CA World - mft1755 - gaps in your defense hacking the mainframe - philip young

•

1 gefällt mir•463 views

Philip Young

CA World talk about mainframe hacking and how its actually not impossible.

Technologie

World®
’16
Gaps in your Defense:
Hacking the Mainframe
Philip Young, Co-Founder, ZedSec 390
MFT1755
MAINFRAME AND WORKLOAD AUTOMATION

2 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
© 2016 CA. All rights reserved. All trademarks referenced herein belong to their respecve companies.
The content provided in this CA World 2016 presentaon is intended for informaonal purposes only and does not form any type
of warranty. The informaon provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA.
For Informaonal Purposes Only
Terms of this Presentaon

3 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Abstract
The mainframe is the mission-essenal backbone of the enterprise, housing over 70 percent of
corporate data, touching more than half of all applicaons, and connecng to the internet and
Internet of Things (IoT) through APIs. However, in the enterprise security discussion, the
mainframe is oaen presumed to be inherently secure. This session will dive into the current
state of mainframe of mainframe hacking, why hackers are taking a larger interest in the
plaborm, a discussion of compliance versus security and next steps on how you can opmize the
security of your most mission-essenal business asset.
Philip Young
ZedSec 390
Co-Founder

4 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Disclaimer
I’m not here in the name of or
on behalf of my employer. All
opinions expressed here are my
own.
Philip Young
ZedSec 390
Co-Founder

5 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

6 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

7 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

8 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

9 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

10 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

11 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Logica Security Incident Inves3ga3on: Bilaga_A.pdf
Source: h=ps://wikileaks.org/goArid-docs/

12 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Castle Walls Under Digital Siege: Risk-based Security for z/OS – CA World ‘15
Source: h=ps://www.youtube.com/watch?v=CySiZOaY2T0

13 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Common Myths
IT’S NOT ON THE INTERNET
IT’S IMPENETRABLE
HACKERS DON’T KNOW ABOUT IT HACKERS DON’T KNOW ABOUT IT
BUT WE’RE AUDITED ALL THE TIME!?

14 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
The ‘IMP’
§  Started in 2013
§  Tools:
–  MassScan
–  Nmap
–  Python
–  X3270
–  Linux VPS
§  Database of 400+ mainframes
hkps://mainframesproject.tumblr.com/
Internet Mainframes Project

15 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

16 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

17 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

18 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

19 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
It Doesn’t Ma=er

20 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Enterprises are Flat
§  Many large enterprises experienced a breach
in 2015
§  Flat networks
§  No ﬁrewall between “Corporate” network and
mainframe

21 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Hacking the Unhackable
§  From the network
§  No knowledge of the system
§  Steps
–  Gather informaon
–  Proﬁle the system
–  Launch akacks
Tools released/updated in 2015/2016

22 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Nmap in 2015/2016
• Anon?
• SITE?
• OS Version?
• Informaon
• VTAM?
• CICS?
• TSO?
• Version?
• Nikto?
• BURP?
• Enumerate?
• Java Objects

23 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
TN3270
Screen

24 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
VTAM
Enumeraon

25 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
TSO User
Enumeraon

26 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

27 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
CICS
Transacon
Enumeraon

28 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD

29 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
CICSpwn

30 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
CICSpwn:
TSO Shell

31 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
CICSpwn:
TSO Shell

32 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
FTP
Authorized
Code Exec

33 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
What Can I Do?
§  Compliance is literally the start
§  Just because you’re compliant doesn’t mean:
–  The compliance rules are well done
–  Represent current threats
–  Match current baselines
§  Vulnerability Scanning?

34 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Gap Assessment
§  Compare your requirements to a standard
§  How do you compare and contrast?
§  Who’s experse are you relying on?

35 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Go Beyond Compliance
§  zAssure?
§  Idenfying Data Assets?
§  Logging and Monitoring?
–  zSecure
–  IronStream
–  Vanguard
§  Penetraon Tesng?

36 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Quesons?

37 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
CICSpwn
h=ps://github.com/ayoul3/
cicspwn
Nmap Scripts
h=ps://github.com/
zedsec390/NMAP

Metasploit
h=ps://github.com/rapid7/
metasploit-framework

Contact & References
Twi=er: @mainframed767
E-Mail: mainframed767@gmail.com

38 © 2016 CA. ALL RIGHTS RESERVED. @CAWORLD #CAWORLD
Stay connected at communies.ca.com
Thank you.

@CAWORLD #CAWORLD © 2016 CA. All RIGHTS RESERVED. 39 @CAWORLD #CAWORLD
Mainframe and Workload
Automa3on
For more informaon on Mainframe and Workload Automaon,
please visit: hkp://cainc.to/9GQ2JI

Weitere ähnliche Inhalte

Ähnlich wie CA World - mft1755 - gaps in your defense hacking the mainframe - philip young

Gaps in Your Defense: Hacking the Mainframe

CA Technologies

Tech Talk: In the Voice of a Mainframe Millennial: How Can Mainframe Security...

CA Technologies

How is Buying a Home Like Justifying Data Security Investments? Developing Re...

CA Technologies

Enterprise Developers, Linux and z Systems - What you Need to Know

CA Technologies

Cyber-attacks damage an organization far beyond the breached data. The ripple effect is felt on your relations with customers, investors and employees. This security panel will discuss how being compliant doesn’t mean you are secure and how complacency around mainframe security will come back to bite you! Most IT security departments today struggle to meet organizational demands, especially with limited resources and budgets. Yet in todays' interconnected datacenter, we have to ask - is your team unaware of both malicious and accidental attack vectors now targeting mainframe data? Gain some insight from our experts; and come prepared to ask your own questions too! For more information, please visit http://cainc.to/Nv2VOe

Is Complacency Around Mainframe Security a Disaster Waiting to Happen?

CA Technologies

Encryption and Hashing and Keys – Oh, my! Demystifying Interoperable Encrypti...

CA Technologies

Discover how CA Unified Infrastructure Management (CA UIM) for z Systems helps you gain a holistic view of your business services that span mobile-to-mainframe. Join us for this in-depth session and learn how to use the new CA Unified Infrastructure Management for z Systems probes to monitor your mainframe as part of the overall IT infrastructure from a single pane of glass. This session will include 1) an introduction of CA UIM for z Systems architecture; 2) unified monitoring best practices; 3) building custom UIM dashboards that incorporate mainframe metrics; 4) using CA UIM for z Systems to lower MTTR – setting alerts, finding & correcting problems; 5) going beyond monitoring with capacity management and chargeback. Don’t miss this opportunity to learn how you can turn your level one support staff into level two’s and enable your specialist to focus on fixing mainframe infrastructure problems faster. For more information, please visit http://cainc.to/Nv2VOe

CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...

CA Technologies

Pre-Con Ed: How to IAM-Enable Your Office 365 Environment

CA Technologies

Securely Enabling the Digital Age

CA Technologies

Technology Primer: Ensure Deep Visibility into IBM® DataPower using Nastel® A...

CA Technologies

Pre-Con Ed: CA OPS/MVS and the Power of Integration

CA Technologies

Tech Talk: Federate to an SAML-Enabled App in Minutes

CA Technologies

Pre-Con Ed: CA Live API Creator: Learn How to Integrate Data From Enterprise...

CA Technologies

Pre-Con Ed: High Performance Masking and Test Data Generation for IMS and DB2

CA Technologies

Tracking Message Flows in DataPower With CA APM

CA Technologies

The Importance of Mainframe Security Education

CA Technologies

The Top Three Cloud Security Mythbusters

Trustmarque

API’s and Identity: Enabling Optum to become the HealthCare cloud

CA Technologies

Pre-Con Ed: Bridge the Gap From Alert Suppression to MTTR Through Enterprise ...

CA Technologies

Enabling a Hybrid Enterprise Application Launch Pad

CA Technologies

Ähnlich wie CA World - mft1755 - gaps in your defense hacking the mainframe - philip young (20)

Gaps in Your Defense: Hacking the Mainframe

Tech Talk: In the Voice of a Mainframe Millennial: How Can Mainframe Security...

How is Buying a Home Like Justifying Data Security Investments? Developing Re...

Enterprise Developers, Linux and z Systems - What you Need to Know

Is Complacency Around Mainframe Security a Disaster Waiting to Happen?

Encryption and Hashing and Keys – Oh, my! Demystifying Interoperable Encrypti...

CA UIM for z Systems Technical Deep Dive: Get the Right People Solving Probl...

Pre-Con Ed: How to IAM-Enable Your Office 365 Environment

Securely Enabling the Digital Age

Technology Primer: Ensure Deep Visibility into IBM® DataPower using Nastel® A...

Pre-Con Ed: CA OPS/MVS and the Power of Integration

Tech Talk: Federate to an SAML-Enabled App in Minutes

Pre-Con Ed: CA Live API Creator: Learn How to Integrate Data From Enterprise...

Pre-Con Ed: High Performance Masking and Test Data Generation for IMS and DB2

Tracking Message Flows in DataPower With CA APM

The Importance of Mainframe Security Education

The Top Three Cloud Security Mythbusters

API’s and Identity: Enabling Optum to become the HealthCare cloud

Pre-Con Ed: Bridge the Gap From Alert Suppression to MTTR Through Enterprise ...

Enabling a Hybrid Enterprise Application Launch Pad

Kürzlich hochgeladen

Partners Life - Insurer Innovation Award 2024

The Digital Insurer

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Discord is a free app offering voice, video, and text chat functionalities, primarily catering to the gaming community. It serves as a hub for users to create and join servers tailored to their interests. Discord’s ecosystem comprises servers, each functioning as a distinct online community with its own channels dedicated to specific topics or activities. Users can engage in text-based discussions, voice calls, or video chats within these channels. Understanding Discord Servers Discord servers are virtual spaces where users congregate to interact, share content, and build communities. Servers may revolve around gaming, hobbies, interests, or fandoms, providing a platform for like-minded individuals to connect. Communication Features Discord offers a range of communication tools, including text channels for messaging, voice channels for real-time audio conversations, and video channels for face-to-face interactions. These features facilitate seamless communication and collaboration. What Does NSFW Mean? The acronym NSFW stands for “Not Safe For Work,” indicating content that may be inappropriate for professional or public settings. NSFW Content NSFW content encompasses material that is sexually explicit, violent, or otherwise graphic in nature. It often includes nudity, profanity, or depictions of sensitive topics.

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

UK Journal

Axa Assurance Maroc - Insurer Innovation Award 2024

The Digital Insurer

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

2024: Domino Containers - The Next Step. News from the Domino Container commu...

Martijn de Jong

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

GenCyber Cyber Security Day Presentation

Michael W. Hawkins

The presentation explores the development and application of artificial intelligence (AI) from its inception to its current status in the modern world. The term "artificial intelligence" was first coined by John McCarthy in 1956 to describe efforts to develop computer programs capable of performing tasks that typically require human intelligence. This concept was first introduced at a conference held at Dartmouth College, where programs demonstrated capabilities such as playing chess, proving theorems, and interpreting texts. In the early stages, Alan Turing contributed to the field by defining intelligence as the ability of a being to respond to certain questions intelligently, proposing what is now known as the Turing Test to evaluate the presence of intelligent behavior in machines. As the decades progressed, AI evolved significantly. The 1980s focused on machine learning, teaching computers to learn from data, leading to the development of models that could improve their performance based on their experiences. The 1990s and 2000s saw further advances in algorithms and computational power, which allowed for more sophisticated data analysis techniques, including data mining. By the 2010s, the proliferation of big data and the refinement of deep learning techniques enabled AI to become mainstream. Notable milestones included the success of Google's AlphaGo and advancements in autonomous vehicles by companies like Tesla and Waymo. A major theme of the presentation is the application of generative AI, which has been used for tasks such as natural language text generation, translation, and question answering. Generative AI uses large datasets to train models that can then produce new, coherent pieces of text or other media. The presentation also discusses the ethical implications and the need for regulation in AI, highlighting issues such as privacy, bias, and the potential for misuse. These concerns have prompted calls for comprehensive regulations to ensure the safe and equitable use of AI technologies. Artificial intelligence has also played a significant role in healthcare, particularly highlighted during the COVID-19 pandemic, where it was used in drug discovery, vaccine development, and analyzing the spread of the virus. The capabilities of AI in healthcare are vast, ranging from medical diagnostics to personalized medicine, demonstrating the technology's potential to revolutionize fields beyond just technical or consumer applications. In conclusion, AI continues to be a rapidly evolving field with significant implications for various aspects of society. The development from theoretical concepts to real-world applications illustrates both the potential benefits and the challenges that come with integrating advanced technologies into everyday life. The ongoing discussion about AI ethics and regulation underscores the importance of managing these technologies responsibly to maximize their their benefits while minimizing potential harms.

Artificial Intelligence: Facts and Myths

Joaquim Jorge

A Domino Admins Adventures (Engage 2024)

Gabriella Davis

AWS Community Day CPH - Three problems of Terraform

Andrey Devyatkin

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Advantages of Hiring UIUX Design Service Providers for Your Business

Pixlogix Infotech

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Rafal Los

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Building Digital Trust in a Digital Economy Veronica Tan, Director - Cyber Security Agency of Singapore Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

apidays

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Developing An App To Navigate The Roads of Brazil

V3cube

Kürzlich hochgeladen (20)

Partners Life - Insurer Innovation Award 2024

How to Troubleshoot Apps for the Modern Connected Worker

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Axa Assurance Maroc - Insurer Innovation Award 2024

GenAI Risks & Security Meetup 01052024.pdf

2024: Domino Containers - The Next Step. News from the Domino Container commu...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

GenCyber Cyber Security Day Presentation

Artificial Intelligence: Facts and Myths

A Domino Admins Adventures (Engage 2024)

AWS Community Day CPH - Three problems of Terraform

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

Advantages of Hiring UIUX Design Service Providers for Your Business

The 7 Things I Know About Cyber Security After 25 Years | April 2024

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...

Boost Fertility New Invention Ups Success Rates.pdf

Developing An App To Navigate The Roads of Brazil