Stack Exchange MQ Q&A- IBM MQ web api - retrieve messages without message format – stackoverflow.com
- MQCONNX ended with reason code 2393 when connecting mTLS enabled queue – stackoverflow.com
- how to rectify javax.jms.JMSException: Failed to create connection? – stackoverflow.com
- IBM MQ 2059 (MQRC_Q_MGR_NOT_AVAILABLE) error in .NET 9.0 console app using IBMMQClient with certificate-based SSL setup – stackoverflow.com
- TIBCO BWCE Send Message Did Not Send ApplIdentityData MQMD to MQ – stackoverflow.com
Tag Archives: security
Update to MQ Security Heats Up comment thread
There’s a comment thread going on over at the “WebSphere MQ Security Heats Up” post regarding the script settings as originally published versus the updates I have posted on this site. RKPowers writes “I am still confused about the +set … Continue reading
Posted in Errata, IBMMQ, WMQ Security
Tagged Errata, security, WebSphere MQ, WebSphere MQ Security, WMQ, WMQ Security
Leave a comment
The Deep Queue – Episode #7: Reducing your attack surface
This installment of The Deep Queue is about improving security by reducing the number of attack vectors that are exposed. Given two systems with equivalent functionality the one with more exposed attack vectors is said to have a “larger attack … Continue reading
Posted in DeepQueue, IBMMQ, Podcast, WMQ Security
Tagged DeepQueue, News, Podcast, security, WebSphere MQ, WebSphere MQ Security, WMQ, WMQ Security
Leave a comment
Must-read article – Secure Software: 'See No Evil' is Not a Strategy
Given that software currently enables or imperils most aspects of our buying, selling, and communicating, it is time that responsible people acknowledge that this is a massive problem, and stop looking in the opposite direction. “See No Evil” is not … Continue reading
Posted in News
Tagged Architecture, design, development, News, security, software, vulnerabilities
Leave a comment
Signed C&C messages? What a novel idea!
I’ve been saying for a while now that Command and Control messages to be signed. It’s a question of authentication. When you pass a message to perform an administrative action, what assurance do you have that the message got to … Continue reading
Posted in IBMMQ, News, WMQ Security
Tagged crypto, DNS, DNSSEC, News, security, SSL, WMQ, WMQ Security
Leave a comment
The Deep Queue – Episode #6: The Myth of the Trusted Internal Network
In this episode of The Deep Queue I explain why I believe the “trusted internal network” is a myth. Many of the problems that I see on consulting assignments would have been prevented by the same security measures I recommend … Continue reading
Posted in DeepQueue, IBMMQ, Podcast, WMQ Security
Tagged commentary, DeepQueue, Podcast, security, WebSphere MQ, WebSphere MQ Security, WMQ, WMQ Security
1 Comment
WMQ File Transfer Edition launched
I’ve been haunting the Vienna MQ list server for long enough to have seen the topic of moving files over MQSeries, and later WebSphere MQ, raise it’s ugly head on many occasions. I say “ugly” because creating a general-purpose program … Continue reading
Having fun in Barcelona!
Well, I made it to Barcelona on Sunday after 20 hours on various planes and in various terminals. My luggage arrived on Tuesday having seen MUCH more of Europe than I was able to. Unfortunately, I had the camera and … Continue reading
Posted in Events, IBMMQ, WMQ Security
Tagged Conferences, education, IBM, presentations, security, WebSphere MQ, WebSphere MQ Security
4 Comments
The Deep Queue – Episode #4: Listener email and why you should care about message types
In this installment we answer an email from a listener asking about channel authentication. The requirement is for a channel exit pair that exchanges credentials securely then falls back to a plaintext channel. In the second segment we talk about … Continue reading
Posted in DeepQueue, IBMMQ, Podcast, WMQ Security
Tagged DeepQueue, Podcast, security, WMQ
3 Comments
See you in Barcelona!
I just found out my travel has been approved for IBM’s Transaction & Messaging Technical Conference coming up this November in Barcelona! I seem to have inherited ownership of the High Availability presentation which I certainly do not mind. I … Continue reading
Posted in Events, IBMMQ
Tagged Conferences, Events, presentation, security, WebSphere MQ, WebSphere MQ Security, WMQ Security
3 Comments
Choosing a PCI DSS Auditor? Does WMQ awareness count?
James DeLuccia’s post about choosing a PCI DSS QSA auditor has some good advice. I would add to his list a criteria one of my own: the auditor should at least know how to spell WMQ. Or JMS. Or “message … Continue reading →
Share this: