If you think about it the hacking was on the PC. I use of a exposed userid from the PC is the error.
Regards Otto H Schumacher Transaction and Database Systems - CICS Specialist U. S. Mainframe HP Enterprise Services Telephone +1 864 987 1417 MobileĀ +1 864 569 5338 Email otto.schumac...@hp.com -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Mike Schwab Sent: Saturday, May 18, 2013 6:30 PM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Rather interesting article on "hacking the mainframe" using ftp On Sat, May 18, 2013 at 5:15 PM, John McKown <john.archie.mck...@gmail.com> wrote: > OK, this is more like an authorized system user doing something beyond > what they are really supposed to. The real crack would be unauthorized > use of a valid id & password/passphrase/cert. > > I still thought it was interesting. > I know of one case. A keylogger was installed on a PC with a 3270 emulator. The captured the userid and password and was able to ftp away a mainframe file of few hundred hospital patients. -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
