2017 - A New Look at Mainframe Hacking and Penetration Testing v2.2
Jun. 28, 2017•0 likes•1,985 views
Download to read offline
What tools are out there today?
How do these tool impact us?
What's the state of mainframe security?
How do we keep up to date?
How do we protect ourselves?
What are IBM and the vendors doing to help us?
• Setting the scene
• The traditional stuff!
• What tools are out there today?
• How do these tool impact us?
• What’s the state of mainframe security?
• How do we keep up to date?
• How do we protect ourselves?
• What are IBM and the vendors doing to help us?
8. Still the – Top Ten Audit Issues
1. Excessive Number of User ID’s w/No Password Interval
2. Inappropriate Usage of z/OS UNIX Superuser Privilege, UID = 0
3. Data Set Profiles with UACC Greater than READ
4. RACF Database is not Adequately Protected
5. Excessive Access to APF Libraries
6. General Resource Profiles in WARN Mode
7. Production Batch Jobs have Excessive Resource Access
8. Data Set Profiles with UACC of READ
9. Improper Use or Lack of UNIXPRIV Profiles
10. Started Task IDs are not Defined as PROTECTED IDs
• Our world is has changing changed.
• We are not an isolated platform anymore.
• In a connected, digital world, we are the big game in town.
• The hackers, in whatever form are coming after us and they will
succeed have succeeded.
• We need to wake our management up and make them realise years
of underinvestment and a lack of attention will come back and bite