Tag Archives: WMQ Security

Configuration backups: the forgotten WMQ security control

Update: IBM has reconsidered and has announced that dmpmqcfg will be fixed as a defect! Subscribe if you would like a notification when the fix is announced. But please do read the post, especially if you are using amqoamd for … Continue reading

Posted in Fail, General, IBMMQ, IIB, MQ AMS, MQMFT, Security, WMQ ESE, WMQ Security | Tagged , , , , , , , | Leave a comment

IMPACT Schedule

It’s that time of year again!  I’ve finally received funding approval to attend IMPACT –  which is good considering how many sessions I’m participating in.  Good news – ITSO has printed 100 copies of Secure Messaging Scenarios with WebSphere MQ … Continue reading

Posted in Events, IBMMQ, Publications, Security | Tagged , , , , , , , , | Leave a comment

Pub/Sub security

One of the recurring questions I receive is about the differences between queue security and pub/sub security. The email below is typical:

Posted in IBMMQ, Security | Tagged , , , , , , , | Leave a comment

Cluster security

Well, the residency to write the new WebSphere MQ Security book is past the halfway point and we are working diligently to finish up on time. I’m happy to say that one of my favorite new security topics is covered … Continue reading

Posted in Events, IBMMQ, News, Publications, WMQ Security | Tagged , , , , , , , , , , | 1 Comment

Guest blogger @ WebSphere User Group

Ben Wen and I were invited to be guest bloggers at WebSphere User Group this month so the post I was planning for this space was hijacked! You can read it at WebSphere User Group posted as The Invisible Threat.

Posted in IBMMQ, News, Publications, WMQ Security | Tagged , , , , , , , , | Leave a comment

WMQ Security bulletin site

Been wondering how to know if your WMQ is up to date for security patches?  Wonder no more!  Just go visit the Security Bulletin for WebSphere MQ page.  The Recommended Fixes page lists all of the Fix Packs and from … Continue reading

Posted in IBMMQ, News, WMQ Security | Tagged , , , , , , , , , , , | Leave a comment

Pages updated

I’ve just updated the WMQ and Links pages with new content.  There are a couple new Mission:Messaging articles and I fixed a few broken links on the Links page.  On the WMQ page I’ve added some new content, rearranged some … Continue reading

Posted in IBMMQ, MQ AMS, News | Tagged , , , , | Leave a comment

WebSphere MQ – Coming soon to an audit near you!

The June 29 episode of The Deep Queue is finally up!  Sorry about the delay, I was on an engagement last week that had me staying over the weekend in Boston to perform a production implementation on Saturday.  Although I’ve … Continue reading

Posted in DeepQueue, Podcast, WMQ Security | Tagged , , , , , , , , , | Leave a comment

New WMQ Channel vulnerability and interim fix announced

The IBM Internet Security Systems XForce team recently announced a buffer overflow vulnerability in WebSphere MQ client channels.  According to the release, the vulnerability includes the possibility of remotely executing arbitrary code or “causing the application to crash.”  It is … Continue reading

Posted in IBMMQ, News, WMQ Security | Tagged , , , , | Leave a comment

Deep Queue #11: Security breaches are not news?

The subject of the UC Berkeley data breach was discussed on the May 15th Security Squad podcast.  The thing that struck me was that the breach itself was not the topic of conversation but rather the debate was about whether … Continue reading

Posted in DeepQueue, IBMMQ, Podcast, WMQ Security | Tagged , , , , , , | Leave a comment