On 13/12/21 6:57 am, Andrew Rowley wrote:
On 12/12/2021 1:20 pm, David Crayford wrote:
Fingers crossed! The truth is almost no mainframe network (worth its
salt) is visible to outside world. But that doesn't stop the public
servers being compromised.
A quick fix if you are unable to update to
The DLOGMOD setting I had previously was D4C32XX3, which is defined as:
D4C32XX3 MODEENT LOGMODE=D4C32XX3,FMPROF=X'03',TSPROF=X'03',PRIPROT=X'B*
1',SECPROT=X'90',COMPROT=X'3080',RUSIZES=X'87F8',PSERVIC*
=X'02800300',APPNCOS=#CONNECT*@KGC*
EDS ca
I have a question about RMM. We've received some new cartridges that hadn't
been initialized by the supplier. This caused I/O errors when attempts were
made to mount the cartridges.To avoid these errors we changed their status to
INIT so that they wouldn't be mounted:
DFSMSrm
Hello
Is there mainframe physical tape solution to integrate with DLM8500 ?
Peter
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
On 13/12/2021 9:03 pm, David Crayford wrote:
Agreed. Although Java itself does have security vulnerabilities and
patches are released frequently. It's critical to stay up to date with
service
https://www.ibm.com/support/pages/java-sdk-security-vulnerabilities
It does, but most of them seem
Gentlemen,
Thank you very much for your ideas and time.I was considering to copy variable
A to another place and, since i only need to check one bit, do a NC and then a
CLC, but i think your suggestion of EX is more elegant.
A DC X'1C'
B DC X'08'
C DC X
MVC
pon., 13 gru 2021 o 22:33 Andrew Rowley
napisał(a):
> On 13/12/2021 9:03 pm, David Crayford wrote:
> >
> > Agreed. Although Java itself does have security vulnerabilities and
> > patches are released frequently. It's critical to stay up to date with
> > service
> > https://www.ibm.com/support/pag
On 13/12/2021 10:52 pm, Filip Palian wrote:
@Andrew Rowley, you may want to check this outstanding work from Adam
Gowdiak (search for "ibm java" or "oracle java" or simply check it all):
https://packetstormsecurity.com/files/author/3682/
You might have to spell it out for me because I can't figur
On Mon, Dec 13, 2021 at 6:14 AM Andrew Rowley
wrote:
> On 13/12/2021 10:52 pm, Filip Palian wrote:
> > @Andrew Rowley, you may want to check this outstanding work from Adam
> > Gowdiak (search for "ibm java" or "oracle java" or simply check it all):
> > https://packetstormsecurity.com/files/autho
For those that might be interested, I have made available the package called
RACF Snoop on my website here, https://rsclweb.com/ .
This package allows you to see the details of RACF environments in running
address spaces. The program is rather old (> 20 years) and needs a few tweaks.
However, I
pon., 13 gru 2021 o 23:14 Andrew Rowley
napisał(a):
> On 13/12/2021 10:52 pm, Filip Palian wrote:
> > @Andrew Rowley, you may want to check this outstanding work from Adam
> > Gowdiak (search for "ibm java" or "oracle java" or simply check it all):
> > https://packetstormsecurity.com/files/author
wt., 14 gru 2021 o 00:04 John McKown
napisał(a):
> I don't think COBOL is explicitly, or implicitly, more secure than the base
> Java language. The "problem" is not the Java language, but the Internet
> infrastructure built into the Java libraries and "add on" facilities such
> as LOG4J. A COBOL
Of course they do.
Everyone wants to.
Whoever owns the data, owns you along with all the networking chatter
that goes along with it.
Apps are generally easier to move too. The data is generally more sticky.
In both cases however, be very careful if you can't move it all!
On Sat, Dec 11, 2021 at 8
The packages in open repositories for languages like Java and Perl have many
eyes examinging them, even if there are no official bodies certifying them. How
does that make any of those packages less secure than a roll-your=own package
in COBOL? In fact, how is it not the other way around? Why is
You don't need the CLC; the NC sets the condition code.
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of
Ituriel do Neto [03427ec2837d-dmarc-requ...@listserv.ua.edu]
I would not expect GDDM to work with logmode DYNAMICB. Have you looked into
Attila Fogarasi's suggestion about R/R unit sizes?
--
Shmuel (Seymour J.) Metz
http://mason.gmu.edu/~smetz3
From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on beha
IBM does offer this cloud service:
https://www.ibm.com/cloud/hyper-protect-virtual-servers
Only providing a reply to the question of zCloud offerings from IBM.
On Sat, Dec 11, 2021 at 9:51 PM Ed Jaffe
wrote:
> On 12/11/2021 11:07 AM, zMan wrote:
> > What Z cloud offering? I see them categorizi
You should use the RMM utility, EDGINERS.
On Mon, 13 Dec 2021 at 10:57, John Blythe Reid
wrote:
> I have a question about RMM. We've received some new cartridges that
> hadn't been initialized by the supplier. This caused I/O errors when
> attempts were made to mount the cartridges.To avoid thes
The only "advantage" (note the quotes!) of a roll your own solution is
security by obscurity. There are also many evil eyes looking for
vulnerabilities in the open source packages. Your own COBOL solution? Maybe
no evil eyes (maybe a few?).
Charles
-Original Message-
From: IBM Mainframe
...and IBM has multiple zCloud sites. I've toured the one in Boulder, and it
is amazing.
Mitch
-Original Message-
From: Bfishing
To: IBM-MAIN@LISTSERV.UA.EDU
Sent: Mon, Dec 13, 2021 11:19 am
Subject: Re: Is the mainfrrame cloud more reliable? was Re: AWS is down.
IBM does offer thi
Your RUSIZE is too big for some 3192g configurations, also suggest adding
pacing ... try the following
RUSIZES=X'8687', PSNDPAC=X'01' ,SRCVPAC=X'01' C
On Tue, Dec 14, 2021 at 2:37 AM Seymour J Metz wrote:
> I would not expect GDDM to work with logmode DYNAMICB. Have you looked
> into Attila Foga
wt., 14 gru 2021 o 02:23 Seymour J Metz napisał(a):
> The packages in open repositories for languages like Java and Perl have
> many eyes examinging them, even if there are no official bodies certifying
> them.
>
Correct. There's Internet bug bounty, independent enthusiasts, Google
project zero,
Thank you _very_ much. That did the trick.
After your hint I did some web search and then found [1] which for
whatever reason didn't show up in my previous research.
I then coded the MODEENT as
004210 **
004211 ** Logmode entry
On 14/12/2021 12:04 am, John McKown wrote:
I don't think COBOL is explicitly, or implicitly, more secure than the base
Java language. The "problem" is not the Java language, but the Internet
infrastructure built into the Java libraries and "add on" facilities such
as LOG4J. A COBOL programmer wou
I've done a lot of debugging with SNA over the years and majority of bind
failures were due to RU size mismatch (for 3270 most of the rest due to
device attributes). Hardware was memory constrained and the hardware
engineers squeezed the maximum out of every byte ... leading to software
having to
IMHO, it's both.
In general, we've seen articles where some extremely basic npm package gets
'owned', raising the question of, 'why are we using a package to find leap
years' or some such.
So unnecessary package/library dependency is one.
Of course, the naive response to it is to keep a 500-perso
On 14/12/2021 12:30 am, Filip Palian wrote:
My intention was to share information about the vulnerabilities affecting
Java language. (Without performing a proper comparison) I'd prefer not to
get into discussion about one language being less secure than another.
"Java is insecure" is an implicit
Hi all,
Does IBM have anything to say about this? I assume it's on their security
portal.
SAS uses Java and has issued a blog post. Many SAS products use Java and are
susceptible to this exposure. Each site should ensure that all SAS users and
the Security staff are made aware of this. P
wt., 14 gru 2021 o 16:23 Cheryl Watson napisał(a):
>
> Does IBM have anything to say about this? I assume it's on their security
> portal.
>
https://www.ibm.com/blogs/psirt/an-update-on-the-apache-log4j-cve-2021-44228-vulnerability/
Cheers,
s1m0n
-
hello ,
i want to do this from batch.
IEBPTPCH (PUNCH TYPORG=PO)
add MEMBER NAME
in front of each member
and i want to prevent it.
i did not find a way through IEBCOPY
( i know the way by rexx )
thanks
--
For IBM-MAIN s
This:
http://mainframe-tips-and-tricks.blogspot.com/2011/12/jcl-copy-all-members-from-pds-to.html
does it in 2 steps using IEBPTPCH and then SORT to strip out the MEMBER
NAME.
On Tue, 14 Dec 2021 at 16:53, Weizman arbel wrote:
> hello ,
>
> i want to do this from batch.
>
> IEBPTPCH (PUNCH TYPO
On 14/12/21 12:12 pm, Andrew Rowley wrote:
On 14/12/2021 12:30 am, Filip Palian wrote:
My intention was to share information about the vulnerabilities
affecting
Java language. (Without performing a proper comparison) I'd prefer
not to
get into discussion about one language being less secure th
this can be problematic if the member data also contain MEMBER in the same
position
so i prefer to do it from rexx by LMCOPY
On Tue, 14 Dec 2021 17:18:56 +1100, Peter Vels wrote:
>This:
>http://mainframe-tips-and-tricks.blogspot.com/2011/12/jcl-copy-all-members-from-pds-to.html
>does it in
33 matches
Mail list logo
