R. Skorupka kindly wrote:
The same reasons can be used in Windows or Unix (Linux) world. But we know
many cases documented. What's the reason?
Good question! Perhaps platform inherent weakness? Anyone got a better answer?
Why we don't know any virus for z/OS? Is the security by obscurity so
W dniu 2012-04-03 13:22, Elardus Engelbrecht pisze:
[...]
[1] - Bypass APF, bypass RACF, ignoring change managament processes,
use bribery, do copies from your sandbox into your production, use
FTP, capture data with keystroke logger + screen scrapers, etc.
Don't put into one basket so
W dniu 2012-04-02 03:37, Steve Comstock pisze:
On 4/1/2012 8:35 AM, Shmuel Metz (Seymour J.) wrote:
Inpc9fn7thogvhoe33n5845q2uucmg5uk...@4ax.com, on 03/31/2012
at 09:57 PM, Clark Morriscfmpub...@ns.sympatico.ca said:
Java on the server side is effectively executable code.
Yes, Java,
In 4f7902ef.4090...@trainersfriend.com, on 04/01/2012
at 07:37 PM, Steve Comstock st...@trainersfriend.com said:
Hmmm. Do you know of any browsers that run under z/OS?
Text oriented.
OTOH, maybe 'user agent' would work in that context.
Assuming that it executed, e.g., Java, JavaScript, PDF
On Apr 2, 2012, at 10:46 AM, R.S. r.skoru...@bremultibank.com.pl wrote:
The same with unauthorized code - maybe the system is not bulletproof, but we
have no documented case of such flaw.
Sorry, but you are totally wrong there. Absence of publicized cases does not
imply absence of
W dniu 2012-04-02 18:35, Chris Craddock pisze:
On Apr 2, 2012, at 10:46 AM, R.S.R.Skorupka@can-you-snip-it?.PL
wrote:
The same with unauthorized code - maybe the system is not
bulletproof, but we have no documented case of such flaw.
Sorry, but you are totally wrong there.
You
While z/OS is probably immune to executables being introduced from
outside, how vulnerable is
This really isn't a safe assumption, so all of the subsequent questions are
kind of irrelevant. Yes, it is possible to configure a z/OS system so that it
is extremely difficult to break into, but
On Sat, 31 Mar 2012 21:57:03 -0300, Clark Morris wrote:
While z/OS is probably immune to executables being introduced from
outside, how vulnerable is a web server to outside attack (Apache,
Websphere, etc.)? Java on the server side is effectively executable
code. If dynamic SQL is allowed, I
In pc9fn7thogvhoe33n5845q2uucmg5uk...@4ax.com, on 03/31/2012
at 09:57 PM, Clark Morris cfmpub...@ns.sympatico.ca said:
Java on the server side is effectively executable code.
Yes, Java, Javascript and PDF are code, but a web browser does not
give code to a web server. OTOH, a web server can
On 4/1/2012 8:35 AM, Shmuel Metz (Seymour J.) wrote:
Inpc9fn7thogvhoe33n5845q2uucmg5uk...@4ax.com, on 03/31/2012
at 09:57 PM, Clark Morriscfmpub...@ns.sympatico.ca said:
Java on the server side is effectively executable code.
Yes, Java, Javascript and PDF are code, but a web browser
not require
machine language executable code.
Clark Morris
Bill Fairchild
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of
Greg Dorner
Sent: Tuesday, March 27, 2012 11:38 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software
On Thu, 29 Mar 2012 23:12:00 -0400, Shmuel Metz (Seymour J.)
shmuel+ibm-m...@patriot.net wrote:
. . .
There are zillions of ways to hack a zOS system.
Perhaps, but the ones that you describe are due to insider negligence,
not to flaws in z/OS itself.
Since I am not a lawyer, it matters little
R.S. wrote:
W dniu 2012-03-28 23:39, Paul Gilmartin pisze:
On Wed, 28 Mar 2012 23:13:58 +0200, R.S. wrote:
The problem is we don't believe. :-)
It's easy. Bribe the sysadmin. (FSVO access.)
That's what I always mention. Bribe or blackmail. The last one is much more
efficient IMHO, but both
Of Paul Gilmartin
Sent: Wednesday, March 28, 2012 4:39 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
On Wed, 28 Mar 2012 23:13:58 +0200, R.S. wrote:
The problem is we don't believe. :-)
It's easy. Bribe the sysadmin. (FSVO access.)
W dniu 2012-03-28 22:45, Ray
On Mar 28, 2012, at 4:13 PM, R.S. r.skoru...@bremultibank.com.pl wrote:
The problem is we don't believe. :-)
W dniu 2012-03-28 22:45, Ray Overby pisze:
Yes, I believe I have a way to attack a mainframe system where I don't
have access.
Then would you believe me?
In the days before
I wish listservers had a like button similar to Facebook and such. I would
like this comment.
Steve
On Wed, 28 Mar 2012 07:33:44 -0500, McKown, John
john.mck...@healthmarkets.com wrote:
Of course not! Most auditors that I've had the misfortune to interact with
directly are like politicians.
On Thu, 29 Mar 2012 07:41:20 -0500, Steve Dover wrote:
I wish listservers had a like button similar to Facebook
and such. I would like this comment.
I don't. And I wouldn't. Every time you visit a page with
a Facebook like, your movements are tracked. For more
information about this, see
W dniu 2012-03-29 14:19, Chris Craddock pisze:
On Mar 28, 2012, at 4:13 PM, R.S.r.skoru...@n.com.pl wrote:
The problem is we don't believe. :-)
W dniu 2012-03-28 22:45, Ray Overby pisze:
Yes, I believe I have a way to attack a mainframe system where I don't
have access.
Then would you
Shmuel Metz (Seymour J.) wrote:
Nonsense. OS/360 was a swiss cheese.
07F0
0A0C
BCR 15,0? Was serialization required?
Bob
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to
some
more. I haven't tried it yet on my z/OS system. Don't have time.
Bill
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of
Bob Rutledge
Sent: Wednesday, March 28, 2012 2:01 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software
Mainframe Discussion List
[mailto:IBM-MAIN@bama.ua.edu] On Behalf Of Bill Fairchild
Sent: Thursday, March 29, 2012 11:16 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
I believe Shmuel meant 05F0 instead of 07F0.
Disassembled, it would read
BALR R15,0
SVC
In 6703125624441206.wa.paulgboulderaim@bama.ua.edu, on
03/28/2012
at 04:39 PM, Paul Gilmartin paulgboul...@aim.com said:
It's easy. Bribe the sysadmin. (FSVO access.)
After I tell my security officer[1] and he sets up the sting with the
authorities, do I get to get the bribe? If not, do
In 2417378497678577.wa.woodagozemail.com...@bama.ua.edu, on
03/28/2012
at 02:37 PM, Andy Wood woo...@ozemail.com.au said:
The problems were usually coding errors of the nature of the R13 STM
as described by Ray, however there were even deliberate backdoors.
Those are defects[1] in the
In 4f736006.7070...@ix.netcom.com, on 03/28/2012
at 03:01 PM, Bob Rutledge deerh...@ix.netcom.com said:
BCR 15,0?
Typo. That should have been
BALR R15,0
SVC 12
They say that the mind is the second thing to go.
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
ISO
In 4f748727.1020...@bremultibank.com.pl, on 03/29/2012
at 06:00 PM, R.S. r.skoru...@bremultibank.com.pl said:
BTW: all the stories like I could tell you if I could, but I
couldn't sounds like urban legends. I'm sorry, but in such case
I prefer knowledge over belief.
I reported one of those,
In
77142d37c0c3c34da0d7b1da7d7ca3485...@nwt-s-mbx1.rocketsoftware.com,
on 03/29/2012
at 04:16 PM, Bill Fairchild bfairch...@rocketsoftware.com said:
I believe Shmuel meant 05F0 instead of 07F0.
Yes. Also, I didn't mention that the 05F0 is not necessary if the
0A90C is at the entry
a bHi list,
There are zillions of ways to hack a zOS system. I do agree that when
everything is secured, it is not possible by the very nature of zOS, On the
other hand, during my 25+ years as a free lance MVS systems programmer I
never worked on a mainframe site I could not hack easily,
One of your postings reminded me of Pat Artis' statement:
The difference between a Feature and a Benefit:
A Feature is when your wife/girlfriend has large breasts.
A Benefit is when she lets you touch them.
Barry
--
For
In
CADEq6i-Sx8U8DVF2suwcFJa-Sv3pugU=_zuu6kk4siz5vas...@mail.gmail.com,
on 03/29/2012
at 09:57 PM, jan de decker jan.je...@gmail.com said:
There are zillions of ways to hack a zOS system.
Perhaps, but the ones that you describe are due to insider negligence,
not to flaws in z/OS itself.
I
just an option for additional statements/infos on that important concern:
www.fedtke.com - select english - click on IT SECURITY FORUM
best
stephen
---
Dr. Stephen Fedtke
Enterprise-IT-Security.com
Seestrasse 3a
CH-6300 Zug
Switzerland
Tel. ++41-(0)41-710-4005
www.enterprise-it-security.com
Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of
Anne Lynn Wheeler
Sent: Wednesday, 28 March 2012 2:21 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
scott_j_f...@yahoo.com (Scott Ford) writes:
You can't be serious...never never heard of anyone developing
Yes, we know, you're a vendor.
Please name few the most popular viruses for z/OS and two-three AV
programs for z/OS. ;-)))
Intergrity vulnerability - also, please name few popular, please omit
those which stem from administrator mistakes.
The integrity vulnerabilities *could* lead to
Russell Witt wrote:
To the list of 11 items that Elardus supplied earlier in the day, I would add
one more.
[... snipped ...]
Thanks for correcting + adjusting my item. Much appreciated.
I have added it to my list of things to remember.
Please keep up with your valuable posts. :-)
Groete /
Ray Overby wrote:
I am a vendor so take my post with a grain of salt. For those that don't like
vendors to respond stop reading now.. (flame on)
I will take your post seriously. I have reviewed you webpage. Very interesting.
You confirmed what I suspected, especially after those threads
In 4f724ce6.9030...@kr-inc.com, on 03/27/2012
at 06:27 PM, Ray Overby ray.ove...@kr-inc.com said:
Lets say there is a SVC that when you IPL your z/OS system it is
installed and available for use (i.e - any one can issue the SVC).
The SVC either came with z/OS or your system programmers
In
e84242463cbb7d4b9caf90e1fb2883985742dac...@egpcmbx01.egpcore.egp.qld.gov.au,
on 03/28/2012
at 04:20 PM, Mark Douglas (CITEC) mark.doug...@citec.com.au
said:
That Xmas EXEC story was still hot news at IBM Sydney in Christmas
1989. They warned us not to code such inadvertent viruses (pardon,
In 4f72714f.50...@kr-inc.com, on 03/27/2012
at 09:02 PM, Ray Overby ray.ove...@kr-inc.com said:
There are many reasons for these types of defects. The
programmer(s) in these cases to the best of my knowledge were
actually very experienced z/OS developers.
Yes, but did they learn anything
In 4f720628.8070...@bremultibank.com.pl, on 03/27/2012
at 08:25 PM, R.S. r.skoru...@bremultibank.com.pl said:
- there are no viruses, trojans or other malware for z/OS and it
have never been last 47 years.
Nonsense. OS/360 was a swiss cheese.
07F0
0A0C
--
Shmuel (Seymour J.)
In 2664962449864714.wa.gdornerwpsic@bama.ua.edu, on 03/27/2012
at 10:06 AM, Greg Dorner gdor...@wpsic.com said:
Our auditors are insisting that we install a product that protects
against malicious software (viruses, worms, trojans, etc.).
What are the politics? Are the auditors willing to
On Tue, 27 Mar 2012 11:09:23 -0700, Skip Robinson jo.skip.robin...@sce.com
wrote:
The reason I brought up this 'vulnerability' is that we hired a consultant
a while back to look for weaknesses. Of course they were able to logon
with a vanilla userid that had no special authority. And this is
Subject: Re: Malicious Software Protection
In 2664962449864714.wa.gdornerwpsic@bama.ua.edu, on 03/27/2012
at 10:06 AM, Greg Dorner gdor...@wpsic.com said:
Our auditors are insisting that we install a product that protects
against malicious software (viruses, worms, trojans, etc
@bama.ua.edu
Reply-To: IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
On Tue, 27 Mar 2012 11:09:23 -0700, Skip Robinson jo.skip.robin...@sce.com
wrote:
The reason I brought up this 'vulnerability' is that we hired a consultant
a while back to look
At 3/27/2012 04:06 PM, Joel C. Ewing wrote:
The concept of allowing average-Joe user to be able to download data
from arbitrary sources in arbitrary formats and being able from that
to somehow introduce executable code into the system in ways that
will execute with special privileges so as to
Fairchild
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf Of
Greg Dorner
Sent: Tuesday, March 27, 2012 11:38 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
No,. I'm not serious. But the auditors at PWC are. I'm practicing
Farewell Walt. Thanks for the memories.
Was this your Last Post? (In the British military sense; ie. Taps to most
on this list.)
===
Date: Wed, 28 Mar 2012 07:28:58 -0500
From: wfarr...@us.ibm.com
Subject: Re: Malicious Software Protection
To: IBM-MAIN@bama.ua.edu
On Tue, 27 Mar
On Wed, 28 Mar 2012 07:29:22 -0400, Shmuel Metz (Seymour J.)
shmuel+ibm-m...@patriot.net wrote:
. . .
That's only a vulnerability if such an SVC exists. You haven't shown
that. No SVC in z/OS that I'm aware of has such an STM. It would
certainly violate IBM's statement of integrity.
I have
Yes, I believe I have a way to attack a mainframe system where I don't
have access.
Ray Overby
Key Resources, Inc.
Ensuring System Integrity for z/Series™
www.zassure.com
(312)574-0007
On 3/28/2012 02:03 AM, Elardus Engelbrecht wrote:
Ray Overby wrote:
I am a vendor so take my post with a
The problem is we don't believe. :-)
--
Radoslaw Skorupka
Lodz, Poland
W dniu 2012-03-28 22:45, Ray Overby pisze:
Yes, I believe I have a way to attack a mainframe system where I don't
have access.
Ray Overby
Key Resources, Inc.
Ensuring System Integrity for z/Series™
www.zassure.com
Mainframe Discussion List
[mailto:IBM-MAIN@bama.ua.edu] On Behalf Of R.S.
Sent: Wednesday, March 28, 2012 4:14 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
The problem is we don't believe. :-)
--
Radoslaw Skorupka
Lodz, Poland
W dniu 2012-03-28 22:45, Ray
Walt,
May the wind be at your back...god bless enjoy your much earned retirement
Sent from my iPad
Scott Ford
Senior Systems Engineer
www.identityforge.com
On Mar 28, 2012, at 8:28 AM, Walt Farrell wfarr...@us.ibm.com wrote:
On Tue, 27 Mar 2012 11:09:23 -0700, Skip Robinson
On Wed, 28 Mar 2012 23:13:58 +0200, R.S. wrote:
The problem is we don't believe. :-)
It's easy. Bribe the sysadmin. (FSVO access.)
W dniu 2012-03-28 22:45, Ray Overby pisze:
Yes, I believe I have a way to attack a mainframe system where I don't
have access.
-- gil
W dniu 2012-03-28 23:39, Paul Gilmartin pisze:
On Wed, 28 Mar 2012 23:13:58 +0200, R.S. wrote:
The problem is we don't believe. :-)
It's easy. Bribe the sysadmin. (FSVO access.)
That's what I always mention. Bribe or blackmail. The last one is much
more efficient IMHO, but both used to
Dear IBM-MAINers,
Our auditors are insisting that we install a product that protects against
malicious software (viruses, worms, trojans, etc.).
Does anyone know of a product that does this? I heard that McAfee is coming out
with a z/OS product later this year, but I called them and they had
Ask your auditor to recommend one for the mainframe ;-)
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On
Behalf Of Greg Dorner
Sent: Tuesday, March 27, 2012 11:07 AM
To: IBM-MAIN@bama.ua.edu
Subject: Malicious Software Protection
Dear IBM
On 3/27/2012 11:09 AM, Greg Dorner wrote:
Dear IBM-MAINers,
Our auditors are insisting that we install a product that protects against
malicious software (viruses, worms, trojans, etc.).
Does anyone know of a product that does this? I heard that McAfee is coming out with a
z/OS product later
Get some new auditors!
snip
z/OS, with proper security controls (and believe me - we have LOTS!)
should not have to worry about such things, at least that's what I've
always heard.
Any input on this topic would be GREATLY appreciated!!
/snip
-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On
Behalf Of Greg Dorner
Sent: Tuesday, March 27, 2012 11:07 AM
To: IBM-MAIN@bama.ua.edu
Subject: Malicious Software Protection
Dear IBM-MAINers,
Our auditors are insisting that we install a product that protects
against
, March 27, 2012 11:07 AM
To: IBM-MAIN@bama.ua.edu
Subject: Malicious Software Protection
Dear IBM-MAINers,
Our auditors are insisting that we install a product that protects
against malicious software (viruses, worms, trojans, etc.).
Does anyone know of a product that does this? I heard
You can't be serious...never never heard of anyone developing a virus for
mainframes, I understand the fear, but firewalls, network apps do rat in front
of the mainframe
Sent from my iPad
Scott Ford
Senior Systems Engineer
www.identityforge.com
On Mar 27, 2012, at 11:06 AM, Greg Dorner
Sorry should be 'do that in front of the mainframe'
Sent from my iPad
Scott Ford
Senior Systems Engineer
www.identityforge.com
On Mar 27, 2012, at 12:07 PM, Scott Ford scott_j_f...@yahoo.com wrote:
You can't be serious...never never heard of anyone developing a virus for
mainframes, I
On Tue, 27 Mar 2012 11:15:52 -0400, Gross, Randall [GCG-PFS] wrote:
Ask your auditor to recommend one for the mainframe ;-)
That's likely not the auditor's job. But if he knows of none, it is
his prerogative to assign a failing grade.
However, what body certifies the available commercial
scott_j_f...@yahoo.com (Scott Ford) writes:
You can't be serious...never never heard of anyone developing a virus
for mainframes, I understand the fear, but firewalls, network apps do
rat in front of the mainframe
this discussion group, mailing list originated on BITNET ... recent
discussion
Greg Dorner wrote:
Our auditors are insisting that we install a product that protects against
malicious software (viruses, worms, trojans, etc.).
Groan, you can replace/fire those auditors as mentioned earlier in this
thread, but ... ;-D
You have several choices.
1. Ask them to give
No,. I'm not serious. But the auditors at PWC are. I'm practicing my
belly-laugh for when they actually want to discuss the issue. You are all
telling me what I already knew, but I just wanted to get the feedback so it
isn't just my understanding of it.
Thanks everyone, for all the good
Thank you, Elardus for your verbosity.
- you can replace/fire those auditors as mentioned earlier in this thread
- As Ted MacNeil insists, the auditors only RECOMMENDS, it is your management
who can APPLY those recommendations.
Unfortunately, we have no say with these auditors. They are
On 27 March 2012 11:06, Greg Dorner gdor...@wpsic.com wrote:
Our auditors are insisting that we install a product that protects against
malicious software (viruses, worms, trojans, etc.).
But have they asked you about the powerful and dangerous AMASPZAP yet?
They aren't Real Auditors until
Greg,
Gil's points were excellent also as well as the other folks talking about
RACF..etc...
Sent from my iPad
Scott Ford
Senior Systems Engineer
www.identityforge.com
On Mar 27, 2012, at 12:46 PM, Greg Dorner gdor...@wpsic.com wrote:
Thank you, Elardus for your verbosity.
- you can
At 3/27/2012 11:19 AM, Pinnacle wrote:
There is a mainframe product that protects against malicious
software. It's called SAF, and it interfaces with ESM's like RACF,
or ACF2, or TopSecret.
SAF is not a product. It stands for System Access Facility and it
is nothing more than an interface
software cannot execute privileged it can't do any real damage.
:: -Original Message-
:: From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On
:: Behalf Of Greg Dorner
:: Sent: Tuesday, March 27, 2012 8:07 AM
:: To: IBM-MAIN@bama.ua.edu
:: Subject: Malicious Software Protection
On 3/27/2012 10:46 AM, Greg Dorner wrote:
Thank you, Elardus for your verbosity.
- you can replace/fire those auditors as mentioned earlier in this thread
- As Ted MacNeil insists, the auditors only RECOMMENDS, it is your
management
who can APPLY those recommendations.
Unfortunately, we
@bama.ua.edu
Sent: Tue, March 27, 2012 1:01:34 PM
Subject: Re: Malicious Software Protection
At 3/27/2012 11:19 AM, Pinnacle wrote:
There is a mainframe product that protects against malicious software. It's
called SAF, and it interfaces with ESM's like RACF, or ACF2, or TopSecret.
SAF is not a product
Date: 03/27/2012 10:22 AM
Subject:Re: Malicious Software Protection
Sent by:IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu
On 3/27/2012 10:46 AM, Greg Dorner wrote:
Thank you, Elardus for your verbosity.
- you can replace/fire those auditors as mentioned earlier
?
This is just a favor ..FTP the same
Scott J Ford
Software Engineer
http://www.identityforge.com
From: Skip Robinson jo.skip.robin...@sce.com
To: IBM-MAIN@bama.ua.edu
Sent: Tuesday, March 27, 2012 1:37 PM
Subject: Re: Malicious Software Protection
We're all
From: Skip Robinson jo.skip.robin...@sce.com
To: IBM-MAIN@bama.ua.edu
Sent: Tuesday, March 27, 2012 1:37 PM
Subject: Re: Malicious Software Protection
We're all pretty sanguine about our mainframe invulnerability. But we
should not overlook how one of our most
10:51 AM
Subject:Re: Malicious Software Protection
Sent by:IBM Mainframe Discussion List IBM-MAIN@bama.ua.edu
Lets step through this logically:
TN3270
1. Must have RACF/ACF2/TSS userid/lid/acid
2. Must have a valid password
3. Must have valid IP address
4. Must have valid
On Tue, 27 Mar 2012 11:09:23 -0700, Skip Robinson wrote:
The reason I brought up this 'vulnerability' is that we hired a consultant
a while back to look for weaknesses. Of course they were able to logon
with a vanilla userid that had no special authority. And this is what they
did.
We all spend
Replies like this are why I seldom post to IBM-Main anymore. The fact
that it comes from someone who I respect and consider a friend hurts all
the more. Bottom line is that I work for a living, and I often don't
have time to respond in gory detail to everything posted. My primary
objective
W dniu 2012-03-27 17:06, Greg Dorner pisze:
Dear IBM-MAINers,
Our auditors are insisting that we install a product that protects against
malicious software (viruses, worms, trojans, etc.).
Does anyone know of a product that does this? I heard that McAfee is coming out with a
z/OS product
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
626-302-7535 Office
323-715-0595 Mobile
jo.skip.robin...@sce.com
From: Scott Ford scott_j_f...@yahoo.com
To: IBM-MAIN@bama.ua.edu
Date: 03/27/2012 10:51 AM
Subject:Re: Malicious Software Protection
Sent
RS,
You are correct a big part of this is the auditors being
educated...understanding the installation FULLY and also management ppl who
chartered them to do the work...
Sent from my iPad
Scott Ford
Senior Systems Engineer
www.identityforge.com
On Mar 27, 2012, at 2:25 PM, R.S.
What is it, anonymous is threatening to shut down the Internet this Sat. by
doing DOS on all the major DNS nodes.
In a message dated 3/27/2012 1:32:45 P.M. Central Daylight Time,
scott_j_f...@yahoo.com writes:
We had to setup ftps etc, it wasn't easy and very very time consuming. If
the
-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
We're all pretty sanguine about our mainframe invulnerability. But we
should not overlook how one of our most valuable protections
can be turned
against us. We all have some limit set for logon attempts. If
an invalid
password
I'm sorry Tom. I did not intend my remarks to be
personal. I deeply regret that you feel hurt by
them. Please don't let my words deter you from
future contributions. Your thoughts generally are more valuable than most.
I just wanted to emphasize the APF Trojan horse
vulnerability. It is
All,
I think we all agree that every system has vulnerabilities, where Windows,
Unix,VM, or Z/OS,
the methods make it difficult for hackers to get into the systems, ,no
different than protecting a home from robbers. By using a big dog and a 12
gauge ..or electronic security system..many of us
I see a much bigger issue, knowledge, once we old timers cash it in, like Walt
was lucky enough to do, then who will 'carry the touch'the newer 'kids'
don't want the responsibility or know how, just the cash, sorry not trying to
mean or negative, I am second generation IT
Hopefully,
...@harminc.net
To: IBM-MAIN IBM-MAIN@bama.ua.edu
Sent: Tue, Mar 27, 2012 5:49 pm
Subject: Re: Malicious Software Protection
On 27 March 2012 11:06, Greg Dorner gdor...@wpsic.com wrote:
Our auditors are insisting that we install a product that protects against
alicious software (viruses, worms, trojans
I must disagree with your second argument. If your mainframe does not provide
data to
anyone outside of your control, then okay. But if you deliver data to outsider,
the public
in particular, I feel you have a duty to make sure that the data you provide
does not
include a virus that might
Netscape came out with a 3270 compatible version (3.10) then they got
rid of it (I assume due to pressure from IBM)
http://jisemu.courts.state.md.us/Help.htm
I think it came with a list of sites that users had provided.
On Tue, Mar 27, 2012 at 12:49 PM, Scott Ford scott_j_f...@yahoo.com wrote:
Mike,
Interesting ...didn't know it existed..I knew about ibm's hod product...
Used it in several shops
Sent from my iPad
Scott Ford
Senior Systems Engineer
www.identityforge.com
On Mar 27, 2012, at 3:52 PM, Mike Schwab mike.a.sch...@gmail.com wrote:
Netscape came out with a 3270
Yes, it is true that if you could introduce a trojan into an APF library
you could compromise z/OS, and that this might be possible:
If you don't have RACF or equivalent properly configured to protect all
system data sets;
If you allow update authority to APF libraries or PARMLIB to people
:30 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
Greg Dorner wrote:
Our auditors are insisting that we install a product that protects against
malicious software (viruses, worms, trojans, etc.).
Groan, you can replace/fire those auditors as mentioned earlier
different.
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf
Of Elardus Engelbrecht
Sent: Tuesday, March 27, 2012 11:30 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
Greg Dorner wrote:
Our auditors
[mailto:IBM-MAIN@bama.ua.edu] On
Behalf Of McKown, John
Sent: Tuesday, March 27, 2012 11:42 AM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Malicious Software Protection
True. For users which have RACF SPECIAL, a WTOR is written to the z/OS
console. Of course, in our shop, nobody monitors the z/OS consoles
Every z/os system today has integrity vulnerabilities on it that if
exploited would allow users with access to that system to crash that
system or bypass installation controls and access any protected resource
on that system regardless of the installed ESM. They would be able to do
so with
Yes, and no.
Yes, any virus scanner provide some security (at least neutral, usually
positive).
No, because such virus cannot occur (pop up) on the mainframe, mainframe
cannot be infected (I think we agree with that). So, some other system
had to send it to mainframe previously; mainframe only
I am a vendor so take my post with a grain of salt. For those that don't
like vendors to respond stop reading now.. (flame on)
In my opinion there are some misconceptions about the ability of an ESM
product to mitigate integrity based vulnerabilities and why this should
be a concern for
On 3/27/2012 7:27 PM, Ray Overby wrote:
Like any SVC when invoked it will get control in an authorized
state (PSW Key 0). Further this SVC issues a STM instruction
very early in the SVC code storing into where ever R13 points
to. This type of defect is easily exploited writing a simple
program
There are many reasons for these types of defects. The programmer(s) in
these cases to the best of my knowledge were actually very experienced
z/OS developers. Very competent people. In my experience it is a matter
of when not if these type of issues occur when you are responsible for
that they
haven't given this subject much thought.
Russell Witt
CA 1 Support Manager
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf
Of Greg Dorner
Sent: Tuesday, March 27, 2012 10:07 AM
To: IBM-MAIN@bama.ua.edu
Subject: Malicious Software
thought.
Russell Witt
CA 1 Support Manager
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@bama.ua.edu] On Behalf
Of Greg Dorner
Sent: Tuesday, March 27, 2012 10:07 AM
To: IBM-MAIN@bama.ua.edu
Subject: Malicious Software Protection
Dear IBM-MAINers,
Our
1 - 100 of 101 matches
Mail list logo
