I was originally addressing the functions of FTP itself. FTP is not an open door to accessing whatever you want on a z/OS system. I was not addressing denial of service attacks of any nature. Allowing FTP or any other network facing application is by its very nature exposing denial of service and availability attacks. Please address those concerns to the networking and firewall teams. If you are on a network (z/OS or not), denial of service is a part of life.
I am still a firm believer of the data controls of RACF. Including those that are integrated with the Communication Server for port and IP function access. If you are foolish enough to just install base software without addressing security controls, then you have done the equivalent of holding a Hackers open house and you really do not care what happens to your data. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN