Penetration Testing mailing list archives
Fwd: AS400 Net Recon
From: Sat Jagat Singh <flyingdervish () yahoo com>
Date: Fri, 15 Feb 2008 08:33:26 -0800 (PST)
When I had the same issue a few months ago, I found "Hacking iSeries" by Shalom Carmel useful. Check out his site at: http://www.venera.com/ The book is pretty good and recommended if you want to get the most concise information quickly. But you can get most of the same information just by reading the whitepapers posted there in conjunction with following the URLs on the References and links page. The IBM Redbook series is particularly good for a background on how security on the iSeries is suppose to work. Some of the most common security errors on these systems appears to be open SMB file shares and default passwords. Best of luck to you. --- Jon Kibler <jon.r.kibler () gmail com> wrote:
From Jon Kibler Tue Feb 12 12:11:43 2008 X-Apparently-To: flyingdervish () yahoo com via 206.190.38.156; Thu, 14 Feb 2008 21:34:40 -0800 X-Originating-IP: [205.206.231.26] Return-Path:
<pen-test-return-1078485978-flyingdervish=yahoo.com () securityfocus com>
Authentication-Results: mta502.mail.mud.yahoo.com from=gmail.com; domainkeys=fail (bad sig) Received: from 205.206.231.26 (EHLO outgoing.securityfocus.com) (205.206.231.26) by mta502.mail.mud.yahoo.com with SMTP; Thu, 14 Feb 2008 21:32:40 -0800 Received: from outgoing.securityfocus.com by outgoing.securityfocus.com via smtpd (for mta-v8.mail.vip.mud.yahoo.com [209.191.118.103]) with ESMTP; Thu, 14 Feb 2008 21:15:07 -0800 Received: from lists.securityfocus.com (lists.securityfocus.com [205.206.231.19]) by outgoing2.securityfocus.com (Postfix) with QMQP id 6BFD41437F3; Thu, 14 Feb 2008 21:26:18 -0700 (MST) Mailing-List: contact pen-test-help () securityfocus com; run by ezmlm Precedence: bulk List-Id: <pen-test.list-id.securityfocus.com> List-Post: <mailto:pen-test () securityfocus com> List-Help: <mailto:pen-test-help () securityfocus com> List-Unsubscribe: <mailto:pen-test-unsubscribe () securityfocus com> List-Subscribe: <mailto:pen-test-subscribe () securityfocus com> Resent-Sender: listbounce () securityfocus com Sender: listbounce () securityfocus com Errors-To: listbounce () securityfocus com Delivered-To: mailing list pen-test () securityfocus com Delivered-To: moderator for pen-test () securityfocus com Received: (qmail 2243 invoked from network); 12 Feb 2008 21:17:40 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
bh=CXhMForDIWB8baGZP0W7R6lPnPEI+qpslF4o4+m3EeM=;
b=HY5KsaKvukCK77b2reiZ3y16EupWNOZ6NZOxTJLIakF4GabqP132QLPl475nboZMOIc7Zfo+JIAw65mmes5G8/Uw2YTQnkUb3L68XRVtIc62VFoeR92OQ91pA/ZvjiHNhxxIVQKp3OeuM/JWYrqeofQDcx5rdk3ohOzITnche30=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma;
h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;
b=cfGGdfptK0jDX9LYqQfIE6R55v0XrlahLBKTXzcHhM+p4nkuQqlT5Iesx3lwWKUuCC83BjRsA1vELA0uJvrsLBhf7ZytLPVcxOqG1U4HUBDol/XEgF9o95l4Cc1hlkK0L+iRMN9TjkipLutRIZcZIHqPLKhHouKYd+P0EWwTGJg=
Message-ID:
<f69ec0c70802121211k2fd1d959lc7ec79c049a540ba () mail gmail com>
Date: Tue, 12 Feb 2008 15:11:43 -0500 From: "Jon Kibler" <jon.r.kibler () gmail com> To: pen-test () securityfocus com Subject: AS400 Net Recon MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline Resent-Message-Id:
<20080215042618.6BFD41437F3 () outgoing2 securityfocus com>
Resent-Date: Thu, 14 Feb 2008 21:26:18 -0700 (MST) Resent-From: pen-test-return-1078485978 () securityfocus com Content-Length: 835 Hi, I have a client with AS400s on their LAN. They want a vulnerability scan, but having been burned in the past, I want to ask before doing: Are there any issues with scanning (nmap, nessus, etc.) AS400s? While I am at it, any good information on AS400 security? I see a few corporately published books for sale on the net about AS400 security, but I don't want to drop a couple of grand for a book by some organization I am not familiar with. Any help appreciated. Jon K.
------------------------------------------------------------------------
This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads
------------------------------------------------------------------------
____________________________________________________________________________________ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- AS400 Net Recon Jon Kibler (Feb 14)
- RE: AS400 Net Recon Rivest, Philippe (Feb 15)
- RE: AS400 Net Recon Bob Woods (Feb 15)
- Re: AS400 Net Recon Marco Ivaldi (Feb 15)
- Re: AS400 Net Recon xelerated (Feb 15)
- RE: AS400 Net Recon John Bussert (Feb 19)
- <Possible follow-ups>
- Fwd: AS400 Net Recon Sat Jagat Singh (Feb 15)