T 5.121 Attacks on z/OS systems using TCP/IP

To attack a z/OS system over the network connection, it is often not necessary to have any special knowledge of the SNA network architecture or of MVS. Due to the TCP/IP connection to public networks and the Unix System Services, many z/OS systems can be reached by external attackers using standard protocols and services, such as HTTP or FTP.

External attackers can, in certain circumstances, carry out denial-of-service attacks against the services provided over the TCP/IP connection to public networks or read or tamper with data transmitted without authority..

Internal attackers can try to increase their authorisations using the TCP/IP connection to internal networks by obtaining, for instance, the ID and password for a user with special rights.

© Federal Office for Information Security. All rights reserved.