Sorry, Gil -- sorry that I was the one who derailed that thread into "war
stories", and also because I'm with Phil: I enjoy them.
---
Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313
/* While mathematicians often do not have much humility, we all have lots of
experience with humiliation.
LOL - A nostalgia post about nostalgia posts.
On 10/15/2021 10:08 AM, Paul Gilmartin wrote:
I remember, wistfully, when there were fewer nostalgia threads.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
On Mon, 11 Oct 2021 11:26:09 -0400, Phil Smith III wrote:
>Well, now that this thread has devolved into war stories (often the best
>part of a day's digest):
>
I remember, wistfully, when there were fewer nostalgia threads.
-- gil
Newfoundland? Ok, now for something ~completely~ off-topic:
Back during 09-11, a lot of commercial flights were grounded for some days --
all over the world maybe, in Europe and the US for sure. A lot of
transatlantic flights went to earth in Newfoundland, and hundreds or maybe
thousand of
I thought this is a mainframe mailing list...
About ten years ago, during a security consultancy work I performed at a
client shop, I noticed that CICS is not properly protected. I told the
sysprog and the CIO what changes need to be done, but the sysprog insist
that the system is secured. I got
Well, now that this thread has devolved into war stories (often the best
part of a day's digest):
A friend working helpdesk once hacked an end-user's PROFILE EXEC on CMS so
that every OTHER time he logged on, it would do something odd, forget what.
User made SEVERAL trips between her* office
Hi Bob,
This reminds me of a story from the early '90s, when I worked for a
multi-national food company. (I actually worked for more than one.)
One of the Help Desk guys decided to customize "his own" TPX screen.
He made it say "Welcome to Hell".
When I got in, I booted DOS (IBM PS/2 Model 70),
Managers have no sense of humour where it doesn't matter. Well, some managers.
I still remember fondly my messing with a coworker's PC menu. I don't remember
which menu system we were using at the time, but Roberto had found some little
gag app that would display a blimp for a few seconds
tober 10, 2021 9:36 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Mainframe ransomware solution
>
> [External Email. Exercise caution when clicking links or opening attachments.]
>
> On 08/10/2021 16:43, David Spiegel wrote:
>> Hi R'Shmuel; AMV"SH,
>> "... What
t [IBM-MAIN@LISTSERV.UA.EDU] on behalf of
PINION, RICHARD W. [rpin...@firsthorizon.com]
Sent: Sunday, October 10, 2021 10:52 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
The only thing I ever put on a system, similar to that, was a TSO program which
produced a crude p
-
From: IBM Mainframe Discussion List On Behalf Of
Peter Sylvester
Sent: Sunday, October 10, 2021 9:36 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
[External Email. Exercise caution when clicking links or opening attachments.]
On 08/10/2021 16:43, David Spiegel
On 08/10/2021 16:43, David Spiegel wrote:
Hi R'Shmuel; AMV"SH,
"... What about the Christmas Card Worm? ..."
That was AFAIK on a VM system, not, an MVS system.
Regards,
David
You could have "protected" the VM systems as much as you want, if a "friend" send you an
exec/script/clist and you
Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
On Behalf Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
Hi
Any shop implement mainframe ransomware solution can
Yes, that's the one. I can read a number of languages, but Polish isn't among
them; I fed that article to Google Translate, and with a few bobbles it did a
fair job. I remember a reference in the translation to the "FTP hotel", which
I guessed means the FTP server, but for the most part the
I'm sort of intrigued by the notion of 'magical SVC'. I know it's a figure
of speech, but I categorically disbelieve in magic. For the whipper
snappers among us, our beloved SDSF started out in the 1980s as an
IUP--installed user program. Written as I understand it by a couple of IBM
customer SEs.
Yes, I remember this article. I also read that in Polish. :-)
And at the time whole police report was leaked. 200+ pages.
It was definitely impossible without intercepted password and many
configuration mistakes.
HTTP vulnerability was also there, but it was not the way to hack in.
Yes, an ID they got hold of -- my impression was that it was the original ID --
had read access to the RACF database. They downloaded it, and posted questions
here and there about how RACF passwords are encrypted. Within a few days a new
version of John the Ripper appeared, reworked for RACF.
On 10/8/2021 8:18 AM, David Spiegel wrote:
From what I recall, the bad guys had "READ" to the RACF Database. (It
helps to have incompetent SecAdmin staff and auditors.)
These days, one would be beyond negligent to ignore the warnings issued
by the RACF_SENSITIVE_RESOURCES health check. (Was
Exactly right.
Sent from Yahoo Mail for iPhone
On Friday, October 8, 2021, 8:54 AM, Bob Bridges wrote:
The way I read in the long Polish article about the Logica hack, when I
researched it back in 2013, is that there was speculation about USS and about
an HTTP flaw, but the forensics folks
Dude, you need to quit being a lemming afraid to challenge the know it alls. Oh
wait.
Sent from Yahoo Mail for iPhone
On Friday, October 8, 2021, 8:34 AM, zMan wrote:
And you were. In those exchanges, that makes one of you.
On Thu, Oct 7, 2021 at 9:00 PM Charles Mills wrote:
> Sincere
Hi Bob,
From what I recall, the bad guys had "READ" to the RACF Database. (It
helps to have incompetent SecAdmin staff and auditors.)
They downloaded it and then dictionary-attacked it easily, because there
was no password limitation and there was no trivial-password-exclusion list.
Also, NVAS
The way I read in the long Polish article about the Logica hack, when I
researched it back in 2013, is that there was speculation about USS and about
an HTTP flaw, but the forensics folks in the end thought they probably got hold
of a password in the good old-fashioned way and went from there.
of
David Spiegel [dspiegel...@hotmail.com]
Sent: Friday, October 8, 2021 10:43 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Hi R'Shmuel; AMV"SH,
"... What about the Christmas Card Worm? ..."
That was AFAIK on a VM system, not, an MVS system.
Regards,
iA%3Dreserved=0
From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of
Bill Johnson [0047540adefe-dmarc-requ...@listserv.ua.edu]
Sent: Thursday, October 7, 2021 6:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
You’d have
IMO you were doing fine, Mr Mills. The only thing I might suggest is that you
let unearned obstreporosity drop off into the void unnoticed. In addition to
being more fun for lurkers who don't care to read such exchanges, surely that'd
be more frustrating to anyone hoping for a quarrel
@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
You’d have to be a poorly run shop to permit any of those to occur. Maybe
that’s why mainframe hacks have actually never happened.Biden successfully
extracted 124,000 from Afghanistan in a few weeks. Amazing.
Sent from Yahoo Mail
And you were. In those exchanges, that makes one of you.
On Thu, Oct 7, 2021 at 9:00 PM Charles Mills wrote:
> Sincere apologies. I was trying to be constructive.
>
Bill, you need to put the crack pipe down.
--
For IBM-MAIN
: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of Tom
Brennan [t...@tombrennansoftware.com]
Sent: Thursday, October 7, 2021 7:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
I'll repeat what I always say about this. If I was hacking a mainframe
Palian [s3...@pjwstk.edu.pl]
Sent: Friday, October 8, 2021 12:55 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
>From the information security perspective there's a well-known
confidentiality, integrity and availability (CIA) triad.
However, the overall security post
7:40 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
First part of my answer was kind of joke. Wasn't it clear?
Second part provided some means, products and opinions.
Regarding magic SVCs - I have *never* found any. Yes, I met and fixed
some other mistakes you
I'm not IBM expert, but...
1. This is bad or not followed procedure. BTW: I made it impossible in
my shop, since day 0. It was never ever possible to get new password on
production without procedure. The procedure was inconvenient, more time
consuming compared to call, but it wasn't bypassed.
W dniu 08.10.2021 o 01:26, Charles Mills pisze:
[...]
It is not an anti-mainframe position to advocate for mainframe security. "Oh, we
have nothing to worry about" is surely the enemy of security.
Charles
Amen to that!
--
Radoslaw Skorupka
Lodz, Poland
MAIN@LISTSERV.UA.EDU] On Behalf
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Logica isn’t actually a hack. And of course the phantom one you’re working on.
---
no
flawed APF code, no APF "tools" available inappropriately.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainfra
I’ve not seen the first one, but the second one is a joke.
ITschak
בתאריך יום ו׳, 8 באוק׳ 2021 ב-5:17 מאת Nash, Jonathan S. <
01abdcef2f3c-dmarc-requ...@listserv.ua.edu>:
>
> Philip Young
> “Soldier of Fortran”
> Mainframe hacker videos from 6 years ago :-(
>
> https://youtu.be/Xfl4spvM5DI
ter x23353
> Sent: Thursday, October 7, 2021 5:34 PM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Mainframe ransomware solution
>
> I don't know about the others on the list, but I am a tad tired of this
> and other rounds
Philip Young
“Soldier of Fortran”
Mainframe hacker videos from 6 years ago :-(
https://youtu.be/Xfl4spvM5DI
https://youtu.be/vyHAqxCkf-k
There are other Def con etc mainframe hacker
videos out there ...
Kinda makes me nervous...
Sincere apologies. I was trying to be constructive.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Farley, Peter x23353
Sent: Thursday, October 7, 2021 5:34 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware
data back.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Tom Brennan
Sent: Thursday, October 7, 2021 4:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
I'll repeat what I always say about thi
RV.UA.EDU] On Behalf
Of Tom Brennan
Sent: Thursday, October 7, 2021 4:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
I'll repeat what I always say about this. If I was hacking a mainframe
I wouldn't start with the mainframe, I'd start with the sysprog or
securi
Agreed. Move on.
Rich Smrcina
> On Oct 7, 2021, at 7:34 PM, Farley, Peter x23353
> <031df298a9da-dmarc-requ...@listserv.ua.edu> wrote:
>
> I don't know about the others on the list, but I am a tad tired of this and
> other rounds of sniping between Mr. Johnson and Mr. Mills.
>
> I would
--Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Bill Johnson
Sent: Thursday, October 7, 2021 8:06 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
The thing about you list dominators, is you think you know it all and should
never be challenged. I
rupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
Hi
Any shop implement mainframe ransomware solution can share? IBM seems has
cyber vault to handle this. Is there any other solution
uot; would not get your data back.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Tom Brennan
Sent: Thursday, October 7, 2021 4:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
I'll repeat what I always
Mainframe ransomware solution
I'll repeat what I always say about this. If I was hacking a mainframe
I wouldn't start with the mainframe, I'd start with the sysprog or
security admin's PC or Mac or email or phone or whatever. In that case
it doesn't matter one bit how well the mainframe is
@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Started when you were 12 or still needing to work into your 70’s?
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu
uot;tools" available inappropriately.
>
> Charles
>
>
> -Original Message-
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> Behalf Of Radoslaw Skorupka
> Sent: Wednesday, October 6, 2021 2:13 PM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subjec
, no APF "tools" available inappropriately.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware soluti
ery, very good to me.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Bill Johnson
Sent: Thursday, October 7, 2021 4:26 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Right, they’re all kept under wr
rsday, October 7, 2021 4:08 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Nearly all banks run a mainframe. If hackers wanted to break into platforms
handling the worlds financial system, where all the money is, the mainframe is
the platform. The MF has been around for 60
day, October 7, 2021 4:26 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Right, they’re all kept under wraps in a world where privacy is next to
impossible. And what you heard (suddenly not under wraps) isn’t what happened
with Logica.
If your kid drops his
IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Bill Johnson
Sent: Thursday, October 7, 2021 4:08 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Nearly all banks run a mainframe. If hackers wanted to break into platforms
handling the worl
there are none that are well-documented.)
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Log
-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
On Thu, 7 Oct 2021 15:47:11 -0700, Charles Mills wrote:
>I don't know, but what the professional Pen Testers tell me is that they never
>fail to find things like that.
>
Do you mean they always find one or they always
n Behalf
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
Logica isn’t actually a hack. And of course the phantom one you’re working on.
--
For IBM-M
IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
You’d have to be a poorly run shop to permit any of those to occur. Maybe
that’s why mainframe hacks
ent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
You’d have to be a poorly run shop to permit any of those to occur. Maybe
that’s why mainframe hacks have actually never happened.Biden successfully
extracted 124,000 from Afghani
On Thu, 7 Oct 2021 15:47:11 -0700, Charles Mills wrote:
>I don't know, but what the professional Pen Testers tell me is that they never
>fail to find things like that.
>
Do you mean they always find one or they always find all?
On Thu, 7 Oct 2021 15:49:17 -0700, Charles Mills wrote:
>>
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
You’d have to be a poorly run shop to permit any of those to occur.
e vanished?
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
You’d have to be a poorly run shop to
, no APF "tools" available
inappropriately.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware soluti
tools" available
inappropriately.
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
W dniu 05
Cir
Jamison, Pa 18929
215-688-1459
carl.swans...@verizon.net
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 5:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
W dniu 05.10.2021 o 15:24
W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
Hi
Any shop implement mainframe ransomware solution can share? IBM seems has
cyber vault to handle this. Is there any other solution available ?
Thanks for sharing
Yes, we have such solution.
This is combination of the following products:
1. z
; To: IBM-MAIN@LISTSERV.UA.EDU
>
> Subject: Re: Mainframe ransomware solution
>
> As already mentioned, having defined copies of your data over time helps.
>
> Just make sure your recovery point and time are understood since the real
>
> tricky part is going back to a poin
] On Behalf
Of Bfishing
Sent: Tuesday, October 5, 2021 7:14 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution
As already mentioned, having defined copies of your data over time helps.
Just make sure your recovery point and time are understood since the real
tricky part
sure you pick the correct one.
https://www.ibm.com/downloads/cas/BNZGVJKD
On Tue, Oct 5, 2021 at 9:24 AM Tommy Tsui wrote:
> >
> > Hi
>
> Any shop implement mainframe ransomware solution can share? IBM seems has
> cyber vault to handle this. Is there any other solution
:
> >
> > Hi
>
> Any shop implement mainframe ransomware solution can share? IBM seems has
> cyber vault to handle this. Is there any other solution available ?
> Thanks for sharing
>
> --
>
>
> Hi
Any shop implement mainframe ransomware solution can share? IBM seems has
cyber vault to handle this. Is there any other solution available ?
Thanks for sharing
--
For IBM-MAIN subscribe / signoff / archive
69 matches
Mail list logo