• Subject: Re: Denial of Service, Good for AS/400?
  • From: John Earl <johnearl@xxxxxxxxxxxxxxx>
  • Date: Sat, 12 Feb 2000 08:58:22 -0800
  • Organization: The PowerTech Group

Jim,

joberhol@compures.com wrote:
> 
> 
> How can an OS/400  virus spread when the processor instructions to
> create/change an object are privileged?    That means only IBM processes
> can create a virus. Once the object is created, it cannot be altered except
> with privileged instructions that a non-IBM process cannot use.   Almost
> any machine at level 40 security is completely protected.
> 

There was an interesting post on comp.sys.ibm.as400.misc within the
last month or so about a "clever" AS/400 software vendor who was using
SST to automatically turn turn their programs into system state
programs during their software installation process.  Apparantly they
were using the virtual terminal API's to simulate an interactive
session and run the STRSST command.  From there into
"Display/Alter/Dump" and you can toggle your program to system state. 
The only way that the poster figured out what had happened was by
wading through a strange 449 page 5250 hex dump that was left over by
the install process.

For more information, do a power search on deja.com against the
comp.sys.ibm.as400.misc and keywords "Tom Liotta" and "STRSST".

And never say never.

jte

 


--
John Earl                                          
johnearl@powertechgroup.com
The PowerTech Group                        206-575-0711
PowerLock Network Security              www.400security.com
The 400 School                                www.400school.com
--
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to MIDRANGE-L@midrange.com.
| To subscribe to this list send email to MIDRANGE-L-SUB@midrange.com.
| To unsubscribe from this list send email to MIDRANGE-L-UNSUB@midrange.com.
| Questions should be directed to the list owner/operator: david@midrange.com
+---

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.