1 INFO-VAX	Fri, 30 Jun 2006	Volume 2006 : Issue 360       Contents:8 Re: Alphaserver 2100 needs a good home - South Cambs, UK> RE: Education Ministry rethinks payroll plans (Oracle and VMS)> RE: Education Ministry rethinks payroll plans (Oracle and VMS)> Re: Education Ministry rethinks payroll plans (Oracle and VMS)> Re: Education Ministry rethinks payroll plans (Oracle and VMS)) Error enabling snapshots on DBMS database  Re: Floating point questions Re: Floating point questions Re: Floating point questions Re: Floating point questions' Gates says vista "most secure os ever"? + Re: Gates says vista "most secure os ever"? + Re: Gates says vista "most secure os ever"? ) Re: New OpenVMS Virtualization Whitepaper ) Re: New OpenVMS Virtualization Whitepaper ) Re: New OpenVMS Virtualization Whitepaper # Process termination status question ' Re: Process termination status question % RE: Security Setup and Product Advice  Re: SFTP Output redirection # Re: VAX Open VMS Production Support # Re: VAX Open VMS Production Support G Re: zipping large files (was Re: Info-ZIP's Zip V2.32 is now available)   F ----------------------------------------------------------------------  % Date: Thu, 29 Jun 2006 23:08:59 +0200 ) From: "gl@decadence.it" <gl@decadence.it> A Subject: Re: Alphaserver 2100 needs a good home - South Cambs, UK 9 Message-ID: <pan.2006.06.29.21.08.59.203505@decadence.it>   9 On Wed, 14 Jun 2006 05:47:50 +0000, Phillip Helbig wrote: J > I also have such a beast looking for a good home.  It's in Germany, but I > I will be travelling quite a bit in Europe this summer and could bring  A > it to most places.  I also have a 2000 looking for a good home.    Hello :)  H I have to give public thanks to Phillip who bought to me a perfect shape AlphaServer 2100 in Italy.F Now the server is sleeping in my lab, waiting to be put at work again. That day will be very soon!    Thanks Phillip! :) See you again! gl   ------------------------------  % Date: Thu, 29 Jun 2006 16:52:01 -0400 ' From: "Main, Kerry" <Kerry.Main@hp.com> G Subject: RE: Education Ministry rethinks payroll plans (Oracle and VMS) T Message-ID: <FA60F2C4B72A584DBFC6091F6A2B868401664D9D@tayexc19.americas.cpqcorp.net>   > -----Original Message-----= > From: dooleys@snowy.net.au [mailto:dooleys@snowy.net.au]=20  > Sent: June 29, 2006 7:25 AM  > To: Info-VAX@Mvb.Saic.Com ; > Subject: Re: Education Ministry rethinks payroll plans=20  > (Oracle and VMS) >=20B > > The bigger question might be "Can the Customers and Vendors=20 > afford the= > > resources and effort associated with the QA testing of=20  > their application 9 > > with the 10-20 monthly *security* (not bug) OS and=20  > supporting utilities4 > > patches associated with Linux and Windows OS's?" > > C > > [RH Security site lists approx 7-20 security patches per month] D > The answer is that software suppliers can always do QA and testingF > (often of variable quality) if they have a significant market share.F > I have little experience of applications on linux, but most software > suppliers E > will run regression tests for major versions of windows and service  > packs.< > As regards security patches, the software suppliers get=20 > windows updates G > at the same time as their customers, so the customer just has to hope  > thatB > nothing breaks, and if it does, uninstall the most recent patch!G > In practice, there is significantly more benefit than pain in keeping  > up to dateH > with security patches, my experience is that most application software > will > just continue to work.  D If there are only a few security patches per year, this might be theH case. However, when the OS platform you choose has 5-20 security patchesA *per month*, that is not the case as can be seen by the following 	 examples:   F Personal case in point - approx 6 weeks ago, after applying one of theC latest Windows patches, all the data in my laptop encrypted folders A became unavailable. It looks like the patch corrupted a local key @ somehow. Even after MS acknowledging it was an issue, no fix wasF provided and I had to restore the data from my backups (luckily I only> lost a week or two of info that I was able to get by without).  H > (I have also seen this occur in vms environments, application softwareB > would be regression tested for vms version upgrades, or compilerB > upgrades, but a mandatory patch could be applied to a production< > system - as long as a system disk backup was taken first!)  E What would your company management say if you went to them and stated H this application regression testing for OS security patches was going toA be a monthly effort because the platform chosen has 5-20 security F patches per month? The new application upgrade functionality etc wouldF have to take a lower priority and hence will delay even further future application roll-outs?  G My point is that for some reason the impact on resources and scheduling H associated with regression testing required for monthly security patches> seems to get lost on many who do not have extensive operationsF backgrounds. Also, the huge business impact of Cust data being exposed8 seems to get little attention when OS religion kicks in.  D > > In addition, can the Cust afford to deal with HR security issuesB > > associated with hackers getting access to Cust and employee=20 > personnel 	 > > data?  > > G > > For some vendors and Cust's implementing IT systems, this is a huge B > > consideration - especially since the focus going forward is=20 > web based & > > services for end users or clients.E > Yes this is a major risk with an organisation's HR/Payroll, but the E > methods of securing these systems is much the same, irrespective of  > the operating system in use.  C No, the difference is that the scale and number of monthly security F patches is a significant risk to the organization as it becomes almostB impossible to stay current with so much monthly regression testing	 required.   @ > > As an example, how much longer would you deal with a bank=20
 > or firm who ? > > just sent you a letter stating that under the State law,=20  > they needed toH > > inform you that all the personal financial, home address and contact7 > > information they had on you is now on the Internet? + > Personally it would not bother me at all!   ? Ask those who have had to deal with identity theft, credit card F violations, or sensitive health information being exposed if they feel
 the same way.   B > > While no platform is 100% secure, imho, it stands to reason=20 > that putting; > > your HR system on a platform that has 10-20 security=20  > patches *per month* B > > (e.g. Linux - Windows is similar) is obviously placing your=20 > firm at a < > > higher risk than a platform that has much, much fewer=20 > security issues.7 > and that is why vms runs x% of HR systems  worldwide.  > and what is x? 2? 3?2 > vms may be an excellent choice for some systems,$ > but HR/payroll is not one of them. > Phil >=20  D I guess it is a matter of opinion as imho, due to the sensitive dataE they hold, HR systems have high security and depending on the time of H the month, high availability requirements. If a Cust can get over the OSG religion, putting these types of applications on OS platforms that have D 5-20 *security* patches per month does not seem logical or have much business sense to me.   
 Regards=20  
 Kerry Main Senior Consultant  HP Services Canada Voice: 613-592-4660  Fax: 613-591-4477  kerryDOTmainAThpDOTcom (remove the DOT's and AT)=20  4 OpenVMS - the secure, multi-site OS that just works.   ------------------------------  % Date: Thu, 29 Jun 2006 17:33:53 -0400 ' From: "Main, Kerry" <Kerry.Main@hp.com> G Subject: RE: Education Ministry rethinks payroll plans (Oracle and VMS) T Message-ID: <FA60F2C4B72A584DBFC6091F6A2B868401664DD4@tayexc19.americas.cpqcorp.net>   > -----Original Message----- > From: Main, Kerry=20 > Sent: June 29, 2006 4:52 PM  > To: Info-VAX@Mvb.Saic.Com ; > Subject: RE: Education Ministry rethinks payroll plans=20  > (Oracle and VMS) >=20 >=20 > > -----Original Message-----? > > From: dooleys@snowy.net.au [mailto:dooleys@snowy.net.au]=20  > > Sent: June 29, 2006 7:25 AM  > > To: Info-VAX@Mvb.Saic.Com = > > Subject: Re: Education Ministry rethinks payroll plans=20  > > (Oracle and VMS) > >=20D > > > The bigger question might be "Can the Customers and Vendors=20 > > afford the? > > > resources and effort associated with the QA testing of=20  > > their application ; > > > with the 10-20 monthly *security* (not bug) OS and=20  > > supporting utilities6 > > > patches associated with Linux and Windows OS's?" > > > E > > > [RH Security site lists approx 7-20 security patches per month] F > > The answer is that software suppliers can always do QA and testingH > > (often of variable quality) if they have a significant market share.H > > I have little experience of applications on linux, but most software
 > > suppliers G > > will run regression tests for major versions of windows and service 
 > > packs.> > > As regards security patches, the software suppliers get=20 > > windows updates @ > > at the same time as their customers, so the customer just=20
 > has to hope  > > thatD > > nothing breaks, and if it does, uninstall the most recent patch!A > > In practice, there is significantly more benefit than pain=20  > in keeping > > up to date8 > > with security patches, my experience is that most=20 > application software > > will > > just continue to work. >=20F > If there are only a few security patches per year, this might be the< > case. However, when the OS platform you choose has 5-20=20 > security patchesC > *per month*, that is not the case as can be seen by the following  > examples:  >=20  	 [snip...]   E Oops .. Meant to include these pointers to cases where the monthly OS $ security patches have caused issues:  3 http://www.eweek.com/article2/0,1895,1879102,00.asp G "October 28, 2005 - Updated: Security researchers highlight more errors D in Microsoft's patch creation process and warn that the mistakes are proving costly for users."  H http://www.computerworld.com/securitytopics/security/story/0,10801,11075	 5,00.html G "April 21, 2006 (IDG News Service) -- Microsoft Corp. plans to re-issue E a security patch for its Windows operating system that caused serious  headaches for some users.=20  B The MS06-015 security update was released last week, but MicrosoftH customers soon reported that it was causing applications to crash thanksD to a conflict between the patch and NVidia Corp.'s video drivers and; Hewlett-Packard Co.'s Share-to-Web photo-sharing software."   3 http://www.eweek.com/article2/0,1895,1871560,00.asp A "October 14, 2005 - Microsoft Corp.'s patch for a worm-vulnerable F security flaw in the Windows 2000 operating system is causing problems for some users."   Another article of interest:H http://news.com.com/Windows+patch+backfires+on+the+security-minded/2100- 1002_3-5897997.html   F Point is that for these types of reasons, especially when dealing withF mission critical and/or even remotely important applications, you needE to test these applications before releasing OS patches to production.   ? And just in case anyone thinks I am picking only on Red Hat and D Microsoft, here is a pointer to the Novell SUSE Linux security site:4 http://www.novell.com/linux/security/advisories.html     Regards   
 Kerry Main Senior Consultant  HP Services Canada Voice: 613-592-4660  Fax: 613-591-4477  kerryDOTmainAThpDOTcom (remove the DOT's and AT)=20  4 OpenVMS - the secure, multi-site OS that just works.   ------------------------------  % Date: Fri, 30 Jun 2006 04:03:49 +0200 + From: Karsten Nyblad <nospam@nospam.nospam> G Subject: Re: Education Ministry rethinks payroll plans (Oracle and VMS) = Message-ID: <44a48679$0$67260$157c6196@dreader2.cybercity.dk>    Main, Kerry wrote:F > I guess it is a matter of opinion as imho, due to the sensitive dataG > they hold, HR systems have high security and depending on the time of J > the month, high availability requirements. If a Cust can get over the OSI > religion, putting these types of applications on OS platforms that have F > 5-20 *security* patches per month does not seem logical or have much > business sense to me.   E Who would be stupid enough to put the payroll system directly on the  A Internet?  Yes, you might have information needed for the system  I available and perhaps even modifiable from the Internet, but the payroll  H system should not be accessible from the Internet, and larger companies F should have a firewall between it and normal employees and their PCs. H Smaller companies might be better of out sourcing payroll.  At least in + Denmark that is usually cheaper and better.    ------------------------------    Date: 29 Jun 2006 23:01:11 -0500- From: Kilgallen@SpamCop.net (Larry Kilgallen) G Subject: Re: Education Ministry rethinks payroll plans (Oracle and VMS) 3 Message-ID: <OUBCaGXnNNve@eisner.encompasserve.org>   k In article <44a48679$0$67260$157c6196@dreader2.cybercity.dk>, Karsten Nyblad <nospam@nospam.nospam> writes:  > Main, Kerry wrote:G >> I guess it is a matter of opinion as imho, due to the sensitive data H >> they hold, HR systems have high security and depending on the time ofK >> the month, high availability requirements. If a Cust can get over the OS J >> religion, putting these types of applications on OS platforms that haveG >> 5-20 *security* patches per month does not seem logical or have much  >> business sense to me. > G > Who would be stupid enough to put the payroll system directly on the   > Internet?   F The same ones who do payroll calculations using floating point to take( advantage of the built-in decimal point.   ------------------------------    Date: 29 Jun 2006 13:34:06 -0700( From: "Rich Jordan" <jordan@ccs4vms.com>2 Subject: Error enabling snapshots on DBMS databaseC Message-ID: <1151613246.795154.305680@i40g2000cwc.googlegroups.com>   F We've got a production system moving from a small, disk limited box toA a bigger spacious one and want to enable snapshots on the (Oracle D Codasyl) DBMS databases.  Based on the docs we're using a DBO/BACKUPG (single thread), DBO/DELETE, and DBO/RESTORE/SNAPS=(ALLOW,ENABLE) to do E the deed.  It has worked fine on all but one database (which is using 3 the same schema as two others that converted fine).    This one database gives us:   - %DBO-F-CANTADDSNAP, error adding snapshots to 6                      $1$DKB2:[PROD.WAREDB2]MVMAREA.DBS  F We can restore the database just fine as long as we don't try to allow
 snapshots.   DBMS is version V7.1-23 (Alpha)   D Comparing a DBO/DUMP of the database (made prior to any work) to the@ other databases using the same schema shows no difference in the) MVMAREA other than its size and location.     Anyone still using this product?  H I haven't found the error in my docs yet either but still working on it.   ------------------------------  % Date: Thu, 29 Jun 2006 16:32:40 -0400 ' From: Dave Froble <davef@tsoft-inc.com> % Subject: Re: Floating point questions 9 Message-ID: <NYCdnbzREbs-qjnZnZ2dnUVZ_vOdnZ2d@libcom.com>    Doug Phillips wrote: > Bill Gunshannon wrote:< >> In article <ZrydnXatrricSD7ZnZ2dnUVZ_q-dnZ2d@libcom.com>,- >> 	Dave Froble <davef@tsoft-inc.com> writes:  >>> Bill Gunshannon wrote:> >>>> In article <pbmdnWPxweiwrD7ZnZ2dnUVZ_rSdnZ2d@libcom.com>,/ >>>> 	Dave Froble <davef@tsoft-inc.com> writes:  >>>>> JF Mezei wrote: & >>>>>> briggs@encompasserve.org wrote:N >>>>>>> Doesn't help if you have to convert from float binary to float decimal" >>>>>>> to perform the comparison. >>>>>>> ? >>>>>>> We haven't been told what format the source data is in. J >>>>>> Source data is a GPS that provides litten endian IEEE 32 bit value. >>>>>>O >>>>>> Someone mentioned that 1.0e25 could not be precisely represented in such K >>>>>> a 32 bit entity ? Is that really the case ?  Isn't it just a case of I >>>>>> representing 1.0 and then "25" in the field that defines where the  >>>>>> decimal is located ? G >>>>> In your particular case you're dealing in latitude and longitude, L >>>>> usually expressed in degrees, minutes, seconds, and fractions thereof. >>>>> M >>>>> It will not be hard to convert such to whatever measurement you wish to + >>>>> use, meters, feet, yards, miles, etc.  >>>> Not hard????  >>>>" >>>> What is the distance between:2 >>>>     70d0m0s E 70d0m0s N and 80d0m0s E 70d0m0s
 >>>> and now: 2 >>>>     70d0m0s E 10d0m0s N and 80d0m0s E 10d0m0s >>>>B >>>> Somehow I have to believe the math needed to compute distanceE >>>> based on latitude and longitude is complex enough to not qualify  >>>> as "not hard".  :-)F >>>> Of course, if there is a simple method I would love to see it.  ID >>>> assumed the this difficulty is why the military always used UTM >>>> rather than Lat/Lon.  >>>>	 >>>> bill  >>>>D >>> Assume a sphere.  Ok, I'm aware that the Planet is not really so> >>> uniform, but for most purposes the assumption is adequate. >>> L >>> There was a time when I'd have been able to do the math.  That was aboutK >>> 40 years ago, and I'm not going to dig out the books for this question.  >>> J >>> I've got a couple under $100 GPS units that will give me distance from( >>> one point to another.  It is doable.A >> I wasn't arguing that it wasn't doable.  Just that because the C >> distance between lines of longitude are not uniform varying with A >> latitude the math is more complex.  When someone tells me some D >> math problem is "not hard" I assume that means the average personE >> can do it nn their head.  Somehow I doubt that the linear distance C >> between two arbitrary points on the globe meets that definition.  >>H >>> Now if altitude is also a consideration, then the math is a bit moreJ >>> complex.  However, once the formulas are set up, it's just a matter of >>> plugging in the numbers.E >> But that's true about any math formula no matter how complex.  The C >> initial programming is the part that doesn't meet the "not hard"  >> criteria. >> > " > Look up "great circle distances" > 7 > Assume Earth is a perfect sphere of radius 6371.2 km: A > Convert longitude and latitude to radians (multiply by pi/180),  > then compute as follows: >  >  theta = lon2 - lon1B >  distance = acos(sin(lat1)  sin(lat2) + cos(lat1)  cos(lat2) 
 > cos(theta)) / >  if  (distance < 0)  distance = distance + pi  >  distance = distance  6371.2  > C > The "perfect sphere" assumption yields very close approximations. : > Variant tables would be used to obtain greater accuracy.  D Thanks.  I knew there were great circle formulas available.  Didn't I really have the desire to go find them.  And as I mentioned, it has been  F 40 years, and I haven't needed to use much of the math from then, and   over time the details fade away.  B > In math programming terms, I consider "not hard" to mean there'sH > existing code or an existing formula you can convert so you don't need > to invent one.  F Well, I'd consider it no harder than a college level math assignment, B and I really don't consider such 'hard'.  That doesn't mean there 4 wouldn't be a bit of research and thinking involved.  7 > I was tasked to write a great circle distance program G > once on a computer that had only 13 assembler instructions (no higher E > language) with only integer decimal math. Doing asin,sin,cos *were* 
 > challenges.  >   H Yeah, gotta agree with you on that one.  When you first have to develop % the tools, that qualifies for 'hard'.    --  4 David Froble                       Tel: 724-529-0450> Dave Froble Enterprises, Inc.      E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc.  170 Grimplin Road  Vanderbilt, PA  15486    ------------------------------  % Date: Thu, 29 Jun 2006 16:36:37 -0400 ' From: Dave Froble <davef@tsoft-inc.com> % Subject: Re: Floating point questions 9 Message-ID: <z72dnaY-1uoSpTnZnZ2dnUVZ_vOdnZ2d@libcom.com>    Tom Linden wrote: K > On Wed, 28 Jun 2006 21:17:36 -0700, Steven M. Schweda <sms@antinode.org>   > wrote: > B >>    So, does this count as the annual comp.os.vms floating-point! >> mystification thread for 2006?  > D > A good candidate.  Decimal and binary don't mix well.  If you needB > to use Decimal, then use a language that supports it as a native > data type.  I Well, you're the compiler guy, and I'm just the dumb polock from back in  $ the hills, but, isn't it all binary?  H I'm thinking it's probably interesting how you get stuff to work in any  base other than 2.   --  4 David Froble                       Tel: 724-529-0450> Dave Froble Enterprises, Inc.      E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc.  170 Grimplin Road  Vanderbilt, PA  15486    ------------------------------  % Date: Thu, 29 Jun 2006 20:55:20 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> % Subject: Re: Floating point questions , Message-ID: <44A47672.AE9576FE@teksavvy.com>   Bill Gunshannon wrote: > Not hard???? >  > What is the distance between: / >     70d0m0s E 70d0m0s N and 80d0m0s E 70d0m0s 
 > and now:/ >     70d0m0s E 10d0m0s N and 80d0m0s E 10d0m0s  > ? > Somehow I have to believe the math needed to compute distance B > based on latitude and longitude is complex enough to not qualify > as "not hard".  :-)      The bible on this is at:  ' http://williams.best.vwh.net/avform.htm    ------------------------------  % Date: Thu, 29 Jun 2006 23:27:49 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> % Subject: Re: Floating point questions , Message-ID: <44A49A27.A7505C59@teksavvy.com>   Dave Froble wrote:I > I'm thinking it's probably interesting how you get stuff to work in any  > base other than 2.  " Cobol does it with packed decimal.   ------------------------------    Date: 29 Jun 2006 14:38:22 -0700 From: bob@instantwhip.com 0 Subject: Gates says vista "most secure os ever"?C Message-ID: <1151617102.666313.131420@p79g2000cwp.googlegroups.com>   - http://www.osnews.com/story.php?news_id=14905    ------------------------------    Date: 29 Jun 2006 16:14:25 -0700' From: "toby" <toby@telegraphics.com.au> 4 Subject: Re: Gates says vista "most secure os ever"?B Message-ID: <1151622865.281626.16500@j72g2000cwa.googlegroups.com>   bob@instantwhip.com wrote:/ > http://www.osnews.com/story.php?news_id=14905     Who's this "Gates" fellow again?   ------------------------------  # Date: Fri, 30 Jun 2006 00:02:47 GMT   From: CJT <abujlehc@prodigy.net>4 Subject: Re: Gates says vista "most secure os ever"?* Message-ID: <44A46A27.2060705@prodigy.net>   bob@instantwhip.com wrote:/ > http://www.osnews.com/story.php?news_id=14905  > 7 ROTFL!  Maybe it's the most secure _Microsoft_ OS ever.    --  D The e-mail address in our reply-to line is reversed in an attempt toC minimize spam.  Our true address is of the form che...@prodigy.net.    ------------------------------  % Date: Thu, 29 Jun 2006 21:15:51 +0200 / From: Paul Sture <paul.sture.nospam@hispeed.ch> 2 Subject: Re: New OpenVMS Virtualization Whitepaper: Message-ID: <1b6aa$44a426e8$50db5015$8056@news.hispeed.ch>   Doug Phillips wrote: > Paul Sture wrote:  >>   > What "???" ?I >    -- the JavaScript message? The site uses JavaScript, so if you don't B > have JavaScript installed or you have it turned off you get that
 > message.I >    -- the Mozilla /Firefox reference? Since you're using Thunderbird on ) > your Mac, you likely know about Moz/FF.  >   D May I please bring this to your attention? It is far from the first 4 JavaScript vulnerability to hit FireFox/Thunderbird.  5 I routinely disable JS because of this kind of thing.   4 http://www.us-cert.gov/cas/techalerts/TA06-153A.html  ) "Technical Cyber Security Alert TA06-153A   1 Mozilla Products Contain Multiple Vulnerabilities    ...   
 III. Solution    Upgrade   D Upgrade to Mozilla Firefox 1.5.0.4, Mozilla Thunderbird 1.5.0.4, or  SeaMonkey 1.0.2.   Disable JavaScript  @ These vulnerabilities can be mitigated by disabling JavaScript."  H BTW, Thanks for making me look this up, as I've just upgraded both FF &  TB :-)   ------------------------------    Date: 29 Jun 2006 12:54:03 -0700- From: "Doug Phillips" <dphill46@netscape.net> 2 Subject: Re: New OpenVMS Virtualization WhitepaperC Message-ID: <1151610843.085331.167430@d56g2000cwd.googlegroups.com>    Paul Sture wrote:  > Doug Phillips wrote: > > Paul Sture wrote:  > >> > > What "???" ?K > >    -- the JavaScript message? The site uses JavaScript, so if you don't D > > have JavaScript installed or you have it turned off you get that > > message.K > >    -- the Mozilla /Firefox reference? Since you're using Thunderbird on + > > your Mac, you likely know about Moz/FF.  > >  > E > May I please bring this to your attention? It is far from the first 6 > JavaScript vulnerability to hit FireFox/Thunderbird. > 7 > I routinely disable JS because of this kind of thing.  > 6 > http://www.us-cert.gov/cas/techalerts/TA06-153A.html > + > "Technical Cyber Security Alert TA06-153A  > 3 > Mozilla Products Contain Multiple Vulnerabilities  >  > ...  >  > III. Solution  > 	 > Upgrade  > E > Upgrade to Mozilla Firefox 1.5.0.4, Mozilla Thunderbird 1.5.0.4, or  > SeaMonkey 1.0.2. >  > Disable JavaScript > B > These vulnerabilities can be mitigated by disabling JavaScript." > I > BTW, Thanks for making me look this up, as I've just upgraded both FF &  > TB :-)  G Thanks, Paul. My Firefox went to 1.5.0.4 as soon as it was available. I D take FF & TB updates without question, and I leave Java & JavaScriptA enabled because I enjoy the living-on-the-edge adrenalin rush ;-)   G I suppose I could take up motocross or canyon jumping or such, but then % I'd have to buy all that gear   ((8^$    ------------------------------  % Date: Thu, 29 Jun 2006 16:42:03 -0400 ' From: Dave Froble <davef@tsoft-inc.com> 2 Subject: Re: New OpenVMS Virtualization Whitepaper9 Message-ID: <up-dneunRq1LpDnZnZ2dnUVZ_sCdnZ2d@libcom.com>    Doug Phillips wrote: > Paul Sture wrote:  >> Doug Phillips wrote:  >>> Paul Sture wrote:  >>> What "???" ?K >>>    -- the JavaScript message? The site uses JavaScript, so if you don't D >>> have JavaScript installed or you have it turned off you get that >>> message.K >>>    -- the Mozilla /Firefox reference? Since you're using Thunderbird on + >>> your Mac, you likely know about Moz/FF.  >>> F >> May I please bring this to your attention? It is far from the first7 >> JavaScript vulnerability to hit FireFox/Thunderbird.  >>8 >> I routinely disable JS because of this kind of thing. >>7 >> http://www.us-cert.gov/cas/techalerts/TA06-153A.html  >>, >> "Technical Cyber Security Alert TA06-153A >>4 >> Mozilla Products Contain Multiple Vulnerabilities >> >> ... >> >> III. Solution >>
 >> Upgrade >>F >> Upgrade to Mozilla Firefox 1.5.0.4, Mozilla Thunderbird 1.5.0.4, or >> SeaMonkey 1.0.2.  >> >> Disable JavaScript  >>C >> These vulnerabilities can be mitigated by disabling JavaScript."  >>J >> BTW, Thanks for making me look this up, as I've just upgraded both FF &	 >> TB :-)  > I > Thanks, Paul. My Firefox went to 1.5.0.4 as soon as it was available. I F > take FF & TB updates without question, and I leave Java & JavaScriptC > enabled because I enjoy the living-on-the-edge adrenalin rush ;-)  > I > I suppose I could take up motocross or canyon jumping or such, but then ' > I'd have to buy all that gear   ((8^$  >   I Don't do it!  I thought I could still handle a rope swing.  Cast goes on   tomorrow.  :-(   --  4 David Froble                       Tel: 724-529-0450> Dave Froble Enterprises, Inc.      E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc.  170 Grimplin Road  Vanderbilt, PA  15486    ------------------------------  % Date: Thu, 29 Jun 2006 16:35:05 -0400  From: norm.raphael@metso.com, Subject: Process termination status questionQ Message-ID: <OF5EC198B7.BDAAD790-ON8525719C.0070B914-8525719C.00711386@metso.com>   K For one of my telnet logins, the accounting often shows the final status as   > Final status text: %RMS-S-NORMAL, normal successful completion   and not the expectedA Final status text: %SYSTEM-S-NORMAL, normal successful completion    or sometimes> Final status text: %CLI-S-NORMAL, normal successful completion  > When the %RMS-S-NORMAL appears, it looks also like the session! does/did not execute full logout.   H Note:  this login runs a program and is supposed to logout when it ends.   Can anyone shed some light?    ------------------------------  # Date: Fri, 30 Jun 2006 01:23:57 GMT , From: Hoff Hoffman <hoff-remove-this@hp.com>0 Subject: Re: Process termination status question. Message-ID: <N2%og.46$sU4.38@news.cpqcorp.net>   norm.raphael@metso.com wrote: M > For one of my telnet logins, the accounting often shows the final status as  ...  various status values ...J > Note:  this login runs a program and is supposed to logout when it ends. >  > Can anyone shed some light?   F    What's the exit status from the image?  (I'd be tempted to display J the $status symbol value just before the LOGOUT operation as a test here.)   ------------------------------  % Date: Thu, 29 Jun 2006 22:13:13 -0400 ' From: "Main, Kerry" <Kerry.Main@hp.com> . Subject: RE: Security Setup and Product AdviceT Message-ID: <FA60F2C4B72A584DBFC6091F6A2B868401664E22@tayexc19.americas.cpqcorp.net>   > -----Original Message-----/ > From: ou8125150 [mailto:subasic@gmail.com]=20  > Sent: June 26, 2006 2:46 PM  > To: Info-VAX@Mvb.Saic.Com , > Subject: Security Setup and Product Advice >=20? > I am a VMS newcomer and am seeking advice on where to look=20  > for securityC > lockdown advice, whitepapers, and/or products.  I am specifically  > looking to be able to: >=20H >   1. Have very granular lockdown capabilities such that if someone hasE > access to the $ prompt I can allow or deny access to run particular  > images or commands< >   2. Log and playback entire login (telnet based) sessionsF >   3. Automatically disable accounts that have n (say 3 or 4) failed, > consecutive login attempts. < >   4. Have the system generate and send reports based on=20 > security events  > in an admin-definable way. >=20H > >From what little I have gleaned from my reading, some or most of thisH > can be accomplished via standard VMS tools.  It appears that I may notC > get all I need without a separate (perhaps commercial) tool.  Any % > advice will be greatly appreciated.  >=20 >=20   Some pointers of interest:   - security whitepaper:H http://h71028.www7.hp.com/ERC/downloads/4AA0-2896ENW.pdf (November 2005)  % - OpenVMS security products web page: J http://h71000.www7.hp.com/openvms/security.html?jumpid=3D/go/openvms/secu= r  ity   ( - OpenVMS security Tech Journal article:@ http://h71000.www7.hp.com/openvms/journal/v5/index.html#security       Regards   
 Kerry Main Senior Consultant  HP Services Canada Voice: 613-592-4660  Fax: 613-591-4477  kerryDOTmainAThpDOTcom (remove the DOT's and AT)=20  4 OpenVMS - the secure, multi-site OS that just works.   ------------------------------  % Date: Thu, 29 Jun 2006 21:05:55 -0500 6 From: "David J. Dachtera" <djesys.no@spam.comcast.net>$ Subject: Re: SFTP Output redirection0 Message-ID: <44A48703.3FAE69E9@spam.comcast.net>   Palda wrote: >  > Greetings, > G > I have some problems with SFTP client on OpenVMS (TCPIP$SSH_SFTP2.EXE F > V7.3-2-02). I am using it in batch mode (sftp "-B" .....) running it' > from a command procedure (.COM file).  > G > 1) I am not able to redirect all the output. The body of the COM file  > looks like this: >  > ... " > $ DEFINE SYS$OUTPUT SFTP_CMD.LOG& > $ SFTP "-B" SFTP_CMD.ARG "user@node" > $ DEASSIGN SYS$OUTPUT   H Likely, you need to trap the stderr (SYS$ERROR) stream as well as stdout
 (SYS$OUTPUT).   	 Try this:   8 $ PIPE SFTP "-B" SFTP_CMD.ARG "user@node" > SFTP_CMD.LOG  E The output file will be created as VFC. If that's an issue, try this:    $ PIPE -' 	SFTP "-B" SFTP_CMD.ARG "user@node" | -  	(COPY NLA0: SFTP_CMD.LOG ; -  	 APPEND SYS$PIPE SFTP_CMD.LOG)   6 The output file will be SEQ/VAR in this case (no VFC).   --   David J Dachtera dba DJE Systems  http://www.djesys.com/  & Unofficial OpenVMS Marketing Home Page! http://www.djesys.com/vms/market/   ( Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/   " Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/   ) Unofficial OpenVMS Hobbyist Support Page: " http://www.djesys.com/vms/support/   ------------------------------  % Date: Thu, 29 Jun 2006 15:39:34 -0400 3 From: "Richard B. Gilbert" <rgilbert88@comcast.net> , Subject: Re: VAX Open VMS Production Support: Message-ID: <MN2dnQk7L_jqsTnZnZ2dnUVZ_vudnZ2d@comcast.com>   Larry Kilgallen wrote:r > In article <spydne51a5vGuD7ZnZ2dnUVZ_qmdnZ2d@comcast.com>, "Richard B. Gilbert" <rgilbert88@comcast.net> writes: >  > @ >>Is fiber channel storage synonymous with Storage Area Network? >  > 9 > That is the most restrictive definition I can think of.  > H > A more generous definition is that SAN support on VMS started with the0 > HSC-50 and VMS V4.0.  Wasn't that about 1985 ?  G Try 1984 and VMS V3.6 or V3.7.  I'm not sure it was fully supported by  I either of those releases but I believe that at least the beginnings were   there.   ------------------------------  % Date: Thu, 29 Jun 2006 20:57:29 -0500 6 From: "David J. Dachtera" <djesys.no@spam.comcast.net>, Subject: Re: VAX Open VMS Production Support0 Message-ID: <44A48509.343056CF@spam.comcast.net>   "Richard B. Gilbert" wrote:  >  > David J. Dachtera wrote: > > K > > Actually, VMS folks are in great abundance in the job market. Where "it J > > gets stuck" is at the "experience must be current" statement. Some VMSG > > folks were laid off over a decade ago, and use the OpenVMS hobbyist L > > program to stay as current as possible within budgetary limits (not many' > > home SANs out there, I'm thinking).  > >  > F > It wasn't all that many years ago that SAN wasn't even available forC > VMS!  I recall getting an ad from Compaq for a SAN, asking if VMS , > supported it, and being told "Sorry! No!!"  > Well, if you think about it, CI was the first "SAN", in a way.   --   David J Dachtera dba DJE Systems  http://www.djesys.com/  & Unofficial OpenVMS Marketing Home Page! http://www.djesys.com/vms/market/   ( Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/   " Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/   ) Unofficial OpenVMS Hobbyist Support Page: " http://www.djesys.com/vms/support/   ------------------------------  # Date: Thu, 29 Jun 2006 18:28:41 GMT , From: Hoff Hoffman <hoff-remove-this@hp.com>P Subject: Re: zipping large files (was Re: Info-ZIP's Zip V2.32 is now available)- Message-ID: <tZUog.13$FN4.0@news.cpqcorp.net>    Tom Linden wrote:   H > Do you have it for Alpha as well?  If so, could you post it somewhere 	 > please?   B    gzip 1.3.3 and likely 1.3.5-1 (if not later) will be generally H available on the Freeware V8.0 distribution.  (Tom now has a copy of an G OpenVMS Alpha gzip port to look at; he probably didn't realize it, but  3 he just volunteered to test a gzip port for me. :-)   $ > How is it an improvement on 1.2.4?  H    Other than the large-file support that I centrally needed as part of H compressing the OpenVMS I64 DVD kits, I didn't particularly investigate 4 the details of the changes made to gzip after 1.2.4.   ------------------------------   End of INFO-VAX 2006.360 ************************