Logon to TSO is an SNA session and not a (direct) IP connection. It may or may not be from a tn3270 connection. If it is tn3270 the IP connection may well be to another system and via a multi-session tool like TPX, Supersession, Tubes, Multsess etc. where is the IP address and on which system?
As well as NAT many sites have a thin client with tn3270 on Citrix. Makes any attempt to deal with DoS or userid/password misuse on the TSO system by blocking an IP address futile and probably likely to block genuine users in many configurations. Mike Wawiorko Please consider the environment before printing this e-mail -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Elardus Engelbrecht Sent: 05 January 2015 16:12 To: [email protected] Subject: Re: CANCEL TSO Logon? John McKown wrote: ... >all the tries were from a specific IP address (perhaps tied to one or more LU >names), then do a "deny all" in the firewall to any attempt for that IP to >connect to the system. Not if that IP address is NATted, ie shared by a VPN. We have some user groups who are using a shared IP address (NATted) on some router. ... then things are getting interesting ... (trying to get the co-operation of the owner of that router hosting that NATted address to resolve that errant logon attempt) >Too bad, IMO, the z/OS firewall is _nowhere_ near as easy to use as my Linux >firewall. True. Hmmm, will IBM hear you? Groete / Greetings Elardus Engelbrecht ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN This e-mail and any attachments are confidential and intended solely for the addressee and may also be privileged or exempt from disclosure under applicable law. If you are not the addressee, or have received this e-mail in error, please notify the sender immediately, delete it from your system and do not copy, disclose or otherwise act upon any part of this e-mail or its attachments. Internet communications are not guaranteed to be secure or virus-free. The Barclays Group does not accept responsibility for any loss arising from unauthorised access to, or interference with, any Internet communications by any third party, or from the transmission of any viruses. Replies to this e-mail may be monitored by the Barclays Group for operational or business reasons. Any opinion or other information in this e-mail or its attachments that does not relate to the business of the Barclays Group is personal to the sender and is not given or endorsed by the Barclays Group. Barclays Bank PLC. Registered in England and Wales (registered no. 1026167). Registered Office: 1 Churchill Place, London, E14 5HP, United Kingdom. Barclays Bank PLC is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority (Financial Services Register No. 122702). ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
