EKC - Eberhard Klemens Co., Information Security Solutions: Audit Tools

EKC Audit Tools 2010

Welcome to our fifth and final edition of EKC Audit Tools.   This toolset contains several useful utilities to aid auditors in reviewing mainframe systems.   These tools are provided to auditors and security administrators free of charge.   The tools will expire in the 1st quarter of 2011, at which time Audit Tools will be retired, unless we hear from you.   We highly encourage your comments and feedback, and will attempt to incorporate the same, if the interest level is appropriate, into another volume of the EKC Audit Tools.

To get a free copy of EKC Audit Tools please visit our order contact page.

The following information, tools, and programs are contained within this toolset; more information can be found in their respective directories.

zOS Program Tools - A directory containing information and programs for z/OS.
CA-ACF2 Program Tools - A directory with information and programs for CA-ACF2.
IBM-RACF Program Tools - A directory with information and programs for the IBM-RACF Security Server.
EKC - A directory with information and programs for EKC software program products, including information for E-SRF, the EKC Security Reporting Facility.

zOS Program Tools:

EKCATAPF
A program to display the names and volumes of all APF authorized datasets contained in the system LINKLIST libraries.

EKCATAAL
A program to display the names and volumes of all libraries which are in the currently active APF Authorized Library list.

EKCATSVC
A program to display any active SVCs within the system User SVC range of 146-255.

CA-ACF2 Program Tools:

EKCATAU0
A program to search for and display which types of Logonids have the ability to alter PASSWORDs, or have other special privlieges.   The program also checks for Logonids which have never signed onto the system and as such may pose a potential exposure.

EKCATAU3
A program to compare oneL ogonid with another - such as a model or prototype - and list the differences.   This could aid in determining if a Logonid has too broad a range of access and/or privileges.

EKCATAU4
A Program to display Logonids that have not signed onto the system for 120 days or longer.<.p>
EKCATADS
A program which displays all users having CA-ACF2 update access to the system LINKLIST libraries.

EKCATUID
A program which displays all users having alternate UID strings, using CA-ACF2 multi-value fields and / or ETF/A multiple, group and RBAC UID facilities.

IBM-RACF Program Tools:

EKCATRU0
A program which displays RACF USERIDS that have never been used, and provides counts of USERIDs with SPECIAL, OPERATIONS, and REVOKE attributes.

EKCATRU1
A program which displays all users, by GROUP, having IBM-RACF update access to the system LINKLIST libraries.

EKCATRU2
A program which displays all users, by USERID and GROUP, having IBM-RACF update access to the system LINKLIST libraries.

EKCATRU3
A program which compares two USERIDs and displays those fields which are different.

EKCATRU4
A program to display USERIDs that have not signed onto the system for 120 days or longer.

Click here to get a free copy of EKC Audit Tools