We're all pretty sanguine about our mainframe invulnerability. But we should not overlook how one of our most valuable protections can be turned against us. We all have some limit set for logon attempts. If an invalid password is entered too many times, the userid gets suspended--or referred to the OS console for verification. A malicious rascal (any other kind?) can disable a really important userid in this way. Of course the person has to get into the network first and must know the userid to target, but beyond that no special authority is required. Even console referral would be disruptive to normal production.
. . JO.Skip Robinson SCE Infrastructure Technology Services Electric Dragon Team Paddler SHARE MVS Program Co-Manager 626-302-7535 Office 323-715-0595 Mobile [email protected] From: Steve Comstock <[email protected]> To: [email protected] Date: 03/27/2012 10:22 AM Subject: Re: Malicious Software Protection Sent by: IBM Mainframe Discussion List <[email protected]> On 3/27/2012 10:46 AM, Greg Dorner wrote: > Thank you, Elardus for your verbosity. > > > - you can replace/fire those auditors as mentioned earlier in this thread > > - As Ted MacNeil insists, the auditors only RECOMMENDS, it is your > management who can APPLY those recommendations. > > Unfortunately, we have no say with these auditors. They are working on > behalf of the Feds, and if we don't comply we can lose billions of $$ in federal contracts. > > The beauty of this is, someone from my company contacted the person at PWC that made this claim that MCAFEE is coming out with a product, and he backtracked, saying he may have been thinking of Mac OS. MAC OS??? > > They just took a big chuck of our company offline for several hours to research this phantom. Wow. And did they reprimand this doofus in any way? Slap on the wrist? Letter in his personnel file? More likely he got commended for being concerned about company security, even though he had no idea what he was talking about. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
