|
Penetration Testing
mailing list archives
RE: z/OS, OS/390 Pen testing tips/ideas/papers?
From: "Steven Lane" <steve.lane () alphacourt com>
Date: Fri, 31 Jan 2003 10:56:33 -0000
Nick,
I am focusing on IBM WebSphere MQ security at the moment. One of the most
common platforms that this runs on is OS/390 or z/OS. Since WMQ can be
compromised if the OS is compromised, I am interested in any penetration
test methods or weaknesses that exist in 'big box' security. I would like to
put together an attack tree for z/OS or OS/390 and understand the
vulnerabilities of these systems. I would appreciate it for would forward
anything you find to me or any really good URLs.
Kind Regards
Steve
------------------------------
Steven Lane
Information Security Consultant
Alphacourt Limited
Email: steve.lane () alphacourt com
www: http://www.alphacourt.com
-------------------------------
-----Original Message-----
From: visigoth [mailto:visigoth () securitycentric com]
Sent: 30 January 2003 03:09
To: Nick Jacobsen
Cc: pen-test () securityfocus com
Subject: Re: z/OS, OS/390 Pen testing tips/ideas/papers?
On Tue, Jan 28, 2003 at 05:24:22AM -0800, Nick Jacobsen wrote:
Hi all,
One of my clients has an IBM OS/390 running on one of their networks I
am doing some security testing on, and considering I really have not dealt
with any IBM mainframes before when it comes to security, I was hoping
that
some of you might be able to point me the right direction. Anything would
be helpful, but especially from a penetration viewpoint.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
 By Date 
By Thread
Current thread:
|
Intro
