[3997] in WWW Security List Archive
RE: OS/390 and WWW
daemon@ATHENA.MIT.EDU (Mirick, James R.)
Thu Jan 16 13:01:08 1997
Date: Thu, 16 Jan 97 09:12 EST
From: "Mirick, James R." <FBS/DEV01/JRMIRICK%First_Bank_System@mcimail.com>
To: Arjan Vos <arjan@pino.demon.nl>, Shin Katsumata <skat@flask.com>
Cc: www security <www-security@ns2.rutgers.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
Please reply to the following MCI Mail address: 692-1709
There are lots of pre-DB2 data bases out there. We are running over a
million transactions a night through an IMS data base with compressed
records stored on it (Hogan banking software) and are not planning to
replace it anytime soon! There are also all kinds of non-DB2 data bases
like credit card authorization files, etc., that might be available
through the Web (although for any volume you might want to replicate the
data and query that . . .). Where you place the data and how you access
it should be an engineering decision (including total response time, how
hard it is to maintain the programs, the security umbrella, etc.), not a
philosophical one.
You might want to use LPARs to do this, but it wouldn't be necessary,
there are plenty of gateways that will run within MVS and provide the
connectivity.
Jim Mirick
Manager, FBS Interactive
First Banks, Minneapolis
----------
From: Arjan Vos
Sent: Thursday, January 16, 1997 2:19 AM
To: Shin Katsumata
Cc: James R. Mirick; www security
Subject: Re: OS/390 and WWW
MCI Mail date/time: Thu Jan 16, 1997 2:10 am CST
Source date/time: Thu, 16 Jan 1997 00:59:45 +0100 (MET)
-------------------
On Wed, 15 Jan 1997, Shin Katsumata wrote:
Thanks for your reply...
>
> I don't expect to find payroll information out on intranet, however, I
it was just an example..
> would not mind getting access to information on web, which are
currently
> only available on 3270 terminals, like which parts are available in
> stock, which parts are being used in other products (prefered parts),
> project status, etc,
I agree with that
>
> Many large corporations do keep more information on a mainframe than
just
> payroll. As for your suggestion to query DB2 instead of web server
sounds
> good, but what about pre-DB2 databases? Could we still setup a unix
> server to query mainframe? Probably, but which path is easier. I doubt
> many corporations would want to spend too much time with pre-DB2
> databases, since they are probably in process of eliminating them. Web
> Server on OS/390 may be the easiest way to serve the information until
> they pull the plug.
I'm not a mainframe expert (do pre-DB2 databases really exist :-)?), but
a
setup could be to split a mainframe in two seperated environments with
LPAR's (LPAR's it's called, isn't it?) with one side having a UNIX-part
and taking all requests/queries and after evaluation relaying those
requests in some pre-format way to the other "secure" side.
Arjan Vos
--
Eat hard
Sleep hard
Wear glasses if you need them
//BEGIN BINARY MAIL SEGMENT:
begin 0644 WINMAIL.DAT
M>)\^(BX. 0:0" $ ! $ 0>0!@ ( Y 0 #H $(@ <
M& $E032Y-:6-R;W-O9G0@36%I;"Y.;W1E #$( 0V ! " @ " $$
M@ $ $P %)%.B!/4R\S.3 @86YD(%=75P#6! $%@ , #@ ,T' 0 0 @
M @ J 0 '0$!(( # X #-!P$ $ ' #4 )P $ $P! 0F 0 A .48W
M1$8U,S<W,#9&1# Q,3A$1D,P,# T04-%03%$,3( 0P<!!) & )0$ #
M# , # $ "P /#@ " ?\/ 0 &P &"49&!!N $(
M "LKBBD &+'@!D !H ,P Y $0!3:&EN($MA='-U;6%T80!3:&EN($MA
M='-U;6%T80T*(" @14U3.B!)3E1%4DY%5 T*(" @34)8.B!S:V%T0&9L87-K
M+F-O;0 > (P 0 0 !-0TD '@ #, $ Y 4VAI;B!+871S=6UA
M=&$-"B @($5-4SH@24Y415).150-"B @($U"6#H@<VMA=$!F;&%S:RYC;VT
M P 5# $ # /X/!@ !X 3 ! #P %-H:6X@2V%T<W5M871A
M " 0LP 0 #T !-0TDZ4TA)3B!+051354U!5$$-"B @($5-4SH@24Y4
M15).150-"B @($U"6#H@4TM!5$!&3$%32RY#3TT P .0 + $ Z
M 0 (!]@\! ! 0, P , 4 + \. (!_P\!
M 9P 8)1D8$&X 0@ *RN**0 8L> &0 &@ N #D 1 $%R
M:F%N(%9O<P!!<FIA;B!6;W,-"B @($5-4SH@24Y415).150-"B @($U"6#H@
M87)J86Y <&EN;RYD96UO;BYN; '@ ", $ $ 34-) !X S !
M.0 $%R:F%N(%9O<PT*(" @14U3.B!)3E1%4DY%5 T*(" @34)8.B!A<FIA
M;D!P:6YO+F1E;6]N+FYL , %0P! P#^#P8 > $P 0 H
M !!<FIA;B!6;W, " 0LP 0 #T !-0TDZ05)*04X@5D]3#0H@("!%
M35,Z($E.5$523D54#0H@("!-0E@Z($%22D%.0%!)3D\N1$5-3TXN3DP
M P .0 + $ Z 0 (!]@\! ! 4, P , 8 +
M \. (!_P\! =@ 8)1D8$&X 0@ *RN**0 8L> &0
M&@ Q $4 1 '=W=R!S96-U<FET>0!W=W<@<V5C=7)I='D-"B @($5-4SH@
M24Y415).150-"B @($U"6#H@=W=W+7-E8W5R:71Y0&YS,BYR=71G97)S+F5D
M=0 !X C ! ! $U#20 > ,P 0 $4 !W=W<@<V5C=7)I='D-
M"B @($5-4SH@24Y415).150-"B @($U"6#H@=W=W+7-E8W5R:71Y0&YS,BYR
M=71G97)S+F5D=0 # !4, @ , _@\& '@ !, $ - =W=W
M('-E8W5R:71Y (!"S ! 20 $U#23I75U<@4T5#55))5%D-"B @
M($5-4SH@24Y415).150-"B @($U"6#H@5U=7+5-%0U5225190$Y3,BY2551'
M15)3+D5$50 # Y L 0#H! @'V#P$ $ !CG@
M 0.0!@ 4"0 $@ L (P P F + "D , +@
M P V ! #D X,G9\+4#O $> ' 0 !, !213H@3U,O,SDP(&%N
M9"!75U< (!<0 ! %@ &\ [7PV3?U?:!O<!'0C?P !*SJ'1( ,
M!A!A'8R? P '$/,' > @0 0 &4 !42$5214%214Q/5%-/1E!212U$
M0C)$051!0D%315-/55142$5215=%05)%4E5.3DE.1T]615)!34E,3$E/3E12
M04Y304-424].4T%.24=(5%1(4D]51TA!3DE-4T1!5$%"05-% (!"1 !
M P0< +T' #)#0 3%I&=?D%R4G_ H!#P(5 J0#Y 7K H, 4!,#5 (
M8V@*P'-E=.XR!@ &PP*#,@/&!Q,"@[HS$PU]"H (SPG9.Q7_>#(U-0* "H$-
ML0M@;O!G,3 S%" +"A+R# $B8P! (%1H!)!E(!<*P!L@%9!T!"!O9B B<!8
M+41"$B!D8;$!D"!B81'P&[%U!4!"=!KR+B @5QLD<MQU;@, &0 ;P'8$D!LP
M9"!M Q!L:0(@'6!R>P!Q -!T'Y$$(!RP P!G=F@=4@-@=2#@&S #H$E;!>$<
MAR #\!UP( 6@;5\< 000"8 >4 629 0@<QYT!; C@1^A(L @*$A,;V<#D1S0
M;FL>HG/I&]!T=QM!*2&1(Y ;0OYN&Y ;\!CA'I,D0".A"U'N8QL@)-$ <'D@
M0 > )>'] B A'= :Z = )? J00,@;R6A) $;T2<0;AP^'X!K[QL@!0 )@"31
M8PL1&S =0+)H!;!I>AR0'Y)F Q#)!Y L(!( 8RXNX!UPUQR0'T$@XF(;(78+
M< M@WP)@&R A)AUQ'>%B)/ '0)\MT2%B A ?$2C0('8&\/IU*1%Y"& OI28P
M C GUGII+6!T,,(;(!R#)I)QO0I0<C+@+V,=P#:Q*1W"_QKS,W(H-#4[+> '
MX#-R -#7*& $$231<S(A;".0,!+[ Z )\&<+@ G@!1 >L06!ZP0 'Y(H"X!C
M"D M(">S]P&0 R C07 @83#!!W$NX/\Y$A'!(Y DT00 )]( P N OP&0"X Q
M4QP )2 ?X&TNT6LQ8A'P8PAQ=#+@,S!BZQ8 'W!A+N0I+N G$ARP]'!H Q!O
M)?!#(2U@ R"O B =L J%"H59,X]U(H'03%!!4C\C9"?P'7!;! NX&(=0231
M=SI2;MXG+_,[0#FR"L!Y0,,;%7\+4 GP08$;T24P-0 F,'E_/R$O<@/P*K$>
M82*C/]%-SE8%\":20$%V:0VP,5-_!: >@ 60($!-4$& 1#U*2P=P!=!I!1!C
M:PJ%39D <&%G!) NX$9"!?"^20(P!) @(A[P"H5&3^!Y)# @0B6!+M%/T$X!
M83L]D!^ <T1,"O0?@#$X@C "T6DM,30T#?#G#-!5\PM9,38*H -@-0#Y(# @
M+5@7"H=6RPPP5Y9Z1@-A.ED>5Y8,@A-Q:OT#D59#8%B_6<T&8 (P6O^W7 L:
MX AP<QR 25%* ' :=4DQ(%=@+N Q.3FP-R R.F+@$W!-76]96<U4;U^O7 M3
M3&)+/1R0<S,P')%CKUG-0V-O9<]<"V(@!X)2'<!/U#L?(J!MD$$7:(]>?G5B
M:B=.(6JO7 M297# 3U/0+S,Y,":#5W.05!]Y52,S-E:7%"(, 5>639Q#25"1
M Q$<@64O*/+_<,!A@6(28IAC(G,Q3[!J<.Q35 J%'=!3"&$H87=<'6+!-G@T
M8O)5D#HU.< Z-#4@*S 9(',PX"A-150I"H58&%@N[0J%3P.@'?!D8L%]$'P6
M[R[@9ZPBH%>B.D1,&N!3 G\R<S-Q!< H$DZ0A3!$3#Z/A<AVX$<02&)E>'!7
MTO\GX2Z03/)+$ -@*K$+@#*!_VA!'Y(=,B2B C ?X1( /C-V91[Q+N!)1$Q'
MXAS@(/YJ1D HHH=A0)!*(85/2 3_)P,?4":A4. "0!ZB.94GX>^(ZTP1,; N
MX'=#H2&!&Q'_04$6 (PA1"%UP(@A1 P.?$?H3,R-W,P49&/42I1_R[@+*.2
M! JQ&Z$J$S!7"X#_A=<D,5 0D>:6F# 0'J)&0<\^P8F!'7) ,F1U(# $(/HH
M' %F&P&(0I:Q0I"%U_] 07"")"$<D$9 +N.<Q@J%_W;@4- )T2*D+V*%;Z$6
M4*';,N +8')0X"+Q<CV0'^#_($1'$2S *" ?0"11D+X?,?\+<0-0;)$O4@.@
MC*.<V(AT[1W 080Y:"!G4. D,!^3_R?P-@0<0@N )#!3H"2!&^#[D;%!$7(>
M\B7P'G D :$'_F<I4("Q1Z*2 "^! : =,OL<"AS3/VIP.E.*T"0A2[*=$?%U
MI <L!YP:7B@^.^K%:E7I8>NX% #8!S0 F#_25&LY)94(M$_$5.@ ) $D/\=
MP(;R<&"FJ0.!,N"BVXZT_S06/8 )\".0)$ _49MP,4'_*0(BLQP&H0>N5R[@
M ) \</\U$Y/Q2?*S%9J20$$YLQO1WT'P!W"5<8_3'7%M'< QHO^A!P9A'O(?
MH7+E , RX# 1_S%BM,-2P4L!N!.K(C%3B.KO'G"OH:#XO -P.F #($ #Y0I
M9T0]22=/L$+$I8C_AW( ("3P1Q&MWR.A*J$RX(>'< 0 !4 Z+2D_0I'_1Z(<
ML J%K_0%H#IEN",?@/_';#_22!!!$<AA-/$CD GP^TU0 V!N!X ",+=1(L$*
MA?U&@B>;H=#U(L#1,4/!+K#_@+$$ $AB(L#+$"*D1 &[D0]-<1' 35"/\B!5
M3DG\6"V6DD2F)I(!D"6C*J+G%@ V 20P<R\V L'A)H3_ 8 ? 8K@!T!B4"Y#
M0>%+$/^^A$-@&R *A=;6FI(E\"D17QP"B03")C%BFM0B02-EWB+3XT0]7-Y8
MET4O@3Z2?0J%4RZPH_'@^1WP"L%G_PM@(V$YX1O@,W([0;B1OM%_1$SD_W1O
M&=M7E@J%%2$ >F P 0$ # !$0 $ !S!@)AJMM .\ 4
H"#!@)AJMM .\ 1X /0 ! !0 %)%.B P --/TW !]&$0'
end
//END BINARY MAIL SEGMENT
