Stream: Application Development & Network Management
Time: 10:00 - 10:45
Re-run of the GSE UK 2024 session presented in the security track, so repeating for the networks track. This is a demo of how someone's TSO login password, even on an encrypted TN3270 session, can be extracted using an unauthorised batch job exploiting a very common exposure we find during security assessments. The session will go on to explain how it worked, other implications of the exposure and the very simple steps in RACF to prevent it.
There is currently no attachment for How easy is it to extract someone's TSO password?
Co-founder and Software Technical Director at Vertali. 46 years working with mainframes. Specialising in networking technologies and the design/development of systems software, especially program products associated with network communications, security and monitoring, several of which are still marketed by major software vendors.
Click here to give some Feedback so we can make it even better next year!