mmjuma wrote: >Some one in our section, he was able to download RACF data base file >SYS1.RACF.PRIM ...
You and that someone should stay away from my z/OS! Your protection of RACF DB and all its backups are pathetic. UACC should be NONE (see other's replies). >... via ftp to PC, Your FTP is unprotected! >...then he used some tool. With any of the available freebies you can download. >... He was able to get uid and password of some users. As others said, only when you completed a brute force attack. No passwords are stored at all on the RACF DB and all its backups. Not even IRRDBU00 writes out protected fields. >He had now access to the file in mainframe. Fire him. And the RACF admin too. >I want to understand what happend, and how to protect against such issue. Do a full review of your machine security. First, UACC=NONE on your RACF DB and all its backup. Then your PROGRAM class and FTP, then everything else. And stay away from my machine. Groete / Greetings Elardus Engelbrecht ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN