I remember a hint (but only a hint) from the Logica breach. I was impressed that the hackers were able confidently to put together a binary to run on the mainframe. But they ended up completely stymied by the need to put together JCL to use it (link-edit it, maybe? Run it? I don't remember). The logs afterward show they couldn't get past the error messages about a bad JOB card, despite many attempts.
But I think I agree with you anyway. And even if we're both wrong, we all know not to count on ignorance on the part of the bad guys. --- Bob Bridges, [email protected], cell 336 382-7313 /* Love your enemies, for they tell you your faults. -attributed to Benjamin Franklin */ -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of Jay Maynard Sent: Saturday, April 23, 2022 08:52 OK, so how much of that is due to inherent differences between Windows and z/OS and how much is due to a comparative lack of knowledge and expertise in the black hat community about techniques to penetrate z/OS? I'm pretty sure it's much more the former, but the question needs asking. --- On Sat, Apr 23, 2022, 07:48 Bob Bridges <[email protected]> wrote: > I agree that careless (or ignorant) security administration can make > any box open to hackers, no matter how good the provisions made > available in the OS. But it's not the only factor. Two guys, one on > a system Z and one on a Windows box, exerting about equal care for > their security, will have vastly different outcomes, statistically > speaking. Or 500 guys and 500 guys on a thousand systems, if you prefer. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
