Re: z/OS, OS/390 Pen testing tips/ideas/papers?

Nick Jacobsen writes:

> Hi all,

>     One of my clients has an IBM OS/390 running on one of their networks 

>     I am doing some security testing on, and considering I really have 

>     not dealt with any IBM mainframes before when it comes to security, 

>     I was hoping that some of you might be able to point me the right 

>     direction.  Anything would  be helpful, but especially from a 


>     penetration viewpoint.


 

Are you attacking from internal or external ?
 From internal, you first need a 3270-capable telnet-emulation, like x3270. 

Then, go back in the archives to June or so, where I posed the same question and got some default-passwords, which you can try.  

Rainer

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Rainer Duffner                   Munich
rainer@ultra-secure.de          Germany
http://www.i-duffner.de        Freising
========================================
    When shall we three meet again
  In thunder, lightning, or in rain?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/