ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » IBM MQ Installation/Configuration Support » MQ SVRCONN vulnerabilities

Post new topic  Reply to topic
 MQ SVRCONN vulnerabilities « View previous topic :: View next topic » 
Author Message
Manikandan
PostPosted: Fri Apr 08, 2005 3:41 am    Post subject: MQ SVRCONN vulnerabilities Reply with quote

Voyager

Joined: 07 Jul 2004
Posts: 78
I am using an MQ client to connect to a server where I have defined the channel of type SVRCONN.

I have mentioned a MCAUSER which is the only security I have taken,What other methods can be used to harden the security with this type of channel
Back to top
View user's profile Send private message
sebastianhirt
PostPosted: Fri Apr 08, 2005 3:46 am    Post subject: Reply with quote

Yatiri

Joined: 07 Jun 2004
Posts: 620
Location: Germany
Hi,

You can use SSL, or Security exits. Additional, I would recomend to review your OAM Security.

There is also a manual, and some RedBooks, that you might want to see before you finish your Security considerations.

cheers

Sebastian
Back to top
View user's profile Send private message
oz1ccg
PostPosted: Fri Apr 08, 2005 8:26 am    Post subject: Reply with quote

Yatiri

Joined: 10 Feb 2002
Posts: 628
Location: Denmark
I developed the BlockIP2 to help you secure a MQ-channel.

Currently many of my clients are using it on different ways, some to monitor connection attempts, some to fileter and only allow certain users connecting.

The BlockIP2 is capable of setting the MCAUSER depending on the IPaddr and/or connecting userid.

It tested on and supports: Z/OS, Linux, AIX, Windows.

You'll find the exits and documentation here (and it's free):
http://mrmq.dk/

Just my $0.02
_________________
Regards, Jørgen
Home of BlockIP2, the last free MQ Security exit ver. 3.00
Cert. on WMQ, WBIMB, SWIFT.
Back to top
View user's profile Send private message Send e-mail Visit poster's website MSN Messenger
RogerLacroix
PostPosted: Tue Apr 12, 2005 3:04 pm    Post subject: Reply with quote

Jedi Knight

Joined: 15 May 2001
Posts: 3264
Location: London, ON Canada
Hi Manikandan,

I would suggest you read the following 2 posting plus use the search button to find more security information:

http://www.mqseries.net/phpBB2/viewtopic.php?t=17842

http://www.mqseries.net/phpBB2/viewtopic.php?t=15366

Capitalware recently introduced 2 new security products to address your exact concerns.
(1) MQ Authenticate User Security Exit
(2) MQ Standard Security Exit

The new security solutions are not free but do come in an executable form for: AIX, HP-UX, Linux x86, Solaris and Windows (** soon to include z/OS and zLinux). Included with the yearly maintenance & support fee is 7/24 support and free upgrades.

Regards,
Roger Lacroix
Capitalware Inc.
_________________
Capitalware: Transforming tomorrow into today.
Connected to MQ!
Twitter
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » IBM MQ Installation/Configuration Support » MQ SVRCONN vulnerabilities
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.