In
caodpegslghomjp3vej_av5mb8ftwhhzgl_24z3xds9es6df...@mail.gmail.com,
on 09/19/2012
at 03:47 PM, Itschak Mugzach imugz...@gmail.com said:
SYSLOG tells a lot about identities running in your system, and more
specific, those who are assigned to STCs and the way they get it
(STARTED class,
and The MEGA Life and Health Insurance Company.SM
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
On Behalf Of Paul Gilmartin
Sent: Tuesday, September 18, 2012 10:13 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let
Life and Health Insurance Company.SM
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
On Behalf Of Paul Gilmartin
Sent: Tuesday, September 18, 2012 10:13 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read
]
On Behalf Of Paul Gilmartin
Sent: Tuesday, September 18, 2012 10:13 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read?
On Tue, 18 Sep 2012 09:21:11 -0500, Elardus Engelbrecht wrote:
Ed Gould wrote:
1. I have seen passwords on the syslog.
Can you
Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
On Behalf Of Paul Gilmartin
Sent: Tuesday, September 18, 2012 10:13 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read?
On Tue, 18 Sep 2012 09:21:11 -0500, Elardus Engelbrecht wrote:
Ed Gould wrote:
1. I have
-MAIN@LISTSERV.UA.EDU]
On Behalf Of Paul Gilmartin
Sent: Tuesday, September 18, 2012 10:13 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read?
On Tue, 18 Sep 2012 09:21:11 -0500, Elardus Engelbrecht wrote:
Ed Gould wrote:
1. I have seen passwords
:21 AM
Subject:Re: z/OS SYSLOG - why not let everybody read?
Sent by:IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU
Ed Gould wrote:
1. I have seen passwords on the syslog.
Can you show any example(s) of such messages? Of course you can mask out
the passwords before
...@jbhunt.com
From: Elardus Engelbrecht elardus.engelbre...@sita.co.za
To: IBM-MAIN@LISTSERV.UA.EDU
Date: 09/18/2012 09:21 AM
Subject:Re: z/OS SYSLOG - why not let everybody read?
Sent by:IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU
Ed Gould wrote:
1. I have
Radoslaw Skorupka wrote:
Personally I don't think that everybody should have read access to the syslog,
Your decision which I will respect. ;-)
but - first, and more important - not everybody need access to TSO.
Agreed - many of my group special users lost their TSO ids. They broke a lot of
and The
MEGA Life and Health Insurance Company.SM
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
On Behalf Of Thomas Kern
Sent: Tuesday, September 18, 2012 6:46 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read
Subject: Re: z/OS SYSLOG - why not let everybody read?
Sensitive data is very relative. Does Joe User REALLY deserve to see
that Jane
Consultant has been running jobs for that other department that has
been getting a better
budget than Joe? Joe gets to raise all holy hell to the Data
Well, that's the general question. Is there any reason why the average joe,
regardless of job function, should *NOT* have the ability to look at SYSLOG?
Does anybody put sensitive data out to it?
--
John McKown
Systems Engineer IV
IT
Administrative Services Group
HealthMarkets(r)
9151
W dniu 2012-09-18 15:30, McKown, John pisze:
Well, that's the general question. Is there any reason why the
average joe, regardless of job function, should *NOT* have the
ability to look at SYSLOG? Does anybody put sensitive data out to
it?
Security by obscurity?
BTW: ICH408I may contain
Insurance Company.SM
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
On Behalf Of R.S.
Sent: Tuesday, September 18, 2012 8:57 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read?
W dniu 2012-09-18 15:30, McKown
McKown, John wrote:
Well, that's the general question. Is there any reason why the average joe,
regardless of job function, should *NOT* have the ability to look at SYSLOG?
Does anybody put sensitive data out to it?
This was discussed during May 2012 when Mark Jacobs asked a similar question.
: Tuesday, September 18, 2012 9:05 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read?
McKown, John wrote:
Well, that's the general question. Is there any reason why the
average joe, regardless of job function, should *NOT* have the
ability to look at SYSLOG
John:
Over the years auditors at my company have come up with a similar
question. While I give it to the auditors I do no give it out to say
the average person.
1. I have seen passwords on the syslog.
2. I have also seen arguments that have come up in meetings over how
operators replied
Insurance Company.SM
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
On Behalf Of Ed Gould
Sent: Tuesday, September 18, 2012 9:11 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read?
John:
Over the years
Ed Gould wrote:
1. I have seen passwords on the syslog.
Can you show any example(s) of such messages? Of course you can mask out the
passwords before posting. ;-)
Was that by design [1] or by operator error? Was that a verbatim copy of some
command?
Groete / Greetings
Elardus Engelbrecht
[1]
McKown, John wrote:
I've decided, for a new function that I'm contemplating writing, to make
access to be based on RACF access to a profile in the FACILITY class. And make
a new RACF group (I'm the main RACF person, too) which I'll call SYSLOGG, make
it the only ID with READ to this profile.
and Health Insurance Company.SM
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU]
On Behalf Of Elardus Engelbrecht
Sent: Tuesday, September 18, 2012 9:25 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: z/OS SYSLOG - why not let everybody read?
McKown
On Tue, 18 Sep 2012 09:21:11 -0500, Elardus Engelbrecht wrote:
Ed Gould wrote:
1. I have seen passwords on the syslog.
Can you show any example(s) of such messages? Of course you can mask out the
passwords before posting. ;-)
Was that by design [1] or by operator error? Was that a verbatim
: Re: z/OS SYSLOG - why not let everybody read?
On Tue, 18 Sep 2012 09:21:11 -0500, Elardus Engelbrecht wrote:
Ed Gould wrote:
1. I have seen passwords on the syslog.
Can you show any example(s) of such messages? Of course you can mask
out the passwords before posting
If passwords were ever in the SYSLOG, I don't think it has been a problem in
the last 2 decades. I don't ever recall seeing them. I'm sure that z/OS, and
OS/390 have never put passwords in SYSLOG. If you've seen passwords in SYSLOG,
it must have been a long time ago, or put their by a user
The contents of SYSLOG are often value to mere applications
programmers and even to operators.
Energies devoted to denying access to SYSLOG would much better be
devoted to ensuring that its does not contain passwords and the like.
Security people are paid to be paranoid, and their preoccupations
I have seen on a couple of occasions this year, what appears to be a
password keyed in the user name field...
The ICH408I USER(password? ) message is in the log.
So it is not an MVS problem, but a user generated problem
Regards,
Silvio Camplani
zSeries Sr. Analyst, Systems Support
From a long time memory...
The operator replied a number to an outstanding reply (wrong replay)
If memory serves me there was a request for a checknum something like
enter check number
The operator replied 06123456789 (123456789 was the number) and the
program came back with starting check
I think it is the question of policy: whether everybody is allowed to
see anything unless it is forbidden, or the approach that nobody can see
anything unless allowed.
The option that you are not even allowed to see the datasets in DSLIST
if you are not authorized to read them, is a symptom of
Yes,
Was ist nicht erlaubt ist verboten
is a possible organizational policy. It is not one that seems to me
to have merit.
Having lived as a boy through the period when Nazi Germany all but
destroyed Europe I do not find it even minimally attractive. One
innoculation was sufficient to
In the Absence of Truth: Nothing is True; All is Permitted.
From: John Gilmore jwgli...@gmail.com
To: IBM-MAIN@LISTSERV.UA.EDU
Sent: Tuesday, September 18, 2012 1:55 PM
Subject: Re: z/OS SYSLOG - why not let everybody read?
Yes,
Was ist nicht erlaubt ist
30 matches
Mail list logo