ICETOOL / SORT capturing count of output records when using INCLUDE

2022-11-17 Thread Eric Verwijs 
Hello,

We're splitting very large datasets that have 3 years of client data into 3 
smaller datasets containing a year of data each.

Can COUNT can be used to determine the total number of records in the output 
files? I've not seen how and it seems only able to count the number of input 
records.

I know the job output reports the totals and I could spool that to a temporary 
file to capture it.

However, can COUNT or some other parameter be used to get the total for for 
each of the output files?

This is more or less the JCL that we use:
//SPLITYREXEC PGM=ICETOOL
//TOOLMSG  DD SYSOUT=*  
//DFSMSG   DD SYSOUT=*  
-  -  -  -  -  -  -  -  -  -  -  -  -  -
//IN DD *   
-  -  -  -  -  -  -  -  -  -  -  -  -  -
/*  
-  -  -  -  -  -  -  -  -  -  -  -  -  -
//TOOLIN   DD * 
   COPY  FROM(IN) TO(OUT1) USING(CTL1)  
   COPY  FROM(IN) TO(OUT2) USING(CTL2)  
   COPY  FROM(IN) TO(OUT3) USING(CTL3)  
/*  
//CTL1CNTL DD * 
  OUTFIL FNAMES=OUT1,   
 INCLUDE=(12,2,CH,EQ,C'98') 
 OUTREC FIELDS=(1:1,20) 
/*  
//CTL2CNTL DD * 
  OUTFIL FNAMES=OUT2,   
 INCLUDE=(12,2,CH,EQ,C'99') 
 OUTREC FIELDS=(1:1,20) 
/* 
//CTL3CNTL DD *
  OUTFIL FNAMES=OUT3,  
 INCLUDE=(12,2,CH,EQ,C'00')
 OUTREC FIELDS=(1:1,20)
/*

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: eWEEK Article highlights weaknesses in Mainframe Security

2018-11-02 Thread Eric Verwijs 
Thanks for all the responses. I wasn't aware of any vulnerabilities, patched or 
otherwise. I don't handle our mainframe's security, another department does 
that.
Frightening.


   Regards, 
        Eric Verwijs 

Programmeur-analyste, RPC, SV et solutions de paiement - Direction générale de 
l'innovation, information et technologie
Emploi et Développement social Canada / Gouvernement du Canada
frederick.verw...@hrsdc-rhdcc.gc.ca 
Téléphone 819-654-0934 
Télécopieur 819-654-1009

Programmer Analyst, CPP, OAS, and Payment Solutions - Innovation, Information 
and Technology Branch
Employment and Social Development Canada / Government of Canada
frederick.verw...@hrsdc-rhdcc.gc.ca 
Telephone 819-654-0934 
Facsimile 819-654-1009

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Ray Overby
Sent: November-01-18 2:35 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: eWEEK Article highlights weaknesses in Mainframe Security

Disclamer: Don't shoot the messenger (I am very passionate on this 
topic). The fact is unpatched zero day vulnerabilities exist on all z/OS 
mainframe's. Don't take my word for this. Ask KRI's clients what their 
experience is with z/Assure VAP  finding (probable) zero day integrity 
based code vulnerabilities. I say probable because the ISV's don't 
appear to share the integrity vulnerability details with anyone outside 
their respective organizations. They certainly do not share this 
information with Key Resources. So if the ISV takes longer than a couple 
of days to provide a patch its likely they did not have one before the 
vulnerability was reported. Thus you can conclude that the vulnerability 
was a zero day.

Comment: If there were no unpatched security holes then IBM wouldn't 
need to release security PTFs to fix them.
Response: Correct. You only need to look at the patches provided by your 
ISV's (IBM, CA, BMC, Rocket Sorry if I missed any one!) and you will 
find security and/or integrity patches.

Comment: I would hope that it's a lot harder to find one than it used to be.
A: No actually it is not. I started doing this in 2009.  Key Resource's 
z/Assure VAP product regularly finds integrity based-code 
vulnerabilities. Most of these vulnerabilities appear to be zero day. As 
some people would consider my comments biased, don't take my word for 
it. Ask our clients if what I am saying is accurate.

Question: What zero-day vulnerabilities would there be? I’ve not heard 
of unpatched security holes in z/OS before.
Short answer: Conspiracy of Silence. Unless you are with the companies 
that find the vulnerability, work for the ISV support group, or are part 
of the ISV management or development teams you would never know about 
the vulnerability UNTIL you saw the patch on their patch portals. 
Patches normally contain no details about the vulnerability. This is how 
mainframe integrity based-code vulnerability management is done.  These 
vulnerabilities are NOT reported on the National Vulnerability Database.

Comment: Aside from of course, phishing and other attacks aimed at the users 
and not the machine itself.
Answer: Nothing to do with phishing and other attacks. I am referring to 
integrity based-code vulnerabilities.  These vulnerabilities are in SVC's, PC 
routines, or APF).  However, a good hacker will combine vulnerabilities to 
achieve their goal. The hacker wants to establish a beach head in your network. 
From there they can traverse the network compromising system's until they get 
access to z/OS. With these integrity based-code vulnerabilities once they are 
established and able to run work on z/OS they can elevate their credentials 
with an integrity based-code vulnerabilities and turn off logging. "Run work" 
would roughly translate to: a) FTP JCL to z/OS b) Logon to TSO or something 
similar c) Submit JCL through RJE or NJE (google metasploit NJE for attach 
vectors)there are documented attacks using this technique.

Feel free to contact me offline to continue this discussion.

Ray Overby

On 10/30/2018 7:43 PM, Seymour J Metz wrote:
> If there were no unpatched security holes then IBM wouldn't need to release 
> security PTFs to fix them. I would hope that it's a lot harder to find one 
> than it used to be.
>
>
> --
> Shmuel (Seymour J.) Metz
> http://mason.gmu.edu/~smetz3
>
> 
> From: IBM Mainframe Discussion List  on behalf of 
> Eric Verwijs 
> Sent: Tuesday, October 30, 2018 10:59 AM
> To: IBM-MAIN@listserv.ua.edu
> Subject: eWEEK Article highlights weaknesses in Mainframe Security
>
> http://secure-web.cisco.com/1cEGuBe_ZRQESR4kUXS7ShVfhPRr6RLxpO47vTAIYiTpY0Px4GzQAVFwbRnVRDSO88yQdYgZwS9NG2LhzWNCaA7jKdLghofcDczS2pS3jXM7QWTltrwO_G_rwXUyVhX6ZWsuHZY6BnoUE_A8HOWKsXNFwYvaiJjxToXSq6pYcfH4L-krJSWFPD-gLTdPf1R9xE7aoeN-_Hy7BnmgO9LtgBCAavC3aAT3sRoaplXe4Jxk4KcS3OamjQqK37n

eWEEK Article highlights weaknesses in Mainframe Security

2018-10-30 Thread Eric Verwijs 
http://www.eweek.com/security/taking-a-closer-look-at-mainframe-security

What zero-day vulnerabilities would there be? I’ve not heard of unpatched 
security holes in Z/OS before.

Unless you are not properly managing your data, that is, limit access to 
confidential information, how would someone get it? Aside from of course, 
phishing and other attacks aimed at the users and not the machine itself.



Regards,
Eric Verwijs

Programmer-analyste, RPC, SV et solutions de paiement - Direction générale de 
l'innovation, information et technologie
Emploi et Développement social Canada / Gouvernement du Canada
frederick.verw...@hrsdc-rhdcc.gc.ca
Téléphone 819-654-0934
Télécopieur 819-654-1009

Programmer Analyst, CPP, OAS, and Payment Solutions - Innovation, Information 
and Technology Branch
Employment and Social Development Canada / Government of Canada
frederick.verw...@hrsdc-rhdcc.gc.ca
Telephone 819-654-0934
Facsimile 819-654-1009


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN