1 INFO-VAX	Sun, 31 Dec 2000	Volume 2000 : Issue 730       Contents:2 Re: Auditing VMS system for identifier references?6 Re: Bug - NLB0: crash, was: "NLA0: the null device..."( Re: Happy Holidays - From Rich Marcelllo Re: Martin Minow Dies & Re: Sending messages to an application& Re: Sending messages to an application" Sending messages to an application& Re: Sending messages to an application< StingrayIII server <- FDDI Cisco conc.-> OpenVMS Alpha 7.1-2@ Re: StingrayIII server <- FDDI Cisco conc.-> OpenVMS Alpha 7.1-2@ Re: StingrayIII server <- FDDI Cisco conc.-> OpenVMS Alpha 7.1-2@ Re: StingrayIII server <- FDDI Cisco conc.-> OpenVMS Alpha 7.1-2  F ----------------------------------------------------------------------  % Date: Sat, 30 Dec 2000 21:29:33 -0500 , From: "Glenn C. Everhart" <Everhart@GCE.com>; Subject: Re: Auditing VMS system for identifier references? ' Message-ID: <3A4E53BD.1395BE7C@GCE.com>   ; You'll need some variant of dir/acl of all disks at minimum ; to show this. Do it and hand it to the auditors. Explain to > them where the VMS security manuals are so they can understand6 VMS security concepts and how these things are stored,= so they will in the future know when something generates huge > reports and when it is quick and easy. I bet they haven't even< considered UIC access, and I be they also haven't considered= how any of the junk they are asking for is going to give them + any information on who has access to what.    ? I would imagine that somewhere in their minds they imagine they < are getting information on who can access what, and probably? never heard of identifiers that do NOT have anything to do with ; access, much less anything like application ACEs. Where the > information is stored with each file though, a report requires brute force to generate.  @ It would be a more useful question to ask what access anyone has: to objects other than his own, excepting from this execute? or read access to systems files that are widely used. I imagine < they want to check that such access follows policy, but they= need to understand what they are asking for. A massive report ? (on tape perhaps, to save a few trees) with the first few pages 2 printed might get them back onto the mass shell...     Bob Kaplow wrote:  > K > I'm expecting the dreaded IS audit early next month. Our internal account M > administration folks have asked me to come up with a report, by identifier, M > of what access that identifier grants. They want an inventory of everything = > on the system that having that identifier allows access to.  > L > All I can think of are VERY brute force ways to do this. Does any one haveN > an existing solution to this problem, elegant or not? Any help, particularly+ > in the form of DCL would be most welcome.  > L > BTW, we're running Alpha VMS V7.2 just about everywhere. And the disk farmN > alone is about 150 logical devices totalling over 2 TB. Brute force will NOT > be pretty... >  > Bob Kaplow   ------------------------------  # Date: Sat, 30 Dec 2000 21:06:23 GMT + From: rjordan@mars.mcs.net (Richard Jordan) ? Subject: Re: Bug - NLB0: crash, was: "NLA0: the null device..." 2 Message-ID: <j7s36.829$0p.102187@news.goodnet.com>  D I wonder how much Compaq would charge for licensing shadowing on theC null device(s); would there be a per-unit license requirement?  And E importantly, Hoff, would this important new capability be Alpha only? . Or might VAX users hope to enjoy them as well?   Happy New Millenium!   Rich Jordan  rjordan@mcs.net    ------------------------------  % Date: Sat, 30 Dec 2000 21:38:46 -0500 , From: "Glenn C. Everhart" <Everhart@GCE.com>1 Subject: Re: Happy Holidays - From Rich Marcelllo ' Message-ID: <3A4E55E6.46B41305@GCE.com>   4 I thought the card was rather pretty, but ghod-awful3 huge and took a LONG time to download from my ISP's 5 POP server. Thus my peeve with using mail attachments 4 is primarily that they impede the use of the net for8 communication. IMO no manager should be given net access4 at over 28.8KB, so they will learn to appreciate why6 others are less than impressed with fancy pictures and8 sounds and "graphically well designed" interfaces, where2 they can only be used by people on fast networks.   5 Getting mystery executables this way is still more an ; injury to the industry: people HAVE to get out of the habit 2 of simply running random programs sent by friends.   ------------------------------  % Date: Sat, 30 Dec 2000 20:52:35 -0500 , From: "Glenn C. Everhart" <Everhart@GCE.com> Subject: Re: Martin Minow Dies' Message-ID: <3A4E4B13.1C03A16F@GCE.com>   : Martin Minow will be remembered also by some of us as the 6 author of DECUS C and a contributor of a great deal of* excellent utility code to the rest of us.   0 A man of great talent and vision and good humor. I regret his passing.    Glenn Everhart   Hoff Hoffman wrote:  > G >   For those that had the privilege of knowing him, I've received word  >   that Martin Minow has died.  > < >   Information from Risks Digest 21.17 is included below... > P >  --------------------------- pure personal opinion ---------------------------N >    Hoff (Stephen) Hoffman   OpenVMS Engineering   hoffman#xdelta.zko.dec.com >  >         -- > % > Date: Tue, 26 Dec 2000 15:18:39 PST 0 > From: "Peter G. Neumann" <neumann@csl.sri.com> > Subject: Martin Minow  > N > It is with deep sadness that we note here the sudden passing of Martin MinowJ > last Thursday.  He was a long-standing, noble, insightful contributor toK > RISKS, dating back to Volume 1, number 33, on 1 Jan 1986.  A quick search K > shows that he had 172 messages in RISKS over the past 15 years, including I > translations of some otherwise inaccessible news items that appeared in L > Swedish sources.  He was a delightful person, and will be sorely missed byM > many of us.  Thanks to all of you who forwarded the e-mail message from his  > brother, Robtminow@aol.com.  > C > Greg Marriott <greg@spies.com> added URLs for Martin's Web pages:  >   http://www.vmeng.com/minow/ " >   http://homepage.mac.com/k6mam/> >   http://www.ag.ohio-state.edu/~natres/faculty/homepage.html   ------------------------------  % Date: Sat, 30 Dec 2000 16:01:03 -0600 7 From: "David J. Dachtera" <djesys.nospam@earthlink.net> / Subject: Re: Sending messages to an application - Message-ID: <3A4E5B1F.D21EEED3@earthlink.net>    Larry Kilgallen wrote: > ^ > In article <3A4D2F12.1AE716B4@videotron.ca>, JF Mezei <jfmezei.spamnot@videotron.ca> writes: > N > > For instance, while reading an email, you can view an attachement with theP > > proper application, and if the application is already started, it just opensB > > the new file, thus providing much faster service to the user). > G > That single capability has been responsible for 99% of the successful . > security attacks against Microsoft machines.  E Well, at least in part. What really does the damage is the ability to D have either the associated application, the e-mail user agent or theA o.s. itself execute any code, malicious or otherwise, that may be 2 contained in the attachment or the message itself.  F Funny part is: the pro-Micro$hit elements out there tout this stuff asG "the latest and greatest technology" when it's actually the "newest and  largest security risk".    --   David J. Dachtera  dba DJE Systems  http://www.djesys.com/  : Unofficial Affordable OpenVMS Home Page and Message Board: http://www.djesys.com/vms/soho/   F This *IS* an OpenVMS-related newsgroup. So, a certain bias in postings is to be expected.  @ Feel free to exercise your rights of free speech and expression.  F However, attacks against individual posters, or groups of posters, are strongly discouraged.    ------------------------------  % Date: Sat, 30 Dec 2000 16:55:51 -0500 " From: Dan Sugalski <dan@sidhe.org>/ Subject: Re: Sending messages to an application : Message-ID: <5.0.2.1.0.20001230165513.021a16d0@24.8.96.48>  4 At 04:01 PM 12/30/00 -0600, David J. Dachtera wrote: >Larry Kilgallen wrote:  > > : > > In article <3A4D2F12.1AE716B4@videotron.ca>, JF Mezei ( > <jfmezei.spamnot@videotron.ca> writes: > > H > > > For instance, while reading an email, you can view an attachement 
 > with theH > > > proper application, and if the application is already started, it  > just opensD > > > the new file, thus providing much faster service to the user). > > I > > That single capability has been responsible for 99% of the successful 0 > > security attacks against Microsoft machines. > F >Well, at least in part. What really does the damage is the ability toE >have either the associated application, the e-mail user agent or the B >o.s. itself execute any code, malicious or otherwise, that may be3 >contained in the attachment or the message itself.  > G >Funny part is: the pro-Micro$hit elements out there tout this stuff as H >"the latest and greatest technology" when it's actually the "newest and >largest security risk".  H The real funny part is that this stuff is *far* from new--we were doing 7 this sort of thing back on the Amiga in the mid '80s...    					Dan  I --------------------------------------"it's like this"------------------- 2 Dan Sugalski                          even samurai? dan@sidhe.org                         have teddy bears and even ;                                       teddy bears get drunk    ------------------------------  % Date: Sat, 30 Dec 2000 18:24:26 -0500 2 From: "Richard B. Gilbert" <DRAGON@compuserve.com>+ Subject: Sending messages to an application 7 Message-ID: <200012301824_MC2-C033-DB82@compuserve.com>   H         Offhand, I can think of a couple of ways to send a message to anJ application:  Common Event Flags, Mailboxes, Global sections!  Ok, I lied= ; F that's three.  Of course the application must be written to  Check itsA Common Event Flags, Mailboxes, etc, and do something in response.   H         I seem to recall some such functionality in X-Windows but I haveJ always preferred the command line interface so I am not as familiar with = X H as I might be.  Look for something called an "event handler".  It's mostJ common usage, I suspect, is to handle mouse events, but I believe that th= e G faclity may be more general; perhaps handling "drag and drop" events as  well.     Message text written by JF MezeiJ >Most GUI platforms, even my old trusted PSION 3 (not actuall a GUI) have=  aJ mechanism whereas one application can send a message to another applicati= on toG tell it to open/close a file. (or start that application with a file to  open by default).  J For instance, while reading an email, you can view an attachement with th= e F proper application, and if the application is already started, it just opens > the new file, thus providing much faster service to the user).    H VMS , as an OS, doesn't have that built-in. But does X-windows have this type of feature ? <    ------------------------------    Date: 30 Dec 2000 21:35:20 -05009 From: Kilgallen@eisner.decus.org.nospam (Larry Kilgallen) / Subject: Re: Sending messages to an application + Message-ID: <W2BhXuQ46lza@eisner.decus.org>   _ In article <5.0.2.1.0.20001230165513.021a16d0@24.8.96.48>, Dan Sugalski <dan@sidhe.org> writes: 6 > At 04:01 PM 12/30/00 -0600, David J. Dachtera wrote: >>Larry Kilgallen wrote: >> >; >> > In article <3A4D2F12.1AE716B4@videotron.ca>, JF Mezei  ) >> <jfmezei.spamnot@videotron.ca> writes:  >> >I >> > > For instance, while reading an email, you can view an attachement   >> with the I >> > > proper application, and if the application is already started, it  
 >> just opens E >> > > the new file, thus providing much faster service to the user).  >> >J >> > That single capability has been responsible for 99% of the successful1 >> > security attacks against Microsoft machines.  >>G >>Well, at least in part. What really does the damage is the ability to F >>have either the associated application, the e-mail user agent or theC >>o.s. itself execute any code, malicious or otherwise, that may be 4 >>contained in the attachment or the message itself. >>H >>Funny part is: the pro-Micro$hit elements out there tout this stuff asI >>"the latest and greatest technology" when it's actually the "newest and  >>largest security risk".  > J > The real funny part is that this stuff is *far* from new--we were doing 9 > this sort of thing back on the Amiga in the mid '80s...   I IBM rigged up the mail system on CMS to execute according to instructions G from the sender of a message.  They found out about the hazard, removed F the "feature" and the subsequent years saw security conferences filledJ with sessions discussing that as a famous error to avoid in a mail system.: Microsoft obviously ignores lessons the world has learned.  N ==============================================================================N Great Inventors of our time: Al Gore -> Internet; Sun Microsystems -> ClustersN ==============================================================================   ------------------------------  # Date: Sat, 30 Dec 2000 22:26:45 GMT 4 From: "Peter Ljungberg" <peter.p.ljungberg@telia.se>E Subject: StingrayIII server <- FDDI Cisco conc.-> OpenVMS Alpha 7.1-2 3 Message-ID: <Fit36.2271$AH6.331634@newsc.telia.net>    Hi,   K This beats me at the moment, I'm trying to get a VMS host (UCX) to see FDDI 
 based diskJ behind a Stingray III server. The Alpha is clustered, with it self, LAN is enabled (NI) as J interconnect, I have access to a VAX6000 using a similar configuration but with TCPWAREK as tcp/ip.  Open for any clue's at the moment since I can't find why it not  or why it should work, it looks like this now.   L | disks | <- SCSI -> | Stingray III | <- FDDI -> | Cisco Conc. | <-FDDI-> <- OpenVMS Alpha ->  H I have verified that the FDDI works on the VMS host by doing a telnet to	 it's FDDI G interface ip-adress, do a $ DIR command through the systemdisk and then  pulling the cable K and the output stops, then I put back the fibre cable and output continues, E and on the Stingray side I can see a led lights up when the server is 0 started or cable pulled/inserted, and it do have two connections    /P.Lj    ------------------------------  # Date: Sat, 30 Dec 2000 23:04:08 GMT 4 From: "Peter Ljungberg" <peter.p.ljungberg@telia.se>I Subject: Re: StingrayIII server <- FDDI Cisco conc.-> OpenVMS Alpha 7.1-2 3 Message-ID: <IRt36.2283$AH6.332637@newsc.telia.net>   I Sorry for following up my own question, but it seems that it is something * with the Stingray parameter forceid, sinceH there is no NFS communication it must be SCS and thus a systemid of some$ kind, have to dig deeper in this....   /P.Lj     ? "Peter Ljungberg" <peter.p.ljungberg@telia.se> wrote in message - news:Fit36.2271$AH6.331634@newsc.telia.net...  >  > Hi,  > H > This beats me at the moment, I'm trying to get a VMS host (UCX) to see FDDI > based diskL > behind a Stingray III server. The Alpha is clustered, with it self, LAN is > enabled (NI) as L > interconnect, I have access to a VAX6000 using a similar configuration but > with TCPWAREI > as tcp/ip.  Open for any clue's at the moment since I can't find why it  not  > or why it should work, > it looks like this now.  > K > | disks | <- SCSI -> | Stingray III | <- FDDI -> | Cisco Conc. | <-FDDI->  <- > OpenVMS Alpha -> > J > I have verified that the FDDI works on the VMS host by doing a telnet to > it's FDDI I > interface ip-adress, do a $ DIR command through the systemdisk and then  > pulling the cable B > and the output stops, then I put back the fibre cable and output
 continues,G > and on the Stingray side I can see a led lights up when the server is 2 > started or cable pulled/inserted, and it do have > two connections  >  > /P.Lj  >  >  >    ------------------------------  % Date: Sat, 30 Dec 2000 17:17:36 -0600 7 From: "David J. Dachtera" <djesys.nospam@earthlink.net> I Subject: Re: StingrayIII server <- FDDI Cisco conc.-> OpenVMS Alpha 7.1-2 - Message-ID: <3A4E6D10.ECEE829A@earthlink.net>    Peter Ljungberg wrote: >  > Hi,  > M > This beats me at the moment, I'm trying to get a VMS host (UCX) to see FDDI  > based diskL > behind a Stingray III server. The Alpha is clustered, with it self, LAN is > enabled (NI) as L > interconnect, I have access to a VAX6000 using a similar configuration but > with TCPWAREM > as tcp/ip.  Open for any clue's at the moment since I can't find why it notu > or why it should work, > it looks like this now.  > N > | disks | <- SCSI -> | Stingray III | <- FDDI -> | Cisco Conc. | <-FDDI-> <- > OpenVMS Alpha -> > J > I have verified that the FDDI works on the VMS host by doing a telnet to > it's FDDIsI > interface ip-adress, do a $ DIR command through the systemdisk and then7 > pulling the cable M > and the output stops, then I put back the fibre cable and output continues,IG > and on the Stingray side I can see a led lights up when the server isc2 > started or cable pulled/inserted, and it do have > two connections-  E Well, at first glance you appear to be greatly confused about SCS andrH MSCP transports. Neither is dependent upon TCP/IP or any other transportE - they are entirely independent. On the other hand, they are also DEC  proprietary and non-routable.   A The Cisco device *MUST* be set to transparently pass SCS and MSCPtC messages. If the Alpha doesn't see the disk in console mode, it's at8 better than even bet that OpenVMS won't see them either.  D I've seen this work with a DEC Gigaswitch and MTI StingRays, but not with any other hardware.   FWIW...k   -- s David J. Dachtera' dba DJE Systemsd http://www.djesys.com/  : Unofficial Affordable OpenVMS Home Page and Message Board: http://www.djesys.com/vms/soho/   F This *IS* an OpenVMS-related newsgroup. So, a certain bias in postings is to be expected.  @ Feel free to exercise your rights of free speech and expression.  F However, attacks against individual posters, or groups of posters, are strongly discouraged.t   ------------------------------  # Date: Sat, 30 Dec 2000 23:32:31 GMTi4 From: "Peter Ljungberg" <peter.p.ljungberg@telia.se>I Subject: Re: StingrayIII server <- FDDI Cisco conc.-> OpenVMS Alpha 7.1-2j3 Message-ID: <jgu36.2290$AH6.333947@newsc.telia.net>   L Yes, well I followed up my own post before I read your answer, it can be the Cisco cencentrator thatlL does not pass SCS and MSCP messages, and/or the parameters as I mentioned in the message above,K the forceid and systemid, I will try these tomorrow, it's late here now andb& they're a kilometer from here, thanks!   /P.Lj   B "David J. Dachtera" <djesys.nospam@earthlink.net> wrote in message' news:3A4E6D10.ECEE829A@earthlink.net...  > Peter Ljungberg wrote: > >r > > Hi,n > >rJ > > This beats me at the moment, I'm trying to get a VMS host (UCX) to see FDDI > > based diskK > > behind a Stingray III server. The Alpha is clustered, with it self, LANe is > > enabled (NI) as J > > interconnect, I have access to a VAX6000 using a similar configuration butt > > with TCPWAREK > > as tcp/ip.  Open for any clue's at the moment since I can't find why itg nota > > or why it should work, > > it looks like this now.n > >aD > > | disks | <- SCSI -> | Stingray III | <- FDDI -> | Cisco Conc. | <-FDDI-> <-  > > OpenVMS Alpha -> > >-L > > I have verified that the FDDI works on the VMS host by doing a telnet to
 > > it's FDDIiK > > interface ip-adress, do a $ DIR command through the systemdisk and then. > > pulling the cable8D > > and the output stops, then I put back the fibre cable and output
 continues,I > > and on the Stingray side I can see a led lights up when the server isu4 > > started or cable pulled/inserted, and it do have > > two connectionsl > G > Well, at first glance you appear to be greatly confused about SCS andnJ > MSCP transports. Neither is dependent upon TCP/IP or any other transportG > - they are entirely independent. On the other hand, they are also DECr > proprietary and non-routable.l >yC > The Cisco device *MUST* be set to transparently pass SCS and MSCP E > messages. If the Alpha doesn't see the disk in console mode, it's aO: > better than even bet that OpenVMS won't see them either. >iF > I've seen this work with a DEC Gigaswitch and MTI StingRays, but not > with any other hardware. > 	 > FWIW...u >b > -- > David J. Dachtera  > dba DJE Systemsl > http://www.djesys.com/ >e< > Unofficial Affordable OpenVMS Home Page and Message Board:! > http://www.djesys.com/vms/soho/a >,H > This *IS* an OpenVMS-related newsgroup. So, a certain bias in postings > is to be expected. >iB > Feel free to exercise your rights of free speech and expression. > H > However, attacks against individual posters, or groups of posters, are > strongly discouraged.e   ------------------------------   End of INFO-VAX 2000.730 ************************