Penetration Testing mailing list archives

RE: MQ Series ....

From: "Victor Chapela" <victor () sm4rt com>
Date: Sun, 5 Mar 2006 21:02:26 -0600

What OS is the host MQ Series running on? OS/390, Unix or Windows? Are you
going to test the protocol or just host hacking?

Quick links:

Windows
www.kolban.com/mq/data/Explorer%20Security.pdf

Also, check under WebSphere MQ

IBM GSKit SSL Handshake Unspecified Denial of Service Vulnerability
2004-06-07
http://www.securityfocus.com/bid/10475

IBM WebSphere Unspecified Security Vulnerability
2004-03-09
http://www.securityfocus.com/bid/9833

Anyone have experience on pen testing an MQ Series system. I 
am particularly looking for pointers as to exploiting 
insecure MQ configurations.




------------------------------------------------------------------------------
This List Sponsored by: Lancope

"Discover the Security Benefits of Cisco NetFlow"
Learn how Cisco NetFlow enables cost-effective security across distributed 
enterprise networks. StealthWatch, the veteran Network Behavior Analysis (NBA) 
and Response solution, leverages Cisco NetFlow to provide scalable, 
internal network security. 
Download FREE Whitepaper "Role of Network Behavior Analysis (NBA) and Response 
Systems in the Enterprise."

http://www.lancope.com/resource/
------------------------------------------------------------------------------

Current thread:

MQ Series .... Philip Cox (Mar 03)
- RE: MQ Series .... Victor Chapela (Mar 06)
- <Possible follow-ups>
- RE: MQ Series .... Philip Cox (Mar 08)