>IPCS for example; when the system captures an SVC dump all of the >available data (even fetch protected data) is going to be laying around >in the dump dataset. Give Joe black hat uncontrolled access to IPCS and >he can snoop around to his heart's content looking under rocks and >turning up vulnerabilities the installation might not even be aware of.
<grin> In my experience most people tend to have no clue how to use IPCS, much less how to use it to advantage, again much less how to figure out things from an sdump. If someone is really capable of doing this and using the information to turn up vulnerabilities, my congrats to her/him, and possibly good luck in getting the powers that be to close that vulnerability! </sarcasm off> Best regards, Barbara -- GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen! Jetzt dabei sein: http://www.shortview.de/[EMAIL PROTECTED] ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
