Upload File

„what can happen when you put your cics on the web“ martin trübner

  • Home
  • Documents
  • „What can happen when you put your CICS on the web“ Martin Trübner
21
„What can happen when you put your CICS on the web“ Martin Trübner

Upload: ayasha

Post on 23-Jan-2016

23 views

Category:

Documents


0 download

Report

Tags:

DESCRIPTION

„What can happen when you put your CICS on the web“ Martin Trübner. Front page. Current config. Paul L'Heureux On VSE-L: OK, I have a real problem that just sprung up today and it is killing us. Multiple cwxn transactions are appearing in PRODCICS. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: „What can happen when you put your CICS on the web“ Martin Trübner

„What can happen when you put your CICS on the web“

Martin Trübner

Page 2: „What can happen when you put your CICS on the web“ Martin Trübner
Page 3: „What can happen when you put your CICS on the web“ Martin Trübner
Page 4: „What can happen when you put your CICS on the web“ Martin Trübner

Front page

Page 5: „What can happen when you put your CICS on the web“ Martin Trübner
Page 6: „What can happen when you put your CICS on the web“ Martin Trübner
Page 7: „What can happen when you put your CICS on the web“ Martin Trübner
Page 8: „What can happen when you put your CICS on the web“ Martin Trübner
Page 9: „What can happen when you put your CICS on the web“ Martin Trübner

Current config

CPU IBM eServer xSeries 232 Model 11x (FLEX)~ 8 MipS

OP-SYS VSE/ESA 2.7.1

CICS/TS 1.1

3270 users (PCOM) hundreds of county employees county-wide

web-users anyone with a legitimate Will County PIN number

Page 10: „What can happen when you put your CICS on the web“ Martin Trübner

The Problem 1 of 3

Paul L'Heureux On VSE-L:

OK, I have a real problem that just sprung up today and it is killing us.

Multiple cwxn transactions are appearing in PRODCICS.

This causes ipn166 MESSAGES IN F7 and eventually TCPIP locks up.

I have already IPL'd twice.

Does anyone know ....

Page 11: „What can happen when you put your CICS on the web“ Martin Trübner

The Problem 2 of 3

Page 12: „What can happen when you put your CICS on the web“ Martin Trübner
Page 13: „What can happen when you put your CICS on the web“ Martin Trübner

Web server attack

There are many methods hackers could use to attack web servers in order to compromise sites they host. Entry points include:

Weak username/password combinations. Vulnerable web applications. Vulnerable OS. Vulnerable web server software, database, tools or

libraries.

Page 14: „What can happen when you put your CICS on the web“ Martin Trübner

From the web:input Validation

Root cause of most web hacks All inputs received should be validated:

data type data range Metacharacters

Tampering with hidden fields Bypassing client side checking (i.e. javascript)

But we do all this!

Page 15: „What can happen when you put your CICS on the web“ Martin Trübner

Who is to blame?

This program is running since 2003

TCP is same version since 1 year

There is nothing in our legislatur that would change user behaviour

CICS/TS has notchanged in 6 years

The 3390 are 3 years old

Page 16: „What can happen when you put your CICS on the web“ Martin Trübner

A look at the process

The internet

COBOL-INIT

TCP/IP

CICS-itself

Application

Page 17: „What can happen when you put your CICS on the web“ Martin Trübner

Applied changes

The data that comes into CICS is passed to a URM called „the analyser“

This does now some early verification (length and type)

TCP/IP process is not changed at all (GETVIS)

Application is not changed (double process, but...)

Page 18: „What can happen when you put your CICS on the web“ Martin Trübner

A look at the intermediate process

The internet

COBOL-INIT

TCP/IPCICS-itself

Application

Application

Page 19: „What can happen when you put your CICS on the web“ Martin Trübner

The process todayThe internet

COBOL-INIT

TCP/IPCICS-itself

Application

Application

Application on a different platform

Part of the webpresence was there anyway

Preprocessing for CCWTR51 now there as well

Cheaper than an upgrade of the current machine

Page 20: „What can happen when you put your CICS on the web“ Martin Trübner

More solutions:

Delayed answer (1 imm, then delayed) No robots Registration

Page 21: „What can happen when you put your CICS on the web“ Martin Trübner

THE END

Questions ?

Original at

pi-sysprog.de/gse My E-mail: My E-mail:

[email protected]@pi-sysprog.de


CICS Dynamic Scripting: Data Manipulation€¦ · CICS Dynamic Scripting Java EE / CICS Traditional WebSphere sMash & CICS Dynamic Scripting Strategic Value, Cost, Complexity, Usage

CICS TS for z/OS 4.2: Upgrading from CICS TS Version 3€¦ · CICS-DBCTL, and CICS-DB2 ..... . 172 Part 2. Upgrading CICS T ransaction Server ..... . 175 Chapter 19. Upgrade procedures

Implementing CICS Web Services - IBM Redbooks CICS Web Services CICS® IBM® Redbooks®

CICS Web ServicesSupport - cedix.de · PDF fileCICS Web ServicesSupport ... §The sample application ... CICS Comarea Pgm exposed as Web service VSAM CICS COBOL programs CICS Web

CICS Transaction Gateway V5 - cedix.de · CICS Transaction Gateway V5 ... CICSPlex ® DB2® DB2 Universal ... CICS Transaction Gateway. The (Java CICS APPC. Java CICS. the CICS TG

Workload Management for Web Access to CICS - … Workload... · routing and CICSPlex SM Covers CICS Web support, CICS Transaction Gateway, CICS CORBA, and HOD. Workload Management

CICS and Threadsafe Conversion Techniques for CICS Applications

IBM CICS Performance Series: CICS and VSAM · PDF file2 IBM CICS Performance Series: CICS and VSAM RLS To achieve these objectives, this paper provides an overview of CICS and RLS

Integrating CICS with the Web: Using the CICS Transaction Gateway …testa.roberta.free.fr/My Books/Mainframe/CICS/Cics With... · 2009-03-01 · Integrating CICS with the Web: Using

zowe → cics → define...zowe → cics Interact with IBM CICS programs and transactions. zowe → cics → define Define new resources (for example, programs) to CICS through

Sistema di Card Management Caratteristiche principali · presentation, 3270, File transfer, Transazionale CICS to CICS, XML ... Cobol/Cics . Cobol/Cics . Java (web services) B. ATCH

IBM CICS Performance Series: Web Services Performance in CICS … · 2016. 1. 21. · 2 IBM CICS Performance Series: Web Services Performance in CICS TS V5.3 Figure 1 CICS TS configuration

REXX for CICS - University of Floridanersp.cns.ufl.edu/~sfware/share109/s8335sfw.pdf · • Are we now considered a Nouveau CICS site? • CICS Web Services in ... • REXX for CICS

VS07–z/VSE und CICS : Hints & Tipps - Lattwein Tipps.pdf · n Martin Trübner n ... 9 VS07–z/VSE und CICS : Hints & Tipps, GSE-Frühjahrstagung 2010, Würzburg Fehlersituation

CICS Lunch and Learn 2015: QMF and CICS

CICS Performance and Tuning 101 - virtualcics.hostbridge.com€¦ · CICS Tools: Tuning CICS with CICS Performance Analyzer V5.3 Introduction CICS PA statistics CICS tasks, transactions,

Cics Basics

S13165-CICS Transaction Gateway Updatepublic.dhe.ibm.com/software/commerce/CICS_Transaction...CICS PA V5.1 CICS DA V5.1 CICS Explorer Deeper insight Flexible deployment CICS TS V5.1

CICS Automation Programmer’s Reference and …publib.boulder.ibm.com/tividd/td/ITSAutofzOS/SC33-7044-04/en_US/... · CICS/ESA IBM OS/390 CICS/MVS IMS/ESA RACF ... CICS Automation

CICS Tools: Performance Analyzer - GSE Homepageconferences.gse.org.uk/attachments/presentations/cq1VBu_147799957… · CICS Tools: Performance Analyzer Tuning CICS with CICS PA V5.3

CICS and Threadsafe Conversion Techniques for CICS ... conversion techniques.pdf · CICS and Threadsafe Conversion Techniques for CICS Applications Russ Evans [email protected]

Cobol Cics

Using CICS Transaction Gateway, High Availability, … Using CICS Transaction Gateway, High Availability, and the CICS Explorer Overview IBM CICS Transaction Gateway (CICS TG) is IBM’s

CICS for iSeries Intercommunication V5 - IBM€¦ · Conversation initiation ... viii CICS for iSeries Intercommunication V5, ™ ™ ™ CICS for iSeries Intercommunication. CICS

CICS Application Programming Reference - mainframewiki.commainframewiki.com/.../04/CICS-Application-Programming-Reference.pdf · CICS Application Programming Reference ... This book

Introduction to CICS - IBM Redbooks · Services provided by CICS How CICS applications are deÞned Scaling CICS to meet demand Course introduction

CICS DB2 Guide - Freetesta.roberta.free.fr/My Books/Mainframe/CICS/CICS DB2 Guide V3 1.pdfCICS DB2.....15 CICS startup JCL requirements for ... CICS TS for z/OS: CICS DB2 Guide. Monitoring

IBM CICS Performance Series: Effective Monitoring for … · IBM CICS Performance Series: Effective Monitoring for CICS Performance ... IBM CICS Performance Series: Effective Monitoring

Z390 Martin Trübner Pi-GmbH 14.8.2007 16:30 8191 Assembler Project

CICS TS for z/OS: CICS Distributed Transaction ......Methods of accessing CICS programs and transactions from non-CICS environments are described in the CICS External Interfaces Guide

CICS reference

CICS Web ServicesSupport - GSE Belux - Act localgsebelux.com/system/files/CTS31_WSsupportBrussels.pdf · CICS Web ServicesSupport GSE/CICS working group Brussels, 26.10.2006 ibm.com/software/ts/cics

CICS and Threadsafe Conversion Techniques for …...CICS CICSThreadsafe Applications CICS

CICS Transaction Server for z/OS - IBM WWW PageFILE/CICS_for_Application_Developers.pdf · CICS Transaction Server for z/OS CICS ... CICS Transaction Server for z/OS ... Languages

Modernizing CICS for Cloud - the Conference Exchange · CICS Cloud and CICS Tools Sessions • Monday – 15855: Modernizing CICS for Cloud • Wednesday – 16056: DevOps: Multiplatform