Penetration Testing mailing list archives
RE: AS400 Net Recon
From: "John Bussert" <JBussert () swiftorder com>
Date: Tue, 19 Feb 2008 09:24:11 -0600
Jon, Another option is to take a look at the IBM Redbooks - lots of good information and you can download them for free. http://www.redbooks.ibm.com/abstracts/sg246668.html?Open http://www.redbooks.ibm.com/cgi-bin/searchsite.cgi?query=as400+AND+secur ity Keep in mind that the release of the OS does have an impact on its capabilities and if they have implemented PASE or Linux environments. Good luck... jb John Bussert, CISSP, MCP Swift Technologies, Inc. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of xelerated Sent: Friday, February 15, 2008 6:44 AM To: Jon Kibler Cc: pen-test () securityfocus com Subject: Re: AS400 Net Recon Hi, I have not tested this myself. But it looks good for as/400 specifics. http://www.security-database.com/toolswatch/AS-400-Auditing-Framework-Be ta.html Then there is the trusty OSSTMM for your overall methodology to test with. http://www.osstmm.org On Tue, Feb 12, 2008 at 3:11 PM, Jon Kibler <jon.r.kibler () gmail com> wrote:
Hi, I have a client with AS400s on their LAN. They want a vulnerability scan, but having been burned in the past, I want to ask before doing: Are there any issues with scanning (nmap, nessus, etc.) AS400s? While I am at it, any good information on AS400 security? I see a few corporately published books for sale on the net about AS400 security, but I don't want to drop a couple of grand for a book by some organization I am not familiar with. Any help appreciated. Jon K.
------------------------------------------------------------------------
This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- AS400 Net Recon Jon Kibler (Feb 14)
- RE: AS400 Net Recon Rivest, Philippe (Feb 15)
- RE: AS400 Net Recon Bob Woods (Feb 15)
- Re: AS400 Net Recon Marco Ivaldi (Feb 15)
- Re: AS400 Net Recon xelerated (Feb 15)
- RE: AS400 Net Recon John Bussert (Feb 19)
- <Possible follow-ups>
- Fwd: AS400 Net Recon Sat Jagat Singh (Feb 15)