Lets step through this logically: TN3270 .... 1. Must have RACF/ACF2/TSS userid/lid/acid 2. Must have a valid password 3. Must have valid IP address 4. Must have valid port 5. Must have Firewall rule for #3 and #4 ... Other issues: How many firewalls ? How is the network architected ? This is just a favor ..FTP the same
Scott J Ford Software Engineer http://www.identityforge.com ________________________________ From: Skip Robinson <jo.skip.robin...@sce.com> To: IBM-MAIN@bama.ua.edu Sent: Tuesday, March 27, 2012 1:37 PM Subject: Re: Malicious Software Protection We're all pretty sanguine about our mainframe invulnerability. But we should not overlook how one of our most valuable protections can be turned against us. We all have some limit set for logon attempts. If an invalid password is entered too many times, the userid gets suspended--or referred to the OS console for verification. A malicious rascal (any other kind?) can disable a really important userid in this way. Of course the person has to get into the network first and must know the userid to target, but beyond that no special authority is required. Even console referral would be disruptive to normal production. . . JO.Skip Robinson SCE Infrastructure Technology Services Electric Dragon Team Paddler SHARE MVS Program Co-Manager 626-302-7535 Office 323-715-0595 Mobile jo.skip.robin...@sce.com From: Steve Comstock <st...@trainersfriend.com> To: IBM-MAIN@bama.ua.edu Date: 03/27/2012 10:22 AM Subject: Re: Malicious Software Protection Sent by: IBM Mainframe Discussion List <IBM-MAIN@bama.ua.edu> On 3/27/2012 10:46 AM, Greg Dorner wrote: > Thank you, Elardus for your verbosity. > > > - you can replace/fire those auditors as mentioned earlier in this thread > > - As Ted MacNeil insists, the auditors only RECOMMENDS, it is your > management who can APPLY those recommendations. > > Unfortunately, we have no say with these auditors. They are working on > behalf of the Feds, and if we don't comply we can lose billions of $$ in federal contracts. > > The beauty of this is, someone from my company contacted the person at PWC that made this claim that MCAFEE is coming out with a product, and he backtracked, saying he may have been thinking of Mac OS. MAC OS??? > > They just took a big chuck of our company offline for several hours to research this phantom. Wow. And did they reprimand this doofus in any way? Slap on the wrist? Letter in his personnel file? More likely he got commended for being concerned about company security, even though he had no idea what he was talking about. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN