date:20211007

Linkling an object from VSE to be used in z/OS

2021-10-07 Thread Gadi Ben-Avi

Hi,
I was asked to attempt to link a object deck from VSE in z/OS.
The program is a COBOL2 program, but the source has been lost.

The first few lines of the object deck are:
W PHASE JKHIVX52,S+X'00'
W MODE AMODE(31),RMODE(ANY)
W.ESD  ..  ..JKHIVX52.§.©..÷0

After that there are many (A little over 12,000) lines that start with W.TXT
Next there are lines that start with W.RLD and a final like that starts with 
W.END.

The JCL I used was
//LKED EXEC  PGM=IEWL,
// PARM='LIST,XREF,NOLET,MAP',
// REGION=2M
//SYSLIN   DD DSN=N623.PMKA.KPMAT.JKHIVX52,DISP=SHR
//SYSLMOD  DD  DSNAME=V110GAD.LOAD(JKHIVX52),DISP=SHR
//SYSUT1   DD  UNIT=3390,SPACE=(CYL,(1,1))
//SYSPRINT DD  SYSOUT=*
//SYSINDD  *
   INCLUDE SYSLIN(JKHIVX52)
   NAME JKHIVX52(R)

I am doing something wrong?
Can this deck be linked into a usable z/OS load module?

Thanks

Gadi



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Question on z/OS 2.5 and HFS file systems.

2021-10-07 Thread Colin Paice

I think the question came up from someone who had not had to administer
ZFS/HFS before. It was one of these "where do I start" questions.  Of
course once you are familiar with an area it gets easier.
Colin

On Wed, 6 Oct 2021 at 22:04, Radoslaw Skorupka 
wrote:

> W dniu 06.10.2021 o 16:44, Ed Jaffe pisze:
> > On 10/6/2021 7:11 AM, Pommier, Rex wrote:
> >> z/OS 2.4 is the last release of the operating system to support the
> >> HFS (Hierarchical File System) data structure used by the z/OS UNIX
> >> environment. IBM has provided equivalent if not superior
> >> functionality with the z/OS File System (zFS). Customers should
> >> migrate from HFS to zFS using the utilities provided in the operating
> >> system to convert their entire file system hierarchy.
> >
> > I always intended to ask how customers can identify all of their HFS
> > data sets. Is it something in ISMF?
> >
>
> Maybe my English is poor, but I don't understand the question.
> What's hard in identifying HFS datasets?
>
> 1. BPXPRMFS show all mounted filesystems. Just a list to check.
> 2. AUTOmount is rather easy to check.
> 3. Last, but not least there are tools like IDCAMS DCOLLECT and LISTDSI.
> 4. Other cases would live in backup/ML form or just as loosely idea.
>
> What am I missing?
>
> --
> Radoslaw Skorupka
> Lodz, Poland
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Linkling an object from VSE to be used in z/OS

2021-10-07 Thread Colin Paice

The phase statement is VSE specific, so it will not run without change.  If
you send it to me privately I'll see if I can bind it.

On Thu, 7 Oct 2021 at 08:22, Gadi Ben-Avi  wrote:

> Hi,
> I was asked to attempt to link a object deck from VSE in z/OS.
> The program is a COBOL2 program, but the source has been lost.
>
> The first few lines of the object deck are:
> W PHASE JKHIVX52,S+X'00'
> W MODE AMODE(31),RMODE(ANY)
> W.ESD  ..  ..JKHIVX52.§.©..÷0
>
> After that there are many (A little over 12,000) lines that start with
> W.TXT
> Next there are lines that start with W.RLD and a final like that starts
> with W.END.
>
> The JCL I used was
> //LKED EXEC  PGM=IEWL,
> // PARM='LIST,XREF,NOLET,MAP',
> // REGION=2M
> //SYSLIN   DD DSN=N623.PMKA.KPMAT.JKHIVX52,DISP=SHR
> //SYSLMOD  DD  DSNAME=V110GAD.LOAD(JKHIVX52),DISP=SHR
> //SYSUT1   DD  UNIT=3390,SPACE=(CYL,(1,1))
> //SYSPRINT DD  SYSOUT=*
> //SYSINDD  *
>INCLUDE SYSLIN(JKHIVX52)
>NAME JKHIVX52(R)
>
> I am doing something wrong?
> Can this deck be linked into a usable z/OS load module?
>
> Thanks
>
> Gadi
>
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: DFDSS Restore IGD306I problem

2021-10-07 Thread (K.K.Paradox)T.Kobayashi


Furuya-san,

I will check the SG settings. Thank you for your advice.

Best regards,
Toyokazu Kobayashi

- Original Message - 
From: "Nobuhiko Furuya" 

Newsgroups: bit.listserv.ibm-main
To: 
Sent: Thursday, October 07, 2021 1:29 PM
Subject: Re: DFDSS Restore IGD306I problem



Hi -san,

You can find the reason code 1013 in DFSMSdfp Diagnosis as follows.

1013 (X'03F5') No storage group was assigned by the storage group routine.

IGD306I message manual directs you to check the above manual.

Also you can find the following messages in your joblog.

0ADR709E (001)-VDSS (01), AN ERROR OCCURRED IN THE STORAGE MANAGEMENT
SUBSYSTEM WHILE ALLOCATING DATA SET SAMPLE.WORK1. SMS
 MESSAGES FOLLOW.
 IGD01013I DATA SET ALLOCATION REQUEST FAILED -
 THE ACS STORAGE GROUP ROUTINE DID NOT ASSIGN A STORAGE GROUP
 IGD17354I UNEXPECTED RETURN CODE FROM AUTOMATIC CLASS SELECTION SERVICES
 RETURN CODE IS 8 REASON CODE IS 1013 DATA SET BEING PROCESSED IS
 SAMPLE.WORK1

It clearly states that your SG acs routine in the restoring environment
doesn't assign a storage group to the data set.

Best regards,

Nobuhiko Furuya(古谷信彦)
V-SOL Inc.
e-mail:furu...@v-sol.co.jp
Mobile:+81-90-4096-7700
2-14-5-1001, Ohkubo, Narashino, Chiba, Japan 275-0011

On 2021/10/07 12:58, (K.K.Paradox)T.Kobayashi wrote:

Hello,

I was restoring multiple dumps but ran into an issue where only one dump
could not be restored due to IGD306I error.
The dumped and restored environments are different.
I could not find any details of the REASON CODE 1013 and issued messages
(IGD1 and IGD2).
Is there a cause and solution for this problem?

Issued Messages:
14.02.45 JOB00887 IGD306I UNEXPECTED ERROR DURING IGDACS00 PROCESSING 061
061 RETURN CODE 8 REASON CODE 1013
061 THE MODULE THAT DETECTED THE ERROR IS IGDVTSCM
061 SMS MODULE TRACE BACK - VTSCM VTSCR SSIRT
061 SYMPTOM RECORD CREATED, PROBLEM ID IS IGD1
14.02.48 JOB00887 IGD306I UNEXPECTED ERROR DURING IGDACS00 PROCESSING 062
062 RETURN CODE 8 REASON CODE 1013
062 THE MODULE THAT DETECTED THE ERROR IS IGDVTSCM
062 SMS MODULE TRACE BACK - VTSCM VTSCR SSIRT
062 SYMPTOM RECORD CREATED, PROBLEM ID IS IGD2

Detail:
1PAGE 0001 5695-DF175 DFSMSDSS V2R01.0 DATA SET SERVICES 2021.279
14:01
- RESTORE -
DATASET( -
INCLUDE( ** -
)) -
BYPASSACS( ** -
)) -
INDD(INTAPE1) -
OUTDD(DO1) CAT REP
ADR101I (R/I)-RI01 (01), TASKID 001 HAS BEEN ASSIGNED TO COMMAND 'RESTORE
'
ADR109I (R/I)-RI01 (01), 2021.279 14:01:38 INITIAL SCAN OF USER CONTROL
STATEMENTS COMPLETED
ADR106W (001)-RI01 (01), TOO MANY RIGHT PARENTHESES FOUND. EXCESS IGNORED
ADR016I (001)-PRIME(01), RACF LOGGING OPTION IN EFFECT FOR THIS TASK
0ADR006I (001)-STEND(01), 2021.279 14:01:38 EXECUTION BEGINS
0ADR780I (001)-TDDS (01), THE INPUT DUMP DATA SET BEING PROCESSED IS IN
LOGICAL DATA SET FORMAT AND WAS CREATED BY Z/OS DFSMSDSS
VERSION 1 RELEASE 13 MODIFICATION LEVEL 0 ON
2015.323 06:30:28
0ADR396I (001)-NEWDS(01), DATA SET SAMPLE.SYSPUNCH ALLOCATED, ON
VOLUME(S):
AD3710
0ADR465I (001)-DALOC(01), DATA SET SAMPLE.SYSPUNCH HAS BEEN CATALOGED IN
CATALOG MCAT.ZOSV2
0ADR474I (001)-TDNVS(01), DATA SET SAMPLE.SYSPUNCH CONSISTS OF 0001
TARGET TRACKS AND 0001 SOURCE TRACKS
0ADR489I (001)-TDLOG(01), DATA SET SAMPLE.SYSPUNCH WAS RESTORED
0ADR396I (001)-NEWDS(01), DATA SET SAMPLE.SYSREC00 ALLOCATED, ON
VOLUME(S):
AD3710
0ADR465I (001)-DALOC(01), DATA SET SAMPLE.SYSREC00 HAS BEEN CATALOGED IN
CATALOG MCAT.ZOSV2
0ADR474I (001)-TDNVS(01), DATA SET SAMPLE.SYSREC00 CONSISTS OF 3972
TARGET TRACKS AND 3972 SOURCE TRACKS
0ADR489I (001)-TDLOG(01), DATA SET SAMPLE.SYSREC00 WAS RESTORED
0ADR396I (001)-NEWDS(01), DATA SET SAMPLE.SORTOUT ALLOCATED, ON
VOLUME(S):
AD3710
0ADR465I (001)-DALOC(01), DATA SET SAMPLE.SORTOUT HAS BEEN CATALOGED IN
CATALOG MCAT.ZOSV2
0ADR474I (001)-TDNVS(01), DATA SET SAMPLE.SORTOUT CONSISTS OF 3972
TARGET TRACKS AND 3972 SOURCE TRACKS
0ADR489I (001)-TDLOG(01), DATA SET SAMPLE.SORTOUT WAS RESTORED
0ADR396I (001)-NEWDS(01), DATA SET SAMPLE.SYSPUNCH ALLOCATED, ON
VOLUME(S):
AD3710
0ADR465I (001)-DALOC(01), DATA SET SAMPLE.SYSPUNCH HAS BEEN CATALOGED IN
CATALOG MCAT.ZOSV2
0ADR474I (001)-TDNVS(01), DATA SET SAMPLE.SYSPUNCH CONSISTS OF 0001
TARGET TRACKS AND 0001 SOURCE TRACKS
0ADR489I (001)-TDLOG(01), DATA SET SAMPLE.SYSPUNCH WAS RESTORED
0ADR709E (001)-VDSS (01), AN ERROR OCCURRED IN THE STORAGE MANAGEMENT
SUBSYSTEM WHILE ALLOCATING DATA SET SAMPLE.WORK1. SMS
MESSAGES FOLLOW.
IGD01013I DATA SET ALLOCATION REQUEST FAILED -
THE ACS STORAGE GROUP ROUTINE DID NOT ASSIGN A STORAGE GROUP
IGD17354I UNEXPECTED RETURN CODE FROM AUTOMATIC CLASS SELECTION SERVICES
RETURN CODE IS 8 REASON CODE IS 1013 DATA SET BEING PROCESSED IS
SAMPLE.WORK1
1PAGE 0002 5695-DF175 DFSMSDSS V2R01.0 DATA SET SERVICES 2021.279
14:01
- IGD306I UNEXPECTED ERROR DURING IGDACS00 PROCESSING
RETURN CODE 8 REASON CODE 1013
THE MODULE THAT DETECTED THE ERROR IS IGDVTSCM
SMS MODULE TRACE BACK - VTSCM VTSCR SSIRT
SYMPTOM RECORD CREATED, PROBLEM ID IS IGD1
0AD

Re: Linkling an object from VSE to be used in z/OS

2021-10-07 Thread Attila Fogarasi

MVS format object decks always have x'02' in column 1 and not "W", so that
would be a problem.  You would also need to link with an appropriate Cobol
runtime library, and those would have been EOL circa 30 years ago.  Worst
case you might have to disassemble and recreate this module, eliminating
the VSE dependencies (some are usually unavoidable).

On Thu, Oct 7, 2021 at 6:22 PM Gadi Ben-Avi  wrote:

> Hi,
> I was asked to attempt to link a object deck from VSE in z/OS.
> The program is a COBOL2 program, but the source has been lost.
>
> The first few lines of the object deck are:
> W PHASE JKHIVX52,S+X'00'
> W MODE AMODE(31),RMODE(ANY)
> W.ESD  ..  ..JKHIVX52.§.©..÷0
>
> After that there are many (A little over 12,000) lines that start with
> W.TXT
> Next there are lines that start with W.RLD and a final like that starts
> with W.END.
>
> The JCL I used was
> //LKED EXEC  PGM=IEWL,
> // PARM='LIST,XREF,NOLET,MAP',
> // REGION=2M
> //SYSLIN   DD DSN=N623.PMKA.KPMAT.JKHIVX52,DISP=SHR
> //SYSLMOD  DD  DSNAME=V110GAD.LOAD(JKHIVX52),DISP=SHR
> //SYSUT1   DD  UNIT=3390,SPACE=(CYL,(1,1))
> //SYSPRINT DD  SYSOUT=*
> //SYSINDD  *
>INCLUDE SYSLIN(JKHIVX52)
>NAME JKHIVX52(R)
>
> I am doing something wrong?
> Can this deck be linked into a usable z/OS load module?
>
> Thanks
>
> Gadi
>
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Linkling an object from VSE to be used in z/OS

2021-10-07 Thread Gadi Ben-Avi

I removed the W by shifting the who deck to the left. 
I then removed the PHASE statement.
This didn't help much.
The message from the Binder are:
IEW2278I B352 INVOCATION PARAMETERS - LIST,XREF,NOLET,MAP 
IEW2322I 1220  1MODE AMODE(31),RMODE(ANY) 
IEW2359E 240B SECTION JKHIVX52 CONTAINS AN RLD WITH AN INVALID ADCON LOCATION. 
CLASS = B_TEXT, ELEMENT OFFSET =
 FF7FFF88.
IEW2307E 1113 CURRENT INPUT MODULE NOT INCLUDED BECAUSE OF INVALID DATA.  
IEW2677S 5130 A VALID ENTRY POINT COULD NOT BE DETERMINED.
IEW2230S 0414 MODULE HAS NO TEXT. 
IEW2677S 5130 A VALID ENTRY POINT COULD NOT BE DETERMINED.
IEW2008I 0F03 PROCESSING COMPLETED.  RETURN CODE =  12.   

-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Attila Fogarasi
Sent: Thursday, October 7, 2021 10:55 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Linkling an object from VSE to be used in z/OS

MVS format object decks always have x'02' in column 1 and not "W", so that 
would be a problem.  You would also need to link with an appropriate Cobol 
runtime library, and those would have been EOL circa 30 years ago.  Worst case 
you might have to disassemble and recreate this module, eliminating the VSE 
dependencies (some are usually unavoidable).

On Thu, Oct 7, 2021 at 6:22 PM Gadi Ben-Avi  wrote:

> Hi,
> I was asked to attempt to link a object deck from VSE in z/OS.
> The program is a COBOL2 program, but the source has been lost.
>
> The first few lines of the object deck are:
> W PHASE JKHIVX52,S+X'00'
> W MODE AMODE(31),RMODE(ANY)
> W.ESD  ..  ..JKHIVX52.§.©..÷0
>
> After that there are many (A little over 12,000) lines that start with 
> W.TXT Next there are lines that start with W.RLD and a final like that 
> starts with W.END.
>
> The JCL I used was
> //LKED EXEC  PGM=IEWL,
> // PARM='LIST,XREF,NOLET,MAP',
> // REGION=2M
> //SYSLIN   DD DSN=N623.PMKA.KPMAT.JKHIVX52,DISP=SHR
> //SYSLMOD  DD  DSNAME=V110GAD.LOAD(JKHIVX52),DISP=SHR
> //SYSUT1   DD  UNIT=3390,SPACE=(CYL,(1,1))
> //SYSPRINT DD  SYSOUT=*
> //SYSINDD  *
>INCLUDE SYSLIN(JKHIVX52)
>NAME JKHIVX52(R)
>
> I am doing something wrong?
> Can this deck be linked into a usable z/OS load module?
>
> Thanks
>
> Gadi
>
>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions, send 
> email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Email secured by Check Point

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Question on z/OS 2.5 and HFS file systems.

2021-10-07 Thread Ed Jaffe


On 10/6/2021 9:25 PM, Bruce Hewson wrote:

The above does require MXG  & SAS - Hope you have it.,


If not, I would think some quick editing in ISPF might suffice. For example:

===> X ALL;F X'03' 219 ALL;DEL ALL X

would get you pretty close...

--
Phoenix Software International
Edward E. Jaffe
831 Parkview Drive North
El Segundo, CA 90245
https://www.phoenixsoftware.com/



This e-mail message, including any attachments, appended messages and the
information contained therein, is for the sole use of the intended
recipient(s). If you are not an intended recipient or have otherwise
received this email message in error, any use, dissemination, distribution,
review, storage or copying of this e-mail message and the information
contained therein is strictly prohibited. If you are not an intended
recipient, please contact the sender by reply e-mail and destroy all copies
of this email message and do not otherwise utilize or retain this email
message or any or all of the information contained therein. Although this
email message and any attachments or appended messages are believed to be
free of any virus or other defect that might affect any computer system into
which it is received and opened, it is the responsibility of the recipient
to ensure that it is virus free and no responsibility is accepted by the
sender for any loss or damage arising in any way from its opening or use.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Question on z/OS 2.5 and HFS file systems.

2021-10-07 Thread Radoslaw Skorupka


Well, I'm not z/OS Unix guru, but it seems pretty easy to me.
First - mounted filesystems can be listed using several methods 
including SDSF, MVS command, ish pull down menu, BPXPRMFS member.

Second - automount.
Third - "dummy, lost, forgotten" HFS, that means the dataset exists, but 
it is not mounted or listed. It is not hard to list such datasets 
residing on DASD. Things are more complex when it is on ML2 or backed up 
and deleted or just dumped using DSS to some sequential dataset. However 
this is the same case as with ISAM datasets. Maybe someone still has 
some ISAM datasets in his dump file?


IMHO more important is to have a procedure/process/project to convert 
HFS to ZFS. Some filesystems can be unmounted with no harm to 
production, but some cannot.


--
Radoslaw Skorupka
Lodz, Poland



W dniu 07.10.2021 o 09:25, Colin Paice pisze:

I think the question came up from someone who had not had to administer
ZFS/HFS before. It was one of these "where do I start" questions.  Of
course once you are familiar with an area it gets easier.
Colin

On Wed, 6 Oct 2021 at 22:04, Radoslaw Skorupka 
wrote:


W dniu 06.10.2021 o 16:44, Ed Jaffe pisze:

On 10/6/2021 7:11 AM, Pommier, Rex wrote:

z/OS 2.4 is the last release of the operating system to support the
HFS (Hierarchical File System) data structure used by the z/OS UNIX
environment. IBM has provided equivalent if not superior
functionality with the z/OS File System (zFS). Customers should
migrate from HFS to zFS using the utilities provided in the operating
system to convert their entire file system hierarchy.

I always intended to ask how customers can identify all of their HFS
data sets. Is it something in ISMF?


Maybe my English is poor, but I don't understand the question.
What's hard in identifying HFS datasets?

1. BPXPRMFS show all mounted filesystems. Just a list to check.
2. AUTOmount is rather easy to check.
3. Last, but not least there are tools like IDCAMS DCOLLECT and LISTDSI.
4. Other cases would live in backup/ML form or just as loosely idea.

What am I missing?

--
Radoslaw Skorupka
Lodz, Poland




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Question on z/OS 2.5 and HFS file systems.

2021-10-07 Thread Mike Schwab

https://www.ibm.com/docs/en/zos/2.4.0?topic=output-dcollect-record-structure
Defines the fields in DCOLLECT output data set.
Includes HFS and zFS field definitions.

On Thu, Oct 7, 2021 at 9:37 AM Radoslaw Skorupka  wrote:
>
> Well, I'm not z/OS Unix guru, but it seems pretty easy to me.
> First - mounted filesystems can be listed using several methods
> including SDSF, MVS command, ish pull down menu, BPXPRMFS member.
> Second - automount.
> Third - "dummy, lost, forgotten" HFS, that means the dataset exists, but
> it is not mounted or listed. It is not hard to list such datasets
> residing on DASD. Things are more complex when it is on ML2 or backed up
> and deleted or just dumped using DSS to some sequential dataset. However
> this is the same case as with ISAM datasets. Maybe someone still has
> some ISAM datasets in his dump file?
>
> IMHO more important is to have a procedure/process/project to convert
> HFS to ZFS. Some filesystems can be unmounted with no harm to
> production, but some cannot.
>
> --
> Radoslaw Skorupka
> Lodz, Poland
>
>
>
> W dniu 07.10.2021 o 09:25, Colin Paice pisze:
> > I think the question came up from someone who had not had to administer
> > ZFS/HFS before. It was one of these "where do I start" questions.  Of
> > course once you are familiar with an area it gets easier.
> > Colin
> >
> > On Wed, 6 Oct 2021 at 22:04, Radoslaw Skorupka 
> > wrote:
> >
> >> W dniu 06.10.2021 o 16:44, Ed Jaffe pisze:
> >>> On 10/6/2021 7:11 AM, Pommier, Rex wrote:
>  z/OS 2.4 is the last release of the operating system to support the
>  HFS (Hierarchical File System) data structure used by the z/OS UNIX
>  environment. IBM has provided equivalent if not superior
>  functionality with the z/OS File System (zFS). Customers should
>  migrate from HFS to zFS using the utilities provided in the operating
>  system to convert their entire file system hierarchy.
> >>> I always intended to ask how customers can identify all of their HFS
> >>> data sets. Is it something in ISMF?
> >>>
> >> Maybe my English is poor, but I don't understand the question.
> >> What's hard in identifying HFS datasets?
> >>
> >> 1. BPXPRMFS show all mounted filesystems. Just a list to check.
> >> 2. AUTOmount is rather easy to check.
> >> 3. Last, but not least there are tools like IDCAMS DCOLLECT and LISTDSI.
> >> 4. Other cases would live in backup/ML form or just as loosely idea.
> >>
> >> What am I missing?
> >>
> >> --
> >> Radoslaw Skorupka
> >> Lodz, Poland
> >>
> >>
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



-- 
Mike A Schwab, Springfield IL USA
Where do Forest Rangers go to get away from it all?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: [IBM External] Re: IBM JCL Expert preview in today's announcement letter

2021-10-07 Thread Martin Packer

I, too, put DSN first. More importantly to me, I put it on a separate 
line. That makes ISPF File Tailoring more reliable and I'm often wanting 
to change the data sets I'm pointing at.

But then I'm not exactly in a Production shop.

Martin Packer

WW z/OS Performance, Capacity and Architecture, IBM Technology Sales

+44-7802-245-584

email: martin_pac...@uk.ibm.com

Twitter / Facebook IDs: MartinPacker

Blog: https://mainframeperformancetopics.com

Mainframe, Performance, Topics Podcast Series (With Marna Walle): 
https://anchor.fm/marna-walle

Youtube channel: https://www.youtube.com/channel/UCu_65HaYgksbF6Q8SQ4oOvA



From:   "Bob Bridges" 
To: IBM-MAIN@LISTSERV.UA.EDU
Date:   06/10/2021 14:57
Subject:[IBM External] Re: IBM JCL Expert preview in today's 
announcement letter
Sent by:"IBM Mainframe Discussion List" 



Just a side comment, you may be in the minority putting DISP first, but 
the minority isn't tiny; my observation is that a lot of folks do it.  I 
sometimes do myself -- I like making parms line up, it often makes them 
easier to read -- but alas, my habit is still to put it after the DSN. 
Always in the same order, in fact, so I guess I have a "standard" even 
though it's peculiar to me:

  //DDNAME   DD DSN=DATA.SET.NAME,DISP=(,CATLG),
  //DCB=(DSORG=PS,RECFM=VB,LRECL=1028[,BLKSIZE=half-tracK]),
  //[UNIT=something,]SPACE=(CYL,(5,20),RLSE)

Yeah, I still do DCB=(...).  I learned JCL forty years ago.  I hear it's 
no longer needed, but I'm used to it.  Sue me.

---
Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313

/* When I heated my home with oil, I used an average of 800 gallons a 
year.  I have found that I can keep comfortably warm for an entire winter 
with slightly over half that quantity of beer.   -Dave Barry, 
_Postpetroleum Guzzler_ */

-Original Message-
From: IBM Mainframe Discussion List  On Behalf 
Of Paul Gilmartin
Sent: Wednesday, October 6, 2021 08:32

JED provides complete JCL validation, reformatting
and enforcement of JCL standards.  ...

What's a "standard"  Suppose a site has a standard for naming job steps.
Can it enforce that?  Or only "standards" in the view of the JED author.

In DD statements I habitually code DISP as the first option.  I may be in 
a minority.  Does JED enforce ordering of options?  Might it require or 
prohibit "DCB=(...)"?  (is ""DCB=(...)" ever needed nowadays?  I still see 
it coded on occasion.)

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



Unless stated otherwise above:
IBM United Kingdom Limited - Registered in England and Wales with number 
741598. 
Registered office: PO Box 41, North Harbour, Portsmouth, Hampshire PO6 3AU


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Question on z/OS 2.5 and HFS file systems.

2021-10-07 Thread Paul Gilmartin

On Thu, 7 Oct 2021 10:37:33 +0200, Radoslaw Skorupka wrote:
>
>IMHO more important is to have a procedure/process/project to convert
>HFS to ZFS. Some filesystems can be unmounted with no harm to
>production, but some cannot.
>
Mentioned here a few weeks ago:

From:Bill Schoen
Date:   Wed, 29 Sep 2021 07:49:06 -0500
Subject: Re: OMVS - comparing directories for differences

If you want to compare file systems, you can try fscp at
https://github.com/IBM/IBM-Z-zOS/tree/main/zOS-Tools-and-Toys/fscp
Bill Schoen

Copies or compares.  Might be useful.

Or pax with suitable options.

And elsewhere:
Customers should migrate from HFS to zFS using the utilities provided
in the operating system to convert their entire file system hierarchy.

It's a scavenger hunt.

-- gil

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: [EXTERNAL] Re: IBM JCL Expert preview in today's announcement letter

2021-10-07 Thread Pommier, Rex

Hi Brian,

That was part of why I posed the initial question.  Is IBM 
repackaging/reselling JED (or some other JCL checker) or are they rolling their 
own?  Guess we'll have to wait until next year to see what it's all about.  My 
company is considering getting a JCL checker (no sales calls please..., we're 
not at that point) so the announcement piqued my interest.

Thanks,

Rex

-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Brian Westerman
Sent: Thursday, October 7, 2021 12:15 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: [EXTERNAL] Re: IBM JCL Expert preview in today's announcement letter

I don't get it, JED is not an IBM product.

Brian

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
The information contained in this message is confidential, protected from 
disclosure and may be legally privileged. If the reader of this message is not 
the intended recipient or an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that any disclosure, 
distribution, copying, or any action taken or action omitted in reliance on it, 
is strictly prohibited and may be unlawful. If you have received this 
communication in error, please notify us immediately by replying to this 
message and destroy the material in its entirety, whether in electronic or hard 
copy format. Thank you.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Question on z/OS 2.5 and HFS file systems.

2021-10-07 Thread Bill Schoen

bpxwmigf will migrate an hfs (and more recently zfs) file system to a zfs file 
system while mounted and in-use.
This is intended to be non-disruptive in production.
Should you find an hfs file system you need after you migrate to 2.5, open a 
problem with IBM support.
Although not usable on 2.5, they should be able to help you migrate the data to 
a zfs.

Bill Schoen

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: [EXTERNAL] Re: IBM JCL Expert preview in today's announcement letter

2021-10-07 Thread Sasso, Len

 We use SmartJCL (SEGUS).



Thank You and Please Be Safe!

Len Sasso
Systems Administrator Senior
CSRA, A General Dynamics Information Technology Company
327 Columbia TPKE
Rensselaer, NY 12144

TEAM: Together Everyone Achieves More

Office Hours: M-F  7 AM - 3:45 PM

Vacation: ?

Phone: (518) 257-4209
Cell: (518) 894-0879
Fax: (518) 257-4300
len.sa...@gdit.com
URL: www.gdit.com





From: IBM Mainframe Discussion List  on behalf of 
Pommier, Rex 
Sent: Thursday, October 7, 2021 8:44 AM
To: IBM-MAIN@LISTSERV.UA.EDU 
Subject: Re: [EXTERNAL] Re: IBM JCL Expert preview in today's announcement 
letter



 [External: Use caution with links & attachments]

Hi Brian,

That was part of why I posed the initial question.  Is IBM 
repackaging/reselling JED (or some other JCL checker) or are they rolling their 
own?  Guess we'll have to wait until next year to see what it's all about.  My 
company is considering getting a JCL checker (no sales calls please..., we're 
not at that point) so the announcement piqued my interest.

Thanks,

Rex

-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Brian Westerman
Sent: Thursday, October 7, 2021 12:15 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: [EXTERNAL] Re: IBM JCL Expert preview in today's announcement letter

I don't get it, JED is not an IBM product.

Brian

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
The information contained in this message is confidential, protected from 
disclosure and may be legally privileged. If the reader of this message is not 
the intended recipient or an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that any disclosure, 
distribution, copying, or any action taken or action omitted in reliance on it, 
is strictly prohibited and may be unlawful. If you have received this 
communication in error, please notify us immediately by replying to this 
message and destroy the material in its entirety, whether in electronic or hard 
copy format. Thank you.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Customized Offering Driver

2021-10-07 Thread Rich Smrcina

I ordered the Customized Offering Driver to install z/OS 2.5 the day that z/OS 
2.5 was available. I thought it was supposed to be ready to use zOSMF to do the 
install? zOSMF doesn’t come up. It complains about the angel process not being 
up, but it certainly is.

If this is really an authentication problem, as indicated below, then the COD 
is NOT set up ‘out of the box’ to use zOSMF.

D A,L 
CNZ4105I 14.03.48 DISPLAY ACTIVITY 240
 JOBS M/STS USERSSYSASINITS   ACTIVE/MAX VTAM OAS 
1000131  0003051/00010   8
 LLA  LLA  LLA  NSW  S  HZR  HZR  IEFPROC  NSW  S 
 VLF  VLF  VLF  NSW  S  DLF  DLF  DLF  NSW  S 
 SYSLOGD  SYSLOGD  CONFPDS  NSW  SO JES2 JES2 IEFPROC  NSW  S 
 RACF RACF RACF NSW  S  VTAM VTAM VTAM NSW  S 
 TSO  TSO  STEP1OWT  S  TCPIPTCPIPTCPIPNSW  SO
 FTPD1STEP1IBMUSER  OWT  AO TN3270   TN3270   TN3270   NSW  SO
 CSFSTART CSFSTART CSFSTART NSW  S  IZUANG1  IZUANG1  STEP1OWT  SO
DRVUSER  IN   

+CWWKE0001I: The server zosmfServer has been launched.   
+CWWKB0124I: Angel IZUANG1 is required, server was configured to wait   
   
 up to 0 seconds to connect to the targeted Angel.   
+CWWKB0118W: This server is not authorized to connect to the IZUANG1 
 angel process. No authorized services will be loaded.   
+CWWKB0116I: This server is not registered with an angel process even
 though it is configured to require registration with an angel   
 process. This server is attempting to stop. 
+CWWKB0251I: The z/OS kernel extension for the zosmfServer server is 
 shutting down.  
IEF404I IZUSVR1 - ENDED - TIME=14.33.54  
$HASP395 IZUSVR1  ENDED - RC=

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customized Offering Driver

2021-10-07 Thread Carmen Vitullo

Does the custom pac for 2.5 still provide the Installing your order doc? since 
if 2.5 requires z/osmf then there is an assumption on IBM's part that security 
had already been setup and you are already using z/osmf  
  
  
   
Carmen Vitullo 

   

-Original Message-

From: Rich 
To: IBM-MAIN 
Date: Thursday, 7 October 2021 9:20 AM CDT
Subject: Customized Offering Driver

I ordered the Customized Offering Driver to install z/OS 2.5 the day that z/OS 
2.5 was available. I thought it was supposed to be ready to use zOSMF to do the 
install? zOSMF doesn’t come up. It complains about the angel process not being 
up, but it certainly is. 

If this is really an authentication problem, as indicated below, then the COD 
is NOT set up ‘out of the box’ to use zOSMF. 

D A,L 
CNZ4105I 14.03.48 DISPLAY ACTIVITY 240 
JOBS M/S TS USERS SYSAS INITS ACTIVE/MAX VTAM OAS 
1 00013 1 00030 5 1/00010 8 
LLA LLA LLA NSW S HZR HZR IEFPROC NSW S 
VLF VLF VLF NSW S DLF DLF DLF NSW S 
SYSLOGD SYSLOGD CONFPDS NSW SO JES2 JES2 IEFPROC NSW S 
RACF RACF RACF NSW S VTAM VTAM VTAM NSW S 
TSO TSO STEP1 OWT S TCPIP TCPIP TCPIP NSW SO 
FTPD1 STEP1 IBMUSER OWT AO TN3270 TN3270 TN3270 NSW SO 
CSFSTART CSFSTART CSFSTART NSW S IZUANG1 IZUANG1 STEP1 OWT SO 
DRVUSER IN 

+CWWKE0001I: The server zosmfServer has been launched. 
+CWWKB0124I: Angel IZUANG1 is required, server was configured to wait 
up to 0 seconds to connect to the targeted Angel. 
+CWWKB0118W: This server is not authorized to connect to the IZUANG1 
angel process. No authorized services will be loaded. 
+CWWKB0116I: This server is not registered with an angel process even 
though it is configured to require registration with an angel 
process. This server is attempting to stop. 
+CWWKB0251I: The z/OS kernel extension for the zosmfServer server is 
shutting down. 
IEF404I IZUSVR1 - ENDED - TIME=14.33.54 
$HASP395 IZUSVR1 ENDED - RC= 

-- 
For IBM-MAIN subscribe / signoff / archive access instructions, 
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN 

  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customized Offering Driver

2021-10-07 Thread Rich Smrcina

I haven’t actually ordered 2.5 yet. I wanted to make sure the COD was set up 
correctly first.

But, I agree. If this is the way of the future, the COD should be ready to go 
with no (or minimal) intervention on my part. I understand VTAM and TCP/IP have 
to be set up, that is all done.

Rich Smrcina


> On Oct 7, 2021, at 9:42 AM, Carmen Vitullo  wrote:
> 
> Does the custom pac for 2.5 still provide the Installing your order doc? 
> since if 2.5 requires z/osmf then there is an assumption on IBM's part that 
> security had already been setup and you are already using z/osmf  
>   
>   
>
> Carmen Vitullo 
> 
> 
> 
> -Original Message-
> 
> From: Rich 
> To: IBM-MAIN 
> Date: Thursday, 7 October 2021 9:20 AM CDT
> Subject: Customized Offering Driver
> 
> I ordered the Customized Offering Driver to install z/OS 2.5 the day that 
> z/OS 2.5 was available. I thought it was supposed to be ready to use zOSMF to 
> do the install? zOSMF doesn’t come up. It complains about the angel process 
> not being up, but it certainly is. 
> 
> If this is really an authentication problem, as indicated below, then the COD 
> is NOT set up ‘out of the box’ to use zOSMF. 
> 
> D A,L 
> CNZ4105I 14.03.48 DISPLAY ACTIVITY 240 
> JOBS M/S TS USERS SYSAS INITS ACTIVE/MAX VTAM OAS 
> 1 00013 1 00030 5 1/00010 8 
> LLA LLA LLA NSW S HZR HZR IEFPROC NSW S 
> VLF VLF VLF NSW S DLF DLF DLF NSW S 
> SYSLOGD SYSLOGD CONFPDS NSW SO JES2 JES2 IEFPROC NSW S 
> RACF RACF RACF NSW S VTAM VTAM VTAM NSW S 
> TSO TSO STEP1 OWT S TCPIP TCPIP TCPIP NSW SO 
> FTPD1 STEP1 IBMUSER OWT AO TN3270 TN3270 TN3270 NSW SO 
> CSFSTART CSFSTART CSFSTART NSW S IZUANG1 IZUANG1 STEP1 OWT SO 
> DRVUSER IN 
> 
> +CWWKE0001I: The server zosmfServer has been launched. 
> +CWWKB0124I: Angel IZUANG1 is required, server was configured to wait 
> up to 0 seconds to connect to the targeted Angel. 
> +CWWKB0118W: This server is not authorized to connect to the IZUANG1 
> angel process. No authorized services will be loaded. 
> +CWWKB0116I: This server is not registered with an angel process even 
> though it is configured to require registration with an angel 
> process. This server is attempting to stop. 
> +CWWKB0251I: The z/OS kernel extension for the zosmfServer server is 
> shutting down. 
> IEF404I IZUSVR1 - ENDED - TIME=14.33.54 
> $HASP395 IZUSVR1 ENDED - RC= 
> 
> -- 
> For IBM-MAIN subscribe / signoff / archive access instructions, 
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN 
> 
> 
> 
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
> 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customized Offering Driver

2021-10-07 Thread Carmen Vitullo

ok, I understand and agree, I am kind of lucky, I was asked to have z/osmf 
available on 2.2 IIRC for the policy agent so all the security is now setup, if 
you are a Top-Secret site like me, it was quite an adventure.   
   
Carmen Vitullo 

   

-Original Message-

From: Rich 
To: IBM-MAIN 
Date: Thursday, 7 October 2021 9:46 AM CDT
Subject: Re: Customized Offering Driver

I haven’t actually ordered 2.5 yet. I wanted to make sure the COD was set up 
correctly first. 

But, I agree. If this is the way of the future, the COD should be ready to go 
with no (or minimal) intervention on my part. I understand VTAM and TCP/IP have 
to be set up, that is all done. 

Rich Smrcina 


> On Oct 7, 2021, at 9:42 AM, Carmen Vitullo  wrote: 
> 
> Does the custom pac for 2.5 still provide the Installing your order doc? 
> since if 2.5 requires z/osmf then there is an assumption on IBM's part that 
> security had already been setup and you are already using z/osmf 
> 
> 
> 
> Carmen Vitullo 
> 
> 
> 
> -Original Message- 
> 
> From: Rich  
> To: IBM-MAIN  
> Date: Thursday, 7 October 2021 9:20 AM CDT 
> Subject: Customized Offering Driver 
> 
> I ordered the Customized Offering Driver to install z/OS 2.5 the day that 
> z/OS 2.5 was available. I thought it was supposed to be ready to use zOSMF to 
> do the install? zOSMF doesn’t come up. It complains about the angel process 
> not being up, but it certainly is. 
> 
> If this is really an authentication problem, as indicated below, then the COD 
> is NOT set up ‘out of the box’ to use zOSMF. 
> 
> D A,L 
> CNZ4105I 14.03.48 DISPLAY ACTIVITY 240 
> JOBS M/S TS USERS SYSAS INITS ACTIVE/MAX VTAM OAS 
> 1 00013 1 00030 5 1/00010 8 
> LLA LLA LLA NSW S HZR HZR IEFPROC NSW S 
> VLF VLF VLF NSW S DLF DLF DLF NSW S 
> SYSLOGD SYSLOGD CONFPDS NSW SO JES2 JES2 IEFPROC NSW S 
> RACF RACF RACF NSW S VTAM VTAM VTAM NSW S 
> TSO TSO STEP1 OWT S TCPIP TCPIP TCPIP NSW SO 
> FTPD1 STEP1 IBMUSER OWT AO TN3270 TN3270 TN3270 NSW SO 
> CSFSTART CSFSTART CSFSTART NSW S IZUANG1 IZUANG1 STEP1 OWT SO 
> DRVUSER IN 
> 
> +CWWKE0001I: The server zosmfServer has been launched. 
> +CWWKB0124I: Angel IZUANG1 is required, server was configured to wait 
> up to 0 seconds to connect to the targeted Angel. 
> +CWWKB0118W: This server is not authorized to connect to the IZUANG1 
> angel process. No authorized services will be loaded. 
> +CWWKB0116I: This server is not registered with an angel process even 
> though it is configured to require registration with an angel 
> process. This server is attempting to stop. 
> +CWWKB0251I: The z/OS kernel extension for the zosmfServer server is 
> shutting down. 
> IEF404I IZUSVR1 - ENDED - TIME=14.33.54 
> $HASP395 IZUSVR1 ENDED - RC= 
> 
> -- 
> For IBM-MAIN subscribe / signoff / archive access instructions, 
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN 
> 
> 
> 
> -- 
> For IBM-MAIN subscribe / signoff / archive access instructions, 
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN 
> 


-- 
For IBM-MAIN subscribe / signoff / archive access instructions, 
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN 

  

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customized Offering Driver

2021-10-07 Thread Dave Jousma

>Does the custom pac for 2.5 still provide the Installing your order doc? since 
>if 2.5 requires z/osmf then there is an assumption on IBM's part that security 
>had already been setup and you are already using z/osmf  
> 
>  
>   
>Carmen Vitullo

if you order V2.5 before January 1, you can have a choice and can still get it 
via the custom pac install method or z/OSMF.   The question on delivery type 
(custompac or ZOSMF) comes on the panel where you specify Internet delivery.  
Marna mentioned this on the list awhile back I believe. 

We arent yet using zOSMF software installation method, so i placed my order a 
week or so ago to get custom pac.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Linkling an object from VSE to be used in z/OS

2021-10-07 Thread Peter Sylvester


shifing 1 byte to the left
removing the  phase and mode
changing the number of rld entries in the last rld record from x'34' to x'10

no complains from the binder

the skipped rld entries contain x'0100' and one just zeros.
no idea what that means, i have never seen vse




On 07/10/2021 10:00, Gadi Ben-Avi wrote:

I removed the W by shifting the who deck to the left.
I then removed the PHASE statement.
This didn't help much.
The message from the Binder are:
IEW2278I B352 INVOCATION PARAMETERS - LIST,XREF,NOLET,MAP
IEW2322I 1220  1MODE AMODE(31),RMODE(ANY)
IEW2359E 240B SECTION JKHIVX52 CONTAINS AN RLD WITH AN INVALID ADCON LOCATION. 
CLASS = B_TEXT, ELEMENT OFFSET =
  FF7FFF88.
IEW2307E 1113 CURRENT INPUT MODULE NOT INCLUDED BECAUSE OF INVALID DATA.
IEW2677S 5130 A VALID ENTRY POINT COULD NOT BE DETERMINED.
IEW2230S 0414 MODULE HAS NO TEXT.
IEW2677S 5130 A VALID ENTRY POINT COULD NOT BE DETERMINED.
IEW2008I 0F03 PROCESSING COMPLETED.  RETURN CODE =  12.

-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Attila Fogarasi
Sent: Thursday, October 7, 2021 10:55 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Linkling an object from VSE to be used in z/OS

MVS format object decks always have x'02' in column 1 and not "W", so that 
would be a problem.  You would also need to link with an appropriate Cobol runtime 
library, and those would have been EOL circa 30 years ago.  Worst case you might have to 
disassemble and recreate this module, eliminating the VSE dependencies (some are usually 
unavoidable).

On Thu, Oct 7, 2021 at 6:22 PM Gadi Ben-Avi  wrote:


Hi,
I was asked to attempt to link a object deck from VSE in z/OS.
The program is a COBOL2 program, but the source has been lost.

The first few lines of the object deck are:
W PHASE JKHIVX52,S+X'00'
W MODE AMODE(31),RMODE(ANY)
W.ESD  ..  ..JKHIVX52.§.©..÷0

After that there are many (A little over 12,000) lines that start with
W.TXT Next there are lines that start with W.RLD and a final like that
starts with W.END.

The JCL I used was
//LKED EXEC  PGM=IEWL,
// PARM='LIST,XREF,NOLET,MAP',
// REGION=2M
//SYSLIN   DD DSN=N623.PMKA.KPMAT.JKHIVX52,DISP=SHR
//SYSLMOD  DD  DSNAME=V110GAD.LOAD(JKHIVX52),DISP=SHR
//SYSUT1   DD  UNIT=3390,SPACE=(CYL,(1,1))
//SYSPRINT DD  SYSOUT=*
//SYSINDD  *
INCLUDE SYSLIN(JKHIVX52)
NAME JKHIVX52(R)

I am doing something wrong?
Can this deck be linked into a usable z/OS load module?

Thanks

Gadi



--
For IBM-MAIN subscribe / signoff / archive access instructions, send
email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Email secured by Check Point

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: CICS VSAM LSR pools and IBM DASD PPRC type mirroring.

2021-10-07 Thread Radoslaw Skorupka


W dniu 23.09.2021 o 22:21, Ward, Mike S pisze:

Hello, all. I don't know if any of you are doing disk replication to a DR site, 
but we are, and we are trying to resolve a specific problem with CICS and VSAM 
file.

CICS, in the case of LSR pools hold the data in the buffers until a buffer 
shortage\wait type of condition occurs. When that happens CICS flushes the 
buffers and updates the high used RBA's of the files. In the case of a DR test. 
We use the data as is. We copy the current replicating data to other DASD so 
that we can perform the test by bringing up the system and testing it. Well the 
only way we can think of making sure we get all the VSAM data is by closing the 
files at the production site which is not feasible. Is anyone else doing this 
kind of mirroring, and are there things you are doing that fixe the VSAM 
buffering problem? The only thing I can think of doing is adjusting the LSR 
buffer pools so that waits occur every so many minutes, I'm staying away from 
share option 4,4 on the VSAM files which are a real performance hit. Any takers 
are welcome. Also as an aside the implication here is that in the case of a 
real disaster there is data missing from the VSAM files, or am I wrong and full 
of it? Any help, opinions, whatever are welcome.


General rule: PPRC and other methods is for "wise" applications. That 
mean the application/system must survive sudden blackout with no harm to 
data consistency. Otherwise remote copy is fuzzy.
Yes, both asynchronous and synchronous remote copy are for disaster 
recovery. What does it mean? Fire, bomb, flood, power outage, whatever 
else. In any case the applications on the remote site is more or less 
like someone switched off power in the server during... of course, we 
don't know when and we cannot demand prerequisite actions. It is sudden, 
unexpected. The only difference between power outage and DR is the 
application is restarted on another machine.
Conclusion: your system elements have to be "wise" or DR aware. This is 
called transactional system. Not because it processes business 
transactions, but it processes transactions as Logical Unit of Works. 
Yes, you can loose not finished transaction, but this is all-or-nothing. 
Transaction is committed or not. Whole one.
How does it relate to CICS and LSR? Similarly to DB2 and bufferpools. 
Bufferpools are good, but committed transaction has to be written on 
DASD, in the transaction log.


BTW: SHR(4,4) is good in z/VSE, not in z/OS.


--
Radoslaw Skorupka
Lodz, Poland

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customized Offering Driver

2021-10-07 Thread Senior, Kevin

Looks like you probably have a RACF issue due to this:
CWWKB0118W: This server is not authorized to connect to the IZUANG1
Look for ICH408I messages.
Also, we found we needed UJ05022 on z/OS 2.4 to use the software install 
process for z/OS 2.5.
Check your maint levels if you want to install 2.5.
Kev Senior

-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Rich Smrcina
Sent: 07 October 2021 15:20
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Customized Offering Driver

I ordered the Customized Offering Driver to install z/OS 2.5 the day that z/OS 
2.5 was available. I thought it was supposed to be ready to use zOSMF to do the 
install? zOSMF doesn’t come up. It complains about the angel process not being 
up, but it certainly is.

If this is really an authentication problem, as indicated below, then the COD 
is NOT set up ‘out of the box’ to use zOSMF.

D A,L
CNZ4105I 14.03.48 DISPLAY ACTIVITY 240
 JOBS M/STS USERSSYSASINITS   ACTIVE/MAX VTAM OAS
1000131  0003051/00010   8
 LLA  LLA  LLA  NSW  S  HZR  HZR  IEFPROC  NSW  S
 VLF  VLF  VLF  NSW  S  DLF  DLF  DLF  NSW  S
 SYSLOGD  SYSLOGD  CONFPDS  NSW  SO JES2 JES2 IEFPROC  NSW  S
 RACF RACF RACF NSW  S  VTAM VTAM VTAM NSW  S
 TSO  TSO  STEP1OWT  S  TCPIPTCPIPTCPIPNSW  SO
 FTPD1STEP1IBMUSER  OWT  AO TN3270   TN3270   TN3270   NSW  SO
 CSFSTART CSFSTART CSFSTART NSW  S  IZUANG1  IZUANG1  STEP1OWT  SO
DRVUSER  IN

+CWWKE0001I: The server zosmfServer has been launched.
+CWWKB0124I: Angel IZUANG1 is required, server was configured to wait
 up to 0 seconds to connect to the targeted Angel.
+CWWKB0118W: This server is not authorized to connect to the IZUANG1
 angel process. No authorized services will be loaded.
+CWWKB0116I: This server is not registered with an angel process even
 though it is configured to require registration with an angel
 process. This server is attempting to stop.
+CWWKB0251I: The z/OS kernel extension for the zosmfServer server is
 shutting down.
IEF404I IZUSVR1 - ENDED - TIME=14.33.54
$HASP395 IZUSVR1  ENDED - RC=

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN


HM Land Registry’s ambition is to become the world’s leading land registry for 
speed, simplicity and an open approach to data. Our mission is: “Your land and 
property rights: guaranteed and protected”.

We check all mail and attachments for known viruses. However, you are advised 
that you open any attachments at your own risk. If you have received this email 
and it was not intended for you, please let us know, then delete it.

We welcome correspondence in English and Welsh.

To see how HM Land Registry treats your personal information, read our Personal 
information charter: 
www.gov.uk/government/organisations/land-registry/about/personal-information-charter.



__
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
__


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Linkling an object from VSE to be used in z/OS

2021-10-07 Thread Seymour J Metz

It looks like you punched with stacker select, which  suggests that the record 
length is 81 rather than 80. IAC, I suspect that there is VSE only code there. 
Is there a decompiler?


--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3



From: IBM Mainframe Discussion List  on behalf of 
Gadi Ben-Avi 
Sent: Thursday, October 7, 2021 3:22 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Linkling an object from VSE to be used in z/OS

Hi,
I was asked to attempt to link a object deck from VSE in z/OS.
The program is a COBOL2 program, but the source has been lost.

The first few lines of the object deck are:
W PHASE JKHIVX52,S+X'00'
W MODE AMODE(31),RMODE(ANY)
W.ESD  ..  ..JKHIVX52.§.©..÷0

After that there are many (A little over 12,000) lines that start with W.TXT
Next there are lines that start with W.RLD and a final like that starts with 
W.END.

The JCL I used was
//LKED EXEC  PGM=IEWL,
// PARM='LIST,XREF,NOLET,MAP',
// REGION=2M
//SYSLIN   DD DSN=N623.PMKA.KPMAT.JKHIVX52,DISP=SHR
//SYSLMOD  DD  DSNAME=V110GAD.LOAD(JKHIVX52),DISP=SHR
//SYSUT1   DD  UNIT=3390,SPACE=(CYL,(1,1))
//SYSPRINT DD  SYSOUT=*
//SYSINDD  *
   INCLUDE SYSLIN(JKHIVX52)
   NAME JKHIVX52(R)

I am doing something wrong?
Can this deck be linked into a usable z/OS load module?

Thanks

Gadi



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customized Offering Driver

2021-10-07 Thread Rich Smrcina

Kev,

I’m referring to the customized offering driver. If it’s intent is to allow a 
customer to install z/OS using zOSMF, it should be set up to do so. That 
includes all of the security bits.

Rich Smrcina


> On Oct 7, 2021, at 12:31 PM, Senior, Kevin 
> <03d27faeee8d-dmarc-requ...@listserv.ua.edu> wrote:
> 
> Looks like you probably have a RACF issue due to this:
> CWWKB0118W: This server is not authorized to connect to the IZUANG1
> Look for ICH408I messages.
> Also, we found we needed UJ05022 on z/OS 2.4 to use the software install 
> process for z/OS 2.5.
> Check your maint levels if you want to install 2.5.
> Kev Senior
> 
> -Original Message-
> From: IBM Mainframe Discussion List  On Behalf Of 
> Rich Smrcina
> Sent: 07 October 2021 15:20
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Customized Offering Driver
> 
> I ordered the Customized Offering Driver to install z/OS 2.5 the day that 
> z/OS 2.5 was available. I thought it was supposed to be ready to use zOSMF to 
> do the install? zOSMF doesn’t come up. It complains about the angel process 
> not being up, but it certainly is.
> 
> If this is really an authentication problem, as indicated below, then the COD 
> is NOT set up ‘out of the box’ to use zOSMF.
> 
> D A,L
> CNZ4105I 14.03.48 DISPLAY ACTIVITY 240
> JOBS M/STS USERSSYSASINITS   ACTIVE/MAX VTAM OAS
> 1000131  0003051/00010   8
> LLA  LLA  LLA  NSW  S  HZR  HZR  IEFPROC  NSW  S
> VLF  VLF  VLF  NSW  S  DLF  DLF  DLF  NSW  S
> SYSLOGD  SYSLOGD  CONFPDS  NSW  SO JES2 JES2 IEFPROC  NSW  S
> RACF RACF RACF NSW  S  VTAM VTAM VTAM NSW  S
> TSO  TSO  STEP1OWT  S  TCPIPTCPIPTCPIPNSW  SO
> FTPD1STEP1IBMUSER  OWT  AO TN3270   TN3270   TN3270   NSW  SO
> CSFSTART CSFSTART CSFSTART NSW  S  IZUANG1  IZUANG1  STEP1OWT  SO
> DRVUSER  IN
> 
> +CWWKE0001I: The server zosmfServer has been launched.
> +CWWKB0124I: Angel IZUANG1 is required, server was configured to wait
> up to 0 seconds to connect to the targeted Angel.
> +CWWKB0118W: This server is not authorized to connect to the IZUANG1
> angel process. No authorized services will be loaded.
> +CWWKB0116I: This server is not registered with an angel process even
> though it is configured to require registration with an angel
> process. This server is attempting to stop.
> +CWWKB0251I: The z/OS kernel extension for the zosmfServer server is
> shutting down.
> IEF404I IZUSVR1 - ENDED - TIME=14.33.54
> $HASP395 IZUSVR1  ENDED - RC=
> 
> --
> For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
> lists...@listserv.ua.edu with the message: INFO IBM-MAIN
> 
> 
> HM Land Registry’s ambition is to become the world’s leading land registry 
> for speed, simplicity and an open approach to data. Our mission is: “Your 
> land and property rights: guaranteed and protected”.
> 
> We check all mail and attachments for known viruses. However, you are advised 
> that you open any attachments at your own risk. If you have received this 
> email and it was not intended for you, please let us know, then delete it.
> 
> We welcome correspondence in English and Welsh.
> 
> To see how HM Land Registry treats your personal information, read our 
> Personal information charter: 
> www.gov.uk/government/organisations/land-registry/about/personal-information-charter.
> 
> 
> 
> __
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> __
> 
> 
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread carl swanson

Everyone,

First in full disclosure I work for Dell Technologies Mainframe 
Practice,  now that is out of the way I will proceed. 


Dell Technologies does off a Cyber Protection solution for the 
Mainframe using our PowerMax hardware and Software for DASD and our DLm 
Solution for Tape. Both have the capabilities to use space efficient snapshots 
and in each case these can be made immutable. 

I have left out all the details and capabilities because I do not think 
this is the place, and I am only answering the question asked. 

Carl Swanson
1427 Forsythia Cir
Jamison, Pa 18929
215-688-1459
carl.swans...@verizon.net

-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 5:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
>> Hi
>   Any shop implement mainframe ransomware solution can share? IBM 
> seems has cyber vault to handle this. Is there any other solution available ?
> Thanks for sharing


Yes, we have such solution.
This is combination of the following products:
1. z/OS
2. RACF
3. Professional staff


Other means:
RACF
backup
Safeguarded copy and other vendors' solutions audit procedures

Note: all of the "solutions" marketed nowadays give you some cure *after breach 
happened*. However that means some problems. It is unlikely to restore with 
RPO=0. If you want RPO=0 then you should pay much more attention at prevention, 
which means ...no, NOT ANOTHER PRODUCT. 
Definitely first: professional staff, procedures, audit. And then maybe some 
tools.
IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM, Safeguarded 
Copy...




My €0.02



--
Radoslaw Skorupka
Lodz, Poland

--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Customized Offering Driver

2021-10-07 Thread Senior, Kevin

Rich
You’re right, it *should* have the necessary fixes.
Also, you're right it *should* have the necessary security set up for the 
IZUSVR1 to connect to the IZUANG1, but the message you're getting suggests 
IZUSVR1 is not authorised to connect to IZUANG1 so something isn't right with 
the security set-up.
See https://www.ibm.com/docs/en/zos/2.4.0?topic=interface-cannot-log-into-zosmf
where it says ... " For message CWWKB0118W, you must grant the z/OSMF server 
user ID read access to the profile BBG.ANGEL.proc-name in the SERVER resource 
class, where angel-proc is the name of the angel started procedure".
I would check that RACF profile, and check that the IZUSVR1 isn't running under 
a userid which is not the one it should be running under and hence isn't 
permitted to the BBG.ANGEL.proc-name profile in class SERVER.
There should be a related ICH408I message in SYSLOG which would explain why 
RACF thinks the access is not authorised.
Unfortunately, there are some other possible causes that might surface as a 
'not authorised' problem so you'll need to find the ICH408I message in syslog 
and may have to locate the zOSMF Liberty log files and look at the messages in 
there.
Kev Senior
-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Rich Smrcina
Sent: 07 October 2021 18:57
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Customized Offering Driver

Kev,

I’m referring to the customized offering driver. If it’s intent is to allow a 
customer to install z/OS using zOSMF, it should be set up to do so. That 
includes all of the security bits.

Rich Smrcina


> On Oct 7, 2021, at 12:31 PM, Senior, Kevin 
> <03d27faeee8d-dmarc-requ...@listserv.ua.edu> wrote:
>
> Looks like you probably have a RACF issue due to this:
> CWWKB0118W: This server is not authorized to connect to the IZUANG1
> Look for ICH408I messages.
> Also, we found we needed UJ05022 on z/OS 2.4 to use the software install 
> process for z/OS 2.5.
> Check your maint levels if you want to install 2.5.
> Kev Senior
>
> -Original Message-
> From: IBM Mainframe Discussion List  On
> Behalf Of Rich Smrcina
> Sent: 07 October 2021 15:20
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Customized Offering Driver
>
> I ordered the Customized Offering Driver to install z/OS 2.5 the day that 
> z/OS 2.5 was available. I thought it was supposed to be ready to use zOSMF to 
> do the install? zOSMF doesn’t come up. It complains about the angel process 
> not being up, but it certainly is.
>
> If this is really an authentication problem, as indicated below, then the COD 
> is NOT set up ‘out of the box’ to use zOSMF.
>
> D A,L
> CNZ4105I 14.03.48 DISPLAY ACTIVITY 240
> JOBS M/STS USERSSYSASINITS   ACTIVE/MAX VTAM OAS
> 1000131  0003051/00010   8
> LLA  LLA  LLA  NSW  S  HZR  HZR  IEFPROC  NSW  S
> VLF  VLF  VLF  NSW  S  DLF  DLF  DLF  NSW  S
> SYSLOGD  SYSLOGD  CONFPDS  NSW  SO JES2 JES2 IEFPROC  NSW  S
> RACF RACF RACF NSW  S  VTAM VTAM VTAM NSW  S
> TSO  TSO  STEP1OWT  S  TCPIPTCPIPTCPIPNSW  SO
> FTPD1STEP1IBMUSER  OWT  AO TN3270   TN3270   TN3270   NSW  SO
> CSFSTART CSFSTART CSFSTART NSW  S  IZUANG1  IZUANG1  STEP1OWT  SO
> DRVUSER  IN
>
> +CWWKE0001I: The server zosmfServer has been launched.
> +CWWKB0124I: Angel IZUANG1 is required, server was configured to wait
> up to 0 seconds to connect to the targeted Angel.
> +CWWKB0118W: This server is not authorized to connect to the IZUANG1
> angel process. No authorized services will be loaded.
> +CWWKB0116I: This server is not registered with an angel process even
> though it is configured to require registration with an angel process.
> This server is attempting to stop.
> +CWWKB0251I: The z/OS kernel extension for the zosmfServer server is
> shutting down.
> IEF404I IZUSVR1 - ENDED - TIME=14.33.54
> $HASP395 IZUSVR1  ENDED - RC=
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions, send
> email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>
>
> HM Land Registry’s ambition is to become the world’s leading land registry 
> for speed, simplicity and an open approach to data. Our mission is: “Your 
> land and property rights: guaranteed and protected”.
>
> We check all mail and attachments for known viruses. However, you are advised 
> that you open any attachments at your own risk. If you have received this 
> email and it was not intended for you, please let us know, then delete it.
>
> We welcome correspondence in English and Welsh.
>
> To see how HM Land Registry treats your personal information, read our 
> Personal information charter: 
> https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.gov.uk%2Fgovernment%2Forganisations%2Fland-registry%2Fabout%2Fpersonal-information-charter&data=04%7

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

And assuming you never make a mistake. Never leave an APF data set unprotected. 
Never give the wrong person console authority. Fully understand APF on UNIX. 
Never have a Rexx PDS used by privileged users that is modifiable by others. 
Have no magic SVCs. Have no flawed APF code, no APF "tools" available 
inappropriately.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
>> Hi
>   Any shop implement mainframe ransomware solution can share? IBM seems has
> cyber vault to handle this. Is there any other solution available ?
> Thanks for sharing


Yes, we have such solution.
This is combination of the following products:
1. z/OS
2. RACF
3. Professional staff


Other means:
RACF
backup
Safeguarded copy and other vendors' solutions
audit
procedures

Note: all of the "solutions" marketed nowadays give you some cure *after 
breach happened*. However that means some problems. It is unlikely to 
restore with RPO=0. If you want RPO=0 then you should pay much more 
attention at prevention, which means ...no, NOT ANOTHER PRODUCT. 
Definitely first: professional staff, procedures, audit. And then maybe 
some tools.
IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM, 
Safeguarded Copy...

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Bill Johnson

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.

Sent from Yahoo Mail for iPhone

On Thursday, October 7, 2021, 2:12 PM, Charles Mills  wrote:

And assuming you never make a mistake. Never leave an APF data set unprotected. 
Never give the wrong person console authority. Fully understand APF on UNIX. 
Never have a Rexx PDS used by privileged users that is modifiable by others. 
Have no magic SVCs. Have no flawed APF code, no APF "tools" available 
inappropriately.

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
>> Hi
>  Any shop implement mainframe ransomware solution can share? IBM seems has
> cyber vault to handle this. Is there any other solution available ?
> Thanks for sharing

Yes, we have such solution.
This is combination of the following products:
1. z/OS
2. RACF
3. Professional staff

Other means:
RACF
backup
Safeguarded copy and other vendors' solutions
audit
procedures

Note: all of the "solutions" marketed nowadays give you some cure *after 
breach happened*. However that means some problems. It is unlikely to 
restore with RPO=0. If you want RPO=0 then you should pay much more 
attention at prevention, which means ...no, NOT ANOTHER PRODUCT. 
Definitely first: professional staff, procedures, audit. And then maybe 
some tools.
IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM, 
Safeguarded Copy...

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

I don't know, but what the professional Pen Testers tell me is that they never 
fail to find things like that.

I've never met any group that never made a mistake, never had an "oops," never 
"missed something."

Magic SVCs were widespread until recently. Has every single one vanished?

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.

Sent from Yahoo Mail for iPhone

On Thursday, October 7, 2021, 2:12 PM, Charles Mills  wrote:

And assuming you never make a mistake. Never leave an APF data set unprotected. 
Never give the wrong person console authority. Fully understand APF on UNIX. 
Never have a Rexx PDS used by privileged users that is modifiable by others. 
Have no magic SVCs. Have no flawed APF code, no APF "tools" available 
inappropriately.

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
>> Hi
>  Any shop implement mainframe ransomware solution can share? IBM seems has
> cyber vault to handle this. Is there any other solution available ?
> Thanks for sharing

Yes, we have such solution.
This is combination of the following products:
1. z/OS
2. RACF
3. Professional staff

Other means:
RACF
backup
Safeguarded copy and other vendors' solutions
audit
procedures

Note: all of the "solutions" marketed nowadays give you some cure *after 
breach happened*. However that means some problems. It is unlikely to 
restore with RPO=0. If you want RPO=0 then you should pay much more 
attention at prevention, which means ...no, NOT ANOTHER PRODUCT. 
Definitely first: professional staff, procedures, audit. And then maybe 
some tools.
IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM, 
Safeguarded Copy...

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

> Maybe that’s why mainframe hacks have actually never happened

Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, they 
came in through USS.")

And assuming you don't count one other that I am aware of but under a firm 
request not to discuss.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Paul Gilmartin

On Thu, 7 Oct 2021 15:47:11 -0700, Charles Mills  wrote:

>I don't know, but what the professional Pen Testers tell me is that they never 
>fail to find things like that.
> 
Do you mean they always find one or they always find all?


On Thu, 7 Oct 2021 15:49:17 -0700, Charles Mills wrote:

>> Maybe that’s why mainframe hacks have actually never happened
>
>Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, they 
>came in through USS.")
>
For once, the question, "Which USS?" might be meaningful.

-- gil

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Bill Johnson

Logica isn’t actually a hack. And of course the phantom one you’re working on. 


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 4:49 PM, Charles Mills  wrote:

> Maybe that’s why mainframe hacks have actually never happened

Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, they 
came in through USS.")

And assuming you don't count one other that I am aware of but under a firm 
request not to discuss.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Bill Johnson

Nearly all banks run a mainframe. If hackers wanted to break into platforms 
handling the worlds financial system, where all the money is, the mainframe is 
the platform. The MF has been around for 60-70 years and all you can come up 
with the Logica non hack and some hokey hack only you know about. Whereas, 
Microsoft, and every other platform are hacked every week. And the ransom 
attacks aren’t on the MF. Plus, don’t get me started on the thievery of bitcoin.


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 4:49 PM, Charles Mills  wrote:

> Maybe that’s why mainframe hacks have actually never happened

Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, they 
came in through USS.")

And assuming you don't count one other that I am aware of but under a firm 
request not to discuss.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

The one I am privately aware of I did not work on and is four years (?) in the 
past. It was a US government system.

There are varying versions of the Logica story. The one I read in the police 
report and accept as factual involved the exploitation of a flaw in a Web 
browser running on z/OS UNIX. They used that to utterly take over the machine, 
issuing multiple userids and making them SPECIAL and so forth. They installed 
their own login server to make things easier for themselves. I would call that 
a mainframe breach.

I think a focus on "was it a real hack" is a mistake. If your senior systems 
programmer writes his password on the back of his business card and 
accidentally leaves it in a bar, that is not a "real hack" but your data is 
just as much at risk as if it were. The focus should be on vulnerabilities (in 
that case, lack of MFA and lack of user education) not "was it a real hack?"

If your teenaged son dropped his housekey in your driveway and someone used it 
to come in and steal your TV, would you say "that was not a real burglary"?

At best you can't say mainframe hacks have never happened, you can only say you 
don't know of any. There is a well-known tendency for shops not to discuss. 
(Nor for that matter can one assert unequivocally that they have; only that 
there are none that are well-documented.)

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

Logica isn’t actually a hack. And of course the phantom one you’re working on. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

Interesting thought. Has anyone ever tested for a buffer overrun exploit in USS 
(the old USS, the real USS)?

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Paul Gilmartin
Sent: Thursday, October 7, 2021 3:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

On Thu, 7 Oct 2021 15:47:11 -0700, Charles Mills  wrote:

>I don't know, but what the professional Pen Testers tell me is that they never 
>fail to find things like that.
> 
Do you mean they always find one or they always find all?


On Thu, 7 Oct 2021 15:49:17 -0700, Charles Mills wrote:

>> Maybe that’s why mainframe hacks have actually never happened
>
>Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, they 
>came in through USS.")
>
For once, the question, "Which USS?" might be meaningful.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Bill Johnson

Right, they’re all kept under wraps in a world where privacy is next to 
impossible. And what you heard (suddenly not under wraps) isn’t what happened 
with  Logica. 
If your kid drops his key, and someone uses it to enter a house, that’s not a 
break in.
60-70 years and all you’ve got is a few non hacks to feed your hatred of IBM 
and the mainframe.


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 5:18 PM, Charles Mills  wrote:

The one I am privately aware of I did not work on and is four years (?) in the 
past. It was a US government system.

There are varying versions of the Logica story. The one I read in the police 
report and accept as factual involved the exploitation of a flaw in a Web 
browser running on z/OS UNIX. They used that to utterly take over the machine, 
issuing multiple userids and making them SPECIAL and so forth. They installed 
their own login server to make things easier for themselves. I would call that 
a mainframe breach.

I think a focus on "was it a real hack" is a mistake. If your senior systems 
programmer writes his password on the back of his business card and 
accidentally leaves it in a bar, that is not a "real hack" but your data is 
just as much at risk as if it were. The focus should be on vulnerabilities (in 
that case, lack of MFA and lack of user education) not "was it a real hack?"

If your teenaged son dropped his housekey in your driveway and someone used it 
to come in and steal your TV, would you say "that was not a real burglary"?

At best you can't say mainframe hacks have never happened, you can only say you 
don't know of any. There is a well-known tendency for shops not to discuss. 
(Nor for that matter can one assert unequivocally that they have; only that 
there are none that are well-documented.)

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:59 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

Logica isn’t actually a hack. And of course the phantom one you’re working on. 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

The insecurity of Windows is irrelevant. The insecurity of less-secure 
platforms is relevant to the question "where should I implement my financial 
software?" but not relevant to the question "do I need to consider the 
possibility of a mainframe breach?"

By the same logic, no bank has ever been robbed, because houses get broken into 
every day.

I am not anti-mainframe. It is not an anti-mainframe position to advocate for 
mainframe security. "Oh, we have nothing to worry about" is surely the enemy of 
security.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 4:08 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

Nearly all banks run a mainframe. If hackers wanted to break into platforms 
handling the worlds financial system, where all the money is, the mainframe is 
the platform. The MF has been around for 60-70 years and all you can come up 
with the Logica non hack and some hokey hack only you know about. Whereas, 
Microsoft, and every other platform are hacked every week. And the ransom 
attacks aren’t on the MF. Plus, don’t get me started on the thievery of bitcoin.


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 4:49 PM, Charles Mills  wrote:

> Maybe that’s why mainframe hacks have actually never happened

Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, they 
came in through USS.")

And assuming you don't count one other that I am aware of but under a firm 
request not to discuss.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

> your hatred of IBM and the mainframe

My friend, now you are out there. I have 53 years on this platform, and it has 
been very, very good to me.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 4:26 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

Right, they’re all kept under wraps in a world where privacy is next to 
impossible. And what you heard (suddenly not under wraps) isn’t what happened 
with  Logica. 
If your kid drops his key, and someone uses it to enter a house, that’s not a 
break in.
60-70 years and all you’ve got is a few non hacks to feed your hatred of IBM 
and the mainframe.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Bill Johnson

Security is paramount in the 15 or so shops I’ve worked in. And supremely 
important in banks. And none were ever hacked. IBM makes it easy to secure the 
MF. Other platforms make it easy for hackers. Banks are robbed fairly often. 
Just through the front door. Many of you are anti mainframe. It shows quite 
frequently. Oh, I’m also trained in law enforcement so I have an idea about 
security. 


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 5:27 PM, Charles Mills  wrote:

The insecurity of Windows is irrelevant. The insecurity of less-secure 
platforms is relevant to the question "where should I implement my financial 
software?" but not relevant to the question "do I need to consider the 
possibility of a mainframe breach?"

By the same logic, no bank has ever been robbed, because houses get broken into 
every day.

I am not anti-mainframe. It is not an anti-mainframe position to advocate for 
mainframe security. "Oh, we have nothing to worry about" is surely the enemy of 
security.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 4:08 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

Nearly all banks run a mainframe. If hackers wanted to break into platforms 
handling the worlds financial system, where all the money is, the mainframe is 
the platform. The MF has been around for 60-70 years and all you can come up 
with the Logica non hack and some hokey hack only you know about. Whereas, 
Microsoft, and every other platform are hacked every week. And the ransom 
attacks aren’t on the MF. Plus, don’t get me started on the thievery of bitcoin.


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 4:49 PM, Charles Mills  wrote:

> Maybe that’s why mainframe hacks have actually never happened

Assuming you don't count Logica. ("Oh, that wasn't a real mainframe hack, they 
came in through USS.")

And assuming you don't count one other that I am aware of but under a firm 
request not to discuss.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 3:21 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Bill Johnson

Started when you were 12 or still needing to work into your 70’s?


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 5:32 PM, Charles Mills  wrote:

> your hatred of IBM and the mainframe

My friend, now you are out there. I have 53 years on this platform, and it has 
been very, very good to me.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 4:26 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

Right, they’re all kept under wraps in a world where privacy is next to 
impossible. And what you heard (suddenly not under wraps) isn’t what happened 
with  Logica. 
If your kid drops his key, and someone uses it to enter a house, that’s not a 
break in.
60-70 years and all you’ve got is a few non hacks to feed your hatred of IBM 
and the mainframe.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Tom Brennan

I'll repeat what I always say about this.  If I was hacking a mainframe 
I wouldn't start with the mainframe, I'd start with the sysprog or 
security admin's PC or Mac or email or phone or whatever.  In that case 
it doesn't matter one bit how well the mainframe is protected internally.


And please stop with the political remarks.  This seems to be the one 
place on earth I can go without reading about politics.  A place where I 
can enjoy a 50+ post back-and-forth between Seymour and Gil, for 
example, without hearing one word about US politics.


On 10/7/2021 3:21 PM, Bill Johnson wrote:

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 2:12 PM, Charles Mills  wrote:

And assuming you never make a mistake. Never leave an APF data set unprotected. Never 
give the wrong person console authority. Fully understand APF on UNIX. Never have a Rexx 
PDS used by privileged users that is modifiable by others. Have no magic SVCs. Have no 
flawed APF code, no APF "tools" available inappropriately.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:

Hi

   Any shop implement mainframe ransomware solution can share? IBM seems has
cyber vault to handle this. Is there any other solution available ?
Thanks for sharing



Yes, we have such solution.
This is combination of the following products:
1. z/OS
2. RACF
3. Professional staff


Other means:
RACF
backup
Safeguarded copy and other vendors' solutions
audit
procedures

Note: all of the "solutions" marketed nowadays give you some cure *after
breach happened*. However that means some problems. It is unlikely to
restore with RPO=0. If you want RPO=0 then you should pay much more
attention at prevention, which means ...no, NOT ANOTHER PRODUCT.
Definitely first: professional staff, procedures, audit. And then maybe
some tools.
IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM,
Safeguarded Copy...

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
.



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Bill Johnson

I’d like to see anyone hack a mainframe using my phone. Or email. Let me guess. 
Mills and you sell security?


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 5:50 PM, Tom Brennan 
 wrote:

I'll repeat what I always say about this.  If I was hacking a mainframe 
I wouldn't start with the mainframe, I'd start with the sysprog or 
security admin's PC or Mac or email or phone or whatever.  In that case 
it doesn't matter one bit how well the mainframe is protected internally.

And please stop with the political remarks.  This seems to be the one 
place on earth I can go without reading about politics.  A place where I 
can enjoy a 50+ post back-and-forth between Seymour and Gil, for 
example, without hearing one word about US politics.

On 10/7/2021 3:21 PM, Bill Johnson wrote:
> You’d have to be a poorly run shop to permit any of those to occur. Maybe 
> that’s why mainframe hacks have actually never happened.Biden 
> successfully extracted 124,000 from Afghanistan in a few weeks. Amazing.
> 
> 
> Sent from Yahoo Mail for iPhone
> 
> 
> On Thursday, October 7, 2021, 2:12 PM, Charles Mills  wrote:
> 
> And assuming you never make a mistake. Never leave an APF data set 
> unprotected. Never give the wrong person console authority. Fully understand 
> APF on UNIX. Never have a Rexx PDS used by privileged users that is 
> modifiable by others. Have no magic SVCs. Have no flawed APF code, no APF 
> "tools" available inappropriately.
> 
> Charles
> 
> 
> -Original Message-
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On 
> Behalf Of Radoslaw Skorupka
> Sent: Wednesday, October 6, 2021 2:13 PM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Mainframe ransomware solution
> 
> W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:
>>> Hi
>>    Any shop implement mainframe ransomware solution can share? IBM seems has
>> cyber vault to handle this. Is there any other solution available ?
>> Thanks for sharing
> 
> 
> Yes, we have such solution.
> This is combination of the following products:
> 1. z/OS
> 2. RACF
> 3. Professional staff
> 
> 
> Other means:
> RACF
> backup
> Safeguarded copy and other vendors' solutions
> audit
> procedures
> 
> Note: all of the "solutions" marketed nowadays give you some cure *after
> breach happened*. However that means some problems. It is unlikely to
> restore with RPO=0. If you want RPO=0 then you should pay much more
> attention at prevention, which means ...no, NOT ANOTHER PRODUCT.
> Definitely first: professional staff, procedures, audit. And then maybe
> some tools.
> IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM,
> Safeguarded Copy...
> 
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
> 
> 
> 
> 
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
> .
> 

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

I did not start when I was 12 and I do not need (financially) to work. I love 
coding and I like this platform.

I have been very involved with security solutions for the mainframe. I do not 
currently exactly sell mainframe security. I recently did a presentation on how 
certificates work. Is that selling security? I suppose it is.

Disagrees with Bill Johnson does not equal hates the mainframe.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Bill Johnson
Sent: Thursday, October 7, 2021 4:39 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

Started when you were 12 or still needing to work into your 70’s?

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

Exactly, and "that was not a real hack" would not get your data back.

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Tom Brennan
Sent: Thursday, October 7, 2021 4:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

I'll repeat what I always say about this.  If I was hacking a mainframe 
I wouldn't start with the mainframe, I'd start with the sysprog or 
security admin's PC or Mac or email or phone or whatever.  In that case 
it doesn't matter one bit how well the mainframe is protected internally.

And please stop with the political remarks.  This seems to be the one 
place on earth I can go without reading about politics.  A place where I 
can enjoy a 50+ post back-and-forth between Seymour and Gil, for 
example, without hearing one word about US politics.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Bill Johnson

The thing about you list dominators, is you think you know it all and should 
never be challenged. I love when the IBM experts corrects one of you.


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 6:01 PM, Charles Mills  wrote:

Exactly, and "that was not a real hack" would not get your data back.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Tom Brennan
Sent: Thursday, October 7, 2021 4:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

I'll repeat what I always say about this.  If I was hacking a mainframe 
I wouldn't start with the mainframe, I'd start with the sysprog or 
security admin's PC or Mac or email or phone or whatever.  In that case 
it doesn't matter one bit how well the mainframe is protected internally.

And please stop with the political remarks.  This seems to be the one 
place on earth I can go without reading about politics.  A place where I 
can enjoy a 50+ post back-and-forth between Seymour and Gil, for 
example, without hearing one word about US politics.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Tom Brennan

Obviously not you, but I've seen email and phone used for apps that 
allow sysprogs temporary upgraded access, validated only by their email 
address or phone text.


On 10/7/2021 4:53 PM, Bill Johnson wrote:

I’d like to see anyone hack a mainframe using my phone. Or email. Let me guess. 
Mills and you sell security?


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 5:50 PM, Tom Brennan 
 wrote:

I'll repeat what I always say about this.  If I was hacking a mainframe
I wouldn't start with the mainframe, I'd start with the sysprog or
security admin's PC or Mac or email or phone or whatever.  In that case
it doesn't matter one bit how well the mainframe is protected internally.

And please stop with the political remarks.  This seems to be the one
place on earth I can go without reading about politics.  A place where I
can enjoy a 50+ post back-and-forth between Seymour and Gil, for
example, without hearing one word about US politics.

On 10/7/2021 3:21 PM, Bill Johnson wrote:

You’d have to be a poorly run shop to permit any of those to occur. Maybe 
that’s why mainframe hacks have actually never happened.Biden successfully 
extracted 124,000 from Afghanistan in a few weeks. Amazing.


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 2:12 PM, Charles Mills  wrote:

And assuming you never make a mistake. Never leave an APF data set unprotected. Never 
give the wrong person console authority. Fully understand APF on UNIX. Never have a Rexx 
PDS used by privileged users that is modifiable by others. Have no magic SVCs. Have no 
flawed APF code, no APF "tools" available inappropriately.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Radoslaw Skorupka
Sent: Wednesday, October 6, 2021 2:13 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

W dniu 05.10.2021 o 15:24, Tommy Tsui pisze:

Hi

     Any shop implement mainframe ransomware solution can share? IBM seems has
cyber vault to handle this. Is there any other solution available ?
Thanks for sharing



Yes, we have such solution.
This is combination of the following products:
1. z/OS
2. RACF
3. Professional staff


Other means:
RACF
backup
Safeguarded copy and other vendors' solutions
audit
procedures

Note: all of the "solutions" marketed nowadays give you some cure *after
breach happened*. However that means some problems. It is unlikely to
restore with RPO=0. If you want RPO=0 then you should pay much more
attention at prevention, which means ...no, NOT ANOTHER PRODUCT.
Definitely first: professional staff, procedures, audit. And then maybe
some tools.
IBM Cyber Resiliency tools: Guardium, zSecure Suite, QRadar SIEM,
Safeguarded Copy...

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
.



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
.



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Linkling an object from VSE to be used in z/OS

2021-10-07 Thread allan winston

Attila,

   I agree with you that there is almost no chance of a load module
generated from this object deck operating correctly.

   z/OS and VSE use SVCs differently.  For performing I/O, DCBs and DTFs
are radically different.  The VSE COBOL compiler may be
calling library routines that don't exist in the z/OS environment.

   If this critical software and you have the big bucks, you could license
DUO:
http://www.lookupmainframesoftware.com/soft_detail/dispsoft/546
if it is still marketed!  The above link is 9 years old.





On Thu, Oct 7, 2021 at 3:55 AM Attila Fogarasi  wrote:

> MVS format object decks always have x'02' in column 1 and not "W", so that
> would be a problem.  You would also need to link with an appropriate Cobol
> runtime library, and those would have been EOL circa 30 years ago.  Worst
> case you might have to disassemble and recreate this module, eliminating
> the VSE dependencies (some are usually unavoidable).
>
> On Thu, Oct 7, 2021 at 6:22 PM Gadi Ben-Avi  wrote:
>
> > Hi,
> > I was asked to attempt to link a object deck from VSE in z/OS.
> > The program is a COBOL2 program, but the source has been lost.
> >
> > The first few lines of the object deck are:
> > W PHASE JKHIVX52,S+X'00'
> > W MODE AMODE(31),RMODE(ANY)
> > W.ESD  ..  ..JKHIVX52.§.©..÷0
> >
> > After that there are many (A little over 12,000) lines that start with
> > W.TXT
> > Next there are lines that start with W.RLD and a final like that starts
> > with W.END.
> >
> > The JCL I used was
> > //LKED EXEC  PGM=IEWL,
> > // PARM='LIST,XREF,NOLET,MAP',
> > // REGION=2M
> > //SYSLIN   DD DSN=N623.PMKA.KPMAT.JKHIVX52,DISP=SHR
> > //SYSLMOD  DD  DSNAME=V110GAD.LOAD(JKHIVX52),DISP=SHR
> > //SYSUT1   DD  UNIT=3390,SPACE=(CYL,(1,1))
> > //SYSPRINT DD  SYSOUT=*
> > //SYSINDD  *
> >INCLUDE SYSLIN(JKHIVX52)
> >NAME JKHIVX52(R)
> >
> > I am doing something wrong?
> > Can this deck be linked into a usable z/OS load module?
> >
> > Thanks
> >
> > Gadi
> >
> >
> >
> > --
> > For IBM-MAIN subscribe / signoff / archive access instructions,
> > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
> >
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Farley, Peter x23353

I don't know about the others on the list, but I am a tad tired of this and 
other rounds of sniping between Mr. Johnson and Mr. Mills.

I would sincerely appreciate it if both of you would tone it down by an order 
of magnitude or more, or even better take this particular line of discussion 
offline.  Responding angrily on any topic doesn't enlighten anyone.  It may be 
therapeutic but it is not appropriate.

I am certainly not a "list dominator" and I appreciate the technical 
discussions on this list including those contributed to by both of these 
gentlemen, and have been given (and occasionally have myself given) good advice 
on the practice of our profession.  I would really like that tradition to 
continue.

+1 on Tom Brennan's request to keep politics out of our exchanges.  There are 
plenty of other places for discussion or comments on those topics.

Peter

-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Bill Johnson
Sent: Thursday, October 7, 2021 8:06 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

The thing about you list dominators, is you think you know it all and should 
never be challenged. I love when the IBM experts corrects one of you.


On Thursday, October 7, 2021, 6:01 PM, Charles Mills  wrote:

Exactly, and "that was not a real hack" would not get your data back.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Tom Brennan
Sent: Thursday, October 7, 2021 4:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

I'll repeat what I always say about this.  If I was hacking a mainframe I 
wouldn't start with the mainframe, I'd start with the sysprog or security 
admin's PC or Mac or email or phone or whatever.  In that case it doesn't 
matter one bit how well the mainframe is protected internally.

And please stop with the political remarks.  This seems to be the one place on 
earth I can go without reading about politics.  A place where I can enjoy a 50+ 
post back-and-forth between Seymour and Gil, for example, without hearing one 
word about US politics.





--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

This message and any attachments are intended only for the use of the addressee 
and may contain information that is privileged and confidential. If the reader 
of the message is not the intended recipient or an authorized representative of 
the intended recipient, you are hereby notified that any dissemination of this 
communication is strictly prohibited. If you have received this communication 
in error, please notify us immediately by e-mail and delete the message and any 
attachments from your system.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Rich Smrcina

Agreed. Move on.

Rich Smrcina


> On Oct 7, 2021, at 7:34 PM, Farley, Peter x23353 
> <031df298a9da-dmarc-requ...@listserv.ua.edu> wrote:
> 
> I don't know about the others on the list, but I am a tad tired of this and 
> other rounds of sniping between Mr. Johnson and Mr. Mills.
> 
> I would sincerely appreciate it if both of you would tone it down by an order 
> of magnitude or more, or even better take this particular line of discussion 
> offline.  Responding angrily on any topic doesn't enlighten anyone.  It may 
> be therapeutic but it is not appropriate.
> 
> 


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Linkling an object from VSE to be used in z/OS

2021-10-07 Thread Tony Thigpen

Don't expect it to work. When VSE punches a phase, the link deck created 
includes any called modules without any way to get them out. This is in 
contrast to z/OS which produces all the individual modules.


Tony Thigpen

Gadi Ben-Avi wrote on 10/7/21 3:22 AM:

Hi,
I was asked to attempt to link a object deck from VSE in z/OS.
The program is a COBOL2 program, but the source has been lost.

The first few lines of the object deck are:
W PHASE JKHIVX52,S+X'00'
W MODE AMODE(31),RMODE(ANY)
W.ESD  ..  ..JKHIVX52.§.©..÷0

After that there are many (A little over 12,000) lines that start with W.TXT
Next there are lines that start with W.RLD and a final like that starts with 
W.END.

The JCL I used was
//LKED EXEC  PGM=IEWL,
// PARM='LIST,XREF,NOLET,MAP',
// REGION=2M
//SYSLIN   DD DSN=N623.PMKA.KPMAT.JKHIVX52,DISP=SHR
//SYSLMOD  DD  DSNAME=V110GAD.LOAD(JKHIVX52),DISP=SHR
//SYSUT1   DD  UNIT=3390,SPACE=(CYL,(1,1))
//SYSPRINT DD  SYSOUT=*
//SYSINDD  *
INCLUDE SYSLIN(JKHIVX52)
NAME JKHIVX52(R)

I am doing something wrong?
Can this deck be linked into a usable z/OS load module?

Thanks

Gadi



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Tom Brennan

(Sorry, another repeat here) I once test-called the company Help Desk 
and with no other information but the fact that I called from a 
sysprog's desk phone (my own), they gave me not only a password reset, 
but also told me my TSO userid because I had "forgotten" it, and then 
helped me log on.  Sure, a hacker would have to be at my desk, but that 
could be accomplished.


IBM Experts: I'm ready for your correction.

On 10/7/2021 5:06 PM, Bill Johnson wrote:

The thing about you list dominators, is you think you know it all and should 
never be challenged. I love when the IBM experts corrects one of you.


Sent from Yahoo Mail for iPhone


On Thursday, October 7, 2021, 6:01 PM, Charles Mills  wrote:

Exactly, and "that was not a real hack" would not get your data back.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Tom Brennan
Sent: Thursday, October 7, 2021 4:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

I'll repeat what I always say about this.  If I was hacking a mainframe
I wouldn't start with the mainframe, I'd start with the sysprog or
security admin's PC or Mac or email or phone or whatever.  In that case
it doesn't matter one bit how well the mainframe is protected internally.

And please stop with the political remarks.  This seems to be the one
place on earth I can go without reading about politics.  A place where I
can enjoy a 50+ post back-and-forth between Seymour and Gil, for
example, without hearing one word about US politics.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN




--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
.



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Tom Brennan


Ok... sorry.  I retract my last post :)
Oops... the internet is forever.

On 10/7/2021 5:34 PM, Farley, Peter x23353 wrote:

I don't know about the others on the list, but I am a tad tired of this and 
other rounds of sniping between Mr. Johnson and Mr. Mills.

I would sincerely appreciate it if both of you would tone it down by an order 
of magnitude or more, or even better take this particular line of discussion 
offline.  Responding angrily on any topic doesn't enlighten anyone.  It may be 
therapeutic but it is not appropriate.

I am certainly not a "list dominator" and I appreciate the technical 
discussions on this list including those contributed to by both of these gentlemen, and 
have been given (and occasionally have myself given) good advice on the practice of our 
profession.  I would really like that tradition to continue.

+1 on Tom Brennan's request to keep politics out of our exchanges.  There are 
plenty of other places for discussion or comments on those topics.

Peter

-Original Message-
From: IBM Mainframe Discussion List  On Behalf Of 
Bill Johnson
Sent: Thursday, October 7, 2021 8:06 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

The thing about you list dominators, is you think you know it all and should 
never be challenged. I love when the IBM experts corrects one of you.


On Thursday, October 7, 2021, 6:01 PM, Charles Mills  wrote:

Exactly, and "that was not a real hack" would not get your data back.

Charles


-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Tom Brennan
Sent: Thursday, October 7, 2021 4:50 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

I'll repeat what I always say about this.  If I was hacking a mainframe I 
wouldn't start with the mainframe, I'd start with the sysprog or security 
admin's PC or Mac or email or phone or whatever.  In that case it doesn't 
matter one bit how well the mainframe is protected internally.

And please stop with the political remarks.  This seems to be the one place on 
earth I can go without reading about politics.  A place where I can enjoy a 50+ 
post back-and-forth between Seymour and Gil, for example, without hearing one 
word about US politics.





--
For IBM-MAIN subscribe / signoff / archive access instructions, send email to 
lists...@listserv.ua.edu with the message: INFO IBM-MAIN

This message and any attachments are intended only for the use of the addressee 
and may contain information that is privileged and confidential. If the reader 
of the message is not the intended recipient or an authorized representative of 
the intended recipient, you are hereby notified that any dissemination of this 
communication is strictly prohibited. If you have received this communication 
in error, please notify us immediately by e-mail and delete the message and any 
attachments from your system.


--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN



--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Trying to contact

2021-10-07 Thread Gibney, Dave

 I tried the @VSE2PDF address. It's possible we could use the services of your 
data center.
> Tony Thigpen

Dave Gibney
gib...@wsu.edu
509-335-7359
Information Technology Services
Washington State University

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Charles Mills

Sincere apologies. I was trying to be constructive.

Charles

-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf 
Of Farley, Peter x23353
Sent: Thursday, October 7, 2021 5:34 PM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: Re: Mainframe ransomware solution

I don't know about the others on the list, but I am a tad tired of this and 
other rounds of sniping between Mr. Johnson and Mr. Mills.

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Nash, Jonathan S.


Philip Young 
“Soldier of Fortran”
Mainframe hacker videos from 6 years ago :-(

https://youtu.be/Xfl4spvM5DI

https://youtu.be/vyHAqxCkf-k

There are other Def con etc mainframe hacker
videos out there ...

Kinda makes me nervous...

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

Re: Mainframe ransomware solution

2021-10-07 Thread Filip Palian

>From the information security perspective there's a well-known
confidentiality, integrity and availability (CIA) triad.
However, the overall security posture of an organisation is dependent on
the following three key areas: people, process, technology (PPT).

Majority of breaches/risks can be prevented/mitigated by addressing
essentials (e.g. capable staff, awareness trainings, well documented and
communicated processes, technology/security controls etc.).
As always, a multifaceted approach is required to address security
holistically. Relaying solely on technology/products is simply a no go/not
enough.



pt., 8 paź 2021 o 11:59 Charles Mills  napisał(a):

> Sincere apologies. I was trying to be constructive.
>
> Charles
>
>
> -Original Message-
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On
> Behalf Of Farley, Peter x23353
> Sent: Thursday, October 7, 2021 5:34 PM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Mainframe ransomware solution
>
> I don't know about the others on the list, but I am a tad tired of this
> and other rounds of sniping between Mr. Johnson and Mr. Mills.
>
> --
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
>

--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN

56 matches

Mail list logo