Reading all the cover letters from all the PTF's downloaded with this, even
though I just put on the latest cume and groups as of June 24, I found I
have the sequence below.
How much of a time delay, if any, should there be between the ENDPJ and the
STRPJ?
I'm guessing that with the number and type of servers going down then it's
probably not a good idea to do my usual trick and put all this in Run SQL
Scripts, prefixing each line with CL: and ending each line with a
semicolon? Helps to script a run on each of the many LPARs without having
to propagate an object to each system.
ADDIMGCLGE IMGCLG(CUME750) FROMFILE('/fixes/CUME750/ODBCS7977V01.BIN')
TOFILE(*fromfile)
lodimgclg cume750 optvrt01
VFYIMGCLG IMGCLG(CUME750) TYPE(*PTF) SORT(*YES)
ENDTCPSVR SERVER(*DDM)
INSPTF LICPGM((*ALL)) DEV(OPTVRT01) INSTYP(*IMMONLY)
-- DSPPTF LICPGM(5770SS1) SELECT(SI83472)
STRTCPSVR SERVER(*DDM)
ENDPJ SBS(QUSRWRK) PGM(QDBMSRVR) OPTION(*IMMED)
STRPJ SBS(QUSRWRK) PGM(QDBMSRVR)
ENDPJ SBS(QUSRWRK) PGM(QRWTSRVR) OPTION(*IMMED)
STRPJ SBS(QUSRWRK) PGM(QRWTSRVR)
ENDPJ SBS(QSYSWRK) PGM(QSQSRVR) OPTION(*IMMED)
STRPJ SBS(QSYSWRK) PGM(QSQSRVR)
ENDPJ SBS(QUSRWRK) PGM(QZDASOINIT) OPTION(*IMMED)
STRPJ SBS(QUSRWRK) PGM(QZDASOINIT)
ENDPJ SBS(QSERVER) PGM(QSYS/QZDAINIT) OPTION(*IMMED)
STRPJ SBS(QSERVER) PGM(QSYS/QZDAINIT)
ENDPJ SBS(QUSRWRK) PGM(QSYS/QZDASSINIT) OPTION(*IMMED)
STRPJ SBS(QUSRWRK) PGM(QSYS/QZDASSINIT)
ENDTCPSVR SERVER(*DIRSRV)
STRTCPSVR SERVER(*DIRSRV)
On Wed, Jul 5, 2023 at 3:45 PM Rob Berendt <robertowenberendt@xxxxxxxxx>
wrote:
Apparently IBM has this thing where if you try to log in with DDM and it
fails it let's it run but runs it under QUSER.
They have a fix to stop it.
But if you want to see how simple the hack is take a look at
https://blog.silentsignal.eu/2023/07/03/ibm-i-dde-vulnerability-cve-2023-30990/
Get the listed fix at:
https://www.ibm.com/support/pages/node/7008573?_ga=2.95221343.2134875826.1688585573-419637653.1688585573
midrange.com
