1 INFO-VAX	Wed, 02 Aug 2006	Volume 2006 : Issue 426       Contents:( Re: Announcing Availability Manager V2.6@ Re: Any Way to Validate Username & Password from an Application?@ Re: Any Way to Validate Username & Password from an Application?@ Re: Any Way to Validate Username & Password from an Application? Re: InfoServer 100 success Re: InfoServer 100 success Re: InfoServer 100 success< Re: Is there a Unix /tmp directory. How dissimilar are they.< Re: Is there a Unix /tmp directory. How dissimilar are they.< Re: Is there a Unix /tmp directory. How dissimilar are they. Re: Linux on military aircraft Re: Linux on military aircraft RE: Linux on military aircraft Re: Linux on military aircraft) Re: New itaniums out at 2.5x perform gain ) Re: New itaniums out at 2.5x perform gain ) Re: New itaniums out at 2.5x perform gain / Re: querying Web Services from the command line / Re: querying Web Services from the command line / Re: querying Web Services from the command line / Re: querying Web Services from the command line A Re: Under VMS, on an HSG80, can Raid Partition Size be Increased? G Re: Use of script languages (Was: Tomcat user authentication question.) G Re: Use of script languages (Was: Tomcat user authentication question.)  VAMP open for business  F ----------------------------------------------------------------------  # Date: Tue, 01 Aug 2006 18:57:59 GMT 0 From: "Barry Kierstein" <Barry.Kierstein@HP.Com>1 Subject: Re: Announcing Availability Manager V2.6 2 Message-ID: <XuNzg.1391$sv7.1037@news.cpqcorp.net>  M This problem has cropped up at times. I can't remember what the problem was,  M but the first place to start that I know of is $ SET WATCH FILE/CLASS=MAJOR.  M It will log the various file accesses and the return status, and this should  C be a good first start. To turn it off, $ SET WATCH FILE/CLASS=NONE.    Barry Kierstein    ------------------------------  $ Date: Wed, 2 Aug 2006 07:37:11 +08003 From: "Richard Maher" <maher_rj@hotspamnotmail.com> I Subject: Re: Any Way to Validate Username & Password from an Application? 1 Message-ID: <eaooee$dhs$1@news-02.connect.com.au>    Hi JF,  J > Or would the application have to user the SETUAI to manually update that1 > user record once the login has been succesful ?   I Speaking for myself, that is in fact what I currently do. I don't like it I because between your $getuai to get the original login-failures count and F your $setuai to increment it there can be a hidden update. I'm leaningL towards updatin the SYSUAF directly with RMS record locking as the way to goI but you don't mention login failures so maybe you're ok? ($getuai/$setuai L are a piece of pooh that I'll write more about tonight if I get a chance. So" much whinging - So little time :-)  0 Does $ACM even do this? I'll have to look it up.   Cheers Richard Maher.   G PS. I know you're more than capable of doing this yourself and possibly L doing a better job than me but, as an example exercise,  I have been meaningG to write a UWSS interface to a detatched Authentication Server and have K existing code available for most of it already, so if anyone was interested I in me doing it then just let me know. (All I ask is that they sign up for  some testing hours :-)  J PPS. A lot (most?) other LPs (eg: Rdb/SQL/Services) don't bother to updateG last login time and the UAF record gets canned by auditing software :-(   J PPPS. Watch out for DOS attacks with $scan_intrusion. (Only deny access to your facility where possible)   : "JF Mezei" <jfmezei.spamnot@teksavvy.com> wrote in message& news:44CF876B.935175A1@teksavvy.com...C > For users on VAX-VMS,  do any of the system services to check the H > username/password, send autdit alarm and scan intrusion records update > the date of last login ? > J > Or would the application have to user the SETUAI to manually update that1 > user record once the login has been succesful ?  > F > For instance, if I were to write a POP server, or any other internetH > application that has a username/password requirement, I would want the5 > UAF record updated to show last network login date.    ------------------------------  # Date: Wed, 02 Aug 2006 00:33:55 GMT , From: Hoff Hoffman <hoff-remove-this@hp.com>I Subject: Re: Any Way to Validate Username & Password from an Application? 1 Message-ID: <TpSzg.1427$6M7.828@news.cpqcorp.net>   E    I can't vouch for the code, but the description for the following  G package looks like it deals with most of the requirements around login  F processing, auditing and evasion, and particularly when in an OpenVMS F environment that lacks the sys$acm ACME login security system service % call and its associated capabilities:   >    http://vms.process.com/scripts/fileserv/fileserv.com?CHKLGI   ------------------------------  % Date: Wed, 02 Aug 2006 05:45:46 +0200 / From: Paul Sture <paul.sture.nospam@hispeed.ch> I Subject: Re: Any Way to Validate Username & Password from an Application? ; Message-ID: <caca5$44d01fea$50db5015$28362@news.hispeed.ch>    Richard Maher wrote:  I > PS. I know you're more than capable of doing this yourself and possibly N > doing a better job than me but, as an example exercise,  I have been meaningI > to write a UWSS interface to a detatched Authentication Server and have M > existing code available for most of it already, so if anyone was interested K > in me doing it then just let me know. (All I ask is that they sign up for  > some testing hours :-) >   H If it's testing hours you want, consider me in. I don't mind rolling my / sleeves up to do a bit of serious COBOL either.    ------------------------------   Date: 1 Aug 2006 10:52:55 -0700 ( From: "Rich Jordan" <jordan@ccs4vms.com># Subject: Re: InfoServer 100 success C Message-ID: <1154454775.557835.285980@m79g2000cwm.googlegroups.com>    Hoff Hoffman wrote:  > David J. Dachtera wrote: > I > > You would be doing the community a large service if you could provide / > > some info on how to obtain the CD image(s).  > C >    In roughly two weeks' time (as the various wheels churn slowly F > forward), you'll be able to download many of the InfoServer giblets,H > including keys and disk images and all, from the Freeware site and via > the Freeware disks.  > A >    I've packaged up the InfoServer 3.5 image, and keys for most  > everything, on Freeware V8.0.    Hoff,       thank you!       thank you!       thank you!    Woohoo!    Rich   ------------------------------  % Date: Tue, 01 Aug 2006 14:09:51 -0400 ' From: Dave Froble <davef@tsoft-inc.com> # Subject: Re: InfoServer 100 success 9 Message-ID: <19OdneSus8AbClLZnZ2dnUVZ_vydnZ2d@libcom.com>    Hoff Hoffman wrote:  > David J. Dachtera wrote: > H >> You would be doing the community a large service if you could provide. >> some info on how to obtain the CD image(s). > C >   In roughly two weeks' time (as the various wheels churn slowly  G > forward), you'll be able to download many of the InfoServer giblets,  I > including keys and disk images and all, from the Freeware site and via   > the Freeware disks.  > A >   I've packaged up the InfoServer 3.5 image, and keys for most   > everything, on Freeware V8.0.   H I for one wish to offer thanks for this.  I don't have an Infoserver so H it's nothing personal.  However, from the perspective of not having old D software disappear into the dustbin of history, this is a great act.   --  4 David Froble                       Tel: 724-529-0450> Dave Froble Enterprises, Inc.      E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc.  170 Grimplin Road  Vanderbilt, PA  15486    ------------------------------  % Date: Tue, 01 Aug 2006 21:02:34 -0500 6 From: "David J. Dachtera" <djesys.no@spam.comcast.net># Subject: Re: InfoServer 100 success 0 Message-ID: <44D007BA.5480DD76@spam.comcast.net>   Hoff Hoffman wrote:  >  > David J. Dachtera wrote: > I > > You would be doing the community a large service if you could provide / > > some info on how to obtain the CD image(s).  > C >    In roughly two weeks' time (as the various wheels churn slowly F > forward), you'll be able to download many of the InfoServer giblets,H > including keys and disk images and all, from the Freeware site and via > the Freeware disks.  > A >    I've packaged up the InfoServer 3.5 image, and keys for most  > everything, on Freeware V8.0.   3 I'll add my voice in thanks for this. That's SUPER!    --   David J Dachtera dba DJE Systems  http://www.djesys.com/  & Unofficial OpenVMS Marketing Home Page! http://www.djesys.com/vms/market/   ( Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/   " Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/   ) Unofficial OpenVMS Hobbyist Support Page: " http://www.djesys.com/vms/support/   ------------------------------  % Date: Tue, 01 Aug 2006 13:54:13 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> E Subject: Re: Is there a Unix /tmp directory. How dissimilar are they. , Message-ID: <44CF953C.DA4FB680@teksavvy.com>   Bill Gunshannon wrote:4 > This is hardly unique to VMS.  Unix has tmpfile(),  H I pointed this out as a way for one to get around the lack of a standardB temporary directory on VMS, yu can still create temporary files inC SYS$SCRATCH (which is really SYS$LOGIN) and have them automatically C deleted when done.  But one must be careful to never close the file F until one is sure it can be deleted (aka. reading multiple times etc).   ------------------------------  # Date: Tue, 01 Aug 2006 21:02:18 GMT & From: John Reagan <john.reagan@hp.com>E Subject: Re: Is there a Unix /tmp directory. How dissimilar are they. 1 Message-ID: <ujPzg.1402$Dx7.424@news.cpqcorp.net>   / Phillip Helbig---remove CLOTHES to reply wrote:   H > The default location is SYS$LOGIN, defined in the JOB table.  I don't ? > know where this is defined, but LOGINOUT.EXE is a good guess.  >    Good guess.   G BTW, since SYS$SCRATCH does come from LOGINOUT, not all processes have  H it.  Processes started with RUN/DETACHED for instance (unless of course E you run LOGINOUT with some TMP.COM file as input that contains a RUN   command of your image).    --   John Reagan 5 HP Pascal/{A|I}MACRO/COBOL for OpenVMS Project Leader  Hewlett-Packard Company    ------------------------------   Date: 2 Aug 2006 06:41:58 +0100 2 From: "Dave Weatherall" <djw-nothere@nospam.nohow>E Subject: Re: Is there a Unix /tmp directory. How dissimilar are they. ? Message-ID: <DTiotGxQ0bj6-pn2-xEShDZf4FQMj@dave2_os2.home.ours>   * On Tue, 1 Aug 2006 17:54:13 UTC, JF Mezei % <jfmezei.spamnot@teksavvy.com> wrote:    > Bill Gunshannon wrote:6 > > This is hardly unique to VMS.  Unix has tmpfile(), > J > I pointed this out as a way for one to get around the lack of a standardD > temporary directory on VMS, yu can still create temporary files inE > SYS$SCRATCH (which is really SYS$LOGIN) and have them automatically E > deleted when done.  But one must be careful to never close the file H > until one is sure it can be deleted (aka. reading multiple times etc).  F One of the problems wth OPEN/SCRATCH or CLOSE/DISPOSE=DELETE is that, D unless you specify a disk/directory, explicitly or by logical name, F RMS will attempt to create the file in the current working directory, ? which the user might not have WRITE access to. Result : Ooops!!   E So it is probably a good idea to specify 'SYS$SCRATCH:' when opening  C temp/scratch files. As you might guess, I have been bitten by this.    --   Cheers - Dave W.   ------------------------------  % Date: Tue, 01 Aug 2006 19:56:19 +0200 + From: Karsten Nyblad <nospam@nospam.nospam> ' Subject: Re: Linux on military aircraft = Message-ID: <44cf95ae$0$60782$157c6196@dreader1.cybercity.dk>    Main, Kerry wrote: >>I >> I think there would be a lot more OpenVMS security issues if it was in ; >> wider distribution with a platform that was more easily   >> accessible to the   >> hacker community.   >> > F > Ohhh yeah, hear we go .. If only .. That old wives statement is likeD > saying the big banks have poor security because most people do notF > understand the security they use, so there must be problems with it.J > Now, if the banks only would publish each of their security plans on the6 > Internet, now then - they would have real security ! > E > ROTFL ..Lets re-phrase what you just stated and see how it sounds:: I > "I think there would be a lot more Bank (OpenVMS) security issues if it @ > was in wider distribution with a platform that was more easily4 > accessible to the bank robber (hacker) community." >  > Does this sound right? > I > Lets face it, most people believe banks have very high security (albeit E > not 100%), and trust that those running the bank take security very J > seriously. They trust those running the bank to be aggressive in keeping > their security very high.   I First of all.  Comparing security in the physical world with security on  G computer systems is not without problems.  In the physical world there  I will always be a way around all the security surrounding the strongroom.  H   However, OSes are mathematical objects, and you can reason about what G would happen if somebody tries to hack it.  If VMS, Linux, Unix, z/OS,  G etc. were good enough there would be such ways to bypass security.  We  G could compare OSes to encryption in stead.  In the world of encryption  I it is the experience that algorithms should be public, because the holes  , are only found when many people are looking.  B Secondly, the military world is not like the civil world.  If Kim F Jong-Il, China or Iran have people trying to hack OSes, then they are H not going to send in error reports.  Rather, they will try to use their G knowledge at a time where they can do maximum damage to their enemies.  I Thus militaries have to build their protection under the assumption that    the OSes they use can be hacked.   ------------------------------   Date: 1 Aug 2006 14:19:13 -0700 - From: "Doug Phillips" <dphill46@netscape.net> ' Subject: Re: Linux on military aircraft C Message-ID: <1154467153.790709.161630@p79g2000cwp.googlegroups.com>    Main, Kerry wrote: > > -----Original Message-----6 > > From: Karsten Nyblad [mailto:nospam@nospam.nospam]  > > Sent: August 1, 2006 1:56 PM > > To: Info-VAX@Mvb.Saic.Com + > > Subject: Re: Linux on military aircraft  > >  > > Main, Kerry wrote: > > >>@ > > >> I think there would be a lot more OpenVMS security issues > > if it was in> > > >> wider distribution with a platform that was more easily > > >> accessible to the > > >> hacker community. > > >> > > > J > > > Ohhh yeah, hear we go .. If only .. That old wives statement is likeH > > > saying the big banks have poor security because most people do notJ > > > understand the security they use, so there must be problems with it.A > > > Now, if the banks only would publish each of their security  > > plans on the: > > > Internet, now then - they would have real security ! > > > I > > > ROTFL ..Lets re-phrase what you just stated and see how it sounds:: @ > > > "I think there would be a lot more Bank (OpenVMS) security > > issues if itD > > > was in wider distribution with a platform that was more easily8 > > > accessible to the bank robber (hacker) community." > > >  > > > Does this sound right? > > > < > > > Lets face it, most people believe banks have very high > > security (albeitI > > > not 100%), and trust that those running the bank take security very 8 > > > seriously. They trust those running the bank to be > > aggressive in keeping  > > > their security very high.  > > @ > > First of all.  Comparing security in the physical world with > > security on > > > computer systems is not without problems.  In the physical > > world there @ > > will always be a way around all the security surrounding the > > strongroom.  > 9 > Which is why my comments included "(albeit, not 100%)".  > @ > >   However, OSes are mathematical objects, and you can reason > > about what> > > would happen if somebody tries to hack it.  If VMS, Linux, > > Unix, z/OS, < > > etc. were good enough there would be such ways to bypass > > security.  We ? > > could compare OSes to encryption in stead.  In the world of  > > encryption: > > it is the experience that algorithms should be public, > > because the holes 0 > > are only found when many people are looking. > >  > H > In some areas - yes, In others - no. It depends. If it were always theJ > case, then banks would publish their plans on the Internet with the viewE > that when people found potential holes, they would notify the bank.  > I > Course, the other view is that the bad guys would also review the plans J > and *not* tell the bank - rather they would tell other bad people and/or% > simply act on the holes they found.  > E > > Secondly, the military world is not like the civil world.  If Kim I > > Jong-Il, China or Iran have people trying to hack OSes, then they are ' > > not going to send in error reports.  > F > Exactly my point above. Should the various vendors provide complete,H > detailed plans for the bad folks of the universe to review and dissectH > with sophisticated tools using the full soft copy of sources they haveC > access to knowing full well that these types have no intention of ! > reporting any issues they find?  >  > > Rather, they will try to
 > > use their A > > knowledge at a time where they can do maximum damage to their  > > enemies.< > > Thus militaries have to build their protection under the > > assumption that $ > > the OSes they use can be hacked. > >  >   = These ASW tactical & navigation systems use *imbedded* and/or C *restricted* Linux. Little or none of the OS is exposed to anything E other than the very special purpose application(s) it is running. Why G would anyone think that military software is as exposed and volatile as B commercial stuff? Once the "device" is doing it's job and the OS &F application are working as expected, there's no need to screw with the< OS. It's the application and/or device that does the work...  D If you want to worry about such things, consider that the B-2 bomber7 crew receives target coordinates via Microsoft Outlook.    ------------------------------  $ Date: Tue, 1 Aug 2006 22:51:22 -0400' From: "Main, Kerry" <Kerry.Main@hp.com> ' Subject: RE: Linux on military aircraft T Message-ID: <FA60F2C4B72A584DBFC6091F6A2B86840182B8FB@tayexc19.americas.cpqcorp.net>   > -----Original Message-----7 > From: Doug Phillips [mailto:dphill46@netscape.net]=20  > Sent: August 1, 2006 5:19 PM > To: Info-VAX@Mvb.Saic.Com ) > Subject: Re: Linux on military aircraft  >=20 > Main, Kerry wrote:  > > > -----Original Message-----8 > > > From: Karsten Nyblad [mailto:nospam@nospam.nospam]" > > > Sent: August 1, 2006 1:56 PM > > > To: Info-VAX@Mvb.Saic.Com - > > > Subject: Re: Linux on military aircraft  > > >  > > > Main, Kerry wrote: > > > >>B > > > >> I think there would be a lot more OpenVMS security issues > > > if it was in@ > > > >> wider distribution with a platform that was more easily > > > >> accessible to the > > > >> hacker community. > > > >> > > > > = > > > > Ohhh yeah, hear we go .. If only .. That old wives=20  > statement is like ? > > > > saying the big banks have poor security because most=20  > people do not = > > > > understand the security they use, so there must be=20  > problems with it. C > > > > Now, if the banks only would publish each of their security  > > > plans on the< > > > > Internet, now then - they would have real security ! > > > > B > > > > ROTFL ..Lets re-phrase what you just stated and see how=20
 > it sounds:: B > > > > "I think there would be a lot more Bank (OpenVMS) security > > > issues if itF > > > > was in wider distribution with a platform that was more easily: > > > > accessible to the bank robber (hacker) community." > > > >  > > > > Does this sound right? > > > > > > > > > Lets face it, most people believe banks have very high > > > security (albeit@ > > > > not 100%), and trust that those running the bank take=20 > security very : > > > > seriously. They trust those running the bank to be > > > aggressive in keeping ! > > > > their security very high.  > > > B > > > First of all.  Comparing security in the physical world with > > > security on @ > > > computer systems is not without problems.  In the physical > > > world there B > > > will always be a way around all the security surrounding the > > > strongroom.  > > ; > > Which is why my comments included "(albeit, not 100%)".  > > B > > >   However, OSes are mathematical objects, and you can reason > > > about what@ > > > would happen if somebody tries to hack it.  If VMS, Linux, > > > Unix, z/OS, > > > > etc. were good enough there would be such ways to bypass > > > security.  We A > > > could compare OSes to encryption in stead.  In the world of  > > > encryption< > > > it is the experience that algorithms should be public, > > > because the holes 2 > > > are only found when many people are looking. > > >  > > B > > In some areas - yes, In others - no. It depends. If it were=20 > always theA > > case, then banks would publish their plans on the Internet=20  > with the view G > > that when people found potential holes, they would notify the bank.  > > = > > Course, the other view is that the bad guys would also=20  > review the plansA > > and *not* tell the bank - rather they would tell other bad=20  > people and/or ' > > simply act on the holes they found.  > > G > > > Secondly, the military world is not like the civil world.  If Kim @ > > > Jong-Il, China or Iran have people trying to hack OSes,=20 > then they are ) > > > not going to send in error reports.  > > H > > Exactly my point above. Should the various vendors provide complete,A > > detailed plans for the bad folks of the universe to review=20 
 > and dissect ; > > with sophisticated tools using the full soft copy of=20  > sources they have E > > access to knowing full well that these types have no intention of # > > reporting any issues they find?  > >  > > > Rather, they will try to > > > use their C > > > knowledge at a time where they can do maximum damage to their  > > > enemies.> > > > Thus militaries have to build their protection under the > > > assumption that & > > > the OSes they use can be hacked. > > >  > >  >=20? > These ASW tactical & navigation systems use *imbedded* and/or E > *restricted* Linux. Little or none of the OS is exposed to anything G > other than the very special purpose application(s) it is running. Why @ > would anyone think that military software is as exposed and=20
 > volatile as D > commercial stuff? Once the "device" is doing it's job and the OS &H > application are working as expected, there's no need to screw with the> > OS. It's the application and/or device that does the work... >=20  E Well, you are likely right, but I seem to remember someone telling me D about these "embedded systems" being connected to the local base LANH when they were back in the base as they ran data downloads and test dataG to / from them. With these monthly OS kernel security issues, one would / think that they would be concerned about these.   F > If you want to worry about such things, consider that the B-2 bomber9 > crew receives target coordinates via Microsoft Outlook.  >=20  C Now that's scary ... Think of all the time activated trojans around 9 these days .. And I don't mean the ones in the wrapper ..    :-)   
 Kerry Main Senior Consultant  HP Services Canada Voice: 613-592-4660  Fax: 613-591-4477  kerryDOTmainAThpDOTcom (remove the DOT's and AT)=20  4 OpenVMS - the secure, multi-site OS that just works. =20    ------------------------------  % Date: Wed, 02 Aug 2006 05:41:07 +0200 + From: Karsten Nyblad <nospam@nospam.nospam> ' Subject: Re: Linux on military aircraft = Message-ID: <44d01ebe$0$67259$157c6196@dreader2.cybercity.dk>    Doug Phillips wrote: > Main, Kerry wrote: >>> -----Original Message-----6 >>> From: Karsten Nyblad [mailto:nospam@nospam.nospam]  >>> Sent: August 1, 2006 1:56 PM >>> To: Info-VAX@Mvb.Saic.Com + >>> Subject: Re: Linux on military aircraft  >>>  >>> Main, Kerry wrote:? >>>>> I think there would be a lot more OpenVMS security issues  >>> if it was in= >>>>> wider distribution with a platform that was more easily  >>>>> accessible to the  >>>>> hacker community.  >>>>> I >>>> Ohhh yeah, hear we go .. If only .. That old wives statement is like G >>>> saying the big banks have poor security because most people do not I >>>> understand the security they use, so there must be problems with it. @ >>>> Now, if the banks only would publish each of their security >>> plans on the9 >>>> Internet, now then - they would have real security !  >>>>H >>>> ROTFL ..Lets re-phrase what you just stated and see how it sounds::? >>>> "I think there would be a lot more Bank (OpenVMS) security  >>> issues if itC >>>> was in wider distribution with a platform that was more easily 7 >>>> accessible to the bank robber (hacker) community."  >>>> >>>> Does this sound right?  >>>>; >>>> Lets face it, most people believe banks have very high  >>> security (albeitH >>>> not 100%), and trust that those running the bank take security very7 >>>> seriously. They trust those running the bank to be  >>> aggressive in keeping  >>>> their security very high.@ >>> First of all.  Comparing security in the physical world with >>> security on > >>> computer systems is not without problems.  In the physical >>> world there @ >>> will always be a way around all the security surrounding the >>> strongroom. : >> Which is why my comments included "(albeit, not 100%)". >>@ >>>   However, OSes are mathematical objects, and you can reason >>> about what> >>> would happen if somebody tries to hack it.  If VMS, Linux, >>> Unix, z/OS, < >>> etc. were good enough there would be such ways to bypass >>> security.  We ? >>> could compare OSes to encryption in stead.  In the world of  >>> encryption: >>> it is the experience that algorithms should be public, >>> because the holes 0 >>> are only found when many people are looking. >>> I >> In some areas - yes, In others - no. It depends. If it were always the K >> case, then banks would publish their plans on the Internet with the view F >> that when people found potential holes, they would notify the bank. >>J >> Course, the other view is that the bad guys would also review the plansK >> and *not* tell the bank - rather they would tell other bad people and/or & >> simply act on the holes they found. >>E >>> Secondly, the military world is not like the civil world.  If Kim I >>> Jong-Il, China or Iran have people trying to hack OSes, then they are ' >>> not going to send in error reports. G >> Exactly my point above. Should the various vendors provide complete, I >> detailed plans for the bad folks of the universe to review and dissect I >> with sophisticated tools using the full soft copy of sources they have D >> access to knowing full well that these types have no intention of" >> reporting any issues they find? >> >>> Rather, they will try to
 >>> use their A >>> knowledge at a time where they can do maximum damage to their  >>> enemies.< >>> Thus militaries have to build their protection under the >>> assumption that $ >>> the OSes they use can be hacked. >>>  > ? > These ASW tactical & navigation systems use *imbedded* and/or E > *restricted* Linux. Little or none of the OS is exposed to anything G > other than the very special purpose application(s) it is running. Why I > would anyone think that military software is as exposed and volatile as D > commercial stuff? Once the "device" is doing it's job and the OS &H > application are working as expected, there's no need to screw with the> > OS. It's the application and/or device that does the work... > F > If you want to worry about such things, consider that the B-2 bomber9 > crew receives target coordinates via Microsoft Outlook.  > G Which also means that the US military does not base its IT security on  E the applications being secure.  And that my whole point.  Militaries  H will not let their security base on OSes and applications being secure, I and they are not going to base their security on VMS being secure.  They  G will rather have their own physically separated network for waging war.   D Kerry Main's belief that VMS is more secure simply because Digital, I Compaq and HP has not issued that many security patches is nothing but a  I belief and may be wrong.  First of all, you can buy the sources for VMS,  G   and hackers may also read the machine code of, e.g., TCP/IP packages  I and other parts, were you can not buy the sources.  Hackers have already  @ demonstrated that they are willing to read machine code to hack C computers and that they are quite good at it.  They are capable of  F finding out what M$ is patching in their security patches.  They have F been capable of issuing viruses in just one week.  Thus it is a claim C that cannot be proved that VMS is more secure because it is partly   closed source.    G The bad guys will start attacking VMS the moment they consider it more  F profitable to attack VMS than M$ and Linux and be sure they will find E critical security errors.  Also, on Linux and Windows there are many  G good guys that hunt security bugs.  In the short term these guys are a  H pain because they discover bugs that must be fixed and the patches must E installed by the users.  In the long term it might lead to these two  H platforms becoming more secure than platform without white hat security  bug hunters.   ------------------------------  % Date: Tue, 01 Aug 2006 21:22:32 +0200 + From: Karsten Nyblad <nospam@nospam.nospam> 2 Subject: Re: New itaniums out at 2.5x perform gain= Message-ID: <44cfa9e4$0$67263$157c6196@dreader2.cybercity.dk>    Bill Gunshannon wrote:F > Again, I have to defer to the HP people who are in a better positionD > to know and they have repeatedly stated here that the resources noF > longer exist at HP to revive the Alpha line.  And, we have been toldD > that there was also some agreement regarding Alpha in the HP-IntelF > deal.  It is equally possible that the agreement was that they couldE > no longer continue development of the Alpha.  If that turned out to F > be so, what incentive would Intel have to release HP from it?  No, IC > think as the HP denizens here have stated, Alpha is a dead issue.   C HP might have promised to kill the Alpha, but that is not the only  F problem.  A second problem is who owns the patents for building Alpha F and PA-RISC?  HP might very well have sold all patents resulting from G the work on Alpha and PA-RISC to Intel, and they will have a hard time  1 reviving the architectures without these patents.    ------------------------------   Date: 1 Aug 2006 13:38:15 -0700  From: bob@instantwhip.com 2 Subject: Re: New itaniums out at 2.5x perform gainC Message-ID: <1154464695.862474.253490@p79g2000cwp.googlegroups.com>    Neil Rieck wrote:   8 > Does HP have a contingency plan in case Itanium fails?  ; there is no plan for itanium because it was made to fulfill 
 HP/Compaq/DEC  contract agreements ...   G now, the plan may be to try to make it look like they are really trying B when they really are trying discourage customers and hope they can@ retain them by porting to some other junk os (windoze/linux) ...  A but I was told by vms top brass that itanium can not and will not @ be trashed, not at least until all contract agreements have been fufilled ...   ------------------------------  # Date: Tue, 01 Aug 2006 21:04:02 GMT & From: John Reagan <john.reagan@hp.com>2 Subject: Re: New itaniums out at 2.5x perform gain2 Message-ID: <6lPzg.1404$Dx7.1402@news.cpqcorp.net>   Karsten Nyblad wrote:   E > HP might have promised to kill the Alpha, but that is not the only  H > problem.  A second problem is who owns the patents for building Alpha H > and PA-RISC?  HP might very well have sold all patents resulting from I > the work on Alpha and PA-RISC to Intel, and they will have a hard time  3 > reviving the architectures without these patents.   B I'm pretty sure the press release said that Compaq *LICENSED* the  patents to Intel, not sold.    --   John Reagan 5 HP Pascal/{A|I}MACRO/COBOL for OpenVMS Project Leader  Hewlett-Packard Company    ------------------------------   Date: 1 Aug 2006 13:48:42 -0700 % From: "Pierre" <pierre.bru@gmail.com> 8 Subject: Re: querying Web Services from the command lineC Message-ID: <1154465322.278460.161870@i42g2000cwa.googlegroups.com>    JF Mezei wrote:  > Pierre wrote:  > >  > > hi,  > > E > > I would like to send queries to a home made web service from DCL. I > > do you know any command line tool (C, Java, other) that I could use ?  >  > F > FETCH_HTTP is a simple HTTP request that lets you either display the/ > HTTP response on screen or save it to a file.  > C > there is the Curl utility that is more elaborate and flexible and A > provides for HTTP, HTTPS and I think FTP and perhaps even more.  > D > If you use google on this newsgroup for CURL, you will see regular@ > announcements of new versions and where to download them from. > H > FETHC_HTTP comes with the OSU web server and I think other places too.  B doesn't WebServices need special HTTP header as does SOAP ? if so,' would cURL or FETCH_HTTP provide them ?    Pierre.    ------------------------------  % Date: Tue, 01 Aug 2006 21:10:15 -0500 6 From: "David J. Dachtera" <djesys.no@spam.comcast.net>8 Subject: Re: querying Web Services from the command line0 Message-ID: <44D00987.2A7F1E12@spam.comcast.net>  
 Pierre wrote:  >  > hi,  > C > I would like to send queries to a home made web service from DCL. G > do you know any command line tool (C, Java, other) that I could use ?  >  > TIA,	 > Pierre.    Google this group for WGET.    --   David J Dachtera dba DJE Systems  http://www.djesys.com/  & Unofficial OpenVMS Marketing Home Page! http://www.djesys.com/vms/market/   ( Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/   " Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/   ) Unofficial OpenVMS Hobbyist Support Page: " http://www.djesys.com/vms/support/   ------------------------------  % Date: Tue, 01 Aug 2006 22:37:22 -0400 6 From: =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk>8 Subject: Re: querying Web Services from the command line. Message-ID: <rdUzg.72686$fG3.22842@dukeread09>  
 Pierre wrote:  > JF Mezei wrote:  >> Pierre wrote:E >>> I would like to send queries to a home made web service from DCL. I >>> do you know any command line tool (C, Java, other) that I could use ?  >>G >> FETCH_HTTP is a simple HTTP request that lets you either display the 0 >> HTTP response on screen or save it to a file. >>D >> there is the Curl utility that is more elaborate and flexible andB >> provides for HTTP, HTTPS and I think FTP and perhaps even more.  D > doesn't WebServices need special HTTP header as does SOAP ? if so,) > would cURL or FETCH_HTTP provide them ?   3 Web service with HTTP binding is a simple HTTP POST 3 request which I think the mentioned utilities would 
 support fine.   1 Web service with SOAP binding is also a HTTP POST - but with at least one special HTTP header and , a body of SOAP XML, which I do not think the" mentioned utilities would support.  4 If you have a WSDL for the web service, then I would4 recommend generating a stub from that. In which case. you get a callable piece of code which handles all the HTTP and XML stuff.   ) It is easy in Java with the Axis toolkit.   1 .NET is not available for VMS, but I would expect 2 other languages to have similar capabilities. Even1 though I have never heard about one for C. But if 5 you have PHP, Perl or Python on your system, then see  what they have.    Arne   ------------------------------  % Date: Tue, 01 Aug 2006 22:57:44 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> 8 Subject: Re: querying Web Services from the command line, Message-ID: <44D014A4.8CFB21AA@teksavvy.com>  D If you need special contents and special HTTP headers, then consider Kermit.   A It has powerful scripting language that can read/write VMS files, E process variables and send stuff out and interpret and/or store stuff  that comes in.  D You can then build the proper HTTP header with any proprietary lines that are needed.   ------------------------------  % Date: Tue, 01 Aug 2006 21:06:38 -0500 6 From: "David J. Dachtera" <djesys.no@spam.comcast.net>J Subject: Re: Under VMS, on an HSG80, can Raid Partition Size be Increased?/ Message-ID: <44D008AE.403A838@spam.comcast.net>    syslost wrote: > [snip]I > David I would be very interested in Dynamic Volume Expansion (DVE), any  > link would be appreciated.  8 Until I find a reference in the on-line VMS doc.'s, see:   $ HELP INIT 	     /SIZE 
     /LIMIT   $ HELP SET VOLUME 	     /SIZE 
     /LIMIT  E Note that the HELP will refer you to the Volume Shadowing for OpenVMS  manual.    --   David J Dachtera dba DJE Systems  http://www.djesys.com/  & Unofficial OpenVMS Marketing Home Page! http://www.djesys.com/vms/market/   ( Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/   " Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/   ) Unofficial OpenVMS Hobbyist Support Page: " http://www.djesys.com/vms/support/   ------------------------------  % Date: Tue, 01 Aug 2006 21:53:23 -0400 6 From: =?ISO-8859-1?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk>P Subject: Re: Use of script languages (Was: Tomcat user authentication question.)- Message-ID: <cATzg.72680$fG3.9416@dukeread09>    Neil Rieck wrote: > > Current experiments with Tomcat-Java are proving to be more C > complicated and power hungry. (we have not yet given up on these   > experiments)  < J2EE app: minimum 1 GHz + 1 GB RAM, decent 2 GHz + 2 GB RAM.  6 The decent size cost less than 1000 USD as a cheap PC.  % Crazy world. But that is the reality.   , And your Tomcat experiments are probably not) even that demanding, because you probably  develop reasonable ligth code.  ( If you want to see ressource eating then& try and get a heavy app like Liferay !   Arne   ------------------------------  % Date: Tue, 01 Aug 2006 22:19:46 -0400 7 From: =?ISO-8859-15?Q?Arne_Vajh=F8j?= <arne@vajhoej.dk> P Subject: Re: Use of script languages (Was: Tomcat user authentication question.). Message-ID: <XYTzg.72683$fG3.71842@dukeread09>   rejoc wrote: > Arne Vajhj a crit : 5 >> I think that there are plenty of room for both the 9 >> compiled "big elephants" like J2EE and ASP.NET and for 7 >> smaller solutions including PHP and script languages 6 >> like Python and Ruby (especially Python and Ruby in >> web context).  K > both Java and Python applications run on top of a virtual machine... Why  ? > do you considere that one is more "compiled" than the other ?    Because that is how it is.  6 This is how the implementations currently are and this7 is how due to the difference in nature of the languages  it will probably always be.   C  >                                                           Ok, in H > Python, the "compilation" is done automaticaly when it discovers that J > there is a source (.py) newer than the .pyc file... but is it enough to H > considere that the Java virtual machine does not "interpret" the Java 
 > byte-code ?    No. But JIT is.   I >               You can even "compile" a Python code into Java byte-code   > (Jython).   ? And ? The interpreted nature of Python does not vanish by magic $ just because is uses Java byte code.  K > The issue between Java and Python or any other scripting language is not  B > about compiled or not. You could speak about ecosystem, ease of  > programming, performance...   @ Several of theese are determined by the compiled and interpreted nature of the languages.   Arne   ------------------------------  % Date: Tue, 01 Aug 2006 22:24:24 +0100 # From: issinoho <issinoho@gmail.com>  Subject: VAMP open for business 4 Message-ID: <eaogmo$c47$1$8302bc10@news.demon.co.uk>  B Just to let everyone know that the VAMP board is now online again.  F I did my annual spring-clean of replacing hobbyist licences, applying G patches and updating product versions, so hopefully everything is good   to go for a while now.  % Usual place, http://vamp.issinoho.com    Thanks.    ------------------------------   End of INFO-VAX 2006.426 ************************