From: Steven Lane (steve.lane@alphacourt.com)
Date: Fri Jan 31 2003 - 05:56:33 EST
Nick,
I am focusing on IBM WebSphere MQ security at the moment. One of the most
common platforms that this runs on is OS/390 or z/OS. Since WMQ can be
compromised if the OS is compromised, I am interested in any penetration
test methods or weaknesses that exist in 'big box' security. I would like to
put together an attack tree for z/OS or OS/390 and understand the
vulnerabilities of these systems. I would appreciate it for would forward
anything you find to me or any really good URLs.
Kind Regards
Steve
------------------------------
Steven Lane
Information Security Consultant
Alphacourt Limited
Email: steve.lane@alphacourt.com
www: http://www.alphacourt.com
-------------------------------
-----Original Message-----
From: visigoth [mailto:visigoth@securitycentric.com]
Sent: 30 January 2003 03:09
To: Nick Jacobsen
Cc: pen-test@securityfocus.com
Subject: Re: z/OS, OS/390 Pen testing tips/ideas/papers?
On Tue, Jan 28, 2003 at 05:24:22AM -0800, Nick Jacobsen wrote:
> Hi all,
> One of my clients has an IBM OS/390 running on one of their networks I
> am doing some security testing on, and considering I really have not dealt
> with any IBM mainframes before when it comes to security, I was hoping
that
> some of you might be able to point me the right direction. Anything would
> be helpful, but especially from a penetration viewpoint.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:27 EDT