friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamv_5.4.0.1/rzamvcheckalteredobj.htm

64 lines
4.0 KiB
HTML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Check for altered objects" />
<meta name="abstract" content="This article describes how to use the Check Object Integrity (CHKOBJITG) command to look for objects that have been altered." />
<meta name="description" content="This article describes how to use the Check Object Integrity (CHKOBJITG) command to look for objects that have been altered." />
<meta name="DC.Relation" scheme="URI" content="rzamvdevelopintrusiondetectstrat.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="checkalteredobj" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Check for altered objects</title>
</head>
<body id="checkalteredobj"><a name="checkalteredobj"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Check for altered objects</h1>
<div><p>This article describes how to use the Check Object Integrity (CHKOBJITG)
command to look for objects that have been altered.</p>
<div class="p">An altered object is usually an indication that someone is attempting to
tamper with your system. You might want to run this command after someone
has: <ul><li>Restored programs to your system</li>
<li>Used dedicated service tools (DST)</li>
</ul>
</div>
<p>When you run the command, the system creates a database file containing
information about any potential integrity problems. You can check objects
owned by one or more profiles, objects that match a path name, or all objects
on the system. You can look for objects whose domain has been altered and
objects that have been tampered with. You can recalculate program validation
values to look for objects of type *PGM, *SRVPGM, *MODULE, and *SQLPKG that
have been altered. You can check the signature of objects that can be digitally
signed. You can check if libraries and commands have been tampered with. You
can also start a integrated file system scan or check if objects failed a
previous file system scan.</p>
<p>You can also recalculate program validation values to look for objects
of type *PGM, *SRVPGM, *MODULE, and *SQLPKG that have been altered. Running
the CHKOBJITG program requires *AUDIT special authority. The command might
take a long time to run because of the scans and calculations it performs.
You should run it at a time when your system is not busy.</p>
<div class="important"><span class="importanttitle">Important:</span> To prevent impacts to either performance
or system operations, distribute ownership of objects to multiple profiles.
Do not assign all (or nearly all) objects to only one owner profile.</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvdevelopintrusiondetectstrat.htm" title="The following information is a collection of tips to help you detect potential security exposures.">Prevent and detect security exposures</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink