And then there was the VM Virus (from this list)
***
YOU HAVE NOW RECEIVED THE VM VIRUS
This virus works on the honor system:
If you're running a VM/ESA or z/VM, please forward this
message to everyone you know and delete a bunch of your
files at random.
Jan de
Are there query and set command that will display and change the current
lockout interval when journal is on?
I know, set journal off sets it to 0, so no one need give that as an
option.:-)
Regards,
Richard Schuh
Use or look at the "USER_VOLUME_INCLUDE" statement which allows for
VOLSER naming conventions in my case I use "USER_VOLUME_INCLUDE VP*"
because 99% of our VM Volumes start with VP with varying last 4
characters.
Larry Davis
-Original Message-
From: The IBM z/VM Operating System [mailto:
Use generic VOLSERs (?).
Something like:
520*
VM31*
Tom Duerbusch
THD Consulting
>>> dave <[EMAIL PROTECTED]> 4/24/2007 2:10 PM >>>
Hi, gang.
The is a limit of 50o0 volumes that can be specified on the
USER_VOLUME_LIST statement in SYSTEM CONFIG. what do I do if
I have more than 500 volumes?
Dave,
Use wildcards on USER_VOLUME_INCLUDE. If you have more than 500
volumes, you must have some sort of naming convention that lends itself
to wildcards. USER_VOLUME_EXCLUDE can be used to exclude volumes that
match a wildcard, but that you don't want attached to SYSTEM.
I am more interested in documented cases of hackers actually penetrating
a system. I am especially interested in penetrations of VM/ESA or later
systems.
Regards,
Richard Schuh
-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Daniel P. Mar
Hi, gang.
The is a limit of 50o0 volumes that can be specified on the
USER_VOLUME_LIST statement in SYSTEM CONFIG. what do I do if
I have more than 500 volumes?
TIA.
DJ
If it happens on 1 system, that is 1 too many. People need to think
about the potential consequences of not heeding the advice that can be
found almost everywhere about not leaving the starter system passwords
on directory entries.
Before things became so shrink-wrapped, I made it a habit of not p
On Tue, Apr 24, 2007 at 02:00:28PM -0400, David Kreuter wrote:
> Was this the stuff 'bout changing CCWs downstream
> through one of the DIAG interfaces?
Yes. I believe the exploit was called Hugo. Melinda Varian
had something to do with its analysis. The details were kept
pretty quiet. You ca
Richard Schuh said:
>Anyone who leaves the default passwords on the maintenance ids is a fool
>and deserves whatever happens, especially if it is a highly privileged
>userid.
... happens more often on more systems than it should ... even today ...
Anyone who leaves the default passwords on the maintenance ids is a fool
and deserves whatever happens, especially if it is a highly privileged
userid. Back when the userid IBMCE was universal, I changed its password
to AMDAHL. There was one IBM SE at the shop who refused to log on to the
id, even
Hello Kris Buelens,
Please send copy to me too.
Ed Martin
Aultman Health Foundation
330-588-4723
[EMAIL PROTECTED]
ext. 40441
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Kris Buelens
Sent: Tuesday, March 27, 2007 12:48 PM
To
Hello Tim and everyone else,
Yes z/VM (VM/SP too) handles the VTOC of VSE very well. You will
need to make sure that you update the label of the volume on VSE, make
sure that you let z/VM know about it.
Ed Martin
Aultman Health Foundation
330-588-4723
[EMAIL PROTECTED]
ext. 40441
_
Was this the stuff 'bout changing CCWs downstream through one of the DIAG
interfaces?
David
-Original Message-
From: The IBM z/VM Operating System on behalf of Daniel P. Martin
Sent: Tue 4/24/2007 1:55 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: [IBMVM] Hackers
There's an article in th
Found it online. Should have looked before clicking "SEND".
Here's the abstract:
-- tear here ---
Penetrating an operating system: a study of VM/370 integrity
by C. R. Attanasio, P. W. Markstein, R. J. Phillips
Discussed is a methodology for discovering operating system design flaws
as an
There's an article in the IBM Systems Journal, some time in the late
1970's, that discusses what amounts to a penetration test study of that
vintage of VM. If I recall correctly, the authors exposed some
interesting quirks in the I/O subsystem as the major exposure to mischief.
I've got a cop
I have a distant recollection of back in the 80's some youngster climbed into a
vm system at Los Alamos and logged onto MAINT with the password CPCMS !! Don't
know if this urban legend or actual but I recall it as actual. This must have
been an illegal climb through either dial up or early VTAM.
Thanks for the clarification. It seems that more and more things need
clarification these days.
Regards,
Richard Schuh
-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Alan Altmark
Sent: Tuesday, April 24, 2007 10:14 AM
To: IBMVM@LISTSERV.UA
Truly hacked into. FWIW, I don't consider a crude chain-mail attempt to
be a worm. I also do not consider a penetration of a guest such as Linux
to be a penetration of VM.
Regards,
Richard Schuh
-Original Message-
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf
Well, if you include IBM'ers.. maybe the infamous XMASTREE EXEC could be
considered as a DOS attack against IBM Vnet nodes. ;-)
But that is not at all the same as a hacker penetration.
Mike Walter
Hewitt Associates
Any opinions expressed herein are mine alone and do not necessarily
represent
VM only puts a VTOC on a volume when you initialize it. It will gladly
accept VM labels from other systems, MVS labels, VSE labels, even Linux
labels. When running MVS under VM, I always let the MVS people label thei
r
own volumes even when they have duplicate labels. And it is okay with any
of
th
Do you mean 'truly hacked into' or just an annoying worm?
I know of a worm initiated at another VM site and of compromised password
s
used by insiders, but not any full-fledged hack by outsiders.
/Tom Kern
/301-903-2211
On Tue, 24 Apr 2007 09:33:42 -0700, Schuh, Richard <[EMAIL PROTECTED]> wrot
That is what was throwing me last week. But, apparently VM can handle
the VSE label at cyl. 0! I made not changes to the data on the pack. It'
s like VM is just handling the disk for VSE. Cool stuff!
Tim
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECT
On Tuesday, 04/24/2007 at 09:06 MST, "Schuh, Richard" <[EMAIL PROTECTED]>
wrote:
> What is it with Keepalive (TCPIP) vs. KEEPALIV (RSCS), anyway? IIRC, you
> and others have said that Keepalive causes packets to be sent while
> KEEPALIV does not. In this case the values on the side where the RSCS
I often put mdisks at cyl zero.
VM has no prob with CP, CMS, or MVS labels. Haven't tried a VSE label.
-- R;
- Original Message -
From: Stephen.Gentry
Sent: 04/24/2007 11:50 AM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: Best procedure to migrate dedicated VSE volume to VM minidisk
Gro
Kris,
We'd like a copy of the doc, also.
Thanx
Paul D. Ditzer ([EMAIL PROTECTED])
Winchester - TSD
DST Systems, Inc.
1-816-737-9403
"Macioce, Larry"
Does anyone know of a documented case of VM being penetrated by hackers?
Regards,
Richard Schuh
Group, correct me if I'm wrong but by defining the disk starting at cyl
000 will cause problems for VM and/or VSE.
Seems that VSE will put it's vtoc on cyl 000 as well as VM. Or if you
place the vse vtoc some place else, cyl 000 still needs to be protected
from being formatted and/or written o
In this instance, it would have been nice, assuming one wanted a perfect
system, if RSCS had received a SHUTDOWN signal and had stopped
gracefully. However, the fact that it is normal behavior under the
circumstances, as explained by Les, is satisfactory.
What is it with Keepalive (TCPIP) vs. KEEP
Hey Guys,
Thought some would like to know what I did on this issue.
1) I created a USER DIRECT entry called DOSDASD (just used to own
minidisks) (our test VSE is called DOS). Then I added a MDISK statement
for the volume to be migrated, as such:
USER DOSDASD DOSDASD 8M 8M ABCDEFG
I'll have a look tomorrow to see what went wrong when packaging this TCVM1
course.
2007/4/24, Macioce, Larry <[EMAIL PROTECTED]>:
I've downloaded both. The PIPEs telecourse comes through fine, execpt the
REXX course is having problems. I read the readme.txt and it states to
open this course wi
I've downloaded both. The PIPEs telecourse comes through fine, execpt
the REXX course is having problems. I read the readme.txt and it states
to open this course with either INDEX.HTM
or TCVM1.HTM ,and when I do I get 'page cannot be displayed". I'm using
explorer 6+ and I don't seem to have a pr
ALL is not a MODULE, but an XEDIT macro, it lives on the S-disk as ALL
XEDIT. It is compiled, and its source is there too: ALL SXEDIT. Thus, ALL
can only be used from inside XEDIT, or from REXX execs that address XEDIT.
If you're really using an EXEC, and not an XEDIT macro, you might want to
le
In an EXEC you need quotes around ALL /02 or the REXX will interpret
the '/' as division. This would cause the ALL command to fail - giving
the results you observe. As a general rule, anything that is intended to
be a literal should be quoted to avoid undesirable substitutions and mis-
inte
All,
In an EXEC using XEDIT is there a way to use the ALL MODULE.
The works fine interactively,
XEDIT FN FT FM
SET ZONE 12 13
ALL /02
DEL *
Interactively all records in columns 12 13 with 02 are deleted; in an
EXEC all the records in the entire file are DELETED with an error
calling
Yes,
Please send a copy to [EMAIL PROTECTED]
Thx
Mace
From: The IBM z/VM Operating System [mailto:[EMAIL PROTECTED] On
Behalf Of Sikich, Frank J.
Sent: Monday, April 23, 2007 3:15 PM
To: IBMVM@LISTSERV.UARK.EDU
Subject: Re: $PAGE$ Question
When you get a ch
36 matches
Mail list logo