Network Security: Detailed info on Fwd: AS400 Net Recon

Subject:	Fwd: AS400 Net Recon
Date:	Fri, 15 Feb 2008 08:33:26 -0800 (PST)

When I had the same issue a few months ago, I found
"Hacking iSeries" by Shalom Carmel useful.  Check out
his site at:

http://www.venera.com/

The book is pretty good and recommended if you want to
get the most concise information quickly.  But you can
get most of the same information just by reading the
whitepapers posted there in conjunction with following
the URLs on the References and links page.  The IBM
Redbook series is particularly good for a background
on how security on the iSeries is suppose to work.

Some of the most common security errors on these
systems appears to be open SMB file shares and default
passwords.

Best of luck to you.

--- Jon Kibler <jon.r.kibler@gmail.com> wrote:

From Jon Kibler Tue Feb 12 12:11:43 2008
X-Apparently-To: flyingdervish@yahoo.com via
206.190.38.156; Thu, 14 Feb 2008 21:34:40 -0800
X-Originating-IP: [205.206.231.26]
Return-Path:

<pen-test-return-1078485978-flyingdervish=yahoo.com@securityfocus.com>

Authentication-Results: mta502.mail.mud.yahoo.com 
from=gmail.com; domainkeys=fail (bad sig)
Received: from 205.206.231.26  (EHLO
outgoing.securityfocus.com) (205.206.231.26)
  by mta502.mail.mud.yahoo.com with SMTP; Thu, 14
Feb 2008 21:32:40 -0800
Received: from outgoing.securityfocus.com by
outgoing.securityfocus.com
          via smtpd (for
mta-v8.mail.vip.mud.yahoo.com [209.191.118.103])
with ESMTP; Thu, 14 Feb 2008 21:15:07 -0800
Received: from lists.securityfocus.com
(lists.securityfocus.com [205.206.231.19])
      by outgoing2.securityfocus.com (Postfix) with QMQP
      id 6BFD41437F3; Thu, 14 Feb 2008 21:26:18 -0700
(MST)
Mailing-List: contact
pen-test-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <pen-test.list-id.securityfocus.com>
List-Post: <mailto:pen-test@securityfocus.com>
List-Help: <mailto:pen-test-help@securityfocus.com>
List-Unsubscribe:
<mailto:pen-test-unsubscribe@securityfocus.com>
List-Subscribe:
<mailto:pen-test-subscribe@securityfocus.com>
Resent-Sender: listbounce@securityfocus.com
Sender: listbounce@securityfocus.com
Errors-To: listbounce@securityfocus.com
Delivered-To: mailing list
pen-test@securityfocus.com
Delivered-To: moderator for
pen-test@securityfocus.com
Received: (qmail 2243 invoked from network); 12 Feb
2008 21:17:40 -0000
DKIM-Signature: v=1; a=rsa-sha256;
c=relaxed/relaxed;
        d=gmail.com; s=gamma;

h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;

       
bh=CXhMForDIWB8baGZP0W7R6lPnPEI+qpslF4o4+m3EeM=;

b=HY5KsaKvukCK77b2reiZ3y16EupWNOZ6NZOxTJLIakF4GabqP132QLPl475nboZMOIc7Zfo+JIAw65mmes5G8/Uw2YTQnkUb3L68XRVtIc62VFoeR92OQ91pA/ZvjiHNhxxIVQKp3OeuM/JWYrqeofQDcx5rdk3ohOzITnche30=

DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;

h=message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition;

       

b=cfGGdfptK0jDX9LYqQfIE6R55v0XrlahLBKTXzcHhM+p4nkuQqlT5Iesx3lwWKUuCC83BjRsA1vELA0uJvrsLBhf7ZytLPVcxOqG1U4HUBDol/XEgF9o95l4Cc1hlkK0L+iRMN9TjkipLutRIZcZIHqPLKhHouKYd+P0EWwTGJg=

Message-ID:

<f69ec0c70802121211k2fd1d959lc7ec79c049a540ba@mail.gmail.com>

Date: Tue, 12 Feb 2008 15:11:43 -0500
From: "Jon Kibler" <jon.r.kibler@gmail.com>
To: pen-test@securityfocus.com
Subject: AS400 Net Recon
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Resent-Message-Id:

<20080215042618.6BFD41437F3@outgoing2.securityfocus.com>

Resent-Date: Thu, 14 Feb 2008 21:26:18 -0700 (MST)
Resent-From:
pen-test-return-1078485978@securityfocus.com
Content-Length: 835

Hi,

I have a client with AS400s on their LAN. They want
a vulnerability
scan, but having been burned in the past, I want to
ask before doing:
Are there any issues with scanning (nmap, nessus,
etc.) AS400s?

While I am at it, any good information on AS400
security? I see a few
corporately published books for sale on the net
about AS400 security,
but I don't want to drop a couple of grand for a
book by some
organization I am not familiar with.

Any help appreciated.

Jon K.

------------------------------------------------------------------------

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE
today!

http://www.cenzic.com/downloads

------------------------------------------------------------------------




      
____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  
http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ 


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
AS400 Net Recon, Jon Kibler RE: AS400 Net Recon, Rivest, Philippe RE: AS400 Net Recon, Bob Woods Re: AS400 Net Recon, Marco Ivaldi Re: AS400 Net Recon, xelerated RE: AS400 Net Recon, John Bussert Fwd: AS400 Net Recon, Sat Jagat Singh <=

Previous by Date:	Re: AS400 Net Recon, Marco Ivaldi
Next by Date:	Re: removing metadata from documents, Christopher
Previous by Thread:	RE: AS400 Net Recon, John Bussert
Next by Thread:	Thanks to all, ExploitSearch in Top5 security must-have, Security Basic
Indexes:	[Date] [Thread] [Top] [All Lists]