developerWorks Technical Exchange is hosting a WebSphere MQ Open Mic on the topic of security September 16 from 11am – 12pm EDT. The panel will include Tom Schneider, Morag Hughson, Paul O’Donnell and myself. The deadline for be pre-submitted questions is September 7th. There will be an open Q&A at the end but I expect [...]
Entries Tagged as 'WMQ Security'
Security remediation – DIY?
May 25th, 2010 1 Comment
It’s nice to have been around long enough to be able to watch the WMQ community grow over the years. You can watch the postings on the Vienna List Server or MQSeries.net work though themes as the community goes through its growing pains. When I first came to MQSeries, the community was still wrapping it’s [...]
Tags:
WMQ Security Lab materials posted
April 29th, 2010 No Comments
As promised, here are the WMQ Security Lab materials. These include the lab guide and the scripts. To run the lab you will need a Linux server with WMQ v7.0 installed, as well as WMQ Explorer with SupportPac MS0P, the SupportPac MA01 Q program, and of course the SSL Wizard SupportPac. The URL for the [...]
Tags:
WMQ SSL & TLS Open Mic
April 28th, 2010 No Comments
Regular followers of this blog won’t want to miss tomorrow’s WebSphere Technical Exchange “WMQ SSL & TLS Open Mic“. Panelists scheduled are Alex Fehners, Andrew Akehurst, Calista Stevens, Jonathan Rumsey, Mike Horan, Rhys Francis, Tameka Woody, Mark Womack and Tiffanie Pearson so it promises to be an extremely informative event blessed by both experience from [...]
Tags:
Deep Queue #14 – The Elephant Under the Bed
November 27th, 2009 4 Comments
This episode of The Deep Queue celebrates the first birthday of the podcast with some discussion of the SSL protocol vulnerability that was recently discovered. Although there has been no announcement with regard to WebSphere MQ, I try to put the whole discussion into a larger context and ask if this is really the thing [...]
Deep Queue #14 transcript: DownloadTags:
In memorium
October 29th, 2009 No Comments
The PCI community has suffered a great loss with the passing of Dave Taylor recently. Dave had a vision of helping companies achieve not just the letter of PCI compliance, but the spirit of PCI compliance through better understanding and an open dialog amongst practitioners, auditors, users, business leaders and all other stakeholders. That vision [...]
Tags:
Deep Queue #13: Unlucky number thirteen
August 28th, 2009 No Comments
After a month unplanned hiatus, The Deep Queue is back. This month we are talking about high availability, which is obviously something The Deep Queue lacks. This may not seem like a security topic at first glance but to my way of thinking it is. There is no perfect security so, no matter how much [...]
Deep Queue #13 transcript: DownloadTags:
New WMQ Channel vulnerability and interim fix announced
June 5th, 2009 No Comments
The IBM Internet Security Systems XForce team recently announced a buffer overflow vulnerability in WebSphere MQ client channels. According to the release, the vulnerability includes the possibility of remotely executing arbitrary code or “causing the application to crash.” It is not clear whether “application” in this case refers to the channel agent, channel pooling process [...]
Tags: News · security · WebSphere MQ · WMQ · WMQ Security
Deep Queue #11: Security breaches are not news?
May 25th, 2009 No Comments
The subject of the UC Berkeley data breach was discussed on the May 15th Security Squad podcast. The thing that struck me was that the breach itself was not the topic of conversation but rather the debate was about whether the breach was in fact newsworthy. If you are not familiar with it, 160,000 Social [...]
Deep Queue #11: Transcript: DownloadTags: DeepQueue · Podcast · security · WebSphere MQ · WebSphere MQ Security · WMQ · WMQ Security
WebSphere MQ – Coming soon to an audit near you!
July 4th, 2009 No Comments
The June 29 episode of The Deep Queue is finally up! Sorry about the delay, I was on an engagement last week that had me staying over the weekend in Boston to perform a production implementation on Saturday. Although I’ve got a great recording setup at home, I’m afraid I don’t have decent equipment to [...]
Tags: Admin · Best Practices · commentary · DeepQueue · News · Podcast · security · WebSphere MQ · WMQ · WMQ Security