EKC - Eberhard Klemens Co., Information Security Solutions: Audit Tools

EKC Audit Tools

Welcome to our second edition of EKC Audit Tools.   This toolset contains several useful utilities to aid auditors in reviewing mainframe systems.   These tools are provided to auditors and security administrators free of charge.   The tools will expire in the 1st quarter of 2008, at which time a new, updated set will become available again at no cost.   We highly encourage your comments and feedback, and will attempt to incorporate the same, if appropriate, into the next volume of the EKC Audit Tools.

New Additions:

The following new tools have been added for this edition of the EKC audit Tools.

EKCATAU4 for CA-ACF2

EKCATAU4 for IBM RACF

To get a free copy of EKC Audit Tools please visit our order contact page.

The following information, tools, and programs are contained within this toolset; more information can be found in their respective directories.

zOS Program Tools - A directory containing information and programs for z/OS.
CA-ACF2 Program Tools - A directory with information and programs for CA-ACF2.
IBM-RACF Program Tools - A directory with information and programs for the IBM-RACF Security Server.
EKC - A directory with information and programs for EKC software program products, including information for E-SRF, the EKC Security Reporting Facility.

zOS Program Tools:

EKCATLLA
A program to display the names of all system LINKLIST library datasets.

EKCATAPF
A program to display the names and volumes of all APF authorized datasets contained in the system LINKLIST libraries.

EKCATAAL
A program to display the names and volumes of all libraries which are in the currently active APF Authorized Library list.

EKCATSVC
A program to display any active SVCs within the system User SVC range of 146-255.

CA-ACF2 Program Tools:

EKCATAU0
A program to search for and display which types of Logonids have the ability to alter PASSWORDs, or have other special privlieges.   The program also checks for Logonids which have never signed onto the system and as such may pose a potential exposure.

EKCATAU3
A program to compare oneL ogonid with another - such as a model or prototype - and list the differences.   This could aid in determining if a Logonid has too broad a range of access and/or privileges.

EKCATAU4
A Program to display Logonids that have not signed onto the system for 120 days or longer.<.p>
EKCATADS
A program which displays all users having CA-ACF2 update access to the system LINKLIST libraries.

IBM-RACF Program Tools:

EKCATRDS
A program which displays all users having IBM-RACF update access to the system LINKLIST libraries.

EKCATRU0
A program which displays RACF USERIDS that have never been used, and provides counts of USERIDs with SPECIAL, OPERATIONS, and REVOKE attributes.

EKCATRU1
A program which displays all users, by GROUP, having IBM-RACF update access to the system LINKLIST libraries.

EKCATRU2
A program which displays all users, by USERID and GROUP, having IBM-RACF update access to the system LINKLIST libraries.

EKCATRU3
A program which compares two USERIDs and displays those fields which are different.

EKCATRU4
A program to display USERIDs that have not signed onto the system for 120 days or longer.

Click here to get a free copy of EKC Audit Tools