0 INFO-VAX	Thu, 22 Jan 2004	Volume 2004 : Issue 43      Contents: RE: 500.000 AMD64's shipped... Re: 500.000 AMD64's shipped... Re: 500.000 AMD64's shipped... Re: 500.000 AMD64's shipped... Re: 500.000 AMD64's shipped...P =?windows-1252?Q?=5BANN=5D_First_Annual_VAXUS_Symposium_?= =?windows-1252?Q?in_P Re: asspache web server  Re: asspache web server % Bug in VMS722_F11X-V0200 on VMS 7.2-2 ) Re: Bug in VMS722_F11X-V0200 on VMS 7.2-2  CLUSTER INTERCONNECT values  Re: CLUSTER INTERCONNECT values  Re: CLUSTER INTERCONNECT values % Re: How to do Bootable Image Backup ? % Re: How to do Bootable Image Backup ? % Re: How to do Bootable Image Backup ? % Re: How to do Bootable Image Backup ? D Re: How to limit access to production data from non-production code?D Re: How to limit access to production data from non-production code?D Re: How to limit access to production data from non-production code?B Re: Intel to chip away at Itanium prices <- or ... I want my cheapB Re: Intel to chip away at Itanium prices <- or ... I want my cheapB Re: Intel to chip away at Itanium prices <- or ... I want my cheap Re: Kerberos login on VMS  Re: Kerberos login on VMS  Re: Looking for VAX/VMS V4.7  No more mascot on VMS home page?$ Re: No more mascot on VMS home page?$ Re: No more mascot on VMS home page?4 OT: Is GRID another name for Distributed Computing ?8 Re: OT: Is GRID another name for Distributed Computing ?8 Re: OT: Is GRID another name for Distributed Computing ? OT: Mobile handset security 0 Pathworks 32 Client and Windows 2000 performance( Re: Pathworks Macintosh, OS-X & Printing0 Re: PC print server devices compatible with VMS?0 Re: PC print server devices compatible with VMS? Re: remove DECnet OSI ?  Re: remove DECnet OSI ?  Re: remove DECnet OSI ?  Re: remove DECnet OSI ?  Re: remove DECnet OSI ?  SpecInt values - ES40/GS80 Re: Still alive and kicking!7 Re: SYSGEN, Parameter Files, and V7.3-1->V7.3-2 Upgrade  Re: The Inquirer@ Re: The Register: OpenVMS among most-secure of operating systems@ RE: The Register: OpenVMS among most-secure of operating systems@ Re: The Register: OpenVMS among most-secure of operating systems@ Re: The Register: OpenVMS among most-secure of operating systems@ RE: The Register: OpenVMS among most-secure of operating systems@ Re: The Register: OpenVMS among most-secure of operating systems@ Re: The Register: OpenVMS among most-secure of operating systems@ Re: The Register: OpenVMS among most-secure of operating systems@ Re: The Register: OpenVMS among most-secure of operating systems@ Re: The Register: OpenVMS among most-secure of operating systems& VAX support needed in rural SE Indiana Re: VAXUS: Call for Chapters Re: VAXUS: Call for Chapters  VMS authentication to Windows AD+ Re: VMS's Stability Prompts Move To Itanium . Yet another OpenVMS admin/programmer available2 RE: Yet another OpenVMS admin/programmer available+ [ANN] First Annual VAXUS Symposium in Paris   F ----------------------------------------------------------------------  % Date: Thu, 22 Jan 2004 08:23:17 +0100 ( From: "Rudolf Wingert" <win@fom.fgan.de>' Subject: RE: 500.000 AMD64's shipped... : Message-ID: <MCELKPMOKPMNDNKJNIONAEHECJAA.win@fom.fgan.de>   Hello,  L Don Rogstad did wrote me, that today it is possible to get the V440 for thatI nice price. Its like everytime, wait a few month (years) and you will get = everithing for an apple and egg. Thanks for that information.    Best regards Rudolf Wingert    ------------------------------  % Date: Thu, 22 Jan 2004 10:49:14 +0000 O From: Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> ' Subject: Re: 500.000 AMD64's shipped... 0 Message-ID: <buo9ra$3jt$2@new-usenet.uk.sun.com>   Rudolf Wingert wrote:  > Hello, > N > Don Rogstad did wrote me, that today it is possible to get the V440 for thatK > nice price. Its like everytime, wait a few month (years) and you will get ? > everithing for an apple and egg. Thanks for that information.  >   ? The V440 with 4 1.28Ghz CPU's and 16 GB of RAM has cost $25,995  since it was introduced.   Regards  Andrew Harrison  > Best regards Rudolf Wingert  >    ------------------------------  % Date: Thu, 22 Jan 2004 12:04:23 +0000 O From: Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> ' Subject: Re: 500.000 AMD64's shipped... 0 Message-ID: <buoe88$5a6$1@new-usenet.uk.sun.com>   jlsue wrote:G > On Tue, 20 Jan 2004 10:28:25 +0000, Andrew Harrison SUNUK Consultancy 0 > <Andrew_No.Harrison_No@nospamn.sun.com> wrote: >  >  >>John Santos wrote: >>@ >>>On Fri, 16 Jan 2004, Andrew Harrison SUNUK Consultancy wrote: >>>  >>> A >>>>The 1-4 way market is decided pretty much on price, footprint ! >>>>and application availability.  >>>  >>> ? >>>So the customer goes to the vendor and says "give me a 4-CPU A >>>system as cheap as possible.  I don't care about performance?"  >>>  >># >>Pretty close to how it works yes.  >  > H > Strange world you live in.  Most customer *I* deal with care about theF > price/performance curve.  Of course, I deal mostly in the enterpriseM > markets, but still.... caring only about price, why would # of CPUs be more K > important than number of "transactions" they can perform for a set amount 
 > of cash? >   9 Most customers care about price performance. Precious few 5 have any idea how that applies to their applications.   5 I deal exclusively with Enterprise customers, the one 8 I am working for used to be HP's largest retail customer in europe (no longer ;-) ).   9 This particular customer does care, they performance test 6 their apps on the large back end systems. Incedentally6 for one of their apps the Sun server platform required2 to host the app cost 1/3 - 1/4 of the price of the1 HP-PA based system required to host the same app.   1 But they are a minority, I have worked in Pharma, - Investment Banking, Oil and Gas and Telco and / low end systems hardly ever got benchmarked for  capacity planning purposes.    > A >>>Why would they care about the number of processors?  Bragging? A >>>"I have 4 processors in my server, it only cost 25K.  You only < >>>have 2 processors, and spent more.  So what if your 2-CPU* >>>system is faster than my 4-CPU system." >>>  >>> >>People have a notinal idea about how much resource they need >>for an applicaton. >>E >>Do you really think that people, benchmark/model their application, ? >>size and then re-validate after going live for the 100/1000's * >>of 2-4 way servers they are installing ? >  > H > The one's who focus on IT Service management (based on ITIL) do.... ofM > course, that only means things to IT organizations who care about following H > best practices for efficiency, service levels, and business alignment. >   4 Humm, the average benchmark with hardware, software,3 load capture and generation, benchmarking personnel 3 etc is an expensive excercise. Do you have any idea * how much something like LoadRunner costs ?  4 Given that very few people are prepared to benchmark1 an application on a 5-30K server because the test ' will cost more than the infrastructure.   3 At the end of the day everything comes back to cost 0 and cost management and many customers find that0 informed guesswork at the workgroup server level0 is more effective than benchmarking and the rest of the process.    Regards  Andrew Harrison    ------------------------------  # Date: Thu, 22 Jan 2004 16:03:36 GMT & From: jlsue <jefflsxxxz@sbcglobal.net>' Subject: Re: 500.000 AMD64's shipped... 8 Message-ID: <fbsv0098c62f530rqk3845o3s7bdbbqnea@4ax.com>  E On Thu, 22 Jan 2004 12:04:23 +0000, Andrew Harrison SUNUK Consultancy . <Andrew_No.Harrison_No@nospamn.sun.com> wrote:  
 >jlsue wrote: H >> On Tue, 20 Jan 2004 10:28:25 +0000, Andrew Harrison SUNUK Consultancy1 >> <Andrew_No.Harrison_No@nospamn.sun.com> wrote:  >>   >>   > 2 >But they are a minority, I have worked in Pharma,. >Investment Banking, Oil and Gas and Telco and0 >low end systems hardly ever got benchmarked for >capacity planning purposes.  I You don't have to benchmark for capacity planning purposes.  Sure, that's B one way, but as you have stated later on, it's the most expensive.  I Mathematical modeling is another way.  Imho, and in my experience, it's a K very good (depending on the tool & mathmeticians behind it) balance between H cost and accuracy.  And as you use the tool on a particular workload youG get a better understanding of the difference between the models and the $ real-world and can account for that.  I It still doesn't seem to make sense to go for any cheap 4-CPU server over F trying to get the best bang for the buck.  What if a 1 or 2 CPU serverH would provide all the processing you'd need (and at a much lower price)?    5 >Humm, the average benchmark with hardware, software, 4 >load capture and generation, benchmarking personnel4 >etc is an expensive excercise. Do you have any idea+ >how much something like LoadRunner costs ?   C Which is why I prefer mathematical modeling tools instead.  Collect K transaction & performance on the running application and feed that into the I models.  Great for doing what-if's, etc.  I've been successful in talking I customers out of expensive (HW & SW) system upgrades by demonstrating how I spreading load out over more disk spindles would give them plenty of room  to grow.  H A couple of good tools are BMC's Patrol, and then there's PerfCap's eCAPK product.  eCAP came - originally - from DEC/CPQ's ECP product, and I've got F much more experience with the ECP product than BMC's (or even the eCAPJ version).  However judging from it's lineage, eCAP should be a great tool.J It also models memory, which BMC did not, the last time I looked (e.g., asJ memory utilization grows, there will be less available for user processes,I which can mean that there will be greater page faulting - on VMS anyway - < and modeling this can be important for bottleneck analysis).    4 >At the end of the day everything comes back to cost1 >and cost management and many customers find that 1 >informed guesswork at the workgroup server level 1 >is more effective than benchmarking and the rest  >of the process. >   I I will definitely not discount the value of experienced people who really G know their applications.  In most customer environments this is not the K case (very few know how many "transactions" they process per day, and can't 1 tell you what their goal is for a capacity plan).   K However, as time goes on when buying a bunch of single-application servers, K eventually you cross some line where the cost-per-server actually increases J less linearly (i.e., in some organizations it costs much more to manage 50A servers as it does 250, and that increase is a very steep curve).   I This is all very dependent on the organization involved, but it is what's K been driving the huge market in consolidation services over the last couple 	 of years.    --- jls 0 The preceding message was personal opinion only.6 I do not speak in any authorized capacity for anyone,  and certainly not my employer.- (get rid of the xxxz in my address to e-mail)    ------------------------------  # Date: Thu, 22 Jan 2004 16:23:22 GMT & From: jlsue <jefflsxxxz@sbcglobal.net>' Subject: Re: 500.000 AMD64's shipped... 8 Message-ID: <d7tv00pssrlq2aeem80hfor82rqgokch8j@4ax.com>  H On Wed, 21 Jan 2004 17:31:19 -0500, "Bill Todd" <billtodd@metrocast.net> wrote:     > F >Might have something to do with evaluating the credibility of similarF >*current* statements when they're used to try to bolster an otherwiseI >vacuous argument - yuh think?  For example, the statement to which I was I >replying (and which you even quoted in your own response, still right up J >there above:  too bad you didn't read it as well and avoid looking like a >fool once again). >   C So let's see, we can NEVER believe what some people/vendors tell us < anymore, so let's just pack up and all go home.  Is that it?  G Intel can tell you what their *plan* is, but if you let that drive your J behavior as if it's an absolute certainty, and your business goes down theD toilet because of it, that's YOUR failure at management, not Intel's
 failure.    F The whole point of *plans* is that they put a stake in the ground thatI you're driving for.  It helps you meansure how well you're doing.  But if H someone consistently hits or exceeds their goals 100% of the time, then,, imho, they're not pushing themselves enough.  G But when Intel says that they plan to push Itanium down to Xeon levels, H that's a plan.  How much you "bet the farm" on such plans depends on theA risks you're willing to take with your organization.  Being a bit J conservative wrt risk-taking, I'd watch-and-wait, but not drop all current/ technology in favor of what amounts to "vapor".   C Experience tells us that ANY vendor's promises are vapor until they E actually meterialize.  Some are more consistently delivering to these J promises, but that doesn't mean that they're the best either (i.e., always* setting the bar low enough to never fail).   --- jls 0 The preceding message was personal opinion only.6 I do not speak in any authorized capacity for anyone,  and certainly not my employer.- (get rid of the xxxz in my address to e-mail)    ------------------------------  % Date: Thu, 22 Jan 2004 14:12:27 +0100 " From: Didier Morandi <no@spam.com>Y Subject: =?windows-1252?Q?=5BANN=5D_First_Annual_VAXUS_Symposium_?= =?windows-1252?Q?in_P 4 Message-ID: <400fccbe$0$29093$636a55ce@news.free.fr>   COMMUNIQUE DE PRESSE 22 janvier 2004   N (envoy ce jour  L'Usine Nouvelle, 01 Hebdo, Le Monde Informatique, ZDNet et  Les Echos).   N Lassociation franaise VAXUS des utilisateurs de systmes VAX/VMS de Digital T Equipment Corporation, aujourdhui HP, annonce lorganisation de son congrs annuel.  N Ce congrs aura lieu le vendredi 25 juin 2004 au Palais des Congrs de Paris,  Porte Maillot.  G Le thme du congrs est : Quel futur pour les utilisateurs de VAX/VMS ?   = Les organisateurs attendent quatre  cinq cents participants.   L Lespace rserv est lamphithtre Bordeaux, dune capacit maximum de 650 G places, ainsi que les espaces environnants pour recevoir des exposants.   Q La journe sera rythme par deux pauses et un djeuner sur place, inclus dans le   prix de lvnement.  M Les sances dinformation auront lieu soit en franais, soit en anglais avec   traduction simultane.  Q La session de questions/rponses, habituelle  ce type de runion dutilisateurs  8 informaticiens, aura lieu en franais en fin de journe.  H Lenregistrement des congressistes, des exposants et le volontariat des  confrenciers est ouvert.   : Pour en savoir plus, visitez le site http://www.vaxus.org.  H Lassociation VAXUS nest lie ni de prs ni de loin avec la socit HP.   FIN DE COMMUNIQUE     - Votre contact : Didier Morandi 06.79.83.64.18 5 VAX et VMS sont des marques dposes de la socit HP $ VAXUS est  2003 didier morandi sarl   ------------------------------  % Date: Thu, 22 Jan 2004 11:36:11 -0500 , From: "warren sander" <warren.sander@hp.com>  Subject: Re: asspache web server, Message-ID: <400ffc7b$1@usenet01.boi.hp.com>  8 it's fixed. fumble fingers removing 'tm' and saving file    K "David J. Dachtera" <djesys.nospam@NeOaSrPtAhMlNiOnWk.net> wrote in message 0 news:400F2C44.B90F2AFD@NeOaSrPtAhMlNiOnWk.net... > Spud Demon wrote:  > >  > > Is this a typo at HP?  > > K > > http://h71000.www7.hp.com/openvms/products/ips/apache/csws_patches.html  > > G > > I went there looking for a patch that would make CSWS 2.0 work with ( > > non-Stream_LF files, and I got this: > >  > > hp OpenVMS systems) > > secure web server (based on asspache)  >   > Whoo! Talk about a fat-finger! >  > --   > David J. Dachtera  > dba DJE Systems  > http://www.djesys.com/ > * > Unofficial Affordable OpenVMS Home Page:! > http://www.djesys.com/vms/soho/    ------------------------------  % Date: Thu, 22 Jan 2004 12:27:26 -0500 * From: JF Mezei <jfmezei.spamnot@istop.com>  Subject: Re: asspache web server) Message-ID: <401007DE.E356AE1B@istop.com>    warren sander wrote: > : > it's fixed. fumble fingers removing 'tm' and saving file    J one wonders if "asspache" wouldn't be a common nickname internally and its? inclusion on a public web page just a freudian slip :-) :-) :-)   K Is Apache considered a "problem child" within the VMS group ? Does it cause N problems ?  The fact that the group in charge of the port to VMS no longer hasO the resources to include support for native VMS text files makes one wonder....    ------------------------------  % Date: Thu, 22 Jan 2004 11:23:55 +0000  From: Roy Omond <Roy@Omond.net> . Subject: Bug in VMS722_F11X-V0200 on VMS 7.2-24 Message-ID: <buobso$t5e$1$8302bc10@news.demon.co.uk>  ; I've come across what appears to be a bug introduced in the : VMS722_F11X-V0200 ECO kit.  The bug appears to be harmless: but I would be interested if anyone else has seen the same9 problem.  Since this is on a hobbyist system, there is no 9 support contract in place, so I cannot report it formally  to HP.  ; On an OpenVMS V7.2-2 system running in a cluster with patch > VMS722_F11X-V0200 installed, the following security alarm will; be displayed (provided they've been enabled with SET AUDIT  @ /ALARM/ENABLE=PRIV=FAIL) whenever a non-privileged user uses the SUBMIT command:   9 %%%%%%%%%%%  OPCOM   20-JAN-2004 12:09:30.52  %%%%%%%%%%% ( Message from user AUDIT$SERVER on WIZARDC Security alarm (SECURITY) and security audit (SECURITY) on WIZARD,   system id: 1040 $ Auditable event:   Privilege failureF Event information: SYSPRV not used to set no-interlock on file access 	 (F11BXQP) * Event time:        20-JAN-2004 12:09:30.52 PID:               20200A3C  Process name:      WITCH Username:          WITCH Process owner:     [WITCH] Terminal name:     RTA1:; Image name         DSA0:[SYS0.SYSCOMMON.][SYSEXE]SUBMIT.EXE  Volume name:       $U  Privileges missing: SYSPRV Sequence key:      06F959B6   C The alarm does not occur if the patch is not installed, nor does it  occur on non-clustered systems.   
 Comments ?  	 Roy Omond  Blue Bubble Ltd.   ------------------------------  # Date: Thu, 22 Jan 2004 13:42:29 GMT ( From: "konabear" <maurert@ameritech.net>2 Subject: Re: Bug in VMS722_F11X-V0200 on VMS 7.2-2A Message-ID: <9rQPb.33032$P%1.26002158@newssvr28.news.prodigy.com>    Roy,  " I've got good news and bad news...  K The good news?  I just reviewed an escalation that is heading to OpenVMS on / this exact issue. So you're not making this up.   I The bad news?  The contract customer reporting it is running patched 7.3. K That and the fact that 7.2-2 is no longer fully supported makes it doubtful 5 that an official fix will ever be released for 7.2-2.   6 For Support Plans and Prior Version Support plans see:) http://www.hp.com/hps/os/os_pvs_amap.html    Todd  , "Roy Omond" <Roy@Omond.net> wrote in message. news:buobso$t5e$1$8302bc10@news.demon.co.uk...= > I've come across what appears to be a bug introduced in the < > VMS722_F11X-V0200 ECO kit.  The bug appears to be harmless< > but I would be interested if anyone else has seen the same; > problem.  Since this is on a hobbyist system, there is no ; > support contract in place, so I cannot report it formally  > to HP. > = > On an OpenVMS V7.2-2 system running in a cluster with patch @ > VMS722_F11X-V0200 installed, the following security alarm will< > be displayed (provided they've been enabled with SET AUDITB > /ALARM/ENABLE=PRIV=FAIL) whenever a non-privileged user uses the > SUBMIT command:  > ; > %%%%%%%%%%%  OPCOM   20-JAN-2004 12:09:30.52  %%%%%%%%%%% * > Message from user AUDIT$SERVER on WIZARDD > Security alarm (SECURITY) and security audit (SECURITY) on WIZARD, > system id: 1040 & > Auditable event:   Privilege failureG > Event information: SYSPRV not used to set no-interlock on file access  > (F11BXQP) , > Event time:        20-JAN-2004 12:09:30.52 > PID:               20200A3C  > Process name:      WITCH > Username:          WITCH > Process owner:     [WITCH] > Terminal name:     RTA1:= > Image name         DSA0:[SYS0.SYSCOMMON.][SYSEXE]SUBMIT.EXE  > Volume name:       $U  > Privileges missing: SYSPRV > Sequence key:      06F959B6  > E > The alarm does not occur if the patch is not installed, nor does it ! > occur on non-clustered systems.  >  > Comments ? >  > Roy Omond  > Blue Bubble Ltd.   ------------------------------  % Date: Thu, 22 Jan 2004 11:19:44 -0600 ( From: brandon@dalsemi.com (John Brandon)$ Subject: CLUSTER INTERCONNECT values1 Message-ID: <04012211194422@dscis6-0.dalsemi.com>   N Been looking around for the CLUSTER INTERCONNECT values used in MODPARAMS.DAT.   Where are they?     I believe the following is true:   CI = CI  NI = Network MC = Memory Channel  FC = FDDI ?          J*o*h*n B*r*a*n*d*o*n  VMS Systems Administrator * firstname.lastname.spam.me.not@dalsemi.com   ------------------------------  % Date: Thu, 22 Jan 2004 18:42:57 +0100 3 From: Michael Unger <spam.to.unger@spamgourmet.com> ( Subject: Re: CLUSTER INTERCONNECT values9 Message-ID: <bup2p5$ju98g$1@ID-152801.news.uni-berlin.de>   * On 2004-01-22 18:19, "John Brandon" wrote:  P > Been looking around for the CLUSTER INTERCONNECT values used in MODPARAMS.DAT. >  > [...]  > 
 > FC = FDDI ?    "FibreChannel"?    Michael    --  ; Real names enhance the probability of getting real answers. @ Please do *not* send "Security Patch Notifications" or "SecurityA Updates"; this system isn't running a Micro$oft operating system. 5 My e-mail account at DECUS Munich is no longer valid.    ------------------------------  % Date: Thu, 22 Jan 2004 13:30:12 -0500  From: norm.raphael@metso.com( Subject: Re: CLUSTER INTERCONNECT valuesQ Message-ID: <OF9F7757FB.12D6CF5A-ON85256E23.0063F5A7-85256E23.0065F520@metso.com>   C brandon@dalsemi.com (John Brandon) wrote on 01/22/2004 12:19:44 PM:   A > Been looking around for the CLUSTER INTERCONNECT values used in  MODPARAMS.DAT. >  > Where are they?  > " > I believe the following is true: > 	 > CI = CI  > NI = Network > MC = Memory Channel   
 > FC = FDDI ?    I have FDDI and  INTERCONNECT="NI" H so I believe FDDI is a network interconnect and there is no need for FC.  : I used to have NICI when I had a CI and DSSI and Ethernet.  < I couldn't find the documentation with a quick look, either. >  >  >  >  > J*o*h*n B*r*a*n*d*o*n  > VMS Systems Administrator , > firstname.lastname.spam.me.not@dalsemi.com   ------------------------------  % Date: Thu, 22 Jan 2004 12:34:22 +0100 " From: Didier Morandi <no@spam.com>. Subject: Re: How to do Bootable Image Backup ?4 Message-ID: <400fb5c6$0$29065$636a55ce@news.free.fr>   Alan E. Feldman wrote:  ` > Didier Morandi <no@spam.com> wrote in message news:<400f04a8$0$29079$636a55ce@news.free.fr>...   >>lol  >> >>D. >  > A > How can you LOL in lower case? Must be a pretty lame laugh! :-)    Ravenshield habit :-)    D.   ------------------------------    Date: 22 Jan 2004 07:35:56 -0600; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) . Subject: Re: How to do Bootable Image Backup ?3 Message-ID: <2RVyXFHCYzcL@eisner.encompasserve.org>   s In article <400e8c1d$1@news.uni-konstanz.de>, vaxinf@chclu.chemie.uni-konstanz.de (Eberhard Heuser-Hofmann) writes:  > 0 > 8 1/2 inch floppies??? 1/2 inch enlargement... >       Its been a long, long, time.    ------------------------------    Date: 22 Jan 2004 07:37:38 -0600; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) . Subject: Re: How to do Bootable Image Backup ?3 Message-ID: <uL0JqQeB7S3S@eisner.encompasserve.org>   Y In article <400f04a8$0$29079$636a55ce@news.free.fr>, Didier Morandi <no@spam.com> writes:  > 3 >>   8 1/2 inch floppies??? 1/2 inch enlargement... 1 >> Yes, you can order the pills off the internet.   F    Gee, the spam I get claims closrer to 3 inch enlargement.  Someone ,    must have fed a pill to a 5 inch floppy.   ------------------------------    Date: 22 Jan 2004 06:12:50 -0800. From: al5vf03p02@sneakemail.com (William Webb). Subject: Re: How to do Bootable Image Backup ?= Message-ID: <d5ce4b06.0401220612.4253aa02@posting.google.com>   v koehler@eisner.nospam.encompasserve.org (Bob Koehler) wrote in message news:<Pj34+0fHd42K@eisner.encompasserve.org>...p > In article <d5ce4b06.0401201255.70dadee2@posting.google.com>, al5vf03p02@sneakemail.com (William Webb) writes: > > G > > At the risk of being argumentative, you most certainly can boot VMS * > > (VAX) from a tape.  Alpha systems, no. > > 6 > > Many VAXen required this in order to install VMS.  > E >    Guess again.  VAXen booted Standalone Backup from tape, not VMS.   : (Slaps palm of hand to forehead and, in best Homer Simpson  impression, says 'D'oh!')  2  I said 'boot VMS' when I meant 'boot standalone'.   C  What I probably should have said was that one could boot a VAX to  3  standalone backup mode from tape but not an Alpha.    .  Clearly a case of "posting while distracted".  Mea culpa.   ;  (and, as for the speed with which a 9-track boot happened- <   it varied greatly depending upon the model of tape drive.)    WWWebb    ========================! William W. Webb- EMS Operations,   OpenVMS Systems Support % USPS DSSC Annex - 4730 Hargrove Road  ( Raleigh, NC 27616-2874 919.325.7500x4186 * * * -    ------------------------------  % Date: Thu, 22 Jan 2004 13:26:38 +0000 * From: Nic Clews <sendspamhere@[127.0.0.1]>M Subject: Re: How to limit access to production data from non-production code? ' Message-ID: <buoj2l$97p$1@lore.csc.com>    Colin Butcher wrote: > K > Larry's giving you sound advice. Have separate development and production - > systems. Ruthlessly enforce the separation.  > K > Have a representative test environment, using copies of real data if need D > be - maybe even use the process to test the restore of yesterday's > production backup. > K > Never mix development, test and production environments. If things can go K > wrong - they will, usually when you least expect it or can least tolerate  > it.   H I've a war story I've not recounted publicly before now. Things got done; differently after this. It's a few years ago too, not here.   @ Whilst we had a production and a development system for the mainE applications, the development system typically was a 'lesser' system, 4 lower powered, and more importantly less disk space.  G This let to a problem, the development system did not have enough space E for all the required development. So, as you've probably guessed, the D live system was used to provide a development area, with some cleverH repointing of logicals in the same way we segregated multiple productionD environments. This involved remapping to different group tables, the names remained the same.  H So there I was, testing completed. I was distracted (support call). ThenH I returned to the task in hand, deleting the database for the next task.  * You guessed, the production database went.  H deleted... deleted... deleted... file open by another user... deleted...
 deleted...  F Immediately I 'phoned the application manager/owner, told him what hadE happened, the processes then started to fall in a heap, so we stopped A the application (usual stop procedure, forced exit, stop/id) then  decided how to recover.   F Fortunately, the database had a journalling file on another data area,C so we recovered the data from the last good backup, and allowed the G database to roll itself forwards. Transactions are paired over a number F of hours and the manager reckoned he'd lost about 2 or 3 transactions,F (out of several thousand per day) which he manually adjusted for after database reconciliation.  B In this case I was extremely lucky, an understanding (but annoyed)H application owner, an application capable of withstanding and recovering@ from the damage inflicted at it, no time critical processing wasH underway, and the recovery time was bearable, the most recent backup wasF "nearline" (on a "backup disk" and tape recovery wasn't required), theH missing transactions could be reconstructed manually from the "other" ofG the pair with an assumption. I wasn't disciplined for the events as I'd B taken appropriate actions, but the events and causes were examinedG independently, and procedures and a physical separation was achieved of H the two environments (extra necessary hardware, now with justification).  C One of the things introduced was the usage of _different_ accounts, E rather than repointing logicals, using ACL's, and just using a single G (privileged) account. Using a single account to seamlessly switch was a G prime cause. Perhaps it may be easy to argue that multiple accounts per H number of users is a security risk, but security also means keeping data) safe from accidental loss or destruction.  --  ? Regards, Nic Clews a.k.a. Mr. CP Charges, CSC Computer Sciences  nclews at csc dot com    ------------------------------  # Date: Thu, 22 Jan 2004 16:14:09 GMT # From: "John Smith" <a@nonymous.com> M Subject: Re: How to limit access to production data from non-production code? I Message-ID: <lFSPb.86295$7JB1.78467@news04.bloor.is.net.cable.rogers.com>    Larry Kilgallen wrote:F > The only ways to _really_ prevent the programmers from accessing the- > production data in such an environment are:  > 7 > Use Mandatory Access Controls (SEVMS in the VMS case)  >    or 5 > Put production and development on separate clusters  > B > Despite the extra hardware cost, the second approach is probably
 > cheaper.     Larry,  K Why do you suggest that separate hardware is less expensive? Just wondering ' what you factored into that suggestion.    Thanks.    ------------------------------  # Date: Thu, 22 Jan 2004 16:17:19 GMT # From: "John Smith" <a@nonymous.com> M Subject: Re: How to limit access to production data from non-production code? I Message-ID: <jISPb.86400$7JB1.50006@news04.bloor.is.net.cable.rogers.com>    Larry,  B My last post was only relating to the cost factors you alluded to.  L I'm a firm believer in separate physical environments for development, test,B and production, with physical breaks between them, ie. tape/CD/DVD6 transfers...no network links between the environments.   ------------------------------  % Date: Thu, 22 Jan 2004 11:33:36 +0000 O From: Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> K Subject: Re: Intel to chip away at Itanium prices <- or ... I want my cheap 0 Message-ID: <buoceh$4lj$1@new-usenet.uk.sun.com>   Bill Todd wrote:  K > Xeon will soon have higher clock rates, higher FSB bandwidth, and more (4 M > MB) L3 cache.  And of course there's no reason it couldn't support more RAM K > with new chipsets (64 GB is supported today by the processor, and the new K > Prescott design takes that all the way up to 1 TB, same as Opteron).  For M > the 4-way and under servers that make up the bulk of the 'commodity' server M > market, Xeon will make a lot of sense for many years to come (at least when L > compared with Itanic:  Opteron is another matter, and if this causes IntelL > to field a 64-bit x86 extension of its own Itanic will be headed for niche6 > status even faster than seems to be the case today). >   F Another of Rob's predictions bit the dust yesterday when AMD announcedF their Q4 numbers. Despite Robs predictions of savage margin reductionsB due to Intel competition AMD posted a profit for the quarter of 43@ million dollars with a %30+ revenue hike for their CPU division.  < The great thing about a prediction from Rob is that provided8 you are the vendor he is trying to FUD in his prediction) you are safe, they are always %100 wrong.   : The investment analyst community have missed a trick, they8 should be backing anyone that Rob predicts will fail its a surefire bet.      Regards  Andrew Harrison  > - bill >  >  >    ------------------------------  % Date: Thu, 22 Jan 2004 11:25:48 +0000 O From: Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> K Subject: Re: Intel to chip away at Itanium prices <- or ... I want my cheap 0 Message-ID: <buobvt$4fl$1@new-usenet.uk.sun.com>   Rob Young wrote: > In article <buma1s$bdm$1@new-usenet.uk.sun.com>, Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> writes: >  > D >>>	Depends which vendor you are looking at.  I see 1322 SpecInt2000= >>>	for an Itanium.  I don't see a Xeon as high.  I do see an ? >>>	Extreme Edition P4 (cut down Xeon) at 1464 base /1503 peak.  >>>  >>3 >>Still a Xeon as you know and also an IA32 system. & >>You are clutching at staws as usual. >> >  > ? > 	No.  The extreme edition P4 isn't a Xeon.  You'd classify iteA > 	as one, but that isn't how it is sold or packaged.  So we know.! > 	where you are coming from now.e >   8 Firstly both EE and Xeon use the Intel Netburst Pipeline8 Architecture so from a microarchitecture standpoint they
 are the same.?  8 Secondly it was you who introduced the EE straw man into9 the discussion and we all know where you are coming afterX7 years of experience of Rob trying to move arguments offL onto strange tangent.e  6 Thirdly the best Xeon DP result of 1333 is faster than: the best Itanium result of 1322. So even by your standards7 your origional point was a pretty rubish one wasn't it.t  ; Allowing your point that the P4 EE is an entirely differenta: CPU than the Xeon this means that Intel by your definition4 produce 2 different 32bit CPU's that are faster than	 Itanium !p   Rob, foot, projectile, mess. > B >>>	I think it outperforms it at integer too.  Unless there is oneB >>>	out there that I scrolled past.  They certainly aren't jumpingF >>>	right out at me higher than 1322 with Xeon as a model.  Reference? >>>  >>9 >>No it doesn't you were clutching at staws remember, you 7 >>didn't honestly think that your redefinition of P4 EEo- >>as a non Xeon processor would help did you.c >> >  > @ > 	It isn't my redefinition.  It is what Intel is calling it and > 	selling it as.e > 4 Even ignoring the obvious BS Xeon by your definition is also faster.b    6 >>Again you assume that your first point was valid, it5 >>wasn't. Its suprising that bitter experience hasn'ti5 >>taught you that building your whole case on a pointp4 >>that falls at the first hurdle isn't a good recipe >>for winning an argument. >> >  >  > @ > 	Okay.  But I'd submit you can't order a Xeon that outperforms? > 	an Itanium.  You'd say otherwise and yet you can't reference > > 	a link to a Xeon box that outpeforms an Itanium on integer. >   2 You can submit what you like but it will as always1 be BS, the 3.2 GHz Dell Xeon box that outperformsh Itanium is perfectly orderable.c     >  > E >>>	But more importantly, it outperforms Xeon at database operations.sE >>>	Quite substantially in many cases.  I'd argue database operationssA >>>	(however you measure those) are a better metric for a server.  >>>h >>1 >>Since you only have TPC-C to base this claim one  >>lets examine it on that basis. >>9 >>And what do we find,  more hyperbola. A 2 way Xeon doesm' >>54,097 TPC TPM at a cost of $3.77/TPM  >>: >>There arn't any 2 way Itanium results but a 4 way rx56704 >>does 121,065 using the same database at $4.4.9/TPM >>5 >>Hardly a substantial per CPU advantage but then its:3 >>not a very good benchmark anyway so lets just say 8 >>that you have no worthwhile data on which to base your >>point so we can strike it. >> >  > I > 	Since there is quite a number of 4-way Xeon results , why not compare  J > 	4-way Xeons against 4-way Itaniums?  Your point would lose its value?  I > 	Okay, then why not just admit that when introducing 2-way Xeons?  Why 1: > 	not also point out those 2-ways are quite a bit faster? > ? > 	For those that follow these little FUD trails by our BritishH8 > 	Champion here is a recent 4-way Xeon result from IBM: >  > 	t' > Vendor		tpmC		Speed			Submission dateh- > IBM		89616		2.8 GHz Xeons		December 8, 2003m > A > 	Other results hover around that same figure, 91000 is another.  >  > G > 	There are also SAP results.  Why not discuss those?  There are 4-way-C > 	Itaniums that do about twice the number of dialog steps as 4-wayo5 > 	Xeons?  Got a 2-way you would like to point us to?c >   4 Why should I narrow my argument to a specific set of3 points when I have already proved that your generalt point is incorrect ?  $ You are a huge amusement keep it up.   Regardsi Andrew Harrison4   ------------------------------  # Date: Thu, 22 Jan 2004 14:02:36 GMTd# From: "John Smith" <a@nonymous.com>pK Subject: Re: Intel to chip away at Itanium prices <- or ... I want my cheap'K Message-ID: <0KQPb.56341$lGr.48797@twister01.bloor.is.net.cable.rogers.com>n   Bill Todd wrote:: > "Rob Young" <young_r@encompasserve.org> wrote in message/ > news:dqOpZgGltSv7@eisner.encompasserve.org...rC >> In article <buma1s$bdm$1@new-usenet.uk.sun.com>, Andrew Harrisons >> SUNUK= > Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> writes:a >> >>>>E >>>> Depends which vendor you are looking at.  I see 1322 SpecInt2000 > >>>> for an Itanium.  I don't see a Xeon as high.  I do see an@ >>>> Extreme Edition P4 (cut down Xeon) at 1464 base /1503 peak. >>>> >>>45 >>> Still a Xeon as you know and also an IA32 system. ( >>> You are clutching at staws as usual. >>>n >>? >> No.  The extreme edition P4 isn't a Xeon.  You'd classify it>A >> as one, but that isn't how it is sold or packaged.  So we knows! >> where you are coming from now.t >r? > A Dell 3.2 GHz Xeon submission last September nearly equalledy? > Itanic's best SPECint_base score (1274 vs. 1322) and slightlylD > exceeded Itanic's best SPECint_peak score (1333 vs. 1322).  And itF > did so using only 1/6th as much L3 cache (1 MB vs. 6 MB):  both 2 MBB > and 4 MB L3 high-frequency Xeons are supposedly coming out soon,> > which should surpass any Itanic in integer performance untilF > Montecito some time in 2005 (by which time another generation of x86G > is also scheduled, so don't count on Itanic catching up then either).i >cB > Of course, another problem is that you can't get that top ItanicE > score using anything but an HP zx1 chipset and HP-UX:  from Intel's C > point of view, unless it just wants to become an HP supplier XeonsF > *clearly* out-performs Itanic platforms from other vendors (and fromE > Intel itself) in integer performance (SGI has one pretty good scorerC > to boast about, but it's using the next generation Intel compilerk@ > which one might expect will help x86 scores as well).  So fromC > Intel's viewpoint (which, of course, is the applicable one here),p# > your argument falls kind of flat.a >tD > Incidentally, the best P4 Emergency Edition score I found was 1583G > base, 1620 peak - which gives a good idea of what Itanic will soon bee% > competing with in Xeon performance.f >e > ...m >-F >>>> But more importantly, it outperforms Xeon at database operations.F >>>> Quite substantially in many cases.  I'd argue database operationsB >>>> (however you measure those) are a better metric for a server. >>>> >>>n3 >>> Since you only have TPC-C to base this claim on " >>> lets examine it on that basis. >>> ; >>> And what do we find,  more hyperbola. A 2 way Xeon doeso) >>> 54,097 TPC TPM at a cost of $3.77/TPMt >>>w< >>> There arn't any 2 way Itanium results but a 4 way rx56706 >>> does 121,065 using the same database at $4.4.9/TPM >>> 7 >>> Hardly a substantial per CPU advantage but then itsr5 >>> not a very good benchmark anyway so lets just saye: >>> that you have no worthwhile data on which to base your >>> point so we can strike it. >>>e >>H >> Since there is quite a number of 4-way Xeon results , why not compare& >> 4-way Xeons against 4-way Itaniums? >eD > Because, Rob, you're trying to compare relative *processor* server> > performance to see whether Intel might have some interest inC > continuing the Xeon line, not other aspects of server performance 5 > that can be changed independently of the processor.  >-= > There's a good reason that no single-processor Itanic TPC-CMA > submissions exist, I suspect:  they wouldn't be any better thanDD > Xeon's.  However, the significantly higher bandwidth of the ItanicD > FSB, plus 3x as much L3 cache, plus the system's support for 3x asG > much RAM (96 GB vs. 32 GB for 4-way Xeons), gives Itanic a major edge A > at the 4-processor node size (at least if you're using HP's zx1uD > chipset:  no one else has bothered to submit an Itanic 4-processorE > TPC-C result, likely because it wouldn't compare well with HP's, soaE > once again while this might encourage HP to drop Xeon it's not thath' > great a reason for *Intel* to do so).  >oC > Xeon will soon have higher clock rates, higher FSB bandwidth, and'D > more (4 MB) L3 cache.  And of course there's no reason it couldn'tE > support more RAM with new chipsets (64 GB is supported today by theiG > processor, and the new Prescott design takes that all the way up to 1cE > TB, same as Opteron).  For the 4-way and under servers that make up D > the bulk of the 'commodity' server market, Xeon will make a lot ofC > sense for many years to come (at least when compared with Itanic:eG > Opteron is another matter, and if this causes Intel to field a 64-bit F > x86 extension of its own Itanic will be headed for niche status even* > faster than seems to be the case today).     Where've you been Bill?,  L Not to worry about IA64 or Opteron. Intel will be coming out with Ultimate64! in 2007 - looks just like EV8 ;-)e   ------------------------------  # Date: Thu, 22 Jan 2004 16:53:32 GMTn) From: "Rick Barry" <richard.barry@hp.com>m" Subject: Re: Kerberos login on VMS4 Message-ID: <geTPb.12799$I35.11820@news.cpqcorp.net>  J OpenVMS 7.3-2 (Alpha-only) includes an ACME agent developer kit containing evaluation versions of:   G - LOGINOUT and SET PASSWORD images that are integrated with the SYS$ACM  service.B - LDAP ACME module that provides VMS-style authentication using anG LDAP-compliant directory (instructions are included for using this withf Enterprise Directory).  H The password field used in this version is VMS-specific -- it is not theH standard user entry password field. So, if you're trying to use a commonL password field for all of your Unix, Windows, VMS systems this will not helpA you. This is designed for using a common password across multipleyH independent OpenVMS systems or clusters.We plan to add the capability of: using a user-specified password field in a future version.  / Please note this kit is not for production use.b  - See SYS$HELP:ACME_DEV_README.TXT for details.e  
 Rick Barry OpenVMS System Software Groupe Hewlett-Packard Companyi
 Nashua, NH  0 "Fred Zwarts" <F.Zwarts@KVI.nl> wrote in message( news:bulcp2$c6b$1@info.service.rug.nl...  9 "Wayne Morrison" <Wayne.Morrison@hp.com> wrote in messaget  news:400DC15D.D41317FB@hp.com... > Fred Zwarts wrote: > >iE > > We have two OpenVMS clusters, several Linux systems and a Windowsw domain, K > > each with their own password database. For the users it is difficult tolK > > remember when to use each password. Therefore, we would like to use one J > > kerberos server and configure all these systems as clients, so that at thee4 > > normal login, the kerberos password can be used.H > > Can this be done with the normal terminal and DECwindows login under OpenVMS?F > > Where should I start reading to learn how to configure our OpenVMS clusters, > > to use kerberos for user authentication?H > > We have mixed architecture clusters with OpenVMS 7.3 (VAX) and 7.3-1 (Alpha). > >r > > F.Z. >gL > You can't quite do all of this today, but you will be able to do so in the nearJ > future.  We are currently hoping to ship a Kerberos ACME (Authentication and J > Credential Management) agent with OpenVMS V8.2.  This will allow exactly thel# > scenario that you describe above.c  I And if we use LDAP instead of Kerberos? Is that available already for VAXo
 and Alpha?  , > On the Linux side, you'll need to use PAM.I > See http://www.kernel.org/pub/linux/libs/pam/modules.html for a list of  LinuxaI > PAM modules.  Any version of Windows server more recent than Windows NT  usesI > Keberos for authentication.  It's possible to make Windows Kerberos ands MITeJ > Kerberos (used by OpenVMS) interoperate, although it tends to be tricky.I > There's a good description on how to do that on the Microsoft web site.v   Could you provide a URL?   >a > Wayne Morrison  > Kerberos & CDSA Project Leader > OpenVMS Engineeringl   F.Z.   ------------------------------  + Date: Thu, 22 Jan 2004 17:32:29 +0000 (UTC)w From: david20@alpha2.mdx.ac.uk" Subject: Re: Kerberos login on VMS) Message-ID: <bup1fd$i5v$1@news.mdx.ac.uk>e  ` In article <geTPb.12799$I35.11820@news.cpqcorp.net>, "Rick Barry" <richard.barry@hp.com> writes:K >OpenVMS 7.3-2 (Alpha-only) includes an ACME agent developer kit containing' >evaluation versions of: > H >- LOGINOUT and SET PASSWORD images that are integrated with the SYS$ACM	 >service.gC >- LDAP ACME module that provides VMS-style authentication using anoH >LDAP-compliant directory (instructions are included for using this with >Enterprise Directory).o >uI >The password field used in this version is VMS-specific -- it is not the I >standard user entry password field. So, if you're trying to use a common'M >password field for all of your Unix, Windows, VMS systems this will not help B >you. This is designed for using a common password across multipleI >independent OpenVMS systems or clusters.We plan to add the capability ofi; >using a user-specified password field in a future version.e >s0 >Please note this kit is not for production use. > - >See SYS$HELP:ACME_DEV_README.TXT for details   D Does the latest version of Pathworks support either Kerberos or LDAPK authentication against Active directory ? Or is that using the old insecures NTLM authentication ?-  
 David Webb VMS and Unix team leader CCSS Middlesex University     >Rick Barryi >OpenVMS System Software Group >Hewlett-Packard Company >Nashua, NHS >o1 >"Fred Zwarts" <F.Zwarts@KVI.nl> wrote in messageb) >news:bulcp2$c6b$1@info.service.rug.nl...Q >D: >"Wayne Morrison" <Wayne.Morrison@hp.com> wrote in message! >news:400DC15D.D41317FB@hp.com...u >> Fred Zwarts wrote:) >> >F >> > We have two OpenVMS clusters, several Linux systems and a Windows >domain,L >> > each with their own password database. For the users it is difficult toL >> > remember when to use each password. Therefore, we would like to use oneK >> > kerberos server and configure all these systems as clients, so that atl >the5 >> > normal login, the kerberos password can be used.I >> > Can this be done with the normal terminal and DECwindows login under 	 >OpenVMS?iG >> > Where should I start reading to learn how to configure our OpenVMSo	 >clusterss- >> > to use kerberos for user authentication?eI >> > We have mixed architecture clusters with OpenVMS 7.3 (VAX) and 7.3-1	 >(Alpha).o >> >	 >> > F.Z.e >>M >> You can't quite do all of this today, but you will be able to do so in the  >nearnK >> future.  We are currently hoping to ship a Kerberos ACME (Authentication  >andK >> Credential Management) agent with OpenVMS V8.2.  This will allow exactly  >the$ >> scenario that you describe above. > J >And if we use LDAP instead of Kerberos? Is that available already for VAX >and Alpha?o >A- >> On the Linux side, you'll need to use PAM.cJ >> See http://www.kernel.org/pub/linux/libs/pam/modules.html for a list of >LinuxJ >> PAM modules.  Any version of Windows server more recent than Windows NT >usesaJ >> Keberos for authentication.  It's possible to make Windows Kerberos and >MITK >> Kerberos (used by OpenVMS) interoperate, although it tends to be tricky.eJ >> There's a good description on how to do that on the Microsoft web site. >s >Could you provide a URL?i >  >> >> Wayne Morrison ! >> Kerberos & CDSA Project Leadere >> OpenVMS Engineering >4 >F.Z.. >F >D   ------------------------------  # Date: Thu, 22 Jan 2004 08:11:55 GMTo' From: nospam <x@wedontwantyourspam.com>.% Subject: Re: Looking for VAX/VMS V4.7t5 Message-ID: <BC35D0BE.1EA0D%x@wedontwantyourspam.com>t  I in article dundas-2101041242470001@dundas-mac.caltech.edu, John A. Dundas 4 III at dundas@caltech.edu wrote on 22/01/2004 07:42:  L > For hobbiest purposes only I am looking for a copy of V4.7.  If I rememberD > correctly V4.7 was an upgrade from V4.5 (to V4.6); that is, it was@ > distributed only as an update, not as a complete installation. > G > Regardless of my faulty memory, could anyone get me close?  I can use0# > either TK50s or tape image files.s > E > While I'm at it, any copies of VAX C from that era still available?i >   K You should be ok, just finding the person that can give it too you with outaJ having to kill you after. The mil use VAX/VMS 4.7 a lot I seem to think ;)   ------------------------------    Date: 22 Jan 2004 05:44:45 -0800/ From: kenneth.randell@verizon.net (Ken Randell) ) Subject: No more mascot on VMS home page? = Message-ID: <79de9693.0401220544.7d353546@posting.google.com>V   Looks like the VMS home page:o   http://h71000.www7.hp.com/  A has been 'standardized'.  No more mascot; looks like a lot of the $ other HP stock pages.  What a shame.   ------------------------------  % Date: Thu, 22 Jan 2004 11:41:12 -0500V, From: "warren sander" <warren.sander@hp.com>- Subject: Re: No more mascot on VMS home page?r, Message-ID: <400ffda2$1@usenet01.boi.hp.com>  H there hasn't been a 'mascot' on the OpenVMS home page in at least 3 or 4 years.L what just launched was the first 10,000 pages in the new hp.com format. What I wasuI running before was the 'compaq conversion' format and before that was thep" compaq.com format (black left nav)  L This is a corporate rollout of all pages that have to be done by 3/31/04 and, front line sites need to be there by 1/31/04  . the words are the same just different colors..  < "Ken Randell" <kenneth.randell@verizon.net> wrote in message7 news:79de9693.0401220544.7d353546@posting.google.com...  > Looks like the VMS home page:  >u > http://h71000.www7.hp.com/ >yC > has been 'standardized'.  No more mascot; looks like a lot of theP& > other HP stock pages.  What a shame.   ------------------------------  % Date: Thu, 22 Jan 2004 18:31:11 +0100 9 From: Jan-Erik =?iso-8859-1?Q?S=F6derholm?= <aaa@aaa.com> - Subject: Re: No more mascot on VMS home page?T' Message-ID: <401008DF.60C445E3@aaa.com>n   Ken Randell wrote: >  > Looks like the VMS home page:Y >  > http://h71000.www7.hp.com/ >  > has been 'standardized'.   Yes !n Finaly !  	 Jan-Erik.    ------------------------------    Date: 22 Jan 2004 07:02:26 -0800. From: fabiopenvms@yahoo.com.br (Fabio Cardoso)= Subject: OT: Is GRID another name for Distributed Computing ?-< Message-ID: <f30679fb.0401220702.8ff4935@posting.google.com>   Or ... the mess comes again !   r http://h30046.www3.hp.com/featured_news_article.php?topiccode=20040120_GRID_COMPUTING&regioncode=WW&langcode=USENG   Regardsg   FC   ------------------------------  % Date: Thu, 22 Jan 2004 10:19:53 -0500 * From: JF Mezei <jfmezei.spamnot@istop.com>A Subject: Re: OT: Is GRID another name for Distributed Computing ?r) Message-ID: <400FEA04.553AA164@istop.com>t   Fabio Cardoso wrote: >  > Or ... the mess comes again !t > t > http://h30046.www3.hp.com/featured_news_article.php?topiccode=20040120_GRID_COMPUTING&regioncode=WW&langcode=USENG  , "Grid", just another soupe du jour buzzword.  K Had Digital retained the scalability of VMS to workstations, VMS clusteringcM could have easily handled the distribution of tasks to any available resourcei in the cluster of worstations.   ------------------------------    Date: 22 Jan 2004 11:51:22 -0600; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler)hA Subject: Re: OT: Is GRID another name for Distributed Computing ?n3 Message-ID: <u4W+pns8k6SP@eisner.encompasserve.org>   V In article <400FEA04.553AA164@istop.com>, JF Mezei <jfmezei.spamnot@istop.com> writes: > = > Had Digital retained the scalability of VMS to workstationse  E    Where did it go?  VMS 7.3 is running just fine on my workstations.e   ------------------------------  % Date: Thu, 22 Jan 2004 10:50:25 -05009* From: JF Mezei <jfmezei.spamnot@istop.com>$ Subject: OT: Mobile handset security) Message-ID: <400FF128.FDC24CBA@istop.com>n  N I recently got a new mobile handset with all the current gadgets such as GPRS,M WAP, SMTP/POP/IMAP etc. (pretty amazing that they can fit all of this in justvC a small device you almost need a needle to press on the buttons :-)3  N Unfortunatly, all the juicy settings, uncluding your VMS username and passwordN to access your emails via POP are stored in the phone and not on the SIM. ThisK means that if I lose the phone, anyone could put in their sim card and then L connect to my server and pickup my emails. And I guess that if they hack the. phone, they can probably read my password too.  J have corporations awakened to this potential security issue ? What sort of7 steps/policies can or should be taken to protect this ?9  N (I realise that laptops would also be prime targets to steal username/password stored in internet configs).   ------------------------------  # Date: Thu, 22 Jan 2004 02:56:55 GMTE6 From: "Andy Bustamante" <a_c_bustamante@earthlink.net>9 Subject: Pathworks 32 Client and Windows 2000 performancet> Message-ID: <XZGPb.14583$%L1.14162@newssvr27.news.prodigy.com>  E I use Windows 98 clients with Pathwork 32 to connect to to connect toeL directory shares.  The  clients are used to capture and store graphics filesJ on a VMS host system.  The VMS hosts are running Pathworks 6.1 and OpenVMSJ 7.3-1.  The Pathworks server and client use DECnet (phase IV on the host).J One of our policy reasons for not enabling tcp/ip on the Windows client is7 to isolate the systems from e-mail and browser expoits..  L One of this year's projects will be validating our applications with WindowsL 2000.  I can install and configure  Pathworks 32 (version 7.3 the latest andL current) on Windows 2000 client.  I can map Pathworks shares.  My problem isL that it takes over a hundred times longer to write to a Pathworks share than7 a Windows 98 system will take writing to the same host.e  K I've replaced NICs, network cabling and duplicated this on a second WindowsC 2000 PC.  J Any performance hints for Pathworks 32 and Windows 2000 with DECnet as theJ transport?  Any known issues with using DECnet as the Pathworks transport?   --     Andy Bustamanten' (Remove the ascii 95's to mail a reply)E   ------------------------------  # Date: Thu, 22 Jan 2004 17:04:51 GMTv* From: Paul Anderson <paul.anderson@hp.com>1 Subject: Re: Pathworks Macintosh, OS-X & Printing 5 Message-ID: <220120041206431764%paul.anderson@hp.com>e  C In article <bujktt$4gs$1@n.ruf.uni-freiburg.de>, Christoph Gartmannt* <gartmann@non.immunbio.mpg.de.sens> wrote:  A > Pathworks for Macintosh (MSA) under OpenVMS 7.3-1. We have some.B > printers that are connected to our VMS-cluster. In order to makeD > these available to the Mac users we MSA. Now the following problem
 > occured:  @ I have nothing new to add, but can confirm what you are seeing. C Printing from a Mac OS 9.1 system as well as from Mac OS 9.2 in the-G Classic environment both work, while printing from Mac OS X 10.3.2 does  not.  I get the same  <    %MSAP-E-PAPCONN, connection gone status 65446498 on ref 1  D message that you do.  I tried this on OpenVMS Alpha V6.2, V7.2-2 and# V7.3-2 and the same thing happened.   D So it appears that somewhere along the way, Mac OS X stopped working' with PATHWORKS for OpenVMS (Macintosh).@  @ I agree that having printers show up with descriptive names whenE setting up print queues on the Mac is preferable to having to specifyr an IP address.  8 Now all we need is Rendezvous support on OpenVMS, right?   Paul   -- d  Paul Anderson   OpenVMS Engineering    Hewlett-Packard Company1   ------------------------------  # Date: Thu, 22 Jan 2004 07:23:52 GMT-% From: "Mike Naime" <mnaime@kc.rr.com>29 Subject: Re: PC print server devices compatible with VMS?v9 Message-ID: <cUKPb.98051$fq1.74815@twister.rdc-kc.rr.com>   L Printing services is not my specialty, but we send print jobs to the same IPL based network printers that the Wintel boxes use.  HP laserjets are the mostK common out there.  If it is a printer that I can address by IP/Port, then Ie can send a print job there.   J Note:  My VMS boxes are in Missouri, the Printer might be anywhere between California and New York.  :-)n0 I'm sure that it will work on your home network!  3 Lorin Ricker <lorin@locktrack.com> wrote in messagem2 news:0tgt0056oks789osstg3rclj3gth962fcn@4ax.com...B > I'm fishing for any recommendations, for or against, about printH > server devices which work/play well with VMS; that is, I want to buy aA > unit (under $100) to plug-in to my home network router (LinkSysnF > 10baseT ethernet, TCP/IP) to connect an HP2300d to both my PCs (W2K,E > XP) and my VMS box.  I'd probably opt for a 3-port (USB & parallel)g< > box over a 1-port, anticipating a bit of future expansion. >pF > A bit of web-searching brings up products like Hawking Technologies,G > Trendware, and IOgear.  But various reviews (e.g., on amazon.com) cantG > be alarming &/or misleading (and the reviewers may be clueless).  So,sH > I'm asking for practical advice and experience here.  I do know how toD > set up a VMS print que for a network printer... I'm just wonderingE > which box (above or other) has proven itself to work well (or best) 3 > with VMS.  Caveats?  Experience?  Advice, anyone?a >l. > TIA for any constructive feedback.  -- Lorin >k   ------------------------------  % Date: Thu, 22 Jan 2004 10:05:12 -0500e+ From: Brainwave Surfer <agnew@ruby.vcu.edu>i9 Subject: Re: PC print server devices compatible with VMS? ' Message-ID: <buoord$1fm$1@mira.vcu.edu>a  I I can solidly and reccommend Lantronix printservers  they are compatible -G with pc's and vaxes, and we have a 2 parrallel port, 2 serial port one hF handling 2 parallel port printers, one hp laserjet6p being fed by vms ; and pc's with utter abandon.  the color deskjet is pc only.c  C we are using the reverse telnet connection style, the pc's use lpr vF builtin into win xp, and lantronix supplies drivers for the 9x series.  H very good package, support, and rock solid.  ours died after 5 years of H solid vax use, the new one i put my pc on it after my printer died.. ;-)  I now hordes of pc's are using it, since I stuffed that one with memory to  	 the max..e   jime   Lorin Ricker wrote:   B > I'm fishing for any recommendations, for or against, about printH > server devices which work/play well with VMS; that is, I want to buy aA > unit (under $100) to plug-in to my home network router (LinkSys F > 10baseT ethernet, TCP/IP) to connect an HP2300d to both my PCs (W2K,E > XP) and my VMS box.  I'd probably opt for a 3-port (USB & parallel)y< > box over a 1-port, anticipating a bit of future expansion. > F > A bit of web-searching brings up products like Hawking Technologies,G > Trendware, and IOgear.  But various reviews (e.g., on amazon.com) caniG > be alarming &/or misleading (and the reviewers may be clueless).  So,nH > I'm asking for practical advice and experience here.  I do know how toD > set up a VMS print que for a network printer... I'm just wonderingE > which box (above or other) has proven itself to work well (or best)e3 > with VMS.  Caveats?  Experience?  Advice, anyone?d > . > TIA for any constructive feedback.  -- Lorin >    ------------------------------  # Date: Thu, 22 Jan 2004 07:11:44 GMT 6 From: peter@langstoeger.at (Peter 'EPLAN' LANGSTOEGER)  Subject: Re: remove DECnet OSI ?4 Message-ID: <QIKPb.244292$Tz1.237251@news.chello.at>  Y In article <400f044c$0$29079$636a55ce@news.free.fr>, Didier Morandi <no@spam.com> writes:e! >Peter 'EPLAN' LANGSTOEGER wrote: N >> PS: As I recently wrote, because of the troubles I had with the DHCP clientM >> in TCPIP V5.3, I had to start TCPIP _before_ DECnet(-Plus) to make it workaP >> (and this was done by entering the TCPIP startup into the SYSMAN CONFIG PhaseQ >> because SYSTARTUP_VMS.COM starts after DECnet). I think I should try V5.4 now.a >p >WARNING >======= >l9 >THIS DOES NOT WORK WITH DECnet Phase IV!!! (as you said)a  J You also forget to tell (like me), that inserting startup things in SYSMAN% CONFIG Phase is UNSUPPORTED either...n  N >You HAVE to start DECnet Phase IV *before* TCP/IP, as TCP/IP allocates a f** . >driver which then cannot be loaded by DECnet.  J What happens if you start LAT (with DECnet compatible Mac-Add) first, thenJ TCPIP and then DECnet Phase IV ? I can imagine, that it might work though., I never tried it and I guess I never will...   --   Peter "EPLAN" LANGSTOEGERa% Network and OpenVMS system specialistt E-mail  peter@langstoeger.atF A-1030 VIENNA  AUSTRIA              I'm not a pessimist, I'm a realist   ------------------------------  % Date: Thu, 22 Jan 2004 08:00:36 +0000i) From: Antonio Carlini <arcarlini@iee.org>e  Subject: Re: remove DECnet OSI ?? Message-ID: <EqLPb.8781$YV1.3089@newsfep4-winn.server.ntli.net>n    Peter 'EPLAN' LANGSTOEGER wrote:L > You also forget to tell (like me), that inserting startup things in SYSMAN' > CONFIG Phase is UNSUPPORTED either...u  B You can inhibit the DECnet-Plus startup with the NET$IGNORE_DECNET> logical. Then you get complete control of what starts when and> don't need to use the SYSMAN startup phases (whether supported or not).  = Very useful if you want to start things off in parallel where:	 possible.    Antonio    --   --------------- - Antonio Carlini             arcarlini@iee.orgd   ------------------------------  # Date: Thu, 22 Jan 2004 08:09:09 GMT46 From: peter@langstoeger.at (Peter 'EPLAN' LANGSTOEGER)  Subject: Re: remove DECnet OSI ?3 Message-ID: <FyLPb.244610$Tz1.58284@news.chello.at>n  k In article <EqLPb.8781$YV1.3089@newsfep4-winn.server.ntli.net>, Antonio Carlini <arcarlini@iee.org> writes:u! >Peter 'EPLAN' LANGSTOEGER wrote:aM >> You also forget to tell (like me), that inserting startup things in SYSMANr( >> CONFIG Phase is UNSUPPORTED either... >sC >You can inhibit the DECnet-Plus startup with the NET$IGNORE_DECNETt? >logical. Then you get complete control of what starts when and-? >don't need to use the SYSMAN startup phases (whether supportedJ	 >or not).<  N I don't want to inhibit DECnet-Plus, I only want to start TCPIP before DECnet.J So I have to define the logical, run SYSTARTUP_VMS.COM, start TCPIP there,M deassign the logical again, then start DECnet there. I decided for SYSMAN ;-)y   May I ask VMS engineering againe7 for a move of the DECnet startup to SYSTARTUP_VMS.COM ?,   -- r Peter "EPLAN" LANGSTOEGERa% Network and OpenVMS system specialistf E-mail  peter@langstoeger.atF A-1030 VIENNA  AUSTRIA              I'm not a pessimist, I'm a realist   ------------------------------  % Date: Thu, 22 Jan 2004 09:25:13 +0000H- From: John Laird <nospam@laird-towers.org.uk>l  Subject: Re: remove DECnet OSI ?8 Message-ID: <kf5v00lb68aojeu1ab9ddddrpt851bajnu@4ax.com>  E On Thu, 22 Jan 2004 08:09:09 GMT, peter@langstoeger.at (Peter 'EPLAN'k LANGSTOEGER) wrote:n    >May I ask VMS engineering again8 >for a move of the DECnet startup to SYSTARTUP_VMS.COM ?  H You can ask as often as you want, but I can guarantee they won't do it -A they won't make changes that will break existing procedures.  And F SYSTARTUP_VMS.COM is a file under individual site control, so HP won't "move" anything into it.   -- k4 If the good die young, then I'm gonna live forever.    Mail john rather than nospam...    ------------------------------    Date: 22 Jan 2004 04:44:12 -0600- From: Kilgallen@SpamCop.net (Larry Kilgallen)l  Subject: Re: remove DECnet OSI ?3 Message-ID: <7lJ6+NyRv6$e@eisner.encompasserve.org>t  l In article <FyLPb.244610$Tz1.58284@news.chello.at>, peter@langstoeger.at (Peter 'EPLAN' LANGSTOEGER) writes:  ! > May I ask VMS engineering againt9 > for a move of the DECnet startup to SYSTARTUP_VMS.COM ?i  B They just got done cleaning it up so we no longer have to do that.A After just installing VMS on 6 machines, I prefer to have them dohB that work before SYSTARTUP.COM.  They even start the Queue Manager for us now.0   ------------------------------    Date: 22 Jan 2004 10:25:25 -08000 From: dave.baxter@bannerhealth.com (Dave Baxter)# Subject: SpecInt values - ES40/GS80d< Message-ID: <a3c44af1.0401221025.90e70eb@posting.google.com>  C Can anyone give me the SpecInt ratings for the 667MHz CPU's used inHC the ES40, and the 1224 MHz CPU's used in the GS80/GS160.   (or justu the performance ratio even)    Dave.m   ------------------------------  # Date: Thu, 22 Jan 2004 11:26:57 GMTu+ From: LESLIE@JRLVAX.HOUSTON.RR.COM (leslie)<% Subject: Re: Still alive and kicking!d0 Message-ID: <5sOPb.7035$6o4.82@fe2.texas.rr.com>  4 Alan Frisbie (Usenet01REMOVE@Flying-Disk.com) wrote:7 : The Register (www.theregister.co.uk) asked a questiono> : about the oldest working computer, with a follow-up questionC : about the oldest one connected to the net.   Here is their latest = : update:  http://www.theregister.co.uk/content/35/35032.html  : ; : I'll give you one guess who owns the VAXstation-II.   :-)tB : And has a low opinion of a certain other operating system.   :-) :   G I'll have to check to see if it's still running, but as of April, 2002, E there was a Honeywell GE/PAC 4010 system controlling a coking unit atu7 a refinery in Long Beach, CA, that was installed ~1976.a     --Jerry Leslie9   Note: leslie@jrlvax.houston.rr.com is invalid for emailn   ------------------------------  % Date: Thu, 22 Jan 2004 13:36:47 -0500y& From: David M Smith <dsmit115@csc.com>@ Subject: Re: SYSGEN, Parameter Files, and V7.3-1->V7.3-2 Upgrade8 Message-ID: <rt50105kea4uegkkdaco96lbau5nmrvdig@4ax.com>  H On 21 Jan 2004 13:53:32 -0800, rrb35146@yahoo.com (Robbie Benton) wrote:  F >Recently, I installed (not upgraded) OpenVMS V7.3-2 on one of the VMSG >machines in my cluster.  I noticed that a parameter file created undert@ >V7.3-1 would not be processed as expected by SYSGEN on a V7.3-22 >system.  Below is an example of what I have seen.  B >On the V7.3-2 system, there is a warning on a new parameter beingD >defaulted to a value.  That appears to me to be expected, since theD >file did not contain a value for that parameter.  But shouldn't theB >other parameters read in without modification?  Or am I trying to) >perform something that is not supported?d  N i believe you are trying to do something which is not supported. The format ofN the actual SYSGEN parameters file (ALPHAVMSSYS.PAR or VAXVMSSYS.PAR) is binaryO and undocumented and, therefore, you need to be certain to use the same version F of SYSGEN to manipulate it as it was created with. At least that is my experience.u  P My view is that any of your "requirements" for SYSGEN parameter values should beM properly specified in your MODPARAMS.DAT file, whose format is documented andr upward compatible.I -------------------------------------------------------------------------aI David M. Smith 302.391.8533                       dsmit115 at csc dot comuI Computer Sciences Corporation     (Opinions are those of the writer only)tI -------------------------------------------------------------------------e   ------------------------------  + Date: Thu, 22 Jan 2004 15:04:38 +0000 (UTC)l From: david20@alpha2.mdx.ac.uk Subject: Re: The Inquirerv) Message-ID: <buooq6$fkt$1@news.mdx.ac.uk>o  v In article <4007082f.5708625@news.cable.ntlworld.com>, peter.watkinson1@<nospam>ntlworld.com (Peter Watkinson) writes:5 >On Thu, 15 Jan 2004 15:31:54 -0600, "Craig A. Berry"4' ><craigberry@mac.com.spamfooler> wrote:  >h8 >>In article <4006feaf.3276015@news.cable.ntlworld.com>,A >> peter.watkinson1@<nospam>ntlworld.com (Peter Watkinson) wrote:s >>J >>>> Accordingly if it changed to GNU/Linux serers and used PHP can anyone& >>> tell me why PHP isn't Open source? >> >>No, because it is: >> >>http://www.php.net/license/i >  > " >Tell me this is HTML Open source? >r   What is HTML Open Source ?  L If you mean the ability to view the source as you would the source HTML of aN webpage from a web browser - then No since that is NOT what Open source means.I Practically the only things you can view in that manner are HTML and it'sr) associated scripting language JavaScript.bO In general the source of CGI scripts themselves cannot be viewed from a webpagetL the only source you can view is the HTML output generated by the CGI script.J The CGI script itself may be written using either an open source product -F PERL, PHP, Gnu C etc or a proprietary product DCL, Compaq C compiler,  Compaq C++ compiler etcaL (I say "In general" above since a webpage can obviously point to a text fileO containing the source code which the webserver will then render as an HTML pageo, if the author wishes to publish the source.)      
 David Webb VMS and Unix team leader CCSS Middlesex University   >k >Peter Watkinson& >peter.watkinson1<nospam>@ntlworld.com >remove <nospam> to reply :-)2   ------------------------------  % Date: Thu, 22 Jan 2004 10:41:54 +0000:O From: Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com>QI Subject: Re: The Register: OpenVMS among most-secure of operating systemsr0 Message-ID: <buo9di$3jt$1@new-usenet.uk.sun.com>   John Santos wrote:? > On Wed, 21 Jan 2004, Andrew Harrison SUNUK Consultancy wrote:$ >  >  >>jlsue wrote: >>H >>>On Fri, 16 Jan 2004 10:55:56 +0000, Andrew Harrison SUNUK Consultancy1 >>><Andrew_No.Harrison_No@nospamn.sun.com> wrote:n >>>o >>>  >>>n >>>>jlsue wrote: >>>> >>>>M >>>>>On Thu, 15 Jan 2004 02:23:45 -0500, JF Mezei <jfmezei.spamnot@istop.com>E >>>>>wrote:t >>>>>e >>>>>1 >>>>>e >>>>>pM >>>>>>When they discovered the flaw in the POP server that would allow one tooS >>>>>>overwrite any file on the system because the impage was installed with SYSPRVXT >>>>>>and could be called interactively with a log file specification, did that make >>>>>>it to CERT ? >>>>>m >>>>>mO >>>>>Whose POP server?  Do I run that on my systems?  If not, then now could itt7 >>>>>affect me and why would it actually be a VMS CERT?l >>>>>x >>>>4 >>>>In fact its the HP POP server but that is rather >>>>irrelevant.i >>>l >>>tG >>>But my system (hypothetically) runs Multinet.  So then what do I do?n >>>o >>> >>Does it matter, CERT is not about people being selective and? >>restricting advisories to things that will hit everyone while @ >>editing out advisories that will only impact a subset of their >>users. >  > ? > What about things that will impact *none* of their users?  Doh7 > you accept that no advisory is required in that case?b >  >   9 Depends, many advisories are theoretical with no recordeds7 exploits except in a lab. You could remove all these ify; you want however it will make the number of CERT advisories * for Linux/UNIX and Windows rather smaller.  8 It also doesn't remove the possibility that someone will5 find a way of exploiting the vunerability in the wild 5 in the future, so in reality they should be reported.'   Regards  Andrew Harrison,   ------------------------------    Date: 22 Jan 2004 07:41:03 -0600; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler)nI Subject: RE: The Register: OpenVMS among most-secure of operating systems 3 Message-ID: <FtJpci$jMD7k@eisner.encompasserve.org>   c In article <BCEGLBGJDODLELBJIADKKECMCMAA.dallen@nist.gov>, "Daniel Allen" <dallen@nist.gov> writes:i  / > It helps if you start with security as job 1.   D    I would not claim that for VMS 1 on VAXen.  (Not a great passwordC    encryption algorithm.)  It really did start to hit the ground onsH    security at about VMS 4.0, and after a well known non-technical hack.   ------------------------------  % Date: Thu, 22 Jan 2004 13:32:32 +0000 O From: Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com>tI Subject: Re: The Register: OpenVMS among most-secure of operating systemsn0 Message-ID: <buojdg$74u$1@new-usenet.uk.sun.com>   Mark Berryman wrote:* > Andrew Harrison SUNUK Consultancy wrote: >  >> Mark Berryman wrote:o >>, >>> Andrew Harrison SUNUK Consultancy wrote:  @ >> You point is that other vendors or organisations find bugs inA >> layered OpenSource software such as BIND, patches are provideda? >> for these bugs which are then distributed by all the vendorsl@ >> that use that OpenSource component including HP with OpenVMS. >  > H > Correct as far as this statement goes.  The problem is that it is not F > complete.  The patch reaches the vendor, in this case the vendor of I > OpenVMS.  The part you fail to grasp is that the patch can be released eI > *without* it meaning that the vulnerability exists on VMS (nor does it uK > mean the vulnerability didn't exist - you seem to accept me meaning only   > one way or the other). >   9 This may well be an interesting theory, it is however onel" the is not supported by the facts.  5 Fact, HP/Compaq and the various owners of TCPWARE ando8 Multinet have released patches for general vunerabilites8 in OpenSource components which apply to those components5 running on OpenVMS and have admitted the vunerabilityr7 in CERT advisories. Why would they do this if they wereo not vunerable ?F  * Bind, SSH etc all fall into this category.  2 Fact, HP/Compaq have provided responses to general1 vunerabilites in OpenSource components indicatingy7 that this specific vunerability does not impact OpenVMSt; and that no patch is required or for that matter available.w  ; Why would they not provide the updated OpenSource componenty2 if as you claim they provide the patch because the" generic release has been updated ?  4 However hard you argue your case you cannot get over1 the issue that these two facts destroy your case.e  = >> There are numerous problems with your theory each of whicha >> indevidually rubbish it.e >>> >> 1.    Vendors evaluate the bugs in the OpenSource component8 >>     on a per OS basis and you may have noted that the8 >>     same release of the component gets different CERT4 >>     advisories on different OS's (somethimes like< >>     HP from the same vendor). They generally only release7 >>     patches if the bug causes a problem on their OS.. >  > G > Not so.  I have numerous patches in hand whose release notes say, in gB > effect, "incorporating patches X, Y, and Z from the open source M > maintainers that fixed reported bugs but for which we were not vulnerable".V >   = Of course you do as you would if you had any other OS hostingo the OpenSource component.h  8 When you move from Bind X to Bind Y, Bind Y includes the> patches to Bind X, you of course document this in your release notes.  A Do you honestly think that this point supports your claim ???????r  A Of course it doesn't because as we all know OpenVMS was vunerable A to some of the general vunerbilites in the OpenSource components.n  G > If you knew anything about software maintenance, especially ports of rG > someone else's code, you would know that the patch MUST be included,  I > whether needed or not, in order to be able to keep up to date with the   > port.r >   8 Quite so when you see a response to a CERT advisory from5 HP/Compaq or one of the layered IP stack vendors thats4 tells you that there is a vunerability to an exploit8 and that you require a specific patch to fix it you know8 that this is not just a refresh of the code base to keep+ in step with what everyone else is running.i  . You have now started down the Rob Young school0 of argument where you end up disproving your own point.  4 >>     This is true of HPs implimentation of BIND on9 >>     OpenVMS, there have been many more BIND advisoriesg6 >>     and patches to the generic BIND code than there3 >>     have been patches released by HP. This point # >>     alone refutes your argument.i >  > J > No it does not.  Guess how many advisories can be addressed in a single H > patch? (Hint: more than one).  Guess how many patches get released if H > the vendor has already moved on to a different version of the product 9 > than the advisory references (e.g. BIND 9 from BIND 8)?  >   : You seem to have forgotten the mechanism for releasing the7 patch which is as a response to a CERT vunerability. DoE- I need to explain why this voids your point ?)  J > Please, the count of patches released does not need to correlate in any , > way to the number of advisories addressed. >   6 It does if they are in direct response to an advisory.  @ >> 2.    When HP, Process etc have evaluated the CERT advisoriesC >>     dilligently and have found a vunerability they have admitted B >>     that there is an OpenVMS hole and provided a specific patch2 >>     or a recommended upgrade to a newer version >>@ >>     http://www.cert.org/advisories/CA-2002-36.html (advisory) >>6 >>     External verifiaction of hole on a per OS basis3 >>     http://www.rapid7.com/advisories/R7-0009.txti >>? >>     This example shows that there was an externally verified&9 >>     vunerability in the SSH implimentation shiped with-@ >>     OpenVMS which required an upgrade, not an upgrade becasue8 >>     the OpenSource code based had been patched but an0 >>     upgrade because there was a vunerability. >  > I > At the time of this particular CERT advisory, the only SSH servers you rG > could buy for VMS were NOT vulnerable to this attack (and the vendor EI > explicitly says so in the advisory).  HP's SSH server for VMS has only  J > been available for a few months but their response is dated over a year  > ago.  A puzzle...t > K > Perhaps, since HP's TCPIP product for VMS is based on their Tru64 stack, iJ > they simply release the same notes for both Tru64 and VMS.  If so, that " > would be an error on their part. > K > But all of that being said, you have missed the point entirely.  This is eK > a CERT advisory we are addressing.  You are supposed to find an instance sK > where a patch to an open source product was released because it caused a d7 > security issue for VMS that was NOT reported to CERT.s >   @ Ohh I have already done that on a number of occasions, DEWindows POP, Teardrop etc etc etc.  # How about Land another vunerabilityu. http://www.cert.org/advisories/CA-1997-28.html There is no entry for OpenVMS. This is from ask the wizard. The Question is:H What versions of TCP/IP implementations on Open VMS platforms resist the  land.c denial of service attack?   The Answer is : > This was remedied in TCP/IP Services UCX V4.1 and UCX V4.2 on B 10-Apr-1998, and systems with a UCX$BGDRIVER.EXE image dated on orE after 10-Apr-1998 should be sufficient.  The OpenVMS Wizard does not u3 believe that the TCP/IP Services V5.0 was effected.s  < You will note that the fix for Land was made available after& the vunerability was reported in 1997.  < You keep forgetting that this point has already been proven.< Another Rob Young technique, return to the argument you lost' a few days ago as if it never happened.   9 As I said earlier I can go on providing you with examplesl2 that disprove your points for as long as you like.  : It remains to be seen how long you can continue to shelter1 behind the fiction that I don't grasp your point.t   Regards  Andrew Harrisone   ------------------------------    Date: 22 Jan 2004 07:41:33 -0600; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler)sI Subject: Re: The Register: OpenVMS among most-secure of operating systemse3 Message-ID: <PBq1m8+bTITj@eisner.encompasserve.org>l   In article <bum7n9$ad0$2@new-usenet.uk.sun.com>, Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> writes:  5 > The quantity of new code in OpenVMS is one possibleo7 > explanation, as is choice of language etc. Whats your. > explanation ?o      Selective memory.   ------------------------------  % Date: Thu, 22 Jan 2004 09:46:40 -0500?# From: "Dan Allen" <dallen@nist.gov>aI Subject: RE: The Register: OpenVMS among most-secure of operating systems:: Message-ID: <JFEPKAPBPMDFDBOIANGDIEMFEKAA.dallen@nist.gov>   > -----Original Message-----D > From: Bob Koehler [mailto:koehler@eisner.nospam.encompasserve.org]* > Sent: Thursday, January 22, 2004 8:41 AM > To: Info-VAX@Mvb.Saic.ComTC > Subject: RE: The Register: OpenVMS among most-secure of operating 	 > systems> >e >se > In article <BCEGLBGJDODLELBJIADKKECMCMAA.dallen@nist.gov>, "Daniel Allen" <dallen@nist.gov> writes:> >>1 > > It helps if you start with security as job 1.e >>F >    I would not claim that for VMS 1 on VAXen.  (Not a great passwordE >    encryption algorithm.)  It really did start to hit the ground onoJ >    security at about VMS 4.0, and after a well known non-technical hack.  | 	Nor stable at V1 ;-) hence the installation of V2.  A 32 bit virtual address space was obviously the primary design goal of VAX/VMS. I was simply alluding to the number of security features, VAX calling standard, system of named priviliges, consistent  system service parameter checking, ... that was present even at that early stage. That showed a serious early on focus on a robust security model - weak password algorithm et al not withstanding. That's an item missing from the ingredient list of the Snake Oil(s) shipping at that time.   Dans >l >a >b   ------------------------------  # Date: Thu, 22 Jan 2004 15:47:27 GMTo& From: jlsue <jefflsxxxz@sbcglobal.net>I Subject: Re: The Register: OpenVMS among most-secure of operating systems-8 Message-ID: <h2sv00hvttlek3s7vuh9r9fgcco90mng1e@4ax.com>  E On Wed, 21 Jan 2004 15:59:49 +0000, Andrew Harrison SUNUK Consultancy . <Andrew_No.Harrison_No@nospamn.sun.com> wrote:     >n8 >No I have simpoly looked at the CERT vunerabilites that4 >HP/Compaq/Digital have admitted to for OpenVMS 7.x. >   H But it ASSUMES that a patch is issued IFF it fixes a real vulnerability.H That's just not always the case.  Especially with "common" or "standard"K code, as in Open Source.  In that case you need to keep your code stream upSK with the rest of the planet or else you face much greater problems later one6 when you need newer versions of code for new features.  4 >The quantity of new code in OpenVMS is one possible6 >explanation, as is choice of language etc. Whats your >explanation ? >e  C Another possible explanation is that OpenVMS is keeping up with thea/ OpenSource community to maintain compatibility.a   --- jlse0 The preceding message was personal opinion only.6 I do not speak in any authorized capacity for anyone,  and certainly not my employer.- (get rid of the xxxz in my address to e-mail)s   ------------------------------  # Date: Thu, 22 Jan 2004 15:39:54 GMTS& From: jlsue <jefflsxxxz@sbcglobal.net>I Subject: Re: The Register: OpenVMS among most-secure of operating systems 8 Message-ID: <gjrv00528pfgdkrk57m39ngulaep20hj40@4ax.com>  E On Wed, 21 Jan 2004 15:54:11 +0000, Andrew Harrison SUNUK Consultancy-. <Andrew_No.Harrison_No@nospamn.sun.com> wrote:  
 >jlsue wrote:  >> mK >> It was a "yes" or "no" question.... but it appears that by your responsedG >> you believe that, 'yes' there are *many* security vulnerabilities in7+ >> OpenVMS, and that most are not reported.e >>   >a2 >What eveidence do you have that the many claim if  >I chose to make it isn't true ? >   H That's a silly discussion point.  Nobody would waste time defending some' vague notion of hypothetical arguments.g  5 Make specific statements and those will be addressed.   A And yes, you have provide  *some*  examples, but this by no meansnG constitutes "many" in common parlance (at least, not in the U.S.of A.).U= And those that you did provide have been discussed by others.e  K This discussion is around some notion that you seem to imply there are many K vulnerabilities - or at least, as many as Sun or UNIX in general.  And thatD, has not yet been shown to be the case, imho.   --- jls 0 The preceding message was personal opinion only.6 I do not speak in any authorized capacity for anyone,  and certainly not my employer.- (get rid of the xxxz in my address to e-mail)u   ------------------------------  % Date: Thu, 22 Jan 2004 17:12:32 +0000sO From: Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com>aI Subject: Re: The Register: OpenVMS among most-secure of operating systems-0 Message-ID: <bup0a0$bvg$1@new-usenet.uk.sun.com>   jlsue wrote:G > On Wed, 21 Jan 2004 15:59:49 +0000, Andrew Harrison SUNUK Consultancyo0 > <Andrew_No.Harrison_No@nospamn.sun.com> wrote: >  >  > 9 >>No I have simpoly looked at the CERT vunerabilites thatA5 >>HP/Compaq/Digital have admitted to for OpenVMS 7.x.i >> >  > J > But it ASSUMES that a patch is issued IFF it fixes a real vulnerability.J > That's just not always the case.  Especially with "common" or "standard"M > code, as in Open Source.  In that case you need to keep your code stream upeM > with the rest of the planet or else you face much greater problems later onF8 > when you need newer versions of code for new features. >   < So why admit to a vunerbility in a CERT advisory and release a patch for it ?  : Either your theory is correct in which case your engineers/ are incompetent or my theory is and they arn't.3  
 Which is it ?    > 5 >>The quantity of new code in OpenVMS is one possibleo7 >>explanation, as is choice of language etc. Whats your  >>explanation ?M >> >  > E > Another possible explanation is that OpenVMS is keeping up with the 1 > OpenSource community to maintain compatibility.g >   0 Well except that the POP hole may well have been1 in a program that was based on OpenSource (is it) 1 but the hole is all Compaq/HP's. No corrosponding/) hole exists in any OpenSouce POP servers.t   Nice try no cigar.   Regards  Andrew Harrisonm   ------------------------------  % Date: Thu, 22 Jan 2004 17:07:04 +0000-O From: Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com>tI Subject: Re: The Register: OpenVMS among most-secure of operating systemsn0 Message-ID: <buovvp$bqu$1@new-usenet.uk.sun.com>   jlsue wrote:G > On Wed, 21 Jan 2004 15:54:11 +0000, Andrew Harrison SUNUK Consultancye0 > <Andrew_No.Harrison_No@nospamn.sun.com> wrote: >  >  >>jlsue wrote: >>K >>>It was a "yes" or "no" question.... but it appears that by your responserG >>>you believe that, 'yes' there are *many* security vulnerabilities inh+ >>>OpenVMS, and that most are not reported.n >>>  >>3 >>What eveidence do you have that the many claim ift! >>I chose to make it isn't true ?e >> >  > J > That's a silly discussion point.  Nobody would waste time defending some) > vague notion of hypothetical arguments.o >   < No its not. There is ample evidence that OpenVMS security is< partly based on what appears to be an attempt to obscure any< issues that may exist. You only have to examine the POP saga to verify this claim.l  A Given this and a history of non or missreporting of vunerabilitesnA its is perfectly fair to ask you how you would propose to supportaB your apparent proposition that the number of actual vunerabilities% in OpenVMS is small rather than many.n  7 Ironically OpenVMS has no EAL certification of any kind 8 Solaris, AIX, HP-UX do. Perhaps instead of claiming that6 OpenVMS is secure you should cough up the cash and get
 it evaluated.d  7 > Make specific statements and those will be addressed.o >   ( I have and as you know they havn't been.  9 Instead there has been an assertion that the reporting off9 CERT advisories for OpenVMS has been improved, sadly thisb+ claim turns out to be verifiably incorrect.i   Regards  Andrew Harrison-   ------------------------------    Date: 22 Jan 2004 11:47:38 -0600; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler)wI Subject: Re: The Register: OpenVMS among most-secure of operating systemsn3 Message-ID: <1OL+aHS2g4S$@eisner.encompasserve.org>1   In article <buojdg$74u$1@new-usenet.uk.sun.com>, Andrew Harrison SUNUK Consultancy <Andrew_No.Harrison_No@nospamn.sun.com> writes: > 7 > Fact, HP/Compaq and the various owners of TCPWARE andn: > Multinet have released patches for general vunerabilites: > in OpenSource components which apply to those components7 > running on OpenVMS and have admitted the vunerabilityp9 > in CERT advisories. Why would they do this if they wereg > not vunerable ?n  <    Issuing a patch and admitting "affected" shows that there?    must have been a bug.  It does not prove that the bug was a      security issue.   ------------------------------  # Date: Thu, 22 Jan 2004 14:03:08 GMT 2 From: "Ken Farmer" <KFarmer@NOSPAM.SpyderByte.com>/ Subject: VAX support needed in rural SE Indianaa; Message-ID: <wKQPb.307$F86.106958@twister.southeast.rr.com>   J Got an email from someone this morning looking for VAX support in rural SEH Indiana, contractor or company.  I don't know many details, I think it's only one server.  8 If interested let him know soon, he needs to know today.   lturner at intat dot com   Kenr   -- Kenneth Farmer  <><e OpenVMS.org  |  dcl.OpenVMS.orga   ------------------------------  % Date: Thu, 22 Jan 2004 08:49:30 +0100o" From: Didier Morandi <no@spam.com>% Subject: Re: VAXUS: Call for ChaptersN4 Message-ID: <400f810d$0$29059$636a55ce@news.free.fr>   David J. Dachtera wrote:  * > How formal and scientific is your data?   L I shall not comment on my sources. Let me just say that the 1998 file was a L commercial file purchased from an Intelligence Company. The 2000 file was a 
 private file.w    > If I can get the OpenVMS brass= > to take the meeting, would you be prepared to make a formalt > presentation?e  K David, I'm prepared to do ANY time ANY kind of presentation on VMS and its  M future to ANYbody (even in English). What I think actually is that HP should xO hire me if they really want to make money on VMS/Itanium with VAX/VMS users :-)e  B >>You guess that I will send them collaterals on the FutureVAX :-) >>www.futurevax.com  > G > As long as you can address their Qbus, BIbus and XMIbus needs, go forp > it!l  Q SRI works with The Logical Company http://www.logical-co.com/ to manufacture PCI k5 cards to allow any Bus to be connected to CHARON-VAX.t= See http://www.softresint.com/pub/doc/30-16-015.pdf for more.v  L The VAX/VMS Field today *knows* that they have only two futures: Itanium or 
 FutureVAX.   Period.-   D. -- -2 VAXUS - Your new helpful friend in the DEC Family!2 EHQ: 19 chemin de la Butte, 31400 Toulouse, France/       Phone: +336 7983 6418 Fax: +335 6154 1928V$                 http://www.vaxus.org   ------------------------------    Date: 22 Jan 2004 09:36:42 -0800' From: jbecker@ui.urban.org (Jim Becker)d% Subject: Re: VAXUS: Call for Chapterso= Message-ID: <c113b52c.0401220936.68a7cb56@posting.google.com>b  Z "Barry Treahy, Jr." <Treahy@MMaz.com> wrote in message news:<400EB380.1050907@MMaz.com>... [snip]K > Perhaps because the LUGS that are left here in the US are either already nG > doing well on their own, like Dallas/FW, or are dead or dying a slow  K > death like here in Phoenix.  People are tired, Didier, they are tired of tI > investing time into LUGS just to have the carpet pulled out or to have ,/ > them turned into a Intel/Windows sales pitch.a [snip]  B And on what data do you base this? None, apparently. Of the activeB Encompass LUGs I'm familiar with, not one of them do Intel/WindowsD sales pitches. The LUG in the DC area has been doing fine for years,E thank you. We cover a range of topics of interest to the HP installedt% base, and we never run sales pitches.   E Other active Encompass LUGs include (in no particular order) Chicago,vF New York, Austin, Cleveland, and Philadelphia. New Encompass LUGs have; formed in the Northeast and in North Carolina, and PenNYLUGrA (Pennsylvania/NY) formed not too long ago. The DFW group is stilliD around at least in the form of that lovely Hobbyist program. PhoenixE is still having meetings AFAIK. (Apologies to any LUGs I've failed to B list here.) The LUG leaders and Encompass HQ staff get together byD conference call on a regular basis to keep up with each other and toF help each other out. The LUG leaders also have a mailing list they can% use to stay in touch with each other.L  F I have no idea what carpet you're referring to that's being pulled outE from under the LUGs. In fact, Encompass has increased its LUG fundingc	 for 2004.v  K > In my estimation, you will see very little to no interest here in the US cK > for that reason alone, but also because of the fact that for us to drive tG > from state to state, you could have traveled from country to country aK > there in Europe; Proximity does matter and no one wants to be the single a; > LUG member in their region, nothing is gained by that... s  4 Huh? There *is* interest in forming LUGs in the U.S.   [snip]3 > What value to the members?  Encompass has yet to .J > figure that one out and is still riding on the member benefits put into % > action by prior DECUS work (IMHO). a  " You've got your facts wrong again.  G > With todays electronic collaboration via the net and telephone, most iK > technical issues can be discussed and worked out, the only thing missing oI > is the socials after the meeting when DEC, well Compaq, Ha!  HP bought sC > the beer, but what, they haven't done that in more than a decade!   F The value of meeting face to face, for many people, isn't the beer. In= ESILUG, we never have beer anyway. I'll quote from our ESILUG ' presentation, "Why Go to LUG Meetings?"s% - Information you can't get elsewheret?     Even if the information is "out there" somewhere, it's morer* focused and more reliable at a LUG meeting" - Insights you can't get elsewhere>     There's nothing like hearing the right person give you the< straight scoop, whether it's the speaker or another attendee - Someone else's expertise+     Let them share their knowledge with youe - Someone else's paina-     Let them share their experiences with youP   --
 Jim Becker+ The Urban Institute (http://www.urban.org/)u' Encompass (http://www.encompassus.org/)i. ESILUG (http://encompasserve.org/lugs/esilug/)   ------------------------------  % Date: Thu, 22 Jan 2004 08:01:05 -0700 8 From: "Michael D. Ober" <obermd-.@.-alum-mit-edu-nospam>) Subject: VMS authentication to Windows AD 0 Message-ID: <SARPb.10$1b1.25455@news.uswest.net>  H I need to have my users periodically change their passwords, but most ofJ them are computer illiterate (they have no idea what a command line is andK sometimes have a hard time logging into a Windows Domain without help).  IseG there anyway to have VMS authenticate to a Windows 2000 AD Domain?  I'm>K reasonably sure I can train them to change their passwords when prompted byo the domain.a   TCPIP SHO VER returnsm  >  Compaq TCP/IP Services for OpenVMS Alpha Version V5.3 - ECO 28   on a AlphaServer 1200 5/533 4MB running OpenVMS V7.3-1   Thanks,t
 Mike Ober.   ------------------------------  % Date: Thu, 22 Jan 2004 00:25:43 -0500n* From: JF Mezei <jfmezei.spamnot@istop.com>4 Subject: Re: VMS's Stability Prompts Move To Itanium) Message-ID: <400F5EB6.BC6CD253@istop.com>    Jack Peacock wrote:oM > Still, that mystery number and the revenue has to be high enough to justifyiM > keeping the VMS team together and porting to Itanium, so I'd infer there is K > some kind of commitment from enough large (in terms of support contracts)M! > VMS users to justify the work. G  I Tandem also generates sufficient revenus to warant to port to IA64 and HPtJ mentioning Tandem/NSK in its advertising, yet the Tandem marketplace was aN tiny fraction of what the VMS marketplace used to be and has a very narrow and2 specialised selection of software available to it.  G If VMS is going after the same very-small niche markety as Tandem (high.K quality, high availability) the I am not sure that the market is big enoughkF for 2 players, especially when the 2 players are from the same vendor.  K Unlike Tandem, VMS is fully scalable from desktop to datacentre. But TandemtN has a very captive and specialised market, almost appliance-like. (you want toG be part of this POS network ? then you need a tandem with such and suchlN software and such and such software version that needs to be installed april 1	 at 23:45.'  M VMS doesn't have a captive market because there is very little software l;eft-N that is VMS-only. In fact, most now originates from Unix and is ported to VMS.N And as time progfresses, the VMS specific functionality will disapear. Look atL Apache, look at the unix-like commands for the TCPIP Services utilities etc.  M VMS can compete head to head against Unix. But it must be allowed to compete.eI And that means agressive pricing, not taking your remaining customers for $ granted, and of course, advertising.  M HP may have shown indications it does not intend to kill VMS rioght away. ButoM it has show absolutely no intentions to grow , market and leverage VMS to itsg full extent.   ------------------------------  % Date: Wed, 21 Jan 2004 23:01:53 -0800r! From: SloPoke <csewell@telus.net>a7 Subject: Yet another OpenVMS admin/programmer available-8 Message-ID: <r4tu00h42oai830iju0fm6vsajdontqlqm@4ax.com>  : Over 20 years experience, etc., etc.  Visit my web page atC http://www3.telus.net/csewell/ for more details.  At the very leastj0 you may find some useful OpenVMS freeware there.   ------------------------------  % Date: Thu, 22 Jan 2004 07:51:59 -0600 , From: "Art Beane" <art.beane@mindspring.com>; Subject: RE: Yet another OpenVMS admin/programmer available.> Message-ID: <002e01c3e0ee$e7f92910$6401a8c0@stconsultants.com>   >-----Original Message-----w* >From: SloPoke [mailto:csewell@telus.net] ) >Sent: Thursday, January 22, 2004 1:02 AMl >To: Info-VAX@Mvb.Saic.Com8 >Subject: Yet another OpenVMS admin/programmer available  ; >Over 20 years experience, etc., etc.  Visit my web page at D >http://www3.telus.net/csewell/ for more details.  At the very least1 >you may find some useful OpenVMS freeware there.s    6 http://jobsearch.monster.com/getjob.asp?JobID=20630927   ------------------------------  % Date: Thu, 22 Jan 2004 10:07:13 +0100n" From: Didier Morandi <no@spam.com>4 Subject: [ANN] First Annual VAXUS Symposium in Paris4 Message-ID: <400f9347$0$29073$636a55ce@news.free.fr>  L The first national Symposium of the French VAXUS Chapter will take place on : Friday the 25th of June 2004 in Paris, Palais des Congrs.  & Subject: What future for VAX/VMS users  - English and French speaking speakers welcome.k  # See http://www.vaxus.org/ for more.a   D. -- 32 VAXUS - Your new helpful friend in the DEC Family!2 EHQ: 19 chemin de la Butte, 31400 Toulouse, France/       Phone: +336 7983 6418 Fax: +335 6154 1928 $                 http://www.vaxus.org   ------------------------------   End of INFO-VAX 2004.043 ************************