Honestly, the same applies to any ubiquitous network access to services like z/OSMF via https or 3270 access via TN3270 to TSO or other host services as examples. I don’t believe FTP is the singular attack vector for this kind of malicious activity.
-- Matt Hogstrom “To achieve great things two things are needed: a plan, and not quite enough time.” - Leonard Bernstein > On Sep 26, 2024, at 12:00, Joel Ewing > <[email protected]> wrote: > > Any attacker with access to FTP on zOS who knows valid zOS userids can > quickly attempt logins on all of them with a small number of bad passwords > and disable logins to those userids by their valid users. Obviously not good > for critical userids. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
