Seymour J Metz wrote: >Yes, there have been and are far too many incompetent auditor, but there are >good auditors and a good auditor is your friend.
Indeed. I still wish I have a good auditor like the one who introduced me to Beta88, Vanguard and Consul (now zSecure) many years ago. With his help, we developed some standard audit reports which we now e-mail daily/weekly/monthly to our clients. The current auditors are using an old microsoft type penetration test and "discovered" many "holes" in our z/OS systems. They recommended to our top brass that we apply microsoft patches to remedy the "findings" on z/Os. They, for example, don't understand that my LDAP server is NOT listening on the default port 389. They also don't understand that the TCP/IP stack simply rejects any usage of port 389 saying no application is listening at all on that port. Our network is secure enough that the network staff have to open one port temporarily so they can do their penetration test... go figure. While these auditors use a check-list for ticking-it-off, we like them because they are up to date to the latest vulnerabilities discovered. Without auditors, we would never know what exposures are there. Shmuel, as you always say - there are two sides. Thanks for your note. Ok, enough topic drift... ;-) Groete / Greetings Elardus Engelbrecht ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
