IBM Mainframe Forum

Hi, I have a strange situation where in, our users are not able to connect to mainframe as they are getting blank LU number. After bit research we came to know that some geek is making multiple connections to our mainframe ip address. In our SYS1.TCPPARMS(TN3270) member it has been defined DEFAULTLUS TCPA00001..TCPA00500 ENDDEFAULTLUS , so the geek is making roughly 500 connection from his single IP ( probably doing it by programatically ).
How do we prevent multiple connections coming from a single IP address ? , I'm new to system programming on mainframe, please help.

Hello,

Suggest you speak with your network people and your security admins. I don't know the answer.

I do know that in my organizations this person would be warned and if this was repeated, they would be terminated.

If this person is Not in your organization, it sounds like you have a Severe Security Problem.

Hello,

Restrict the user using RACF IP restriction command or put the user behind firewall. Use PAGENT to restrict the number of attempts