http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtm -- virtualization experience starting Jan1968, online at home since Mar1970 -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
Ok guys, let me ask one question, btw I also working in Security now,ACF2,RACF and TSS. How many MF hackers or viruses have you seen, I have been at it 40yrs, never one .. I am not saying it wont occur, but the odds are against it based on the complexity of the environments. I have customers who dont even know their own evnviroments. Scott J Ford From: Rick Fochtman rfocht...@ync.net To: IBM-MAIN@bama.ua.edu Sent: Wed, April 13, 2011 3:58:15 PM Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS -snip Perhaps network/PC people simply can't conceive of a server being that secure/robust. Indeed, I know of a network guy who firmly believes that the MF would fail if presented with enough network traffic. To be fair, the burden of dealing with Windows security has fallen to the network folks, and, as they say, if you aren't paranoid, then you just don't understand :-) Further, it might be prudent to temper our confidence with the knowledge that no security is without holes. And the MF holds the crown jewels of the company and more. Extra layers of security are easy to justify. But a 'no outbound' position speaks to the fear that folks may catch on that the MF may be the best platform by far and work would start migrating back from the tinker toy farm to the citadel. Just my $0.02 unsnip--- Hal, you're right in that no security is without holes. However, RACF, physical security and staff training and standards can make the MF security far tighter than anything we've seen on x86 based servers so far. Emphasis on SO FAR. I won't say that the MF is unbreakable, because as soon as I do, an ingenious idiot will prove me wrong. It would be very interesting to see a RACF-like product for the X86 world, but how many so-called System Administrators would be able to grasp the concepts, much less the mechanics? Rick -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
XMASCARD EXEC i -- Original Message -- Received: 04:12 PM COT, 04/13/2011 From: Scott Ford scott_j_f...@yahoo.com To: IBM-MAIN@bama.ua.edu Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS Ok guys, let me ask one question, btw I also working in Security now,ACF2,RACF and TSS. How many MF hackers or viruses have you seen, I have been at it 40yrs, never one .. I am not saying it wont occur, but the odds are against it based on the complexity of the environments. I have customers who dont even know their own evnviroments. Scott J Ford From: Rick Fochtman rfocht...@ync.net To: IBM-MAIN@bama.ua.edu Sent: Wed, April 13, 2011 3:58:15 PM Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS -snip Perhaps network/PC people simply can't conceive of a server being that secure/robust. Indeed, I know of a network guy who firmly believes that the MF would fail if presented with enough network traffic. To be fair, the burden of dealing with Windows security has fallen to the network folks, and, as they say, if you aren't paranoid, then you just don't understand :-) Further, it might be prudent to temper our confidence with the knowledge that no security is without holes. And the MF holds the crown jewels of the company and more. Extra layers of security are easy to justify. But a 'no outbound' position speaks to the fear that folks may catch on that the MF may be the best platform by far and work would start migrating back from the tinker toy farm to the citadel. Just my $0.02 unsnip--- Hal, you're right in that no security is without holes. However, RACF, physical security and staff training and standards can make the MF security far tighter than anything we've seen on x86 based servers so far. Emphasis on SO FAR. I won't say that the MF is unbreakable, because as soon as I do, an ingenious idiot will prove me wrong. It would be very interesting to see a RACF-like product for the X86 world, but how many so-called System Administrators would be able to grasp the concepts, much less the mechanics? Rick -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
??? whats it XMASCARD Scott J Ford From: Ian S. Worthington ianworthing...@usa.net To: IBM-MAIN@bama.ua.edu Sent: Wed, April 13, 2011 5:16:07 PM Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS XMASCARD EXEC i -- Original Message -- Received: 04:12 PM COT, 04/13/2011 From: Scott Ford scott_j_f...@yahoo.com To: IBM-MAIN@bama.ua.edu Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS Ok guys, let me ask one question, btw I also working in Security now,ACF2,RACF and TSS. How many MF hackers or viruses have you seen, I have been at it 40yrs, never one .. I am not saying it wont occur, but the odds are against it based on the complexity of the environments. I have customers who dont even know their own evnviroments. Scott J Ford From: Rick Fochtman rfocht...@ync.net To: IBM-MAIN@bama.ua.edu Sent: Wed, April 13, 2011 3:58:15 PM Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS -snip Perhaps network/PC people simply can't conceive of a server being that secure/robust. Indeed, I know of a network guy who firmly believes that the MF would fail if presented with enough network traffic. To be fair, the burden of dealing with Windows security has fallen to the network folks, and, as they say, if you aren't paranoid, then you just don't understand :-) Further, it might be prudent to temper our confidence with the knowledge that no security is without holes. And the MF holds the crown jewels of the company and more. Extra layers of security are easy to justify. But a 'no outbound' position speaks to the fear that folks may catch on that the MF may be the best platform by far and work would start migrating back from the tinker toy farm to the citadel. Just my $0.02 unsnip--- Hal, you're right in that no security is without holes. However, RACF, physical security and staff training and standards can make the MF security far tighter than anything we've seen on x86 based servers so far. Emphasis on SO FAR. I won't say that the MF is unbreakable, because as soon as I do, an ingenious idiot will prove me wrong. It would be very interesting to see a RACF-like product for the X86 world, but how many so-called System Administrators would be able to grasp the concepts, much less the mechanics? Rick -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: The plural of 'virus'
Especially since I have read that Washington, Jefferson and their crew wanted to originally model the republic after the old Greek form of government. On Wed, Apr 13, 2011 at 11:08 AM, Bill Fairchild bi...@mainstar.com wrote: Latin is not dead. Many people converse in Latin around the world, especially within Vatican City. There is also a radio news broadcast in Latin: http://en.wikipedia.org/wiki/Nuntii_Latini At least one American public high school has conversational Latin classes: http://www.youtube.com/watch?v=GVBN0_UOL6I Thomas Jefferson began studying Latin and Greek when he was six years old. This was normal in the 1740s. Bill Fairchild Rocket Software -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Thomas H Puddicombe Sent: Wednesday, April 13, 2011 12:41 PM To: IBM-MAIN@bama.ua.edu Subject: Re: The plural of 'virus' Latin is a dead language It's dead as it can be First it killed the Romans And now it's killing me. Tom Puddicombe Mainframe Performance Capacity Planning CSC 71 Deerfield Rd, Meriden, CT 06450 ITIS | (860) 428-3252 | tpudd...@csc.com | www.csc.com This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. From: Gibney, Dave gib...@wsu.edu To: IBM-MAIN@bama.ua.edu Date: 04/13/2011 11:11 AM Subject: Re: The plural of 'virus' -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Shane Sent: Wednesday, April 13, 2011 5:44 AM To: IBM-MAIN@bama.ua.edu Subject: Re: The plural of 'virus' After that last effort I decided I'd better see who had trodden on Johns corns and caused him to fire up again. Dave, Dave, Dave ... That's a plan. I never had the opportunity to drop into Latin, let alone drop out. At the risk of another language lesson, c'est la vie. Next time we bump into each other in a bar this should keep us suitably entertained. Shane ... -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: The plural of 'virus'
At least one American public high school has conversational Latin classes There was a recent contest in Toronto. The T-Shirts, worn by the team of the winning high school, was inscribed with the motto: Quis est patris vobis? Sent wirelessly from my BlackBerry device on the Bell network. Envoyé sans fil par mon terminal mobile BlackBerry sur le réseau de Bell. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
That was an interesting bit of history, but the link you provided is missing a trailing letter L (shtml, not shtm) for anyone else who wants to try the link. HTH Peter -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Anne Lynn Wheeler Sent: Wednesday, April 13, 2011 4:45 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS mike.a.sch...@gmail.com (Mike Schwab) writes: Writing the SE Linux was done with a National Security Agency (No Such Agency) (NSA) research grant. http://www.nsa.gov/research/selinux/ also from long ago and far away: http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtm -- This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: IBM-MAIN Digest - 11 Apr 2011 to 12 Apr 2011 (#2011-102)
Don't ignore IE (Internet Express). More holes than a screen door! INTERNET Explorer. Sent wirelessly from my BlackBerry device on the Bell network. Envoyé sans fil par mon terminal mobile BlackBerry sur le réseau de Bell. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: IBM-MAIN Digest - 11 Apr 2011 to 12 Apr 2011 (#2011-102)
Don't ignore IE (Internet Express). More holes than a screen door! INTERNET Explorer. Internet EXPLODER! CONFIDENTIALITY/EMAIL NOTICE: The material in this transmission contains confidential and privileged information intended only for the addressee. If you are not the intended recipient, please be advised that you have received this material in error and that any forwarding, copying, printing, distribution, use or disclosure of the material is strictly prohibited. If you have received this material in error, please (i) do not read it, (ii) reply to the sender that you received the message in error, and (iii) erase or destroy the material. Emails are not secure and can be intercepted, amended, lost or destroyed, or contain viruses. You are deemed to have accepted these risks if you communicate with us by email. Thank you. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
We can connect to IBM and other known Internet websites just fine from our mainframes but some of our Intranet(s) are prohibited, like the one my PC is on. We also are not allowed remote access to our HMC(s). I can't vouch for our network people, I was just stating what they apparently consider to be security risks. These risks prevent connecting to was.exe on my PC from ISPF. On Tue, Apr 12, 2011 at 3:37 PM, Gibney, Dave gib...@wsu.edu wrote: -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Dick Bond Sent: Tuesday, April 12, 2011 3:19 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Cool Things You Can Do in z/OS That's a couple of big ifs - that's why we can't use it. Our workstation IP addresses, even if fixed (like mine - most are not), cannot be accessed from z/OS. I would think most real-world shops are that way - if not, well, they may need to hire some networking personnel to setup proper security. I am curious, why do some of the powers that be fear connecting their mainframe to the network. With proper vpn, there should be no reason to block z/OS from reaching out to users work stations. I wouldn't even insist on vpn if WSA would do SSL or SSH tunneling. And presumably much of this traffic would be on an intranet, not the wild and wooly Internet. There is no fear of virii, well maybe an application in java, but certainly not the system. Properly secured, a user can get anywhere they don't belong not matter what port or door they come in on. I'd truly hate the (IMO unneeded) extra steps to do Shopzseries or CA MSM without direct connection to IBM and CA's sites. Is there a real reason, not PHB paranoia that I'm missing? Dave Gibney Information Technology Services Washington State University -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
I meant wsa.exe On Wed, Apr 13, 2011 at 2:43 PM, Dick Bond dickbond...@gmail.com wrote: We can connect to IBM and other known Internet websites just fine from our mainframes but some of our Intranet(s) are prohibited, like the one my PC is on. We also are not allowed remote access to our HMC(s). I can't vouch for our network people, I was just stating what they apparently consider to be security risks. These risks prevent connecting to was.exe on my PC from ISPF. On Tue, Apr 12, 2011 at 3:37 PM, Gibney, Dave gib...@wsu.edu wrote: -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Dick Bond Sent: Tuesday, April 12, 2011 3:19 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Cool Things You Can Do in z/OS That's a couple of big ifs - that's why we can't use it. Our workstation IP addresses, even if fixed (like mine - most are not), cannot be accessed from z/OS. I would think most real-world shops are that way - if not, well, they may need to hire some networking personnel to setup proper security. I am curious, why do some of the powers that be fear connecting their mainframe to the network. With proper vpn, there should be no reason to block z/OS from reaching out to users work stations. I wouldn't even insist on vpn if WSA would do SSL or SSH tunneling. And presumably much of this traffic would be on an intranet, not the wild and wooly Internet. There is no fear of virii, well maybe an application in java, but certainly not the system. Properly secured, a user can get anywhere they don't belong not matter what port or door they come in on. I'd truly hate the (IMO unneeded) extra steps to do Shopzseries or CA MSM without direct connection to IBM and CA's sites. Is there a real reason, not PHB paranoia that I'm missing? Dave Gibney Information Technology Services Washington State University -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
On Wed, Apr 13, 2011 at 4:18 PM, Scott Ford scott_j_f...@yahoo.com wrote: ??? whats it XMASCARD Scott J Ford http://forums.vindy.com/read.php?1,489019,page=3 While a Student at Illinois State University in Normal, I was told they had some program hogging the 3270 terminals saying it was the Cookie Monster and when someone typed in Cookie it shut down. Guessing some sort of prank program. -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: null out MGMTCLAS
Eric, I believe that the behavior you are seeing is consistent with the designs of IDCAMS and ISMF. As far as I know, the IDCAMS ALTER command has no notation to indicate a null management class. The ISMF ALTER command is handled by PGM(DGTFAL01), which normally invokes a CLIST called DGTQAL01 to invoke IDCAMS ALTER. For example, if you specify any value for the management class except hyphen, an ISPF variable called IDCBUF will be set to 'dsname' MGMTCLAS(mc-name) The CLIST DGTQAL01 then issues: ALTER IDCBUF Specifying a hyphen for management class causes PGM DGTFAL01 to first invoke DGTFAL05, which uses SVC 26 (i.e. CAMLST/LOCATE) to update the management class to null, and then invoke the CLIST DGTQAL01, which invokes IDCAMS ALTER. In other words, a management class of hyphen is something special that ISMF offers and has implemented via a separate interface (i.e. DGTFAL05). I believe that there are at least two other possibilities: 1) Use DF/dss to COPY the dataset (to some other name) and specify NULLMGMTCLAS (or NMC). A DUMP with DELETE followed by a RESTORE with NULLMGMTCLAS (or NMC) accomplishes the same thing without requiring the dataset to be renamed. 2) An IDCAMS ALTER that specifies NEWNAME will redrive the management class ACS routine. Define a new management class called NULL. Add a WHEN clause to SELECT statement in the management class ACS routine: WHEN (MGMTCLAS EQ 'NULL') /* USER REQUESTS NO MGMT CLASS */ DO SET MGMTCLAS = '' EXIT END Specifying ALTERold-dsname NEWNAME(new-dsname) MGMTCLASS(NULL) will result in the ACS routine setting it to '' I hope some of this information helps. Alan -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Eric Gustavison Sent: Wednesday, April 13, 2011 10:42 AM To: IBM-MAIN@bama.ua.edu Subject: null out MGMTCLAS I need to run an ALTER on a number of datasets that nullifies the MANAGEMENTCLASS. I've tried IDCAMS ALTER with MGMTCLAS(), MGMTCLAS(''), MGMTCLAS(-), and a number of other combinations. Nothing seems to be allowed in batch, whereas I can specifiy a '-' in MANAGEMENTCLASS in the ISMF panels and it works just fine. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
Technically, a worm. It was an exec that if you executed it, it sent itself to everyone in your address list. Back in the days of bitnet. Tended to fill VM spool Cookie and its ilk required the prankster to physically access your logged on session. Dave Gibney Information Technology Services Washington State University -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Mike Schwab Sent: Wednesday, April 13, 2011 3:02 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS On Wed, Apr 13, 2011 at 4:18 PM, Scott Ford scott_j_f...@yahoo.com wrote: ??? whats it XMASCARD Scott J Ford http://forums.vindy.com/read.php?1,489019,page=3 While a Student at Illinois State University in Normal, I was told they had some program hogging the 3270 terminals saying it was the Cookie Monster and when someone typed in Cookie it shut down. Guessing some sort of prank program. -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
scott_j_f...@yahoo.com (Scott Ford) writes: ??? whats it XMASCARD recent post http://www.garlic.com/~lynn/2011b.html#9 mentions: there was xmas exec on bitnet in nov87 ... vmshare archive http://vm.marist.edu/~vmshare/browse?fn=CHRISTMAft=PROB and was almost exactly a year before (internet) morris worm (nov88) http://en.wikipedia.org/wiki/Morris_worm xmas exec was social engineering ... similar go some current exploits which advertise something that victim has to download and then (manually) explicitly execute (requires victim's cooperation). some additional http://www.garlic.com/~lynn/2011b.html#10 misc. past posts mentioning bitnet (/or earn) http://www.garlic.com/~lynn/subnetwork.html#bitnet which used technology similar to the corporate internal network (larger than arpanet/internet from just about the beginning until late '85 or early '86): http://www.garlic.com/~lynn/subnetwork.html#internalnet ... and http://www.garlic.com/~lynn/2011f.html#23 fix previous reference (missing trailing l): http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml in '89 there was several messages that were sent out that major internal corporate (MVS-based) administrative systems had fallen victim to a virus ... however after several iterations it was eventually announced that the systems were suffering from some bug. this selection of some internet related items/posts starts out with reference to corporate installed email gateway in fall of '82 http://www.garlic.com/~lynn/internet.htm -- virtualization experience starting Jan1968, online at home since Mar1970 -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
Well 1987 wow before the real firewalls. Security was on the inbound/outbound dial devices. Also worked VM, cut my teeth on VM/SP1 , loved VM, still do, I can how a exec would cause major pain in a VM system, no doubt. z/OS would be a bit tougher I would think, plus a pre-req would be enough knowledge to get in and be able to execute, plus passwords and ids...A lot of research and work ...just to hack a MF Scott J Ford From: Anne Lynn Wheeler l...@garlic.com To: IBM-MAIN@bama.ua.edu Sent: Wed, April 13, 2011 6:09:46 PM Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS scott_j_f...@yahoo.com (Scott Ford) writes: ??? whats it XMASCARD recent post http://www.garlic.com/~lynn/2011b.html#9 mentions: there was xmas exec on bitnet in nov87 ... vmshare archive http://vm.marist.edu/~vmshare/browse?fn=CHRISTMAft=PROB and was almost exactly a year before (internet) morris worm (nov88) http://en.wikipedia.org/wiki/Morris_worm xmas exec was social engineering ... similar go some current exploits which advertise something that victim has to download and then (manually) explicitly execute (requires victim's cooperation). some additional http://www.garlic.com/~lynn/2011b.html#10 misc. past posts mentioning bitnet (/or earn) http://www.garlic.com/~lynn/subnetwork.html#bitnet which used technology similar to the corporate internal network (larger than arpanet/internet from just about the beginning until late '85 or early '86): http://www.garlic.com/~lynn/subnetwork.html#internalnet ... and http://www.garlic.com/~lynn/2011f.html#23 fix previous reference (missing trailing l): http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml in '89 there was several messages that were sent out that major internal corporate (MVS-based) administrative systems had fallen victim to a virus ... however after several iterations it was eventually announced that the systems were suffering from some bug. this selection of some internet related items/posts starts out with reference to corporate installed email gateway in fall of '82 http://www.garlic.com/~lynn/internet.htm -- virtualization experience starting Jan1968, online at home since Mar1970 -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
they had some program hogging the 3270 terminals saying it was the Cookie Monster and when someone typed in Cookie it shut down. Guessing some sort of prank program. I was told, in University by masters grad who co-op'd as a MULTICS developer, that it was a security penetration process that was invoked, in the lab, after upgrades. Sent wirelessly from my BlackBerry device on the Bell network. Envoyé sans fil par mon terminal mobile BlackBerry sur le réseau de Bell. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: DB2 SMF Records
Oh boy, do you have some fun cut out for you! //SYSLIB DD DISP=SHR,DSN=DB2.DSN710.ADSNMACS //SYSINDD * * See DB2 Performance and Tuning Section 5.4.1.1 * *** DSNDQWST DSECT=YES,SUBTYPE=ALLType 100 DSNDQWAS DSECT=YES,SUBTYPE=ALLType 101 * *** DSNDQWSP DSECT=YES,SUBTYPE=ALLType 102 END /* Good luck! Charles -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Hal Merritt Sent: Tuesday, April 12, 2011 1:10 PM To: IBM-MAIN@bama.ua.edu Subject: DB2 SMF Records Anyone know I could find the layouts (DSECTs) of DB2 SMF records? Specifically Type 100, 101, 102 ? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Fear the Internet, was Cool Things You Can Do in z/OS
scott_j_f...@yahoo.com (Scott Ford) writes: Well 1987 wow before the real firewalls. Security was on the inbound/outbound dial devices. Also worked VM, cut my teeth on VM/SP1 , loved VM, still do, I can how a exec would cause major pain in a VM system, no doubt. z/OS would be a bit tougher I would think, plus a pre-req would be enough knowledge to get in and be able to execute, plus passwords and ids...A lot of research and work ...just to hack a MF re: http://www.garlic.com/~lynn/2011f.html#23 Fear the Internet, was Cool Things You Can Do in z/OS http://www.garlic.com/~lynn/2011f.html#24 Fear the Internet, was Cool Things You Can Do in z/OS big difference between internal network and the internet in the 80s ... was that all internal network links (that left corporate premise) had to be encrypted. could be a big pain ... especially when links crossed certain national boundaries. in the mid-80s, it was claimed that the internal network had over half of all link encryptors in the world. company also did custem encrypting PC (2400 baud) modems for corporate home terminal program. there is folklore that one high-ranking (EE graduate) executive was setting up his own installation at home. supposedly at one point he stuck his tongue in rj11 jack (to see if their was any juice ... old EE trick) ... just as the phone rang. After that there was a corporate edict that all modems made by the company had to have the jack contacts recessed sufficiently so babies (and executives) couldn't touch them with their tongue. http://en.wikipedia.org/wiki/RJ11 i had an HSDT (high-speed data transport) project and was dealing with T1 links higher speed. T1 link encryptors were really expensive ... but you could get them ... but I to start work on my own to go significantly faster. misc. past posts mentioning HSDT http://www.garlic.com/~lynn/subnetwork.html#hsdt big difference in worms/viruses (and various other exploits) and social engineering ... is that social engineering requires active participation by the victim (current flavors frequently advertise download execute things, frequently of very dubious nature; games, videos, etc). allowing users to execute arbitrary (unvetted) programs was identified as vulnerability at least back in the 70s (if not the 60s). somewhat more recent thread (with some of my comments copied from another venue) How is SSL hopelessly broken? Let us count the ways; Blunders expose huge cracks in net's trust foundation http://www.theregister.co.uk/2011/04/11/state_of_ssl_analysis/ with regard to above we had been called in to consult with small client/server startup that wanted to do payment transactions on their server, they had also invented this technology called SSL they wanted to us (the result is now frequently called electronic commerce). By the time we were finished with the deployments ... most of the (current) issues were very evident. very early in the process I had coined the term comfort certificate ... since the digital certificate actually created more problems than it solved ... in fact, in many cases, it was totally redundant and superfluous ... and existed somewhat as magic pixie dust ... lots of old posts mentioning SSL digital certificates: http://www.garlic.com/~lynn/subpubkey.html#sslcert There was two parts of SSL deployment for electronic commerce ... between the browser and webserver and between the webserver and the payment gateway ... I had absolute authority over interface deployment involving payment gateway ... but had only advisory over browser/webserver. There were a number of fundamental assumptions related to SSL for browser/webserver secure deployment ... that were almost immediately violated by merchant webservers (in large part because of the high overhead of SSL cut their throughput by 85-90%). I had mandated mutual authentication for webserver/gateway (implementation didn't exist originally) and by the time deployment was done the use of SSL digital certificates was purely a side-effect of the crypto library being used. the primary use of SSL in the world today is electronic commerce for hiding payment transaction information. The underlying problem is the transaction information is dual-use both authentication and needed by dozens of business processes in millions of of places around the world. In the X9A10 financial working group we (later) directly addressed the dual-use problem with the x9.59 financial standard (directly addressing the problem, x9.59 is significantly lighter weight than SSL as well as KISS). This eliminated the need to hide the transaction details ... also eliminates the threat from majority of data breaches (doesn't eliminate data breaches, just eliminates crooks being able to use the information for fraudulent purposes). Problem (as always) is there is significant vested interests in the current status quo. -- virtualization experience starting Jan1968, online at home since Mar1970
Re: DB2 SMF Records
In my second job as a capacity/performance, MICS wasn't ready for DB2. So, I took the manual and coded a SAS programme to parse the SMF records produced. The documentation didn't have offsets -- just type length. There were a lot of typo and offset errors before I got clean code. Also, the meanings of a lot of fields were not clear -- not to mention recording bugs! This was the first release of DB2; I can't recall if it was V1.0 or V1.1 -- I don't remember how IBM numbered them, circa 1983-84. I did the coding because we needed the information, and we were one of the first sites in Ontario (or Canada), and possibly the first in Toronto; we didn't have many contacts to ask for help. Even IBM wasn't sure of a lot, back then; we ended up as a guinea pig a few times. These days, I recomend not developing the code, yourself! Sent wirelessly from my BlackBerry device on the Bell network. Envoyé sans fil par mon terminal mobile BlackBerry sur le réseau de Bell. -Original Message- From: Charles Mills charl...@mcn.org Sender: IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu Date: Wed, 13 Apr 2011 15:48:44 To: IBM-MAIN@bama.ua.edu Reply-To: IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu Subject: Re: DB2 SMF Records Oh boy, do you have some fun cut out for you! //SYSLIB DD DISP=SHR,DSN=DB2.DSN710.ADSNMACS //SYSINDD * * See DB2 Performance and Tuning Section 5.4.1.1 * *** DSNDQWST DSECT=YES,SUBTYPE=ALLType 100 DSNDQWAS DSECT=YES,SUBTYPE=ALLType 101 * *** DSNDQWSP DSECT=YES,SUBTYPE=ALLType 102 END /* Good luck! Charles -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Hal Merritt Sent: Tuesday, April 12, 2011 1:10 PM To: IBM-MAIN@bama.ua.edu Subject: DB2 SMF Records Anyone know I could find the layouts (DSECTs) of DB2 SMF records? Specifically Type 100, 101, 102 ? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Update a service request - SR for the System z
Update a service request To utilize all of the features of SR for the System z software to which you are licensed, it is now necessary to have a System z software services contract for SoftwareXcel Enterprise Edition, SoftwareXcel Basic Edition or Resolve. Our information indicates that your ID is not associated with any of these contracts. To obtain one of these contracts, contact your local IBM representative, call 888-426-4343 or submit a request to expr...@us.ibm.com. To continue with your service request at this time, call 800-IBM-SERV and provide your existing service request number. For any other assistance, contact the SR help desk at srh...@us.ibm.com Is IBM trying to add more ammunition to those who want the z out the door ? What other ISV requires a contract to use the support portal ? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Esoterics names for DB2 V8
*Does anybody can help me about esoterics names in DB2 V8 ??? We want to make a migrate, to unit Hydra, and we are not sure, if exist this nomination for it, tests were made in previous version(V7), and failed.* ** *Answers will be welcome * ** *Best regards* ** *Jorge Arueira * *Support team * ** *www.4bears.com.br* -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Ported tools for z/OS on ADCD
Quite possibly. I'm a USS-newbie so don't know where to start looking to answer that question. Neale -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Ported tools for z/OS on ADCD
You can't answer the question without local site knowledge; no amount of USS training will help you. The dsname of the filesystem that is mounted at any mountpoint is completely up to whoever installed the software in that directory, hopefully using local dataset naming standards. The only place to start looking is you own site's product installation documentation. If you lack that (shame), maybe look for likely-named filesystems, mount them at a safe, temporary location and see what they contain. Ant. Northern Territory Govt., Australia -Original Message- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Neale Ferguson Sent: Thursday, 14 April 2011 12:37 PM To: IBM-MAIN@bama.ua.edu Subject: Re: Ported tools for z/OS on ADCD Quite possibly. I'm a USS-newbie so don't know where to start looking to answer that question. Neale -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AC (authorization code) change
On Mon, Apr 11, 2011 at 9:38 PM, Gibney, Dave gib...@wsu.edu wrote: snip As to cynical, I only need look at some of the recent neophyte questions on these lists to realize just how far some outfits are out on the limb asking with completely unprepared people to safeguard systems presumably important enough to spend what z/OS costs just to run. I was thinking the same thing. But I do know *everyone* has to start somewhere. Here's my story (note the use of past tense throughout): I was lucky as an Operator to learn what I could from a Systems Programming team that was comprised of a DASD guy, a Network guy (also the IMS guy), a CICS guy, 4 or 5 MVS guys, and 2 or 3 DBA's that installed, maintained, and administered DB2. When I was promoted into a Junior Sysprog position, through attrition (mostly) or promotion to management, that bountiful pool of knowledge no longer existed. I still learned what I could with a little off-site training, this list, Redbook examples, and whatever time (which wasn't much) I could get with the techs-turned-management. I eventually went onto to become the Senior Sysprog, leading a team that consisted of only a CICS guy and an Application Programmer come Sysprog. The DBA's still owned DB2, but it was my plan to take over installation and maintenance of the subsystems, leaving the administration rightfully to that group. I never got the chance. The system of record was moved off of the z platform, and *all* of the mainframe positions were eliminated, including mine. Of course, this does give me hope I'll find another position when I am forced to leave here after 30+ years when/if they succeed in ERP'ing the mainframe away. Problem is I suffer from jack of all trades syndrome. I rarely have freedom to fully master or complete a given area before the need in another returns to the pushdown stack of things needing done. I think I suffer from the same syndrome. I *had* to wear a lot of hats, but I enjoyed doing so. Being currently unemployed, and hindsight being what it is, maybe I should have focused on, and become more expert in, one specific area. There usually seems to be one or two requirements in the job applications I fill out where I cannot honestly state that I qualify. With some of the questions asked on this list, maybe honesty on an application doesn't mean as much anymore. I may not be a great Sysprog, but I think I'm a pretty damned good one. With 25+ years to go before retirement, I am however getting concerned about my future. I haven't contributed anything worthwhile to the original topic, but I did see an opportunity to unburden myself a bit. I didn't open the off-topic door; I just walked through it. Regards to all on this list, Steve Horein -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: TSSO help please
Hi, What version of TSSO are you using and what version of z/OS are you using it under? Did you assemble TSSO on the level of the system that you are using now? You can contact me offline if you want to discuss how to set things up correctly. Brian Westerman -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: Ported tools for z/OS on ADCD
There is no shame in not knowing how to complete the setup, especially on an ADCD system. The first thing that you have to remember is that not all ADCD releases had the complete set of ported tools, there are many parts and they are not all necessarily there for you to use yet, but the good news is that you can order them and install them in a few minutes. The first step for you is to get the ported tools for z/OS page http://www-03.ibm.com/systems/z/os/zos/features/unix/port_tools.html and get the manuals at the bottom of the page. There are actually 7 parts (or more) tot he ported tools kit, and which one you are trying to use right now will govern which manual(s) that you need. If you are at ADCD V1.10 or above, then most likely you already have everything you need to get started. Just grab the manual for the part that you want to configure and jump in. None of them take very long to set up correctly, and there are many examples in the books and on the IBM web site, as well as some nice Redbooks, but if you need additional help, feel free to contact me offline, or here and I'll do what I can. Brian -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html