Firewall Wizards mailing list archives

RE: Mainframes on the Net?

From: "Noonan, Wesley" <Wesley_Noonan () bmc com>
Date: Wed, 13 Nov 2002 10:46:22 -0600

I don't get it either. As for the fight, I lost it. In my case though it was
"people want to run network management software on mainframes, you just
don't get the big picture". No, apparently I don't.

Oh, and from my perspective if the S/390 is running Linux, Websphere or
Apache (or windows, or whatever else you want to run on it) then it most
certainly has been hacked. Reminds me of a saying my biker uncles had.
"There are two kinds of riders, those who have hit the ground and those who
will". Same thing goes for hacks. There are those systems which have been
hacked and those that will be hacked.

Enjoy the battle :-)

Wes Noonan, MCSE/CCNA/CCDA/NNCSS
Senior QA Rep.
BMC Software, Inc.
(713) 918-2412
wnoonan () bmc com
http://www.bmc.com

-----Original Message-----
From: Don Kendrick [mailto:don () netspys com]
Sent: Wednesday, November 13, 2002 07:44
To: firewall-wizards () honor icsalabs com
Subject: [fw-wiz] Mainframes on the Net?

OK...maybe a little of topic but this is the group that would know :)

There is quite a push from our IBM friends to use the S/390 box for a
web server using Websphere or Apache running under Linux (either as a
VM or in it's own LPAR).

Needless to say, I considered this to be a joke....putting the crown
jewels on the net? Where's the multi-tiered architecture? Where's the
"defense in depth?" Sure the S/390 has "never been hacked" (their
words) but who has ever put it in a position to be hacked?

They tell me that I don't understand LPARs. They're separate machines.
You can still do your multi-tiered. It's just all on the same box.  My
fear, they are separate because of software, written by humans. If that
is breeched, it's game, set and match.

If they were separate boxes, they would have to communicate via some
interface that I can monitor. This isn't true all on one box.

Anyone have any experience with this fight? Am I out of line?

Don

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

segmentation of DMZs, (continued)
- - segmentation of DMZs Shimon Silberschlag (Nov 14)
    - Re: segmentation of DMZs Paul D. Robertson (Nov 14)
    - Re: segmentation of DMZs Carson Gaspar (Nov 14)
    - Re: segmentation of DMZs Mikael Olsson (Nov 16)
    - Re: segmentation of DMZs Carson Gaspar (Nov 17)
    - Re: segmentation of DMZs Miles Sabin (Nov 15)
    - RE: segmentation of DMZs Ofir Arkin (Nov 18)
  - Re: Mainframes on the Net? Lorens Kockum (Nov 14)
- Re: Mainframes on the Net? R. DuFresne (Nov 13)
- RE: Mainframes on the Net? Scott, Richard (Nov 13)
- RE: Mainframes on the Net? Noonan, Wesley (Nov 13)
- RE: Mainframes on the Net? Desai, Ashish (Nov 14)
  - RE: Mainframes on the Net? Paul D. Robertson (Nov 14)
- RE: Mainframes on the Net? ark (Nov 15)
  - RE: Mainframes on the Net? Paul D. Robertson (Nov 15)
  - RE: Mainframes on the Net? Gwendolynn ferch Elydyr (Nov 15)