Radoslaw Skorupka wrote:
>Yes, you are right - there is no logical difference between internal and
>external USB port. However I can imagine "whitelisted" internal ports,
>because every port has its own ID. Nevermind.
>More important is device whitelist
Do you really want whitelisting here? I
W dniu 20.08.2022 o 17:56, Tony Harminc pisze:
On Sat, 20 Aug 2022 at 08:58, Radoslaw Skorupka
wrote:
[...]
4. USB is just interface, it can be external (more popular) or internal.
That's quite obvious. Less obvious is what should be reported by HMC. In
my humble opinion there is no big
On Sat, 20 Aug 2022 at 08:58, Radoslaw Skorupka
wrote:
> [...]
> 4. USB is just interface, it can be external (more popular) or internal.
> That's quite obvious. Less obvious is what should be reported by HMC. In
> my humble opinion there is no big reason to report internal devices like
> HDD,
Timothy,
To clarify the things:
1. I have *never* said or suggested SE. I was talking about HMC and
"zombie device" connected to it. Physical HMC, not HMA aka virtual HMC
inside SE box.
2. Physical HMC can be rack-mounted or just desktop. I mentioned
rack-mounted HMC.
3. Such HMC is very
Radoslaw,
I think you mentioned in one of your follow-up posts that you're actually
looking at a 1U Support Element, not a Hardware Management Console. If so, now
you know that you have a smart card reader with smart card inside the SE.
IBM TKE Workstations are different, yes. It has
ERV.UA.EDU
Subject: Re: HMC and zombie USB device
(Clicked ENTER too fast)
To complement: The SmartCard Reader is documented in Service Guide, BUT...
But it is documented is *Support Element* Service Guide. HMC Service
Guide shows no SmartCard reader inside.
So, it looks like wrong hardware tak
on demand) and
Flash Express - this was not for customer use and hence not accessible.
Regards
Parwez Hamid
From: IBM Mainframe Discussion List on behalf of
Radoslaw Skorupka
Sent: 18 August 2022 12:02
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: HMC and zombie
(Clicked ENTER too fast)
To complement: The SmartCard Reader is documented in Service Guide, BUT...
But it is documented is *Support Element* Service Guide. HMC Service
Guide shows no SmartCard reader inside.
So, it looks like wrong hardware taken for HMC. The PC is configured for
SE
OK, I found it. It is *internal* device, inaccessible to the user. And
it is not for typical smart cards.
Strange, it is reported as connected to USB - yes, USB can be internal,
but IMHO the goal is to report external devices, which is important from
security point of view.
--
Radoslaw
It is NOT HMA, it is regular HMC - separate PC machine, it is mounted in
separate rack, not in z15 cabinet.
The machine is 1U high, so it is easy to inspect all the ports and
devices. In the front you have removable HDD, several fans
(demountable), some LED indicators and power on button.
On
I don't think it's a "zombie" device. I think it's a real one. It's just a
device you may not have seen before because it's "hidden."
I'm not the foremost expert in this area, but (guessing) you're probably using
the Hardware Management Appliance (HMA, a.k.a. vHMC). (Did I guess correctly?)
If
: 16 August 2022 22:32
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: HMC and zombie USB device
As many of us know HMC reports all external devices connected via USB -
mice, keyboards, pendrives, etc.
That's good from security point of view.
However I noticed some HMC (2.15) report *non-existent* device
Might have been included on the USB subsystem and not connected. You could
look up the schematics or observe the circuit boards and chips.
On Tue, Aug 16, 2022, 16:33 Radoslaw Skorupka
wrote:
> As many of us know HMC reports all external devices connected via USB -
> mice, keyboards,
As many of us know HMC reports all external devices connected via USB -
mice, keyboards, pendrives, etc.
That's good from security point of view.
However I noticed some HMC (2.15) report *non-existent* device. Yes, I
checked it thoroughly. Imagine pizza-box HMC machine and all the cables
and
14 matches
Mail list logo
