I am not a TCP stack expert nor a DoS expert but I don't think of encryption and DoS as having much to do with each other.
DoS of course = denial of service, which is a large basket. I think it sometimes means any sort of "bring the system down or make it ineffective" attack, but usually I think it refers to repeatedly starting a TCP session and not completing it so as to tie up resources and make real connections impossible. https://en.wikipedia.org/wiki/Denial-of-service_attack I believe the z/OS stack used to be quite vulnerable, relying on perimeter devices to protect it, but I think that is no longer true. I think Pagent may be relevant, and perhaps AT/TLS, but not encryption per se. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of scott Ford Sent: Saturday, July 15, 2017 8:20 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: Running unsupported is dangerous was Re: AW: Re: LE strikes again As a vendor i have been receiving questions about DoS attacks on z/OS .. I understand the idea / concept of perimeter defense , i was a Network Engineer in a pass life. But from a application point of view, if the application is using AT/TLS and there are Pagent protection policies for PORTS/IP addresses and the application is using encryption, where's the risk ??? ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
