there are so many other alternatives to ddos by wide user revoke. even if you do not install the ptf, the attacker can use the pcomm (or whatsoever is in use) API to perform same type of attack.
ITschak On Tue, Jan 21, 2020 at 6:32 PM Seymour J Metz <sme...@gmu.edu> wrote: > That opens the way to a denial of service attack; someone can write a > script to cause revocation of a long list of userids. > > > -- > Shmuel (Seymour J.) Metz > http://mason.gmu.edu/~smetz3 > > > ________________________________________ > From: IBM Mainframe Discussion List <IBM-MAIN@LISTSERV.UA.EDU> on behalf > of Barbara Nitz <nitz-...@gmx.net> > Sent: Tuesday, January 21, 2020 2:14 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: IBM AOAR O44855 > > >Is anyone using this feature > https://www-01.ibm.com/support/docview.wss?uid=isg1OA44855 > > I implemented TSO PrePrompt when I was RACF Admin. If someone is > attempting to hack into the mainframe using userid/password, I didn't want > them to know if their userid was wrong or their password. > After x invalid combinations (x is whatever your amount of allowed invalid > passwords is before revoking you) the userid gets revoked, as before. > > It threw off the session manager we used to use back then, and it threw > off a screenscraper that the compliance department uses > (screenscraper=shudder). Both got around it. > > Barbara > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > -- ITschak Mugzach *|** IronSphere Platform* *|* *Information Security Contiguous Monitoring for Legacy **| * ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
