[Noisebridge-announce] BAHA Meeting Sunday 13 Jan 2013 @ 1400 - IBM Mainframes: Down the Big Iron Rabbit Hole

travis+ml-noisebridge-announce at subspacefield.org travis+ml-noisebridge-announce at subspacefield.org
Wed Jan 9 17:13:06 UTC 2013

Bay Area (Hacker's Association|Security Enthusiasts) Meeting!

2nd Sunday of every month, 2pm, at Noisebridge, in the main area.

It lasts until it's over.

It's for people interested in security, not the more general "make
stuff" kind of hacking.

Date of Meeting:
2pm (1400), 13 Jan 2013
Always second Sunday of the month at 2pm

This month we present:

Phil aka "Soldier of Fortran"


IBM Mainframes: Down the Big Iron Rabbit Hole

This talk will try to demystify the mainframe from "I wonder whats in
that cool IBM box"" to "why is IBMUSER still enabled?" and "Why
*aren't* you using TELNET/SSL?". It will give you an overview of what
makes up an IBM mainframe and how to interact with it, how security is
managed, how to crack passwords using JtR and how to take advantage of
the logon panel to enumerate and brute force users using Python. This
talk with also go over some well known tools that do and don't work
(most don't) against a mainframe, how to compile tools such as netcat
on the mainframe itself and present some custom python scripts to help
you during your pen tests. Since mainframes are a big and expensive
world, I will also show you how you can run your own at home on
whatever old laptop you've got laying around using opensource software
(Hercules) so you too can get your hands dirty!

About the Author:

Ever since he saw the movie TRON as a kid, Phil has been fascinated
with computers, mainframes especially. Initially he got exposure to
them by playing around on Datapac (the Canadian X.25 network) with his
old Amiga 500. Since then he's had the chance to review mainframe
security at various large organizations. He has worked in IT security
for 9 years but ever since he learned you could emulate your own
mainframe he's been knee deep in JCL, SMF records and OMVS. He has
given a talk about mainframe security at BSidesLV 2012 and will be
giving a talk at Shmoocon 2013. He has been interviewed by security
podcasts and maintains a blog about z/os security research.



2169 Mission St, San Francisco, CA, USA, Earth, Milky Way, Known Universe

Finding the space can be tricky; it has a red circular logo above the
otherwise inconspicuous door, and is next to a market that sells
fruit.  It is very close to 16th and Mission BART stop.  If you're
driving, leave 15-30 minutes extra to find parking due to the heavy
traffic around there, but you do not have to pay on Sundays.


If you would like to be a speaker, or know someone who would,
please let us know.

Our Site:


Includes google calendar (never miss another meeting), directions,
link to mailing list, etc.  Please check it out.
"We are all puppets; I am just a puppet who can see the strings." -- Dr. Manhattan

"We are all puppets; I am just a puppet who can see the strings." -- Dr. Manhattan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://www.noisebridge.net/pipermail/noisebridge-announce/attachments/20130109/17f994a6/attachment-0003.sig>

More information about the Noisebridge-announce mailing list