1 INFO-VAX	Sat, 02 Apr 2005	Volume 2005 : Issue 184       Contents: Re: Downloading patches via PC? $ Re: poor disk I/O performace on ds25  Re: ports 135, 445, 139 and 1433  Re: ports 135, 445, 139 and 1433  Re: ports 135, 445, 139 and 1433  Re: ports 135, 445, 139 and 1433  Re: ports 135, 445, 139 and 1433  Re: ports 135, 445, 139 and 1433  Re: ports 135, 445, 139 and 1433* Re: problem with router---NAT and caching?* Re: problem with router---NAT and caching?* Re: problem with router---NAT and caching? Re: Script Kiddie tarpit wanted 
 Re: Sybase  F ----------------------------------------------------------------------   Date: 2 Apr 2005 11:41:55 +0100 6 From: peter@langstoeger.at (Peter 'EPLAN' LANGSTOEGER)( Subject: Re: Downloading patches via PC?, Message-ID: <424e8503$1@NEWS.LANGSTOEGER.AT>  Z In article <d2kis1$c8s$1@news01.intel.com>, Ken Fairfield <my.full.name@intel.com> writes:! >Peter 'EPLAN' LANGSTOEGER wrote: b >> In article <1112190349.762162.252070@f14g2000cwb.googlegroups.com>, tadamsmar@yahoo.com writes: >>  C >>>The OpenVMS systems that I manage will soon be isolated from the  >>>Internet. >>> H >>>If I want a patch,  I will have to download it via a Windows 2000 PC,H >>>and put it on a particular server that can be accessed by the OpenVMS >>>systems.  >>> @ >>>But I seem to remember having trouble with patch files that I? >>>downloaded to a PC and then FTPed over to an OpenVMS system.  >>> ) >>>Does anyone recall problems with this?  >>  M >> If it is a .ZIPEXE or a .DCXEXE file a simple (binary) download is enough. I >> (the VMS image activator is friendly and accepts also Stream files ;-) Q >> If it is a .PCSI$COMPRESSED file, you need to repair it on VMS after the xfer. # >> $ SET FILE/ATT=(RFM=FIX,LRL=512)  > F >    If the .PCSI$COMPRESSED file is transferred in binary/image, thenF >  it will already be RFM=FIX, LRL=512.  I don't recall the discussionJ >  from a few weeks back, but is it possible or likely that the compressed5 >  .PSCI files have a different LRL, like 2048 or so?   L Indeed, the .PCSI$COMPRESSED problem was with downloading the patches to VMSJ with MOZILLA instead of FTP (cause of the stream vs fix fileformat MOZILLAJ uses - which the imageactivator accepts, but PRODUCT does not). But the OPM did want to download them on PC and then transfer them with FTP to VMS, so no M problems expected as long as they are transferred binary and unzipped on VMS.    --   Peter "EPLAN" LANGSTOEGER % Network and OpenVMS system specialist  E-mail  peter@langstoeger.atF A-1030 VIENNA  AUSTRIA              I'm not a pessimist, I'm a realist   ------------------------------   Date: 2 Apr 2005 10:34:41 -0800 + From: "Nitendra" <ns_panwar@rediffmail.com> - Subject: Re: poor disk I/O performace on ds25 C Message-ID: <1112466881.486882.230600@z14g2000cwz.googlegroups.com>   
 Dear Denny  C there are three Ultra 160 scsi controller, two are on board and one  addonPCI card.  F both harddisks are connected on one of the integrated scsi controller.  ? on other internal scsi controller only one tape drive dat72. is B connected and third one is not having any deivces connected to it.  G there is no scsi error, all harddisk are conneted to hotswap case ba610  shipped along with the system.  D as far as hardisk model and make is concern i will have to go to the+ server location and will confirm you later.    Regards    ------------------------------  % Date: Sat, 02 Apr 2005 02:31:01 -0500 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> ) Subject: Re: ports 135, 445, 139 and 1433 B Message-ID: <1112427010.602303be82ca0558cc55f3b76010d581@teranews>   Paul Sture wrote:  > H > Oh Philip, since JF mentioned that the Linksys is the same as a Zyxel,# > you should block port 139 anyway.     2 Nop, it is the Netgear that is the same as Zyxel.   F Linksys is a cheap brand designed for dumbed down wintel users. It has since been purchased by Cisco       F > See http://www.studerus.ch/files/knowledgebase/f_netb.htm for filter  - And those pages describe Zyxel/Netgear menus.    ------------------------------  % Date: Sat, 02 Apr 2005 02:42:18 -0500 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> ) Subject: Re: ports 135, 445, 139 and 1433 B Message-ID: <1112427683.5860709ed1d4fe92870b685773bd1f3e@teranews>  D btw, just to correct myself. 139 is not for ident. 113 is for ident.   139 is for microsoft stuff.    ------------------------------  * Date: Sat, 2 Apr 2005 07:52:34 +0000 (UTC)P From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply)) Subject: Re: ports 135, 445, 139 and 1433 $ Message-ID: <d2lj01$4md$2@online.de>  7 In article <3b6sdeF6fi4ieU1@individual.net>, Paul Sture  <paul.sture@decus.ch> writes:   I > Oh Philip, since JF mentioned that the Linksys is the same as a Zyxel,    I My Teledat router is a rebadged Zyxel, and I also have a Linksys, but is  B my Linksys also a Zyxel?  It certainly looks completely different.  # > you should block port 139 anyway.  > G > See http://www.studerus.ch/files/knowledgebase/f_netb.htm for filter  
 > details.  & But WHY?  Can harm be done if I don't?   ------------------------------  * Date: Sat, 2 Apr 2005 08:36:30 +0000 (UTC)P From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply)) Subject: Re: ports 135, 445, 139 and 1433 $ Message-ID: <d2llie$88q$1@online.de>  E In article <1112427010.602303be82ca0558cc55f3b76010d581@teranews>, JF - Mezei <jfmezei.spamnot@teksavvy.com> writes:    B > Linksys is a cheap brand designed for dumbed down wintel users.   E Certainly, it is a low-cost option.  However, it provides me with all G the functionality I need, and more.  It also offers PAT, in addition to F just NAT.  It has been in constant use for years, and I am quite happyF with it.  The web interface is usable---which means I can read it withB LYNX -dump and parse the output. (I do this to see when the WAN IPH address has changed, then update my dynamic DNS configuration.  While itA is true that some routers have this functionality implemented (my G rebadged Zyxel does; not sure about my Linksys), it is generally not as F good as a well written script.  Also, my dynamic DNS provider actuallyF encourages updates much more frequently than only when the WAN address< changes; if there is a problem at my end, I am set "offline"H automatically---thus I need an update "script" (actually a batch job, of course) anyway.)     ------------------------------  % Date: Sat, 02 Apr 2005 05:02:03 -0500 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> ) Subject: Re: ports 135, 445, 139 and 1433 B Message-ID: <1112436065.9fabbd06be461ca54183b087fec4931b@teranews>  / Phillip Helbig---remove CLOTHES to reply wrote: % > > you should block port 139 anyway.  > ( > But WHY?  Can harm be done if I don't?  D Reduced performance on your lan machines because they have to handle packets they don't want.  D While a VMS host may not have any software tied to port 139, it mustF still process these packets (and then decide to do nothing with them).  H Also, when you block packets at the router level, the hacker doesn't getH a "host is refusing connection" but rather the user waits for a responseN until it times out and thinks your host is down. (so you are slowing it down).   ------------------------------  * Date: Sat, 2 Apr 2005 10:26:51 +0000 (UTC)P From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply)) Subject: Re: ports 135, 445, 139 and 1433 $ Message-ID: <d2ls1b$ger$1@online.de>  E In article <1112436065.9fabbd06be461ca54183b087fec4931b@teranews>, JF - Mezei <jfmezei.spamnot@teksavvy.com> writes:    1 > Phillip Helbig---remove CLOTHES to reply wrote: ' > > > you should block port 139 anyway.  > > * > > But WHY?  Can harm be done if I don't? > F > Reduced performance on your lan machines because they have to handle > packets they don't want. > F > While a VMS host may not have any software tied to port 139, it mustH > still process these packets (and then decide to do nothing with them).  G OK, makes sense.  I guess I should block ALL packets for ports 0--1023   except those I explicitly want.   @ Back when I had an ISDN connection and public IP addresses on myF machines (not only dial-out but also dial-in-on-demand: when somethingH for my address block came to my ISP, he would open up an ISDN connectionG to my ISDN router, which would time out after it was no longer needed), D I had the ISP block as much as possible: not only the non-used portsG less than 1024, but also incoming packets to (almost) ALL ports greater > than 1023 unless they were "return traffic" from connections ID initiated.  Unfortunately, with my router this level of fine tuning E doesn't seem to be possible; it seems to be either blocked or passed  C through, regardless of whether it is a new incoming request or the  ) return traffic for a request I initiated.   J > Also, when you block packets at the router level, the hacker doesn't getJ > a "host is refusing connection" but rather the user waits for a responseP > until it times out and thinks your host is down. (so you are slowing it down).  H Sounds good.  Presumably, blocking the packets at the router won't be a H greater load on the router than passing them through (probably, it will  be less, right?).    ------------------------------  % Date: Sat, 02 Apr 2005 16:55:49 +0200 & From: Paul Sture <paul.sture@decus.ch>) Subject: Re: ports 135, 445, 139 and 1433 , Message-ID: <3b7q3kF640bovU1@individual.net>  / Phillip Helbig---remove CLOTHES to reply wrote:   9 > In article <3b6sdeF6fi4ieU1@individual.net>, Paul Sture   > <paul.sture@decus.ch> writes:  > # >>you should block port 139 anyway.  >>G >>See http://www.studerus.ch/files/knowledgebase/f_netb.htm for filter  
 >>details. >  > ( > But WHY?  Can harm be done if I don't? > D Well, at the time I blocked it, I had a Windies box, so it seemed a 3 sensible thing to do (going back a few years here).   A If you only have VMS boxen behind your router, it isn't the same  C problem, but after the VMS MUP for RPC, I started blocking Windows  $ related ports as a matter of course.   ------------------------------  * Date: Sat, 2 Apr 2005 07:48:49 +0000 (UTC)P From: helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply)3 Subject: Re: problem with router---NAT and caching? $ Message-ID: <d2lip1$4md$1@online.de>  E In article <1112402124.167edc32092d62735e61684a0472d1a9@teranews>, JF - Mezei <jfmezei.spamnot@teksavvy.com> writes:    0 > ip arp flush  from the command line interface.  E Thanks.  I know about the command-line interface, but have never used E it.  I'll give it a try.  (Up to know, I've used only the (completely B undocumented!) character-cell menu interface accessible via telnet@ (where one of the options is to escape to the command line); theH official interface is the http one, but I've never used it (it demands a? browser more modern and sophisticated than any I have on my VMS I machines; with my Linksys router all pages except the main configuration  I page---with username, password etc where I normally don't have to change  2 anything---are usable with the old Netscape Gold.)  E > Go to the Zyxel web site and download the technical manuals for the B > Prestige 314 (I assume you have a Netgear 314  loaded with Zyxel
 > software ?)   D It's a router sold by Deutsche Telekom; somewhere I learned it is a = rebadged Zyxel.  Here's what the main menu screen looks like:     :                               Teledat Router 400 Main Menu  =      Getting Started                      Advanced Management I        1. General Setup                     21. Filter and Firewall Setup ?        2. WAN Setup                         23. System Password B        3. LAN Setup                         24. System Maintenance>        4. Internet Access Setup             26. Schedule Setup          Advanced Applications        11. Remote Node Setup        12. Static Routing Setup         15. SUA Server Setup   4                                             99. Exit    6 If I recall correcly, the HTTP interface is in German.  B Even with the arp explanation, though, I am puzzled as to why the I problem exists only for port 6000.  For other ports, I can change the IP  C address and new connections, incoming or outgoing, work right away.    ------------------------------  % Date: Sat, 02 Apr 2005 04:48:59 -0500 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> 3 Subject: Re: problem with router---NAT and caching? B Message-ID: <1112435277.f297893baf3f9068da17c1d9cd3a9a8f@teranews>  G If you can't find the command reference for your zyxel router, I have a  copy on my website  F http://www.vaxination.ca/tcpip/  and scroll down to the various links.  H I had printed documents on how to enable tracing and display traces, but# somehow, I lost the origianl links.    ------------------------------  % Date: Sat, 02 Apr 2005 17:09:44 +0200 & From: Paul Sture <paul.sture@decus.ch>3 Subject: Re: problem with router---NAT and caching? , Message-ID: <3b7qtmF6gvn08U1@individual.net>  / Phillip Helbig---remove CLOTHES to reply wrote:      > the main menu for his router.  H Yes, I recognize that as being for a Zyxel. www.studerus.ch has all the I doc (for the sake of others, some in German, obviously not a problem for   you).    ------------------------------  % Date: Sat, 02 Apr 2005 05:57:21 -0800 # From: "Tom Linden" <tom@kednos.com> ( Subject: Re: Script Kiddie tarpit wanted( Message-ID: <opsolydvpwzgicya@hyrrokkin>  H On 01 Apr 2005 16:45:15 GMT, Thierry Dussuet <thierry@dussuet.lugs.ch>   wrote:  F > On 2005-03-31, Alan Frisbie <Usenet02_REMOVE@Flying-Disk.com> wrote:@ >> Since I like to have remote Internet access to my VMS system,0 >> I have my firewall forward SSH packets to it. >>; >> However, every day or so, I am alerted by the beeping of A >> OPCOM messages that someone is making repeated login attempts. ; >> I am not worried about them getting in, but I find their  >> feeble attempts annoying. >>? >> I am thinking of creating captive accounts that these script < >> kiddies would be likely to try (root/<null>, guest/guest,> >> god/god, etc.).   The captive procedure should appear to be> >> some variant of Unix, appear to sort-of work, while wasting; >> as much of their time as possible.   Meanwhile it should ? >> log everything to a file for my later amusement.   (Yes, I'm  >> that sick!) >>= >> I seem to recall that someone created such a DCL procedure = >> years ago, but I can't seem to find it.   Can anyone point > >> me to something that would give me a start on this project? > D > I started something similar some time ago, in PL/I.  The code is  
 > probably as H > ugly as hell (I'm happy for feedback) but the result is funny :) (it  	 > doesn't  > all work yet, either)  > , > http://wigwam.ethz.ch/~dussuett/prompt.pli > 	 > Thierry   G Cute.  Now, how are you launching the program or what causes it to run?    ------------------------------   Date: 1 Apr 2005 23:15:19 -0800  From: rat@bigpond.com  Subject: Re: Sybase B Message-ID: <1112426119.672738.12920@f14g2000cwb.googlegroups.com>  C Yeah, the sybase/NT part is a given; so it comes down really to the F cobol precompiler for sybase on vms.  However, it comes down to effort@ since (out of Friday's ressearch) its only .1% of the total codeE base... so in terms of cost-justifying it, it needs to be a quick and 6 easy change.  Hence the 'has anyone been here before?'   Rat.   ------------------------------   End of INFO-VAX 2005.184 ************************                                                                                                                                                                                                                                          09>
Subject: Re: Ca peut pas faire de mal
Date: Sun, 2 Feb 2003 01:45:53 +0100
Lines: 10
X-Priority: 3
X-MSMail-Priority: Normal
X-Newsreader: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Message-ID: <OocbnRlyCHA.1620@TK2MSFTNGP11>
Newsgroups: microsoft.public.fr.flightsim
NNTP-Posting-Host: mix-toulon-112-4-85.abo.wanadoo.fr 80.9.231.85
Path: mvb.saic.com!news-out.cwix.com!newsfeed.cwix.com!newsfeed.icl.net!newsfeed.fjserv.net!oleane.net!olean