Re: AW: Mainframe in the DMZ -- organization of operations
On Wed, 10 Aug 2005 16:39:45 +0200, Thomas Ramseier <[EMAIL PROTECTED]> wrote: >Hi Jantje > >We're running a zOS DMZ with a WAS for about 3 years now. It is in a Now c'me on, people... There must be more installations that have a mainframe exposed to the Internet and are not top secret... Please do help me a bit in getting my reflections going. Cheers, Jantje. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AW: Mainframe in the DMZ -- organization of operations
On Wed, 10 Aug 2005 11:37:44 -0400, Bruce Black <[EMAIL PROTECTED]> wrote: >> >It is always frustrating for me when someone posts a question using >acronyms assuming that everyone on the list understands them. > WAS Websphere Application Server DMZ De-Militarized Zone CEC Central Electronics Complex LPAR Logical PARtition IODF Input/Output Definition File OSA Open Systems Adapter DASD Direct Access Storage Device Cheers, Jantje. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AW: Mainframe in the DMZ -- organization of operations - another historical reference
Ted " Now, if somebody could explain the explanation?" Oh Grasshopper, What part you mean? DMZ to mean "Firewall" is a cheap usurpation of a term deriving from a human tragedy that technically is not finished. Korean War ended with an armistice, and the Imjin River to the South and the Military Demarcation Line on the North (roughly at the 38th parallel) are the boundries of the DMZ. In the 1950's the US Marine Corps' 1st Provisional Demilitarized Zone Police Co was established to police the UN's portion of the DMZ. (Armistice: a state of peace agreed to between opponents so they can discuss peace terms) By the time the armistice was signed in 1953, two years after truce talks began, U.N. casualties were estimated at more than 550,000 -- while North Korean and Chinese casualties were believed to be around 1.5 million. As part of the cease-fire, both sides agreed to withdraw 2 kilometers along the final battleground and establish a demilitarized zone along the armistice line -- a zone that still exists today. Note: The North Korean People's Army is one million strong. Maybe has nuks. Asked whether he thought the North Koreans might feel emboldened because of the United States' focus on Iraq and the campaign against terrorism, Mr. Rumsfeld said, "If they do, it would be a mistake." "We are capable of fighting two major regional conflicts," Mr. Rumsfeld said. "We're capable of winning decisively in one and swiftly defeating in the case of the other. And let there be no doubt about it." (Now I'm confused) Stay tuned. (Paint-ball is to war as Firewall is to DMZ) -- This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AW: Mainframe in the DMZ -- organization of operations
A DMZ system is one that is just "out there" on the internet, visible to all and sundry, with no routers to hide behind, no firewall protection, no virus protection, no ports blocked, etc. IOW, a honeypot for black-hat hackers and script kiddies. The virus fighters use honeypot systems to attract any new beasts that get released "into the wild" so that they can develop the scanners and antidotes more quickly. HTH Peter -Original Message- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 10, 2005 1:33 PM To: IBM-MAIN@BAMA.UA.EDU Subject: Re: AW: Mainframe in the DMZ -- organization of operations >"DMZ, which stands for demilitarized zone, is the logical area in a Web application's architecture that separates the "untrusted" Internet from the "trusted" Intranet." ... Now, if somebody could explain the explanation? -teD In God we Trust! All others bring data! -- W. Edwards Deming _ This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by e-mail and delete the message and any attachments from your system. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AW: Mainframe in the DMZ -- organization of operations
> Firewall Well! Why didn't they say so? I know what that is! -teD In God we Trust! All others bring data! -- W. Edwards Deming -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AW: Mainframe in the DMZ -- organization of operations
Firewall -Original Message- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Ted MacNEIL Sent: Tuesday, August 09, 2005 8:00 PM To: IBM-MAIN@BAMA.UA.EDU Subject: Re: AW: Mainframe in the DMZ -- organization of operations >"DMZ, which stands for demilitarized zone, is the logical area in a Web application's architecture that separates the "untrusted" Internet from the "trusted" Intranet." ... Now, if somebody could explain the explanation? -teD In God we Trust! All others bring data! -- W. Edwards Deming -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AW: Mainframe in the DMZ -- organization of operations
>"DMZ, which stands for demilitarized zone, is the logical area in a Web application's architecture that separates the "untrusted" Internet from the "trusted" Intranet." ... Now, if somebody could explain the explanation? -teD In God we Trust! All others bring data! -- W. Edwards Deming -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
Re: AW: Mainframe in the DMZ -- organization of operations
We are considering what the security impact of putting a WAS on mainframe in the DMZ would be. It is always frustrating for me when someone posts a question using acronyms assuming that everyone on the list understands them. I vaguely knew that WAS refers to Websphere but DMZ? I knew the common usage, DeMilitarized Zone, and I was surprised that search on IBM.COM disclosed that is the exact meaning in this context "DMZ, which stands for demilitarized zone, is the logical area in a Web application's architecture that separates the "untrusted" Internet from the "trusted" Intranet." I am sure I have been guilty myself of assuming that everyone understands common abbreviations and acronyms but I do try and remember to explain the less obvious ones. So considerly yourself gently reminded for the future, explain such things unless they are very common and well-known. When in doubt, do it. Thanks -- Bruce A. Black Senior Software Developer for FDR Innovation Data Processing 973-890-7300 personal: [EMAIL PROTECTED] sales info: [EMAIL PROTECTED] tech support: [EMAIL PROTECTED] web: www.innovationdp.fdr.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html