/Ooooh! SATAN lives! Won't people fear that such a tool may be used by
those seeking vulnerabilities to exploit as well as by those seeking to
repair them?//
/
If that is the case I guess you would have to fear that tools like some of
IBM's z/Secure offerings, native RACF commands, DSMON, RACF report writer, as
well as CA's Examine (it has a new name now) among other products as
potentially being used by those seeking vulnerabilities to exploit as well.
These products can identify vulnerabilities that if disclosed would allow an
exploit to be created.
Ray Overby
Key Resources, Inc
Ensuring System Integrity for z/Series
(312) 574-0007
On 9/9/2013 9:05 AM, Paul Gilmartin wrote:
On Mon, 9 Sep 2013 08:47:20 -0500, Ray Overby wrote:
There is a software product called z/Assure Vulnerability Analysis
Product that will allow a z/OS installation to identify
exposures/vulnerabilities in IBM, ISV, and installation written code.
All of them?
With this software product you can systematically check to see if an
exposure has been introduced with maintenance or a new release.
Ooooh! SATAN lives! Won't people fear that such a tool may be used
by those seeking vulnerabilities to exploit as well as by those seeking
to repair them?
-- gil
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
