From: John Bussert (JBussert@swiftorder.com)
Date: Tue Feb 19 2008 - 10:24:11 EST
Jon,
Another option is to take a look at the IBM Redbooks - lots of good
information and you can download them for free.
http://www.redbooks.ibm.com/abstracts/sg246668.html?Open
http://www.redbooks.ibm.com/cgi-bin/searchsite.cgi?query=as400+AND+secur
ity
Keep in mind that the release of the OS does have an impact on its
capabilities and if they have implemented PASE or Linux environments.
Good luck...
jb
John Bussert, CISSP, MCP
Swift Technologies, Inc.
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of xelerated
Sent: Friday, February 15, 2008 6:44 AM
To: Jon Kibler
Cc: pen-test@securityfocus.com
Subject: Re: AS400 Net Recon
Hi,
I have not tested this myself. But it looks good for as/400 specifics.
http://www.security-database.com/toolswatch/AS-400-Auditing-Framework-Be
ta.html
Then there is the trusty OSSTMM for your overall methodology to test
with.
On Tue, Feb 12, 2008 at 3:11 PM, Jon Kibler <jon.r.kibler@gmail.com>
wrote:
> Hi,
>
> I have a client with AS400s on their LAN. They want a vulnerability
> scan, but having been burned in the past, I want to ask before doing:
> Are there any issues with scanning (nmap, nessus, etc.) AS400s?
>
> While I am at it, any good information on AS400 security? I see a few
> corporately published books for sale on the net about AS400 security,
> but I don't want to drop a couple of grand for a book by some
> organization I am not familiar with.
>
> Any help appreciated.
>
> Jon K.
>
>
------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
>
------------------------------------------------------------------------
>
>
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:24 EDT