On 14 Oct 2010 05:56:48 -0700, in bit.listserv.ibm-main you wrote: >I didn't see anyone explicitly mention "social engineering". IMO this may be >an easier way to get a not-very-technical user's id, but then you are back to >how to hack with a "normal" user TSO account. But if a system guy gave out a >password for an reason then, well, you know. > >What about digging through the trash? Dropping some USB sticks around with >interesting programs on them? > >A few people mentioned some few months back how to get a program authorized >from a non-authorized library (or something like that), but nobody gave any >details. > >For sure no script kiddies should ever get in, and if they did they wouldn't >know what to do.
Someone who understands WebSphere/Eclipse/etc. might be able to get information they shouldn't. What vulnerabilities are set up by use of ziip and zap? My vague understanding is that use of either involves running in SRB mode but I admit I am out of my depth. > >One thing I didn't see in this thread, was what is the purpose of this >hacking. What is to be gained? Sensitive information would be one thing I >can think of. Think like a criminal out to make money. Then think banks, on-line order sites, etc. > >Lindy > Clark Morris ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
