Re: z/OS, OS/390 Pen testing tips/ideas/papers?

From: Rainer Duffner (rainer@ultra-secure.de)
Date: 01/30/03

  • Next message: Davi Ottenheimer: "RE: z/OS, OS/390 Pen testing tips/ideas/papers?" 
    From: "Rainer Duffner" <rainer@ultra-secure.de>
To: pen-test@securityfocus.com
Date: Thu, 30 Jan 2003 14:57:24 +0100

    Nick Jacobsen writes:

    > Hi all,
    > One of my clients has an IBM OS/390 running on one of their networks
    > I am doing some security testing on, and considering I really have
    > not dealt with any IBM mainframes before when it comes to security,
    > I was hoping that some of you might be able to point me the right
    > direction. Anything would be helpful, but especially from a
    > penetration viewpoint.
     

    Are you attacking from internal or external ?
     From internal, you first need a 3270-capable telnet-emulation, like x3270.

    Then, go back in the archives to June or so, where I posed the same question
    and got some default-passwords, which you can try.

     

    Rainer 

    -- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rainer Duffner                   Munich
rainer@ultra-secure.de          Germany
http://www.i-duffner.de        Freising
========================================
    When shall we three meet again
  In thunder, lightning, or in rain?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

    Relevant Pages