Archive for the Category: Security

T.Rob’s post of “When deprecated != deprecated”

January 19, 2018 Roger Lacroix

T.Rob Wyatt of IoPT Consulting has a new blog posting called “When deprecated != deprecated“. If you use SSL/TLS with IBM MQ then you should read it: https://t-rob.net/2018/01/19/when-deprecated-deprecated/ Here is the current IBM MQ Depreciated Cipher page. Regards, Roger Lacroix Capitalware Inc.

Also posted in IBM i (OS/400), IBM MQ, Linux, Unix, Windows, z/OS Comments Off on T.Rob’s post of “When deprecated != deprecated”

Beta testers needed for MQ Channel Connection Inspector

January 10, 2018 Roger Lacroix

All, Capitalware is ready for beta testers for a new solution called: MQ Channel Connection Inspector. Have you ever had client applications or remote queue managers attempt to connect to your queue manager but failed and the user claimed they used the “correct values”. I’ve created a new solution to quickly diagnose this problem and […]

Also posted in Capitalware, IBM i (OS/400), IBM MQ, Linux, MQ Channel Connection Inspector, Unix, Windows, z/OS Comments Off on Beta testers needed for MQ Channel Connection Inspector

Managed .NET Channel Security Exit Not Valid

October 31, 2017 Roger Lacroix

IBM has issued a fix for a “managed .NET client can not reference security exit in a path that contains parentheses”. http://www.ibm.com/support/docview.wss?uid=swg1IT21682 Regards, Roger Lacroix Capitalware Inc.

Also posted in .NET, Capitalware, IBM MQ, Windows Comments Off on Managed .NET Channel Security Exit Not Valid

Loanet Client-side MQ Security Exit

October 11, 2017 Roger Lacroix

It has been brought to my attention that the client-side MQ Security Exit required by SunGard’s Loanet has the EXACT same format as the client-side Security Exit for Depository Trust Clearing Corporation. Therefore, if your company is interacting with Loanet and requires a client-side MQ Security Exit, you can use SX4DTC2 and/or z/SX4DTC2. For more […]

Also posted in Capitalware, IBM i (OS/400), IBM MQ, Licensed As Free, Linux, Unix, Windows, z/OS Comments Off on Loanet Client-side MQ Security Exit

Equifax Hired a Music Major as the Company’s Chief Security Officer

September 15, 2017 Roger Lacroix

Here’s a shocking article stating that Equifax CEO Richard Smith hired Susan Mauldin as Equifax’s Chief Security Officer. She has a bachelor’s degree and a master of fine arts degree in music composition from the University of Georgia. http://www.marketwatch.com/story/equifax-ceo-hired-a-music-major-as-the-companys-chief-security-officer-2017-09-15 Many years ago, I got a Bachelor of Computer Science degree and have worked my whole […]

Also posted in General Comments Off on Equifax Hired a Music Major as the Company’s Chief Security Officer

IBM Broke T.Rob’s Stash!

July 28, 2017 Roger Lacroix

T.Rob Wyatt has posted a blog item on how IBM broke his stash file (so to speak). You can read about it here: https://t-rob.net/2017/07/28/dude-ibm-broke-my-stash/ Regards, Roger Lacroix Capitalware Inc.

Also posted in IBM i (OS/400), IBM MQ, Linux, Unix, Windows Comments Off on IBM Broke T.Rob’s Stash!

MQ Channel Encryption Product Advisory

July 14, 2017 Roger Lacroix

It has been discovered that very small TSH segments will cause MQCEJ (Java/JMS) and MQCEDN (.NET) to throw an exception. The issue has been fixed and a product update is available. To get the latest Capitalware commercial product release, send an email to support@capitalware.com and we will send you the latest release of the product. […]

Also posted in .NET, Capitalware, IBM MQ, Java, Linux, MQ Channel Encryption, Unix, Windows, z/OS Comments Off on MQ Channel Encryption Product Advisory

IBM MQ V9 – New CVEs

July 11, 2017 Roger Lacroix

A new vulnerability has been logged: CVE-2017-1337. IBM MQ V9.0.1 and V9.0.2 Java/JMS application can incorrectly transmit user credentials in plain text. Another new vulnerability has been logged: CVE-2017-1284. IBM MQ V9.0.1 and V9.0.2 could allow a local user with ability to run or enable trace, to obtain sensitive information from WebSphere Application Server traces […]

Also posted in IBM i (OS/400), IBM MQ, Java, JMS, Linux, Unix, Windows Comments Off on IBM MQ V9 – New CVEs

RFE – Add QM name and channel MCAUSER attribute to be passed to JAAS modules

April 10, 2017 Roger Lacroix

Please review and vote for this RFE if you think it’s a good idea. The link below will take you directly there. Headline: Add queue manager name and channel MCAUSER attribute to be passed to JAAS modules URL to review the RFE and Vote for it if you like: http://www.ibm.com/developerworks/rfe/execute?use_case=viewRfe&CR_ID=103607 Description: For MQTT and AMQP […]

Also posted in IBM i (OS/400), IBM MQ, Java, Linux, Unix, Windows Comments Off on RFE – Add QM name and channel MCAUSER attribute to be passed to JAAS modules

Pres. Trump says gov’t agencies need better security – MQ security too?

February 3, 2017 Roger Lacroix

The other day, U.S. President Donald Trump said: the government agencies need to better protect their networks. Most of the U.S. government agencies use IBM MQ for their messaging middleware. Application messages that traverse their MQ environment contain confidential and highly secure information. As many of you know, A basic setup of IBM MQ Server […]

Also posted in Capitalware, IBM i (OS/400), IBM MQ, Linux, MQ Authenticate User Security Exit, MQ Channel Encryption, MQ Enterprise Security Suite, MQ Message Encryption, MQ Standard Security Exit, Unix, Windows, z/OS Comments Off on Pres. Trump says gov’t agencies need better security – MQ security too?