Tom Longfellow writes:
> Let the pedantry begin: Superdome, Xeon, Rack servers, Blades, etc.
> For this discussion they are all the same: A separately maintained set
> of many boxes (with some virtualization to extend their reach) versus
> the Great Satan, called MAINFRAME.
> I have been
On Mon, 15 May 2017 10:32:50 -0700, Anne & Lynn Wheeler wrote:
>...
>
>predating morris worm
>https://en.wikipedia.org/wiki/Morris_worm
>
>by nearly year, was xmas exec (email) on bitnet (this fora originated on
>corporate sponsored university bitnet).
>https://en.wikipedia.org/wiki/BITNET
>https:/
On 5/15/2017 7:25 PM, Charles Mills wrote:
This is the world's dumbest question if you're a sysprog but I'm a developer
with nearly zero sysprog experience.
Whenever in the past that I have taken a quick look at SET PROG=(xx,yy) I
assumed that PROGxx + PROGyy in the parmlib concatenation *totall
E3 88 81 95 92 40 A8 96 A4 5A
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of John McKown
Sent: Monday, May 15, 2017 4:33 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Effect of SET PROG=xx
On Mon, May 15, 2017 at 6:26 PM, Ch
I got one over the weekend with a name I don't recognize. Did not open or
pursue because I was suspicious.
.
.
J.O.Skip Robinson
Southern California Edison Company
Electric Dragon Team Paddler
SHARE MVS Program Co-Manager
323-715-0595 Mobile
626-543-6132 Office ⇐=== NEW
robin...@sce.com
-O
Well, I've been getting about daily emails from them for a while. After
verifying that htere wasn't any spoofing going on, I replied to say I had
no prior contact, no interest, and please bugger off (I'm not British, but
that sounds cool (and not nearly as vulgar to Americans as its 4-letter
equiv
On Mon, May 15, 2017 at 6:26 PM, Charles Mills wrote:
> This is the world's dumbest question if you're a sysprog but I'm a
> developer
> with nearly zero sysprog experience.
>
> Whenever in the past that I have taken a quick look at SET PROG=(xx,yy) I
> assumed that PROGxx + PROGyy in the parmlib
This is the world's dumbest question if you're a sysprog but I'm a developer
with nearly zero sysprog experience.
Whenever in the past that I have taken a quick look at SET PROG=(xx,yy) I
assumed that PROGxx + PROGyy in the parmlib concatenation *totally replaced*
the contents of whatever PROGaa a
I have been seen a lot of emails for what appears to be DocuSign and I have
been killing them when I seen them
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the mes
mainfr...@bigendiansmalls.com (Chad Rikansrud) writes:
> As Charles pointed out - the hypothetical attack is about just taking
> over the privileged user's PC and launching from there.
when corporations first started using VPN software over internet into
corporate sites ... we pointed out trivial
000433f07816-dmarc-requ...@listserv.ua.edu (Paul Gilmartin) writes:
> Anyone can take anyone to court. That's not the question. As [a] Civil
> Procedure professor said, "You can sue the Bishop of Boston for
> bastardy. But can you collect?" (Origin obscure.)
when I first moved to boston area
Hi Mike,
It's the second link here:
https://www.bigendiansmalls.com/share2017/
As Charles pointed out - the hypothetical attack is about just taking over the
privileged user's PC and launching from there.
Happy to discuss if you want to email me offline.
Chad
---
Let’s see how well this survives going through the list server, but I received
this today.
If anyone would like this forwarded in HTML format, please email me directly at:
ajn...@ufl.edu
Al Nims
Systems Admin/Programmer 3
UFIT
University of Florida
(352) 273-1298
From: IBM Security [mailto:mar
Here is some lengthy video interviews with him.
https://www.google.ca/search?q=big+endian+smalls&newwindow=1
On Mon, May 15, 2017 at 3:13 PM, Charles Mills wrote:
> I don't see it on the SHARE site and I am not sure what is private and what
> is public in any event. Also much of what he showed w
On Mon, 15 May 2017 14:53:27 -0500, Mike Schwab wrote:
>And the attack was based on NSA knowledge they kept hidden for years.
>Hope they get their ass sued off.
>
Anyone can take anyone to court. That's not the question. As [a] Civil Procedure
professor said, "You can sue the Bishop of Boston for
Spy agencies tend to keep things secret ...
Charles
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Mike Schwab
Sent: Monday, May 15, 2017 12:53 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Check out New Wave of Ransom Threats Seen i
I don't see it on the SHARE site and I am not sure what is private and what is
public in any event. Also much of what he showed was live so it would not
survive in a PDF.
Chad is on this list as @Bigendian Smalls. Perhaps he will jump in. I BCC'ed
his real e-mail address.
Charles
-Origin
And the attack was based on NSA knowledge they kept hidden for years.
Hope they get their ass sued off.
On Mon, May 15, 2017 at 3:33 AM, Edward Finnell
<000248cce9f3-dmarc-requ...@listserv.ua.edu> wrote:
> _New Wave of Ransom Threats Seen in Unprecedented Attack - Bloomberg_
> (https://www.bl
Do you have a link to the Share presentation?
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Charles Mills
Sent: Monday, May 15, 2017 10:35 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Ransomware on Mainframe application ?
No, but Ch
Ah yes, I remember seeing that advice during our latest GDPS upgrade. Unless
(again) I'm missing something, that statement in its short form is misleading.
In practice, we mirror (XRC, not PPRC) from one data center to another. GDPS
runs in the remote data center to 'pull' data from production.
trivia from long ago and far away, gone 404, but lives on
at the way back machine:
http://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml
I didn't learn about them until much later. As undergraduate did lots of
work on IBM software and I would ev
000433f07816-dmarc-requ...@listserv.ua.edu (Paul Gilmartin) writes:
> A recurrent question in these fora is, "How can I make links appearing
> in documents viewed in a mainframe editor active?" Cbttape.org
> probably has an answer. Or an ISV.
>
> Many years ago, when the risks of TCP/IP were
On 5/15/2017 12:45 PM, Greg Dyck wrote:
On 5/15/2017 11:27 AM, Paul Gilmartin wrote:
What does the TSO TMP use to accomplish this?
Extreme care ;-)
It has been a while, but my memory is that the TMP stops all of the
tasks above (or is that below?) it in the task tree and then passes the
reque
On 5/15/2017 11:27 AM, Paul Gilmartin wrote:
What does the TSO TMP use to accomplish this?
Extreme care ;-)
It has been a while, but my memory is that the TMP stops all of the
tasks above (or is that below?) it in the task tree and then passes the
request to a special jobstep task (with it's
On Mon, 15 May 2017 08:35:18 -0700, Charles Mills wrote:
>
>But, you say, mainframes don't have people clicking on links in e-mail. No,
>but system programmers with privileged access have PCs and click on links in
>e-mail.
>
A recurrent question in these fora is, "How can I make links appearing
On 15 May 2017 at 03:48, Edward Finnell <
000248cce9f3-dmarc-requ...@listserv.ua.edu> wrote:
> The 'wannacry' exploits security holes in Windows that have been there
> forever. M$ released patches for Win7 and Win10(not sure about 8 and 9).
> These
> were exposed by wikileaks dump of some NSA
On Mon, 15 May 2017 10:28:37 -0400, Steve Smith wrote:
>RSAPF probably shouldn't even be documented. AFAIK, it's only purpose is
>to allow the system to support unauthorized tasks and jobs, and is used
>only with the creation of a new job-step task. And there is no
>communication between the ini
If anyone's going to be in Hampton in May, here's a chance to hear one of the
real figures behind the 'Hidden Figures' movie speak.
https://amp-timeinc-net.cdn.ampproject.org/c/amp.timeinc.net/essence/news/hidden-figures-katherine-johnson-hampton-commencement?source=dam
---
At a long-gone bank, we ran IBM's check processing application CPCS, which
needed to run APF authorized. This meant that any program called by CPCS needed
to come from an APF library. For whatever reason, CPCS invoked standard
utilities such as DFSORT, which meant that those libraries also had t
No, but Chad Rikansrud did a presentation on the possibility of mainframe
ransomware at SHARE San Jose that was positively chilling.
He demonstrated (independent of each other) five building blocks that would be
all someone would need to lock up a mainframe. "Two things that mainframes do
reall
A $S with nothing else is to Start JES2 Processing. Please review the JES2
Commands manual for what it does.
If you are not the system programmer, you need to work with that team at your
shop. When you change the STC Class in the JES2 INIT DECK, it is changed for
ALL STCs. This could impact
RSAPF probably shouldn't even be documented. AFAIK, it's only purpose is
to allow the system to support unauthorized tasks and jobs, and is used
only with the creation of a new job-step task. And there is no
communication between the initiator task and the user task.
Authorized programs aren't a
On Mon, 15 May 2017 15:18:38 +0700, Robin Atwood wrote:
>We have a requirement to attach user modules from an unauthorised library
>and execute them from an STC which
>
>runs APF authorised. Calling ATTACH with RSAPF=YES seems to do exactly what
>I want ...
It _can_ do what you want, Robin, but
Well, if you want to run unauthorized stuff you would first need to set your
job as non-APF by resetting the bit.
Of course, your authorized key8 storage will be subject to change by the
unauthorized task, thus your authorized code must not use Key8 storage.
(1) and (2) are not exclusive, as your
Thanks Mike. We do have z/OSMF active mostly for the use of the new
configuration assistant.
_
Dave Jousma
Manager Mainframe Engineering, Assistant Vice President
david.jou...@53.com
1830 East Paris, Grand Rapids, MI 49546 MD RSCB2
Yes - you can do all that in z/OS with an IPSEC filter policy.
You need a way of automatically using the correct policy in PAGENT - DR Test or
Live. One way is to use a system symbol ultimately picked up from the LOADPARM.
These days, realistically, you need zOSMF Communications Server Configura
All,
Sorry if this is an over-simplistic question, coming from a z/OS guy that
doesn't have a lot of IP depth of knowledge. We recently had our annual site
Disaster test, which for us is done locally, at one of our own datacenters.
Data is replicated, and we simply IPL one of our systems on
On Mon, May 15, 2017 at 7:30 AM, Greg Dyck wrote:
> Be aware that what you are attempting to do is dangerous and has the
> potential to create system integrity exposures that would allow a problem
> state program to cause a system failure. I am not saying that it can not
> be done safely, becaus
Be aware that what you are attempting to do is dangerous and has the
potential to create system integrity exposures that would allow a
problem state program to cause a system failure. I am not saying that
it can not be done safely, because it can be. But to do it safely
without creating a sys
NJE works fine.
I set up several RDTs connected between them and all with a Mainframe z890
5 years ago when I did a full migration from Mainframe to RDT for an ISV.
On Mon, May 15, 2017, 13:24 Jake Anderson wrote:
> Hello,
>
> I have requirement to submit a from RDT and execute in z hardware to
Hello,
I have requirement to submit a from RDT and execute in z hardware to place
some modules in z/OS running in z Hardware.
Is it possible to create NJE over TCPIP definition between the two platform
? or else if there is a different way to approach ?
Any suggestions or pointers would help me
_New Wave of Ransom Threats Seen in Unprecedented Attack - Bloomberg_
(https://www.bloomberg.com/news/articles/2017-05-14/hospitals-gain-control-in-ran
som-hack-more-attacks-may-come)
--
For IBM-MAIN subscribe / signoff / arch
We have a requirement to attach user modules from an unauthorised library
and execute them from an STC which
runs APF authorised. Calling ATTACH with RSAPF=YES seems to do exactly what
I want but every time I try it
I get abend S306-0C, "authorised program attaching module from an
unauthorized li
The 'wannacry' exploits security holes in Windows that have been there
forever. M$ released patches for Win7 and Win10(not sure about 8 and 9). These
were exposed by wikileaks dump of some NSA tricks to backdoor PC's and
networks.
I guess there is potential, but for right now I'd say the MF
Hi
Just curious if recent ransomware attack has capability to infect any
applications running on Mainframe ?
Regards
Jake
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu
45 matches
Mail list logo
