J.) Metz
http://mason.gmu.edu/~smetz3
________
From: IBM Mainframe Discussion List on
behalf of Ray Overby
Sent: Thursday, May 30, 2019 7:28 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Fwd: Just how secure are mainframes? | Trevor Eddolls
In response to "A
is running with his own credentials; he
doesn't have access to the production data. A user who simply logs on to the
application canfront-end it.
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
From: IBM Mainframe Discussion List on behalf of R
________
From: IBM Mainframe Discussion List on behalf of Ray
Overby
Sent: Wednesday, May 29, 2019 11:11 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Fwd: Just how secure are mainframes? | Trevor Eddolls
In response to "Mistakes, lack of time, lack of control, lack of skills
ersonnel and 3rd party providing OS changes and other privileged
code.
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
________
From: IBM Mainframe Discussion List on behalf of Ray
Overby
Sent: Thursday, May 30, 2019 7:28 AM
To: IBM-MAIN@LISTSERV.UA.
processes (not RACF), such as assigning userid's, making
sure people have just the access they need, periodic audits, etc.
Am I even close?
On 5/30/2019 4:28 AM, Ray Overby wrote:
In response to "An application with a trap door is an application
vulnerability. If there is a trap door
.
--
Radoslaw Skorupka
Lodz, Poland
W dniu 2019-05-29 o 17:11, Ray Overby pisze:
In response to "Mistakes, lack of time, lack of control, lack of
skills. Not a platform weakness." comment: The mainframe platform,
z/OS, and ESM's all rely on integrity to function. A single TRAP
In response to "Ideed, IF you know such trap door, you know z/OS
vulnerability, which proves the platform is not immune. Is it as
vulnerable as Windows? No, because it's still not binary, some systems
are still more secure than others."
In my opinion (I am biased) z/OS is the most secure-able
ason.gmu.edu/~smetz3
From: IBM Mainframe Discussion List on behalf of Ray
Overby
Sent: Wednesday, May 29, 2019 11:11 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Fwd: Just how secure are mainframes? | Trevor Eddolls
In response to "Mistakes, lack of time, lack of control, lack of skills
In response to "Mistakes, lack of time, lack of control, lack of skills.
Not a platform weakness." comment: The mainframe platform, z/OS, and
ESM's all rely on integrity to function. A single TRAP DOOR code
vulnerability pierces the veil of integrity and can be used to
compromise the
is the people responsible
for writing and maintaining the code not necessarily the installation
running the code. A subtle but important distinction.
I would like to think at the end of the day that the work that I do is a
valuable service to our industry as well as to the institutions that ru
must have my userid+1 as the job
name and my userid access is properly controlled by the ESM, how is that
vulnerable?
IOW, how is FTP JES submission any different from TSO SUBMIT?
Peter
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Beha
Yahoo Mail for iPhone
On Tuesday, May 28, 2019, 1:06 PM, Ray Overby wrote:
Bill - I assure you the silliness is all on your part. ;-)
/Show me a link to your third scenario successfully implemented? /My company
does not publicly disclose z/OS code vulnerabilities that it finds in z/OS, ISV
?
Sent from Yahoo Mail for iPhone
On Tuesday, May 28, 2019, 11:44 AM, Ray Overby wrote:
This discussion on mainframe vulnerabilities has unfortunately broken
down. I have been talking to mainframe people about vulnerabilities for
the last 12 years. I have talked with people just like Bill
://mason.gmu.edu/~smetz3
From: IBM Mainframe Discussion List on behalf of Ray
Overby
Sent: Tuesday, May 28, 2019 11:44 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Fwd: Just how secure are mainframes? | Trevor Eddolls
This discussion on mainframe
This discussion on mainframe vulnerabilities has unfortunately broken
down. I have been talking to mainframe people about vulnerabilities for
the last 12 years. I have talked with people just like Bill Johnson. My
discussions went just like this discussion did. The problem (as I saw
it) was
acks using this technique.
Feel free to contact me offline to continue this discussion.
Ray Overby
On 10/30/2018 7:43 PM, Seymour J Metz wrote:
If there were no unpatched security holes then IBM wouldn't need to release
security PTFs to fix them. I would hope that it's a lot harder to fin
I think it would be a better idea to have FMID, PTFID, and APARID as an
eye catcher in each csect in each load module.
On 10/16/2017 6:02 AM, Karlheinz wrote:
Hi,
we have opened a RFE at IBM for having related FMID, PTFID and APARID as an eye
catcher in each load module being generated and
One would assume that the older z/OS system is important to the
installation. That the data on the system is important, who can review
and update the data is important, as well as the system's availability.
Key Resources, Inc has direct knowledge of vulnerabilities on older,
non-supported
Multiple User Address Space or MUSASS for short. MUSASS is a LOGONID
attribute that is assigned via ACF command. It is assigned to an address
space where multiple users are "active" in the address space. Examples
of a MUSASS address space are CICS and IMS. There are others.
On 4/6/2017
think they would not require it either. By giving these developers
WRITE or higher access to an APF authorized library the INSTALLATION is
allowing them to issue ANY of the restricted APIs on the installations
z/OS system (not just the ACF2 SVC A supercalls).
I hope this information helps clarif
Typically this means that one of the following has occured:
-z/OS - notebook file transfer was not performed using binary
-notebook - z/OS file transfer was not performed using binary
If you look at the xmit file on the source z/OS system you should see
!\INMR01 in the 1st record. If
userid - ssdrso
Ray Overby
Key Resources, Inc
Ensuring System Integrity for z/Series
(312) 574-0007
On 12/22/2013 4:56 PM, Daniel Skwire wrote:
I thought the FAA had special hybrid 6 computer systems, 3 x 2 way MPs?
Interesting!
Dan
Sent from my iPad
On Dec 22, 2013, at 3:11 PM, DASDBILL2
flawed function code validation - If you pass a negative number or a
large positive number you can control where the SVC branches to. I have
seen these types of problems in the wild where I was able to branch to
a private area where any code you wanted could be executed.
Ray Overby
Key
level of authority
-Don't dynamically elevate their security credentials
-Don't allow the requester the ability to MODESET
-Don't return control in a different PSW Key or State
Ray Overby
Key Resources, Inc
Ensuring System Integrity for z/Series
(312) 574-0007
On 12/1/2013 7
with maintenance or a new release.
Ray Overby
Key Resources, Inc
Ensuring System Integrity for z/Series
(312) 574-0007
On 9/8/2013 10:37 PM, Jon Perryman wrote:
No matter how much knowledge and money you have available, you can't be 100%
secure (we still have APF). You can only secure known
, RACF report writer, as
well as CA's Examine (it has a new name now) among other products as
potentially being used by those seeking vulnerabilities to exploit as well.
These products can identify vulnerabilities that if disclosed would allow an
exploit to be created.
Ray Overby
Key Resources, Inc
/I guess, only those which are know to the author. Or subset of them
implemented in the tool.
/z/Assure VAP is not a virus scanner. It does not use a list of known
vulnerabilities or code sequences to identify vulnerabilities.
Ray Overby
Key Resources, Inc
Ensuring System Integrity for z
that I use is to cancel the LX owner while driving
the programs that would issue the PC calls.
Ray Overby Key Resources, Inc. Ensuring System Integrity for z/Series™
www.kr-inc.com (312)574-0007
On 8/23/2013 06:46 AM, Robin Atwood wrote:
Our application very occasionally (once every few months
that the
system uses to maintain its integrity./
I believe this last requirement should not be limited to just
installation-written code but also include ISV authorized code.
Ray Overby Key Resources, Inc. Ensuring System Integrity for
z/Series^(TM) www.kr-inc.com (312)574-0007
On 6/18/2013 18:45
Sent on the Sprint® Now Network from my BlackBerry®
-Original Message-
From: Thomas Conley pinnc...@rochester.rr.com
Sender: IBM Mainframe Discussion List IBM-MAIN@LISTSERV.UA.EDU
Date: Thu, 4 Oct 2012 17:10:51
To: IBM-MAIN@LISTSERV.UA.EDU
Reply-To: IBM Mainframe Discussion List
30 matches
Mail list logo