I've just improved (I hope ;o)) BlockIP so it can block those bad useres as quoted below. Thanks to Roger for the nice words, this it what makes it all worth to keep WebSphere MQ secure or at least trying to...
Currently BlockIP2 can help you block: mqm, MUSR_MQADMIN and blank uids, this means that a valid userid will pass the exit, I can't block a valid user, that's up to WebSphere MQ and the operating system. I have seen some exits arround calling Windows security, so uid/password will get verified...
And it's improved to handle multi, patterns input, so you can specify more networks/addresses, it's still limited to the lenght of SCYDATA (32) pos. I'm planning a version where the specification is moved to a file......
You can find BlockIP2 here: http://home19.inet.tele.dk/m-invent/tips_and_tricks.htm#BlockIP2 I hope you'll enjoy it.
I think the only solution to really stop this if the MCAUSER is to be blank is to have an exit on that channel to stop this ID.
If I had a magic wand, I would make it so that SVRCONN channels with blank MCAUSERs would default the userID to "knucklehead" if the client did not present one (instead of defaulting to mqm). Also, a new channel attribute called BlockMQM which could be turned on to reject (with no further exits or efforts) any connections coming in as mqm or MUSR_MQADMIN.
Just my $0.02 ;o)
_________________ Best regards
Jxrgen Pedersen IBM Certified WebSphere MQ * IBM Certified Solution Designer - WebSphere MQ V5.3 IBM Certified Solution Developer - WebSphere MQ V5.3 IBM Certified WebSphere MQ Integrator *
_________________________________________________________________ Fe alle de nye og sjove ikoner med MSN Messenger http://messenger.msn.dk
Instructions for managing your mailing list subscription are provided in the Listserv General Users Guide available at http://www.lsoft.com Archive: http://vm.akh-wien.ac.at/MQSeries.archive
