In
off34f5878.7b2e46e0-on86257881.004e0601-86257881.004e3...@us.ibm.com,
on 04/29/2011
at 09:14 AM, Wayne Driscoll wdri...@us.ibm.com said:
The setfacl command is supported on most recent linux distributions
with SELinux disabled.
Thanks. I saw a reference to the provenance of ACL's in Linux
Shmuel,
The setfacl command is supported on most recent linux distributions with
SELinux disabled.
===
Wayne Driscoll
OMEGAMON DB2 L3 Support/Development
wdrisco(AT)us.ibm.com
===
From:
Shmuel Metz
In BANLkTin=a+q_yfnlig2+fyzfukyrnfw...@mail.gmail.com, on 04/13/2011
at 05:02 PM, Mike Schwab mike.a.sch...@gmail.com said:
While a Student at Illinois State University in Normal, I was told
they had some program hogging the 3270 terminals saying it was the
Cookie Monster and when someone
In a6b9336cdb62bb46b9f8708e686a7ea005d9901...@nrhmms8p02.uicnrh.dom,
on 04/25/2011
at 01:46 PM, McKown, John john.mck...@healthmarkets.com said:
I may have misunderstood. I do find it confusing. But ACLs (Access
Control Lists) work even if you don't have SELinux working. I use
them all the
In a6b9336cdb62bb46b9f8708e686a7ea005d9901...@nrhmms8p02.uicnrh.dom,
on 04/13/2011
at 03:18 PM, McKown, John john.mck...@healthmarkets.com said:
Try running Linux with the SELinux enhancements fully implemented.
That makes Linux very difficult (to me) to break. SELinux implements
MAC controls
In 939527.18083...@web65513.mail.ac4.yahoo.com, on 04/13/2011
at 02:11 PM, Scott Ford scott_j_f...@yahoo.com said:
How many MF hackers (sic) or viruses have you seen,
Several[1]. I was one[2].
I have been at it 40yrs, never one
You've never seen a printed report of one, or just never seen
-Original Message-
From: IBM Mainframe Discussion List
[mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Shmuel Metz (Seymour J.)
Sent: Monday, April 25, 2011 12:54 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS
In
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of Rick Fochtman
-snip-
---
Perhaps network/PC people simply can't conceive of a server being
that secure/robust. Indeed, I know
of a network
...from the tinker toy farm to the citadel. love that statement.
I seem to recall a simliar saying from a while back along the lines of...
PC Users drive sports Cars, Mainframe users drive a freight train!
Convey's nicely the difference!
Lionel
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of Lionel Teed
...from the tinker toy farm to the citadel. love that statement.
I seem to recall a simliar saying from a while back along the lines
of...
PC Users drive sports Cars, Mainframe users drive a
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of Gibney, Dave
That's a couple of big ifs - that's why we can't use it. Our
workstation IP
addresses, even if fixed (like mine - most are not), cannot be
accessed from
z/OS. I would think most real-world shops
From personal experience here: Our z/OS network person campaigned for no
outbound connections (other than whitelisted) because he knows that the
majority of the corporate information resides on the z/OS system. So he felt
this was a good security thing. But then we allow anybody to do an ftp
Some might argue that a LAN cannot be considered 'secure' if there is a Windows
box anywhere in the path :-)
As near as I can tell, PCI does not currently require encryption on internal
LANs. However, I've read about internal networks being penetrated and
compromised, so I wonder if that the
JC that was a good question, I was a network guy in a past life, I think some
of
the fear is not justified if the companies have the right firewalls in place.
I worked a place that had 3 firewalls to separate companies, etc. This was a
maintenance nightmare. But this issue was of poor design.
Perhaps network/PC people simply can't conceive of a server being that
secure/robust. Indeed, I know of a network guy who firmly believes that the MF
would fail if presented with enough network traffic.
To be fair, the burden of dealing with Windows security has fallen to the
network
-snip
Perhaps network/PC people simply can't conceive of a server being that secure/robust. Indeed, I know of a network guy who firmly believes that the MF would fail if presented with enough network traffic.
To
-Original Message-
From: IBM Mainframe Discussion List
[mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Rick Fochtman
Sent: Wednesday, April 13, 2011 2:58 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS
snip
Hal, you're right in that no
On Wed, Apr 13, 2011 at 3:18 PM, McKown, John
john.mck...@healthmarkets.com wrote:
Try running Linux with the SELinux enhancements fully implemented. That makes
Linux very difficult (to me) to break. SELinux implements MAC controls
instead of DAC controls. And it can even make it impossible
-Original Message-
From: IBM Mainframe Discussion List
[mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Mike Schwab
Sent: Wednesday, April 13, 2011 3:25 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS
snip
Writing the SE Linux was done
mike.a.sch...@gmail.com (Mike Schwab) writes:
Writing the SE Linux was done with a National Security Agency (No Such
Agency) (NSA) research grant.
http://www.nsa.gov/research/selinux/
also from long ago and far away:
http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtm
--
Ok guys, let me ask one question, btw I also working in Security now,ACF2,RACF
and TSS. How many MF hackers or viruses have you seen, I have been at it
40yrs,
never one .. I am not saying it wont occur, but the odds are against it based
on
the complexity of the environments. I have customers
XMASCARD EXEC
i
-- Original Message --
Received: 04:12 PM COT, 04/13/2011
From: Scott Ford scott_j_f...@yahoo.com
To: IBM-MAIN@bama.ua.edu
Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS
Ok guys, let me ask one question, btw I also working in Security
now,ACF2,RACF
??? whats it XMASCARD
Scott J Ford
From: Ian S. Worthington ianworthing...@usa.net
To: IBM-MAIN@bama.ua.edu
Sent: Wed, April 13, 2011 5:16:07 PM
Subject: Re: Fear the Internet, was Cool Things You Can Do in z/OS
XMASCARD EXEC
i
--
That was an interesting bit of history, but the link you provided is missing a
trailing letter L (shtml, not shtm) for anyone else who wants to try the link.
HTH
Peter
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On
Behalf Of Anne Lynn
We can connect to IBM and other known Internet websites just fine from our
mainframes but some of our Intranet(s) are prohibited, like the one my PC is
on. We also are not allowed remote access to our HMC(s). I can't vouch
for our network people, I was just stating what they apparently consider
I meant wsa.exe
On Wed, Apr 13, 2011 at 2:43 PM, Dick Bond dickbond...@gmail.com wrote:
We can connect to IBM and other known Internet websites just fine from our
mainframes but some of our Intranet(s) are prohibited, like the one my PC is
on. We also are not allowed remote access to our
On Wed, Apr 13, 2011 at 4:18 PM, Scott Ford scott_j_f...@yahoo.com wrote:
??? whats it XMASCARD
Scott J Ford
http://forums.vindy.com/read.php?1,489019,page=3
While a Student at Illinois State University in Normal, I was told
they had some program hogging the 3270 terminals
Technically, a worm. It was an exec that if you executed it, it sent
itself to everyone in your address list. Back in the days of bitnet.
Tended to fill VM spool
Cookie and its ilk required the prankster to physically access your
logged on session.
Dave Gibney
Information Technology Services
scott_j_f...@yahoo.com (Scott Ford) writes:
??? whats it XMASCARD
recent post
http://www.garlic.com/~lynn/2011b.html#9
mentions:
there was xmas exec on bitnet in nov87 ... vmshare archive
http://vm.marist.edu/~vmshare/browse?fn=CHRISTMAft=PROB
and was almost exactly a year
Well 1987 wow before the real firewalls. Security was on the inbound/outbound
dial devices. Also worked VM, cut my teeth on VM/SP1
, loved VM, still do, I can how a exec would cause major pain in a VM system,
no
doubt. z/OS would be a bit tougher I would think, plus a pre-req would be
enough
they had some program hogging the 3270 terminals saying it was the Cookie
Monster and when someone typed in Cookie it shut down.
Guessing some sort of prank program.
I was told, in University by masters grad who co-op'd as a MULTICS developer,
that it was a security penetration process that was
scott_j_f...@yahoo.com (Scott Ford) writes:
Well 1987 wow before the real firewalls. Security was on the inbound/outbound
dial devices. Also worked VM, cut my teeth on VM/SP1
, loved VM, still do, I can how a exec would cause major pain in a VM system,
no
doubt. z/OS would be a bit tougher
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On
Behalf Of Dick Bond
Sent: Tuesday, April 12, 2011 3:19 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Cool Things You Can Do in z/OS
That's a couple of big ifs - that's why we can't use it. Our
33 matches
Mail list logo