Home > Articles > Security > Network Security

  • Print
  • + Share This
This chapter is from the book

1.2 Getting Started

Virtually every computer book starts with a simple example that enables you to get your feet wet. We've got several "Hello, World" examples that will introduce you to:

  1. Interactive computing using the z/OS Time Sharing Option (TSO)
  2. Batch computing using Job Control Language (JCL)
  3. UNIX System Services (USS)

1.2.1 What You Will Need

For the purposes of this chapter, you'll need a TSO and OMVS user ID for a z/OS system and the initial password. This user ID is created for you by a system administrator. Your user ID is a one- to seven-character string that is your "handle" for all the work you do within z/OS. It's the basis for your computer identity within z/OS and the anchor point for all your access control permissions.

For the other chapters of this book, you will need your own z/OS image, a copy of the operating system running inside its own virtual machine. On this image, you will need a TSO account with RACF special authority, which corresponds roughly to root under UNIX. Because you will need to change audit settings, it is not enough to have privileges for a specific group within RACF—you need to have global RACF special authority.

1.2.2 Logging in to the Mainframe

In the old days, access to the mainframe was handled mostly by dedicated terminals that were hard-wired to the mainframe. Today, the terminal is a run-of-the-mill PC connected by TCP/IP. The PC runs a program that imitates an old-fashioned terminal.

To connect to the mainframe, run the terminal emulator and point it to the IP address of the mainframe and the TCP port number for TSO. After you do that, you might need to "dial" to the correct virtual machine. Figure 1.3 shows a user "dialing" to NMP122, the z/OS 1.6 image used for the screenshots in this book. Some terminal emulators require you to press the right Ctrl key, instead of Enter, to enter a command to the mainframe; this is because the right Ctrl key is located where the Enter key was located on the original 3270 terminal. After you connect to the image, you might need to type TSO <your user ID> to reach the TSO logon panel.

Figure 1.3

Figure 1.3 The command to dial the correct system

Figure 1.4 shows the TSO logon panel. On this panel, enter the user ID that you've been given in (1) in the figure, your password in (2), and a new password of your choosing in (3). Because the person who created your user ID knows the password, you need to change it to ensure that, from now on, only you can log on to TSO using your user ID. Press Enter to start the logon process.

Figure 1.4

Figure 1.4 TSO logon panel

After a few moments, you'll see lines displayed that look similar to Figure 1.5. The first line tells you the last time your user ID was used. This is an elementary intrusion-detection mechanism: If the date and the time do not look correct, you should call your security department to investigate who is using your user ID without your permission.

Figure 1.5

Figure 1.5 TSO logon results

The second line tells you how long you have until you will need to change your password. A good security policy requires that you change your password periodically. Your installation's policy is enforced whenever you enter the system.

The next line tells you that you have been authenticated (that is, your password is correct and you have not been denied access to the system for any other reason), and now TSO starts to build your logon environment.

This is followed by an installation-specific message, usually reminders of important aspects of your installation's information policy.

Some installations take users immediately into ISPF, the menu-driven system you will later see in Figure 1.8. In that case, type =x to exit into TSO so you can run the next exercise.

1.2.3 "Hello, World" from TSO

When this is done, you'll see READY. This is the TSO command prompt, similar to C:\> under Windows. It's time for our simplistic, trivial, yet traditional, "Hello, World" example. We'll use the SEND command to send a message with the text "Hello, World" to a user. Think of SEND as TSO's instant messenger (IM). Because the only user that you know right now is yourself, you will be the originator of the message as well as the recipient. Ready (pun intended)? Type this:

send 'Hello, World' u(<your user name>)

As you can see in Figure 1.6, TSO echoes what you typed. The SEND command processor sends the message to the intended recipient, the user ID ORIPOME. After the SEND command, TSO prompts you with READY to let you know that you can enter more commands.

Figure 1.6

Figure 1.6 "Hello, World" from TSO

Congratulations! You've logged on to TSO and said hello to the world. Note that the only person who saw your exclamation was you, so feel free to experiment with other (business-appropriate, of course!) phrases.

When you are done with the mainframe, you need to log off, using the logoff command. If you just close the terminal emulator, the session remains open. If you already closed the terminal emulator and you need to log on while you have a running session, type S before the Reconnect option, as shown in Figure 1.7.

Figure 1.7

Figure 1.7 TSO logon panel with Reconnect

  • + Share This
  • 🔖 Save To Your Account