CNMEUNIX is the NetView Unix Command processor that allowed unauthorized access to UID(0), patched in 2012. IBM HTTP Server (DGW Base) had a security red alert back in early 2013 but, as is IBM’s prerogative, they didn’t divulge the particulars of the exposure.
Ray opened my eyes to exactly how z vulnerabilities and exploits occur. Not alleged vulnerabilities, numbers don’t lie. This is computer science, after all. Since our conversation, I haven’t viewed the z the same way. I haven’t viewed IBM-MAIN the same way. z is just as vulnerable as open systems, maybe more so with our … er … aging labor staff, years of neglect in admin practices, and the false sense of security we’ve enjoyed behind our firewalls, green screens and 370/390/z architecture. I have a presentation about the Logica hack that I’ve done at a few RUGs (RACF User Groups). The hack was technically impressive and zero-day exploit was just one of many attack vectors. https://www.rshconsulting.com/RSHpres/RSH_Consulting__Examining_Mainframe_Internet_Hack__October_2018.pdf Robyn ---- Robyn E Gilchrist Senior RACF and z/OS Technical Specialist RSH Consulting, Inc. 617-977-9090 www.linkedin.com/in/robyn-e-gilchrist www.rshconsulting.com -------------------------------------------------------------------------------- Upcoming RSH RACF Training - WebEx - RACF Audit & Compliance Roadmap - MAR 11-15, 2019 - RACF Level I Administration - DEC 4-7, 2018 - RACF Level II Administration - APR 1-5, 2019 - RACF Level III Admin, Audit, & Compliance - FEB 25 - MAR 1, 2019 - RACF - Securing z/OS UNIX - FEB 11-15, 2019 -------------------------------------------------------------------------------- ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
