Re: Malicious Software Protection

Tue, 27 Mar 2012 15:26:58 -0700 

Yes, and no.
Yes, any virus scanner provide some security (at least neutral, usually positive). No, because such virus cannot occur (pop up) on the mainframe, mainframe cannot be infected (I think we agree with that). So, some other system had to send it to mainframe previously; mainframe only forwarded it further. DON'T KILL MESSENGER ;-) So, the sending (to mainframe) system should be responsible for virus scanning, otherwise ...mainframe is also not responsible ;-) 


And, IHMO, sending data outside has no meaning here. All data should be 
virus-free, otherwise we talk about toys, not serious business systems.
Does it mean that everything and everywhere should be virus-scanned? NO, 
it would be senseless.

--
Radoslaw Skorupka
Lodz, Poland




W dniu 2012-03-27 21:46, Thomas Kern pisze:

I must disagree with your second argument. If your mainframe does not provide 
data to
anyone outside of your control, then okay. But if you deliver data to outsider, 
the public
in particular, I feel you have a duty to make sure that the data you provide 
does not
include a virus that might affect their system even if it cannot affect your 
mainframe. A
mainframe webserver delivering windows viruses (virusi?) to the public does not 
help our
reputations.

Even though we have an anti-virus program running on every workstation in our 
agency, I
still do not trust all of the files these people upload to my mainframe (or 
linux/x86)
server for distribution to outsiders. I want to scan all of these files ONE 
MORE TIME
before making them available. I would prefer to do this on an x86 server than 
spend
mainframe cycles.

Similar precautions should be applied to files received from the outside world. 
No one
should get to them before they get scanned. All failures in the scan need to be 
further
quarantined until a security (anti-virus) expert looks at the files.

/Thomas Kern
/on contract to
/U.S. Dept of Energy
/301-903-2211 (Office)
/301-905-6427 (Mobile)

On 3/27/2012 14:25, R.S. wrote:

W dniu 2012-03-27 17:06, Greg Dorner pisze:

Dear IBM-MAINers,

Our auditors are insisting that we install a product that protects against 
malicious
software (viruses, worms, trojans, etc.).

Does anyone know of a product that does this? I heard that McAfee is coming out 
with a
z/OS product "later this year", but I called them and they had no idea what I 
was
talking about.

z/OS, with proper security controls (and believe me - we have LOTS!) should not 
have to
worry about such things, at least that's what I've always heard.

Any input on this topic would be GREATLY appreciated!!


This is NOT mainframe problem.

Indeed, you have problem with uneducated auditors. Maybe stupid ones.
Your problem is how to prove that requirement is both stupid and impossible to 
fulfill.


We can provide you some arguments, like
- there are no such products
- there are no viruses, trojans or other malware for z/OS and it have never 
been last 47
years. (I said 'z/OS', so the only VM worm does not count)
- no mainframe installation use such product
- you have RACF *SECURITY SERVER* (or TS or ACF2)




----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN




--
Tre tej wiadomoci moe zawiera informacje prawnie chronione Banku 
przeznaczone wycznie do uytku subowego adresata. Odbiorc moe by jedynie 
jej adresat z wyczeniem dostpu osób trzecich. Jeeli nie jeste adresatem 
niniejszej wiadomoci lub pracownikiem upowanionym do jej przekazania 
adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie, rozprowadzanie 
lub inne dziaanie o podobnym charakterze jest prawnie zabronione i moe by 
karalne. Jeeli otrzymae t wiadomo omykowo, prosimy niezwocznie 
zawiadomi nadawc wysyajc odpowied oraz trwale usun t wiadomo 
wczajc w to wszelkie jej kopie wydrukowane lub zapisane na dysku.


This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorised to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive. 


BRE Bank SA, 00-950 Warszawa, ul. Senatorska 18, tel. +48 (22) 829 00 00, fax 
+48 (22) 829 00 33, www.brebank.pl, e-mail: [email protected]

Sd Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego Rejestru Sdowego, nr rejestru przedsibiorców KRS 0000025237, NIP: 526-021-50-88. 
Wedug stanu na dzie 01.01.2012 r. kapita zakadowy BRE Banku SA (w caoci wpacony) wynosi 168.410.984 zotych.


----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN























					Reply via email to