Tag Archives: commentary

MQ Password/CHLAUTH research – Exec Summary

Posted on October 25, 2016 by T.Rob

As of v8.0, MQ now can natively validate user IDs by checking the password against the Operating System or LDAP.  Checking against Pluggable Authentication Module (PAM) was added in v8.0.0.4.  Prior to v8.0 it was necessary to use a channel … Continue reading

Posted in IBMMQ, Security, WMQ Security | Tagged , , , , , | 9 Comments

News and updates

Posted on July 14, 2016 by T.Rob

This is a quick note to tell folks a bit about my virtual absence of late, current events and plans for what’s coming up. Whatever happened to… I’m not exactly a candidate for VH1’s Where Are They Now but I … Continue reading

Posted in Events, IBMMQ, News, Security, WMQ Security | Tagged , , , , , , , , , , , | Leave a comment

Are messaging hubs an anti-pattern?

Posted on August 18, 2015 by T.Rob

I have worked over the last decade with many customers who were consolidating their MQ footprint. It’s a familiar pattern – there are many queue managers, they tend to be lightly loaded, why not consolidate to a central hub? Now … Continue reading

Posted in General, IBMMQ | Tagged , , , , | 4 Comments

Configuration backups: the forgotten WMQ security control

Posted on March 12, 2014 by T.Rob

Update: IBM has reconsidered and has announced that dmpmqcfg will be fixed as a defect! Subscribe if you would like a notification when the fix is announced. But please do read the post, especially if you are using amqoamd for … Continue reading

Posted in Fail, General, IBMMQ, IIB, MQ AMS, MQMFT, Security, WMQ ESE, WMQ Security | Tagged , , , , , , , | Leave a comment

Sure, its always an MQ problem. Why is that a bad thing?

Posted on November 2, 2012 by T.Rob

One recurring theme in the MQ community is that all problems are MQ problems.  Never mind that they almost always turn out to be application, network, firewall, SAN, account maintenance, resource constraints, human error or even sabotage, it’s an MQ … Continue reading

Posted in IBMMQ | Tagged , , , , | 3 Comments

Sharpening the saw

Posted on May 15, 2012 by T.Rob

I am fortunate this year to participate in many seminars and conferences.  I just finished IMPACT and on June 5th I’ll be in New York for the WSMQAdmin seminar there.  The following week I’ll be in Zurich for the TI&M … Continue reading

Posted in Events, General | Tagged , , | Leave a comment

No such thing as a persistent queue!

Posted on April 27, 2012 by T.Rob

The widespread usage of the phrase “persistent queue” has a negative impact because people believe that queue attribute actually does something. It’s always worth taking time to stamp out usage of that phrase wherever we find it and I’ll attempt … Continue reading

Posted in IBMMQ | Tagged , , , , , , | 5 Comments

PCI zone and non PCI zone in same DataPower box

Posted on March 16, 2012 by T.Rob

I’ve been having PCI Déjà vu lately.  It seems the same questions keep coming up over and over.  One strategy for compliance that is nearly ubiquitous is to segregate the PCI data from the rest of the network.  In practical terms, … Continue reading

Posted in General, WMQ Security | Tagged , , , , , , | 4 Comments

Guest blogger @ WebSphere User Group

Posted on August 11, 2011 by T.Rob

Ben Wen and I were invited to be guest bloggers at WebSphere User Group this month so the post I was planning for this space was hijacked! You can read it at WebSphere User Group posted as The Invisible Threat.

Posted in IBMMQ, News, Publications, WMQ Security | Tagged , , , , , , , , | Leave a comment

WebSphere MQ – Coming soon to an audit near you!

Posted on July 4, 2009 by T.Rob

The June 29 episode of The Deep Queue is finally up!  Sorry about the delay, I was on an engagement last week that had me staying over the weekend in Boston to perform a production implementation on Saturday.  Although I’ve … Continue reading

Posted in DeepQueue, Podcast, WMQ Security | Tagged , , , , , , , , , | Leave a comment