Sorry, I missed the footnote: [1] I have discovered that, whenever there is a claim that SNA has been hacked, it turns out to be that SNA was using IP and it was IP that was hacked.
Chris Mason Mon, 20 Jul 2009 09:00:21 -0500, Chris Mason <[email protected]> wrote: >To all who have been complaining that misusing the abbreviation USS is >perfectly justified > >USS is ambiguous as here amply demonstrated - even when the context is not >the Communications Server TN3270 Server. > >Thus, ladies and gentlemen of the list, please do us all the favour of >referring >to UNIX System Services as UNIX System Services just as the UNIX System >Services manuals do and poor list subscribers need never be confused by your >misuse ever again! > >And, you'll note, the correct use deceived two erudite contributors who also >just assumed the misuse until wiser counsel intervened. > >In case the revised title is puzzling, one of the complainants who considers it >fashionable to dismiss insisting that USS should not be misused recently went >out of his way to say that he was misusing USS and accused those who insist >that it is misused as "anal". See a post in the thread "IBM error messages >getting worse?" last Wednesday. > >- > >Howard > >The USS to which Mary Anne is referring is the original true USS, namely >VTAM's Unformatted System Services, *not* the usurping UNIX System >Services which principally the anti-SNA bigots have delighted in abbreviating >as USS. In the past the protests about my pointing this out became so >extensive that, in order not to cause too much outrage in the list, I vowed >only to point out the possible ambiguity in the case where 3270 TELNET was >the topic under discussion. This actually came up very recently and so I >gingerly poked my head above the ramparts in order quietly to mention the >matter at the end of a substantial post. Until now, I was trembling in >anticipation of some verbal missiles to pipe down already - still waiting for >more references to anality when the bigot involved had managed to calm >himself sufficiently to go into print - just in case he was actually following >the >relevant thread. > >It seems I should have been and be somewhat bolder in denouncing the >misuse of USS. > >So - having got that out of my system - the point Mary Anne was making is >that the hacker managed to connect into the SNA network - probably by >means of 3270 TELNET or just possibly by getting in via DLSw[1]. At that >point the terminal or emulated terminal, most probably a 3270 display, shows >Unformatted System Services (USS) message 10. USS message 10 probably >presents a hint of the available applications which can be accessed simply by >keying in the mentioned names. All the hacker has to do is to try to access >the presented applications. Ideally, the application would have a sign-on but >that's up to the systems programmer who set up the application. It seems the >CICS system in question did not have such protection. > >Incidentally, what would a UNIX System Services "screen" be? You can see >from the above that an USS "screen" is easily understood to be a VTAM >Unformatted System Services message 10 - so perhaps it wasn't all that >ambiguous in this case - but misuse of USS is still a trap for the unwary! > >- > >Chris Mason > >On Mon, 20 Jul 2009 05:36:28 -0700, Howard Rifkind ><[email protected]> wrote: > >>Interesting, I didn't think that back in '93 MVS 4.3 had a USS piece. >> >>Or was it OS390 R1 or something like that. >> >>--- On Sun, 7/19/09, Mary Anne Matyaz <[email protected]> >wrote: >> >>> From: Mary Anne Matyaz <[email protected]> >>> Subject: Re: Mainframe hacking >>> To: [email protected] >>> Date: Sunday, July 19, 2009, 10:07 PM >>> I had one once, circa 1992-1993. It >>> was at a university, which at the time >>> were notoriously open, at least as far as TCPIP and a >>> firewall. Someone got >>> the uss screen, was able to get into the production CICS, >>> and the CECI >>> command was not protected, so they were able to shut the >>> CICS down. The hack >>> came from Brazil somewhere. Bank of Brazil maybe? >>> >>> Mary Anne >>> >>> On Sun, Jul 19, 2009 at 5:47 PM, P S <[email protected]> >>> wrote: >>> >>> > Does anyone here recall any published news articles or >>> incidents >>> > involving mainframe hacking (any flavor of VM, VSE or >>> MVS)? Do you >>> > personally know of any incidents? >>> > >>> > Or have any such been kept on the QT? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
