Right; I don't see adequate instrumentation to answer the question.
Cheers, Martin
Martin Packer
zChampion, Systems Investigator & Performance Troubleshooter, IBM
+44-7802-245-584
email: martin_pac...@uk.ibm.com
Twitter / Facebook IDs: MartinPacker
Blog:
It’s a little more than coincidence that 3 of the most vociferous posters who
claim the mainframe is not secure, all sell mainframe security services.
Sent from Yahoo Mail for iPhone
On Tuesday, June 4, 2019, 8:59 AM, ITschak Mugzach wrote:
Lennie,
You are inviting 'he tries to sell his
Just maybe, they are the ones who understand the problems, as they spend time
focussed on them.
Lennie Dymoke-Bradshaw | Security Lead | RSM Partners Ltd
Web: www.rsmpartners.com
‘Dance like no one is watching. Encrypt like everyone is.’
-Original Message-
From: IBM
I suspected that, but was asking to verify my assumption. Thanks to you, Horst
and Parwez.
Bob
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Martin Packer
Sent: Tuesday, June 04, 2019 5:55 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject:
How do you demonstrate something that hasn’t happened? LOL
I see your company sells security services too.
Sent from Yahoo Mail for iPhone
On Tuesday, June 4, 2019, 5:59 AM, Lennie Dymoke-Bradshaw
wrote:
How do you demonstrate that you have never been hacked?
Lennie Dymoke-Bradshaw |
Bill,
So you have not seen these things. Others have. Please accept their word for
this.
If you were as rich as Warren Buffet then you could afford to employ others to
work out if you need a haircut. Maybe you could teach yourself those skills.
Your logic takes us down a path of only taking
How do you demonstrate that you have never been hacked?
Lennie Dymoke-Bradshaw | Security Lead | RSM Partners Ltd
Web: www.rsmpartners.com
‘Dance like no one is watching. Encrypt like everyone is.’
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Bill
Bob,
You might want to refer to this White Paper. Not specific to SAPs, but does
mention numbers for the z13 SAP plus there is additional info about FICON I/O
etc.
http://www-01.ibm.com/support/docview.wss?mhq=Z%20System%20SAP%20performance=ibmsearch_a=tss1wp102586
IBM System z13 I/O and High
Quite different. The sell the security as part of the OS. They don’t then bash
the security (their own product) and try to sell you additional products.
IBM actually tells you how great mainframe security is and use it as a selling
point to industries where security is paramount.
Sent from
On Mon, Jun 3, 2019 at 5:23 PM Tony Thigpen wrote:
> I would not convert it to LE.
>
> I have strong feelings that any system tool like this must be able to
> run in a crippled system with as little support from the OS as possible.
>
Hum. I hadn't thought of running this in a "crippled"
Lennie,
You are inviting 'he tries to sell his product / services' ...
ITschak
On Tue, Jun 4, 2019 at 3:45 PM Lennie Dymoke-Bradshaw <
lenni...@rsmpartners.com> wrote:
> Bill,
>
> It is very difficult to prove the negative. Hence, your claim that your
> system has never been hacked is
HI Everyone
I have an OO Cobol program that invokes a jar on USS using java v1.8, 31 bit.
When I run over 250K calls, it runs out of memory. If the jar is created in
java 7 and I compile/link/run the OO cobol pgm in Java 731, it runs fine.
I saw that there was some problems back in java 5 in
"40 years on numerous mainframes at more than a dozen companies and we’ve
never been hacked and never had any need for penetration testing."
...said King Priam to Cassandra
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
Bill Johnson
Sent: Tuesday, June
Well said! I had forgotten Cassandra's prophecy. Good analogy, Rob. :-)
I wish my shop had done pen testing a few years ago. :-(
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Rob Scott
Sent: Tuesday, June 04, 2019 5:17 AM
To:
Parwez,
Are there z14 and/or z14 ZR1 equivalent white papers or SAP numbers as stated
in the summary of these documents? :-)
Bob
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Parwez Hamid
Sent: Tuesday, June 04, 2019 7:53 AM
To:
Bill,
It is very difficult to prove the negative. Hence, your claim that your system
has never been hacked is difficult to prove. I think it is possible that your
system has been "hacked" and your data has been exfiltrated. There is no reason
for the hacker to call attention to that fact that
Doesn't answer your Q. However, unless you have a very I/O intensive workload
e.g. TPF system, normally there is sufficient SAP capacity for Z servers. The
other point to note is SAPs on z14 servers also support SMT (Simultaneous
Threading) as standard..
Regards
Parwez Hamid
Is SMT a good thing for a SAP invocation?
Speaking of z14 servers, would you consider the default number of SAPs on a ZR1
sufficient most of the time?
What do you consider "very I/O intensive"?
Bob
-Original Message-
From: IBM Mainframe Discussion List
In 40 years, I’ve never seen any company I’ve worked for have their mainframe
hacked or compromised. Including a bank and multiple insurance companies. Plus,
I was in positions to know.
I have seen numerous hacks and compromises of non mainframe platforms at those
companies.
As Warren Buffett
So does IBM
Lou
On Tue, Jun 4, 2019 at 6:38 AM Bill Johnson <
0047540adefe-dmarc-requ...@listserv.ua.edu> wrote:
> How do you demonstrate something that hasn’t happened? LOL
> I see your company sells security services too.
>
>
> Sent from Yahoo Mail for iPhone
>
>
> On Tuesday, June 4,
By "crippled", it could be during early IPL or late shutdown.
Tony Thigpen
John McKown wrote on 6/4/19 8:20 AM:
On Mon, Jun 3, 2019 at 5:23 PM Tony Thigpen wrote:
I would not convert it to LE.
I have strong feelings that any system tool like this must be able to
run in a crippled system
Bill
Do you believe :
(o) That there have never been any "magic" or "auth on" SVCs or PC routines?
(o) That there is no such thing as a Sec/Int APAR?
(o) That Karl Schmitz has just been wasting his breath for the last 20 years?
(o) That IBM's Secure Engineering department just sit around
On Tue, Jun 4, 2019 at 11:15 AM Seymour J Metz wrote:
> What you're talking about is a COBOL interface to a REXX script, not a
> COBOL interface to SDSF. You've always been able to call REXX from COBOL,
> and there's no need to make the interface so complicated. What you can't do
> is to call
RACF comes with the OS. You turn it on and pay for it ONLY if you don’t have
ACF2 or TSS. And RACF has approx 80% market share.
Sent from Yahoo Mail for iPhone
On Tuesday, June 4, 2019, 12:52 PM, Clark Morris wrote:
[Default] On 4 Jun 2019 08:56:03 -0700, in bit.listserv.ibm-main
Agile: doing the wrong thing quickly
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
From: IBM Mainframe Discussion List on behalf of
ITschak Mugzach
Sent: Monday, June 3, 2019 2:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Just how secure
I agree. I’m out.
Sent from Yahoo Mail for iPhone
On Tuesday, June 4, 2019, 11:50 AM, Carmen Vitullo wrote:
where are the forum monitors when you need them, I have nothing positive or
negative to add the this run out thread, ok - NO ONE is 100% secure, is the
IBM-MAIN or FACEBOOK -
lets
>From the you can’t make this up department. Mr. Marchant agrees with me.
https://www.compuware.com/proving-z13-modern/
Talk of “modernization” of mainframe systems is often code for redesigning
mainframe-based applications and implementing them to run on Windows, or less
frequently, on
Well, it's important to replace all of that COBOL code using a language like C
that came out this decade. Oh, wait, it didn't.
But didn't Multics have B1 before MVS did?
Reading the transcript I would have to assume that either the government is in
the process of upgrading its 360/65 fleet to
> Hum, couldn't the program set up a REXX environment by using IRXINIT? Then
> use IRXEXCOM to run an in-memory REXX program which uses the SDSF API.
Of course. But, again, that's not a direct call from the COBOL code to SDSF.
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
Why do you people keep saying I said it was 100% secure? I never said that,
ever. Nothing is 100% secure. I’m well aware of sec/int APARS and well aware of
the rest.
All I said was the MF is the most secure platform on the planet (by design) and
security is one of the main reasons banks,
Sounds like a combination of improper RACF configuration and vulnerabilities in
various Unix components, both standard (FTP) and IBM (WebSphere). What's really
disturbing is the total lack of cooperation from LE for nearly two weeks.
This sounds like a case where pen testing might have saved
How target was hacked.
https://www.computerworld.com/article/2487425/target-breach-happened-because-of-a-basic-network-segmentation-error.html
Sent from Yahoo Mail for iPhone
On Tuesday, June 4, 2019, 12:52 PM, Clark Morris wrote:
[Default] On 4 Jun 2019 08:56:03 -0700, in
On Tue, Jun 4, 2019 at 8:28 AM Tony Thigpen wrote:
> By "crippled", it could be during early IPL or late shutdown.
>
It's been too long since I actually worked on VM (VM/XA actually!). I
remember setting up the MVS guest ID to IPL CMS and set things up using the
PROFILE EXEC. But there wasn't
We have done exactly what you are thinking using 30amp twist plugs.
Tony Thigpen
Christian Svensson wrote on 6/4/19 10:32 AM:
Hi,
This may be an odd question. I bought an z114 and I'm trying to figure out
how to power it.
I've arrived that the single-configuration BPR I have should happily
You have posted more to this thread than anyone else.
False
You have claimed that security is the main reason people stay on the
mainframe, and posted a few articles that do not say what you claimed
they say.
False, they all stated flatly security was a top 3 reason for staying on the
Not according to Target or any write ups I’ve read on it.
Sent from Yahoo Mail for iPhone
On Tuesday, June 4, 2019, 12:52 PM, Clark Morris wrote:
[Default] On 4 Jun 2019 08:56:03 -0700, in bit.listserv.ibm-main
0047540adefe-dmarc-requ...@listserv.ua.edu (Bill Johnson) wrote:
>From the
If you drop foo. and don't set any new values for, e.g., foo.bar, then a
request for N (next) will return only foo. I wouldn't expect drop foo.baz to
change that.
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
From: IBM Mainframe Discussion
All my VSE systems are under VM, but all my z/OS systems run native.
But, with VSE, there are some things I don't want to do before the "CP
IPL xxx' statement in the profile exec, so I do them as early as
possible in the VSE IPLs
Tony Thigpen
John McKown wrote on 6/4/19 10:43 AM:
On Tue,
> Can a program knowing none of this except that unknown members of X.
> have been manipulated discover with IRXEXCOM that:
Yes.
> IRXEXCOM can set Rexx variables. Can't it create new ones simply by setting
> them:
Of course. But you have to be running a REXX script in order to use IRXEXCOM.
On Tue, 4 Jun 2019 00:01:01 +, Bill Johnson wrote:
>noise and plenty of it.
PKB.
You have posted more to this thread than anyone else.
You have claimed that security is the main reason people stay on the
mainframe, and posted a few articles that do not say what you claimed
they say.
You
On Tue, Jun 4, 2019 at 11:41 AM Seymour J Metz wrote:
> > Can a program knowing none of this except that unknown members of X.
> > have been manipulated discover with IRXEXCOM that:
>
> Yes.
>
> > IRXEXCOM can set Rexx variables. Can't it create new ones simply by
> setting them:
>
> Of course.
On Tue, Jun 4, 2019 at 11:53 AM John McKown
wrote:
> On Tue, Jun 4, 2019 at 11:41 AM Seymour J Metz wrote:
>
>> > Can a program knowing none of this except that unknown members of X.
>> > have been manipulated discover with IRXEXCOM that:
>>
>> Yes.
>>
>> > IRXEXCOM can set Rexx variables.
Bad link
https://www.computerworld.com/article/2487425/target-breach-happened-because-of-a-basic-network-segmentation-error.html
On Tuesday, June 4, 2019, 12:53:11 PM EDT, Clark Morris
wrote:
[Default] On 4 Jun 2019 08:56:03 -0700, in bit.listserv.ibm-main
On Tue, 4 Jun 2019 16:40:47 +, Seymour J Metz wrote:
>> Can a program knowing none of this except that unknown members of X.
>> have been manipulated discover with IRXEXCOM that:
>
>Yes.
>
How, after "... a stem is used as the target of an assignment [and] all
possible compound variables
Hi,
This may be an odd question. I bought an z114 and I'm trying to figure out
how to power it.
I've arrived that the single-configuration BPR I have should happily accept
any AC between 200V-600V, and I managed to buy two 41U0108 (one per A/B
power). The power consumption should come out to less
[Default] On 4 Jun 2019 08:56:03 -0700, in bit.listserv.ibm-main
0047540adefe-dmarc-requ...@listserv.ua.edu (Bill Johnson) wrote:
>From the you cant make this up department. Mr. Marchant agrees with me.
>
>https://www.compuware.com/proving-z13-modern/
>
Considering that he is writing for a
Hi Naz,
Out of memory errors in Java on Z can happen for a number of reasons. It
could really be that you've run out of heap space but it could also be
that LE has hit a problem with a z/OS limit.
Please can you provide more details about the exception message you get?
For instance here's an
where are the forum monitors when you need them, I have nothing positive or
negative to add the this run out thread, ok - NO ONE is 100% secure, is the
IBM-MAIN or FACEBOOK -
lets move this on PLEASE !
Carmen Vitullo
- Original Message -
From: "Bill Johnson"
What you're talking about is a COBOL interface to a REXX script, not a COBOL
interface to SDSF. You've always been able to call REXX from COBOL, and there's
no need to make the interface so complicated. What you can't do is to call SDSF
directly with functionality equivalent to what you have
Well, the vendor could submit z/OS with their software installed for a security
certification, but as I understand it that's very expensive and time consuming.
As for an ESM, there are a lot of facilities that won't work at all without one.
BTW, just because an application isn't APF authorized
Hi
Is there a technical discussion forum for Adabas(Mainframe).
Please share the link if possible.
Regards
Peter
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with
I think there's a forum on
http://www.ibmmainframeforum.com/
Carmen Vitullo
- Original Message -
From: "Peter"
To: IBM-MAIN@LISTSERV.UA.EDU
Sent: Tuesday, June 4, 2019 12:59:14 PM
Subject: Tech Forums for Adabas ?
Hi
Is there a technical discussion forum for
Software AG Discussion List
Bruce Lightsey
Database Manager
MS Department of Information Technology Services
601-432-8144 | www.its.ms.gov
DISCLAIMER: This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
On Tue, Jun 4, 2019 at 12:03 PM Seymour J Metz wrote:
> > Hum, couldn't the program set up a REXX environment by using IRXINIT?
> Then
> > use IRXEXCOM to run an in-memory REXX program which uses the SDSF API.
>
> Of course. But, again, that's not a direct call from the COBOL code to
> SDSF.
>
On Tue, 4 Jun 2019 13:52:27 -0300, Clark Morris wrote:
>Is there a mechanism for
>third party vendors that provide software that runs APF authorized to
>be somehow included in the statement of integrity or have recognized
>equivalents?
Other vendors are free to issue their own statements of
On Tue, 4 Jun 2019 17:48:18 +, Seymour J Metz wrote:
>IREXCOM has no interface for reporting that a variable has been dropped. All
>that it can do is to return the variables that are still known. The statement
> foo. = 'Blanket' does not create any variable other than foo., even though
IREXCOM has no interface for reporting that a variable has been dropped. All
that it can do is to return the variables that are still known. The statement
foo. = 'Blanket' does not create any variable other than foo., even though
requesting the value of foo.baz will give you Blanket.
--
> IOW, IRXEXCOM can not report fully the state of all compound
> symbols having a given stem.
Not even close: in fact, the exact opposite of what you wrote. IREXCOM with the
N option reports fully on all variables that have been set and not dropped.
You're misreading the text, and "default
On Tue, 4 Jun 2019 17:14:17 +, Seymour J Metz wrote:
>If you drop foo. and don't set any new values for, e.g., foo.bar, then a
>request for N (next) will return only foo. I wouldn't expect drop foo.baz to
>change that.
>
I am wondering about the case where e.g. I:
foo. = 'Blanket'
This may be better posted elsewhere but I thought I'd start here.
Here's the code running on a model 2828, hopefully it formats OK. This is just
a very basic test and not intended for production, just to try and experiment
with some new instructions.
BASR 12,0
Thanks Mikael,
I changed the code to
lhh 9,h2
and
H2 dch'2'
And now can see the expected value 0002 in R9, at least from SNAP,
so I'm happy enough.
Still odd that Xpediter appears to "step over" it without executing it, but
without Xpediter I get
The format of LHH is LHH R1,D2(X2,B2). What you get is the halfword at address
2.
Mikael Nyström
Core Ledger
SEB
Phone: +46 70 739 48 55
Switchboard: +46 771 62 10 00
Postal Address: A-B9, SE-106 40 Stockholm, Sweden
Office Address: Stjarntorget 4
E-mail: mikael.nyst...@seb.se
www.seb.se
On z/OS, you can use SMF78.3 and the RMF IOQ report. Plus, there are some
related overview conditions.
Horst Sinram - STSM, IBM z/OS Workload and Capacity Management
--
For IBM-MAIN subscribe / signoff / archive access
Thank you, Horst.
My colleague ran reports on them over a 60 day period for two different CPCs.
Are there any benchmarks in use that would indicate the necessity for more (or
less) SAPs?
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
*PLONK*
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Bill Johnson
Sent: Monday, June 03, 2019 8:01 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Just how secure are mainframes? | Trevor Eddolls
Lol, yeah, because the more someone
65 matches
Mail list logo
