1 INFO-VAX	Wed, 06 Sep 2006	Volume 2006 : Issue 488       Contents: All is not well at the HP board  Announcment from Bruden  Re: Announcment from Bruden A Re: Debugging image invoked by SYMBIONT via LIB$FIND_IMAGE_SYMBOL ' Re: Heads Up:  Intel to axe 20,000 jobs ' Re: Heads Up:  Intel to axe 20,000 jobs ' Re: Heads Up:  Intel to axe 20,000 jobs ' Re: Heads Up:  Intel to axe 20,000 jobs ' Re: Heads Up:  Intel to axe 20,000 jobs ' Re: Heads Up:  Intel to axe 20,000 jobs A Migrating VMS user accounts to Active Directory Domain Controller E RE: Migrating VMS user accounts to Active Directory Domain Controller  Re: nagios nrpe for vms  Re: nagios nrpe for vms  Re: nagios nrpe for vms P Re: OT - running IE in Windows (was:Re: Thoughts on the book: DEC is dead, long & Re: Strange Connection Attempts - SMTP& Re: Strange Connection Attempts - SMTP& Re: Strange Connection Attempts - SMTP& Re: Strange Connection Attempts - SMTP4 Re: Thoughts on the book: DEC is dead, long live DEC4 RE: Thoughts on the book: DEC is dead, long live DEC4 Re: Thoughts on the book: DEC is dead, long live DEC4 Re: Thoughts on the book: DEC is dead, long live DEC4 RE: Thoughts on the book: DEC is dead, long live DEC. Re: VMS STARTUP documentation mis-leading V7.3  F ----------------------------------------------------------------------  % Date: Tue, 05 Sep 2006 22:14:05 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> ( Subject: All is not well at the HP board, Message-ID: <44FE2EE8.C4D4C84F@teksavvy.com>  a > http://news.com.com/Media+leaks+prompt+HP+board+shake-up/2100-1014_3-6112501.html?tag=nefd.lede   
 Leak occured. > Pat Dunn announces she is hiring a spy to find out who it was.H One board member resigns over the hiring of a spy (on pricniple). He got. his residential phone line tapped as a result.H And another board member's term was not renewed (leading one to think he% was the one who had leaked the info).     C Interesting dilema for a board. You want strong and clean corporate D governance. But you also want to be able to attract highly qualifiedD board members. Do you really think that HP will be able to attrack 2D highly qualified board members of high enough calibre when they knowC that pat Dunn may just hire some spy to listen in on their personal  phone conversations at home ?    ------------------------------   Date: 5 Sep 2006 13:02:41 -0700 ) From: "Sue" <susan_skonetski@hotmail.com>   Subject: Announcment from BrudenC Message-ID: <1157486560.976609.230110@b28g2000cwb.googlegroups.com>    Dear Newsgroup,   D I just recevied the attached from Bruce Ellis and wanted to share itD and if you check out www.openvms.or you will see that this where Guy Peleg went.   
 Warm Regards,  Sue      BRUDEN-OSSG Announcement 9/5/06   F BRUDEN Corporation announces a name change.  Starting on 9/5/06 BRUDENA Corporation will be operating as BRUDEN-OSSG, the BRUDEN On-Shore  Systems Group.C BRUDEN-OSSG will focus on providing OpenVMS, Tru64 UNIX, HP-UX, and E Linux customers with a solid suite of software services.  BRUDEN-OSSG  offers:  =B7	Consulting =B7	Support  =B7	TrainingB BRUDEN has been known as a high quality, highly technical trainingF company for many years.  What may not be known is that BRUDEN has alsoB provided software consulting and support for several years.  TheseD services have been driven by customer demand.  The change in name toF BRUDEN-OSSG accentuates BRUDEN's commitment to meeting customer demandF for operating system related software services.  BRUDEN-OSSG has grownC to meet the needs of its customers and will continue to grow with a 0 dynamic range of offerings in software services.< Our consulting services include performance analysis, systemB troubleshooting, system design, porting and migration, applicationB development, system programming, and designing scripts and command9 procedures to meet the needs of the system administrator. ; Our support services range from system administration staff B augmentation, both on-site and through remote connections, to 24x7 telephone support.F The On-Shore part of the BRUDEN-OSSG name identifies our commitment toD providing the best possible technical expertise world-wide.  We willE not risk lowering the quality of our technical expertise by going off B shore for cheaper technical resources.   BRUDEN-OSSG is already anF international company.  We will choose the best technical resources toG meet our customer's need, regardless of world-wide location.  BRUDEN is # truly "coming to a shore near you". ? Come to booth 705 at the HP Technology Forum to discuss the new @ BRUDEN-OSSG and how its offerings can meet your technical needs.7 For more information on BRUDEN-OSSG, visit the web site  www.BRUDENOSSG.com.    ------------------------------  % Date: Tue, 05 Sep 2006 21:20:08 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> $ Subject: Re: Announcment from Bruden, Message-ID: <44FE2245.3A3BAD16@teksavvy.com>  
 Sue wrote:H > BRUDEN Corporation announces a name change.  Starting on 9/5/06 BRUDENC > Corporation will be operating as BRUDEN-OSSG, the BRUDEN On-Shore  > Systems Group.    ; So they are moving to a beach-side resort ? :-) :-) :-) :-)   H Or is this just a stage before they spin-off the Off-Shore Systems Group in India ? :-)  E I take it the name change is a PR exercise to underline the fact that G hiring Bruden means you are hiring local folks and not "outsourcing" in . the pejorative sense (sending jobs off-shore).   ------------------------------  % Date: Tue, 05 Sep 2006 13:02:45 -0400 , From: Hoff Hoffman <hoff-remove-this@hp.com>J Subject: Re: Debugging image invoked by SYMBIONT via LIB$FIND_IMAGE_SYMBOL* Message-ID: <44fdadab@usenet01.boi.hp.com>   JF Mezei wrote:   E > Any hints on how one can go about debugging an image (mine) that is F > invoked by an image (callable mail) that is invoked by a symbiont...  M    As a test, I'd define DBG$INPUT, DBG$OUTPUT and DBG$DECW$DISPLAY, and I'd  , then issue the SS$_DEBUG signal at run-time.  P    I've been known to use the DECwindows terminal port routine (at run-time) to Q create a display, and then aim the debugger at the newly-created display.  (This  Q approach works particularly well when $creprc is involved, as the detached image  L can power up fully under the control of the debugger, and with the debugger > display itself available within a DECwindows DECterm display.)   ------------------------------  $ Date: Tue, 5 Sep 2006 13:54:52 -0400 From: "Ray" <no@spam.me>0 Subject: Re: Heads Up:  Intel to axe 20,000 jobs, Message-ID: <QRiLg.197$Ct3.183@newsfe06.lga>  9 > My *own* and private opinion is that some time down the B > road Intel will merge it's IA64 line and Xeon line into one chip> > which will be backport compatible to both chips. It makes no8 > sense having two products competing against each other= > in the same company. Right now you see a feature showing up I > on IA64 being ported to Xeon and vice versa....I bet it's just a matter 
 > of time....  > = > Again based on my own private opinion not based on anything 
 > I've heard.   + My opinion is that this is highly unlikely.   @ My opinion is based on the fact that the original design for the@ Itanium provided for natively running both the IA-32 and PA-RISCB instruction sets. If the Itanium included these features, then the9 opteron would have been redundant. But these design goals  were abandoned quite early.   ? I suspect that whatever the reasons were back then (complexity?   performance?) haven't gone away.  A My favorite theory for the eventual disposition of the Itanium is = here:  http://www.theinquirer.net/default.aspx?article=30894; B essentially that Intel will pay that rumored consortium to acquireA the architecture, thereby getting itself out from under. And when @ that consortium does nothing to advance the architecture or lets$ it die, Intel's hands will be clean.  * So who's implementing an Itanium emulator?   ------------------------------  % Date: Tue, 05 Sep 2006 14:42:01 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> 0 Subject: Re: Heads Up:  Intel to axe 20,000 jobs, Message-ID: <44FDC4EF.12ADF03E@teksavvy.com>  
 Ray wrote:D > essentially that Intel will pay that rumored consortium to acquireC > the architecture, thereby getting itself out from under. And when B > that consortium does nothing to advance the architecture or lets& > it die, Intel's hands will be clean.  H No, I think that Intel will simply announce 8086 features that will makeE IA64 moot, and that the speed of the 8086 will have already surpassed H IA64's. HP will announce it will focus on the 8086 and Intel will simplyD not announce any new versions of IA64 after whatever commitments are delivered.    B The IA64 ecosystem is just not big enough to really warrant a longO transition. Most customers are still on Alpha and PaRisc and MIPS (for Tandem).     , > So who's implementing an Itanium emulator?  E The same comany that has implemented the PowerPc emulator on the 8086 > for Apple. (I forget its name)  It has lately made a number of> announcements about various emulators. And I suspect that HP'sG "virtualisation" technology is really being built with a "emulator plug  in" in mind.  B On a little endian 8086, you'll be able to run a big endian PaRisc? instance of HP-UX as well as a IA64 instance of HP-UX, allowing 9 customers to migrate applications in a much smoother way.    ------------------------------  % Date: Tue, 05 Sep 2006 13:20:06 -0400 , From: Hoff Hoffman <hoff-remove-this@hp.com>0 Subject: Re: Heads Up:  Intel to axe 20,000 jobs* Message-ID: <44fdb1ba@usenet01.boi.hp.com>   JF Mezei wrote:   J > I think Hoff will only be able to say "there are no plans to port VMS toF > *****" for another few months, after that, he may need to change hisH > tune and perhaps add the word "announced" or "public" or "official" to > his statement.  ?    I would be but an inferior Sancho Panza to your Don Quixote.    ------------------------------  % Date: Tue, 05 Sep 2006 13:23:55 -0700 * From: "Tom Linden" <tom@kednos-remove.com>0 Subject: Re: Heads Up:  Intel to axe 20,000 jobs) Message-ID: <op.tfe9l5mvtte90l@hyrrokkin>   L On Tue, 05 Sep 2006 10:20:06 -0700, Hoff Hoffman <hoff-remove-this@hp.com>   wrote:   > JF Mezei wrote:  > K >> I think Hoff will only be able to say "there are no plans to port VMS to G >> *****" for another few months, after that, he may need to change his I >> tune and perhaps add the word "announced" or "public" or "official" to  >> his statement.  > A >    I would be but an inferior Sancho Panza to your Don Quixote.  > @ So could you confirm that you are replacing fans with windmills?   ------------------------------  # Date: Tue, 05 Sep 2006 20:54:10 GMT % From: Rick Jones <rick.jones2@hp.com> 0 Subject: Re: Heads Up:  Intel to axe 20,000 jobs0 Message-ID: <StlLg.162$SG4.151@news.cpqcorp.net>  . JF Mezei <jfmezei.spamnot@teksavvy.com> wrote:E > BBC reports that Intel is to announce it is axing up to 20,000 jobs  > today. (20% of its workforce)   E Perhaps the BBC have updated their coverage since you looked - when I 1 look at their website the figure given is 10,500:   / http://news.bbc.co.uk/2/hi/business/5316270.stm   , Which matches what I see reported elsewhere.  
 rick jones --  . a wide gulf separates "what if" from "if only"F these opinions are mine, all mine; HP might not want them anyway... :)D feel free to post, OR email to rick.jones2 in hp.com but NOT BOTH...   ------------------------------  % Date: Tue, 05 Sep 2006 21:26:14 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> 0 Subject: Re: Heads Up:  Intel to axe 20,000 jobs, Message-ID: <44FE23B3.3FF6AEB5@teksavvy.com>   Rick Jones wrote: G > Perhaps the BBC have updated their coverage since you looked - when I 3 > look at their website the figure given is 10,500:  > 1 > http://news.bbc.co.uk/2/hi/business/5316270.stm   @ Interesting. In the past, the number 10,000 had been quoted, butG overnight , (before the announcement), BBC had upped the number to 20k. D Looks like they were wrong to raise that estimate since the original estimate was pretty close.  @ One thing I did read elsewhere is that the acual "restructuring"G announcement is expected at end of September. So they may be still some 
 news to come.    ------------------------------   Date: 5 Sep 2006 15:53:26 -0700  From: schortingh_j@mercer.edu J Subject: Migrating VMS user accounts to Active Directory Domain ControllerB Message-ID: <1157496806.737059.99720@m79g2000cwm.googlegroups.com>  	 VMS 7.3-2 " Advance Server 7.3 with latest eco, Win2003 box running as AD Primary Controller  D VMS box has several thousand vms accounts which I wish to migrate to: the primary domain controller with their current password.  B Can I join the VMS system as a BDC and replicate my Advance ServerC accounts to the primary domain controller with their VMS passwords?   D The long term goal would be to create the accounts on the VMS systemD and user Advance Server or Samba/CIFS to pass the accounts to Active
 Directory.   ------------------------------  $ Date: Tue, 5 Sep 2006 19:23:28 -0400' From: "Main, Kerry" <Kerry.Main@hp.com> N Subject: RE: Migrating VMS user accounts to Active Directory Domain ControllerT Message-ID: <FA60F2C4B72A584DBFC6091F6A2B8684019BCF11@tayexc19.americas.cpqcorp.net>   > -----Original Message-----C > From: schortingh_j@mercer.edu [mailto:schortingh_j@mercer.edu]=20 ! > Sent: September 5, 2006 6:53 PM  > To: Info-VAX@Mvb.Saic.Com = > Subject: Migrating VMS user accounts to Active Directory=20  > Domain Controller  >=20 > VMS 7.3-2 $ > Advance Server 7.3 with latest eco. > Win2003 box running as AD Primary Controller >=20F > VMS box has several thousand vms accounts which I wish to migrate to< > the primary domain controller with their current password. >=20D > Can I join the VMS system as a BDC and replicate my Advance ServerE > accounts to the primary domain controller with their VMS passwords?  >=20F > The long term goal would be to create the accounts on the VMS systemF > and user Advance Server or Samba/CIFS to pass the accounts to Active > Directory. >=20    ) This might also be something to consider:   2 "OpenVMS Authentication Module" (Process Software): http://www.process.com/VMSauth/OpenVMS%20Auth%20Module.pdf   Regards   
 Kerry Main Senior Consultant  HP Services Canada Voice: 613-592-4660  Fax: 613-591-4477  kerryDOTmainAThpDOTcom (remove the DOT's and AT)=20  4 OpenVMS - the secure, multi-site OS that just works.   ------------------------------   Date: 5 Sep 2006 15:53:57 -0700 ( From: "Rich Jordan" <jordan@ccs4vms.com>  Subject: Re: nagios nrpe for vmsC Message-ID: <1157496837.588821.268510@h48g2000cwc.googlegroups.com>    Hoff Hoffman wrote:  > Zakaria wrote:9 > > nrpevms last build at http://nrpevms.dbaalacarte.com/  > R >    Just what "nagios nrpe" might be obvious to some, but an introduction -- what@ > is it, what can you do with it, etc -- might well be in order.  D I think it is essentially an open source EnVisn or Openview program.= Open source, runs under linux, and apparently pretty popular.    http://www.nagios.org/  F I've downloaded it three times and promptly got swamped out by work so9 still haven't tried it.  Its supposed to be quite decent.    ------------------------------   Date: 5 Sep 2006 15:56:47 -0700 ( From: "Rich Jordan" <jordan@ccs4vms.com>  Subject: Re: nagios nrpe for vmsB Message-ID: <1157497007.599879.153880@e3g2000cwe.googlegroups.com>   Hoff Hoffman wrote:  > Zakaria wrote:9 > > nrpevms last build at http://nrpevms.dbaalacarte.com/  > R >    Just what "nagios nrpe" might be obvious to some, but an introduction -- what@ > is it, what can you do with it, etc -- might well be in order.  / And from the page that now seems to be working:   A "nrpe_vms is an OpenVMS version of the nrpe (Nagios Remote Plugin E Executor) daemon for unix-like operation systems. It provides methods D to execute Nagios service checks on an OpenVMS system and report the! results back to your Nagios host"    ------------------------------  % Date: Wed, 06 Sep 2006 00:57:05 -0400 ( From: Bill Todd <billtodd@metrocast.net>  Subject: Re: nagios nrpe for vmsG Message-ID: <DJWdnS4dbqq_yGPZnZ2dnUVZ_vydnZ2d@metrocastcablevision.com>    Rich Jordan wrote: > Hoff Hoffman wrote:  >> Zakaria wrote: 9 >>> nrpevms last build at http://nrpevms.dbaalacarte.com/ S >>    Just what "nagios nrpe" might be obvious to some, but an introduction -- what A >> is it, what can you do with it, etc -- might well be in order.  > F > I think it is essentially an open source EnVisn or Openview program.? > Open source, runs under linux, and apparently pretty popular.  >  > http://www.nagios.org/ > H > I've downloaded it three times and promptly got swamped out by work so; > still haven't tried it.  Its supposed to be quite decent.   F Indeed - it's what archive.org uses to monitor its (many...) servers, 9 though I too haven't had time to play with it myself yet.    - bill   ------------------------------  % Date: Tue, 05 Sep 2006 19:49:31 -0400 - From: bradhamilton <bradhamilton@comcast.net> Y Subject: Re: OT - running IE in Windows (was:Re: Thoughts on the book: DEC is dead, long  * Message-ID: <44FE0D0B.9080705@comcast.net>   Bob Koehler wrote:\ > In article <44F8AEC5.4090206@comcast.net>, bradhamilton <bradhamilton@comcast.net> writes:L >> The last time I checked, it's not possible to run WU without IE.  That's L >> the only reason to keep IE on a Windows box (not to mention enjoying the J >> delicious irony of *needing* to run a potentially insecure application C >> in order to keep the underlying "O/S" (GUI add-on?) secure).	:-)  > @ >    The last time I checked this was one of the claims that the+ >    previously mentioned web site debunks.   A I've since had a chance to check my previous assertion.  It *is*  H possible to use non-IE browsers to download updates.  One needs to know I which updates to download, of course, but it is possible.  A little more  ( legwork is needed, compared to using IE.  D Personally, I do not use Windows much anymore (only for iTunes), so F using IE for updates saves me a little time, and I'm off Windows that  much quicker.	:-)    ------------------------------  % Date: Tue, 05 Sep 2006 20:09:47 +0200 3 From: Michael Unger <spam.to.unger@spamgourmet.com> / Subject: Re: Strange Connection Attempts - SMTP + Message-ID: <4m5t18F4n58uU1@individual.net>   7 On 2006-09-05 23:11, "Peter 'EPLAN' LANGSTOEGER" wrote:   ^ > In article <44FDACB8.34D6F16C@teksavvy.com>, JF Mezei <jfmezei.spamnot@teksavvy.com> writes:I >>Note that 169.254.5.28 not only has no reverse translation, but also no  >>whois info from ARIN.  > > > Nope. WHOIS states that 169.254.0.0/16 is IANA (Special Use)  G According to RFC 3330, Section 2, "Global and Other Specialized Address  Blocks":  G | 169.254.0.0/16 - This is the "link local" block.  It is allocated for C | communication between hosts on a single link.  Hosts obtain these E | addresses by auto-configuration, such as when a DHCP server may not  | be found.    > [...]    Michael    --  ; Real names enhance the probability of getting real answers. 5 My e-mail account at DECUS Munich is no longer valid.    ------------------------------  % Date: Tue, 05 Sep 2006 14:45:06 -0400 - From: JF Mezei <jfmezei.spamnot@teksavvy.com> / Subject: Re: Strange Connection Attempts - SMTP , Message-ID: <44FDC5A8.57F082E8@teksavvy.com>   Michael Unger wrote:I > | 169.254.0.0/16 - This is the "link local" block.  It is allocated for E > | communication between hosts on a single link.  Hosts obtain these G > | addresses by auto-configuration, such as when a DHCP server may not 
 > | be found.     H Wow, so there are a number of networks including Sprintlink that need toF have their routing tables updated. Normally, unroutable addresses stopF at the ISP or its first transit partner. This one went beyond my firstG transit partner (peerr1) and onto Sprintlink where it travelled through 3 a number of routers before ending in saudi arabia !       D So, if a host is trying to deliver a message to an unroutable IP, itG will constantly fail to connect and retry for a certain amount of time.   H This means that one destination has an MX entry poiting to a mail server+ that has a "local" IP that is not routable.    ------------------------------  % Date: Tue, 05 Sep 2006 15:08:22 -0400 3 From: "Richard B. Gilbert" <rgilbert88@comcast.net> / Subject: Re: Strange Connection Attempts - SMTP : Message-ID: <Y9udnXdcYIG7VmDZnZ2dnUVZ_v2dnZ2d@comcast.com>    Kenneth.H.White@gmail.com wrote:  E > We currently have an OpenVMS server that is attempting to make SMTP H > connections to an IP address of 169.254.5.28.  The attempts are comingH > at approximately 1 minute intervals.  I do not know much about OpenVMSE > and was wondering if anyone could help me determine what is causing > > these connection attempts.  Thanks in advance for your help! >   ; 169.254.5.28 is a "special purpose" address.  RFC-3330 says F "169.254.0.0/16 - This is the "link local" block.  It is allocated forE     communication between hosts on a single link.  Hosts obtain these G     addresses by auto-configuration, such as when a DHCP server may not      be found."  ?    Whatever is going on is probably a problem for your network  B administrator.  Something may need fixing or he may want to block  whatever it is at the firewall.    ------------------------------  % Date: Tue, 05 Sep 2006 13:42:05 -0400 , From: Hoff Hoffman <hoff-remove-this@hp.com>/ Subject: Re: Strange Connection Attempts - SMTP * Message-ID: <44fdb6e2@usenet01.boi.hp.com>    Kenneth.H.White@gmail.com wrote:E > We currently have an OpenVMS server that is attempting to make SMTP H > connections to an IP address of 169.254.5.28.  The attempts are comingH > at approximately 1 minute intervals.  I do not know much about OpenVMSE > and was wondering if anyone could help me determine what is causing  > these connection attempts.    P    First, as others have mentioned, figure out what IP stack you have installed L on this OpenVMS box.  And yes, it looks like OpenVMS is trying to send mail.  P    169.254.*.* is part of the class C network private address space, and either N locally assigned or assigned when DHCP isn't available.  (I'm often off using L addresses in 10.*.*.*, as it's the private class A -- and it avoids all the ) cruft that tends to land in 169.254.*.*.)   J    Is 169.254.5.28 a gateway or a local SMTP relay host?  Or just some PC?  L    Is your OpenVMS SMTP server set up as an open relay?  (I've seen Windows Q infections find and turn unprotected open OpenVMS SMTP servers into spam relays,   unfortunately.)   P    Is your OpenVMS server set to be a DHCP client?  (And was this address value & something the DHCP server downloaded?)  Q    Do you know if the SMTP connections are actually coming from the OpenVMS SMTP  P server, or is the evidence here based on something in the arriving SMTP packet? D   (Various malware can and will spoof sending addresses, obviously.)   ------------------------------   Date: 5 Sep 2006 10:33:53 -0700 - From: "Doug Phillips" <dphill46@netscape.net> = Subject: Re: Thoughts on the book: DEC is dead, long live DEC C Message-ID: <1157477633.544919.116840@i42g2000cwa.googlegroups.com>    Main, Kerry wrote: > > -----Original Message-----6 > > From: Doug Phillips [mailto:dphill46@netscape.net]# > > Sent: September 1, 2006 1:51 PM  > > To: Info-VAX@Mvb.Saic.Com A > > Subject: Re: Thoughts on the book: DEC is dead, long live DEC  > >  > > Main, Kerry wrote:" > > > > -----Original Message-----: > > > > From: Doug Phillips [mailto:dphill46@netscape.net]% > > > > Sent: August 31, 2006 8:22 PM ! > > > > To: Info-VAX@Mvb.Saic.Com E > > > > Subject: Re: Thoughts on the book: DEC is dead, long live DEC  > > > >  > > >  > > > [snip ...] > > > G > > > > > > Being a loyal DEC-Compaq-HP customer from way-back, he went  > > > > > > to HP's web ? > > > > > > site and tried to option out a Win2k3 server. After  > > an hour or so @ > > > > > > struggling (and calling me at least twice) and never > > getting the = > > > > > > screens to process correctly, he went over to the  > > Dell site and E > > > > > > configured two servers in about 10 minutes. The site gave  > > > > him a niceE > > > > > > comparison and after talking to me for a few minutes (and  > > > > sending meE > > > > > > the links) he ordered one. It arrived within a week and I  > > > > installed it@ > > > > > > the next. Other than a few issues getting it to play > > > > nicely with his D > > > > > > Alpha running OpenVMS Advanced Server, it came right up. > > > > > > E > > > > > > Been running fine, doing its job, and haven't rebooted it  > > > > for months.  > > > > > > 	 > > > > > 	 > > > > > > > > > > > Having stated that, then this Cust has obviously not > > > > installed many of C > > > > > the 5-20 *security* patches that come out every month for  > > > > Windows/Linux.	 > > > > >  > > > > ; > > > > You apparently haven't actually looked at the "5-20  > > > > *security* patches" C > > > > that come out every month for Windows. Most are for desktop B > > > > applications, and most of the ones that do apply to server > > > > are specific- > > > > to certain applications or functions.  > > > >  > > >  > > > Like IE? > > > @ > > > Ever try removing IE from any Windows system - workstation > > or server? > > > . > > > It's a great exercise - try it sometime. > > > 	 > > > :-)  > > A > > Not much browsing done on the server. And, just because IE is 
 > > installed $ > > doesn't mean you have to use it. > >  > 9 > Most management utilities are all web based these days.  > J > Also, as others have stated, because it is so deeply embedded in the OS,E > simply not using IE does not mean it can not be exploited remotely.  >   C Okay, look at IE. Now, go exploit it on the Firewall & AV protected F server of your choice. Now, protect it better from exploitation. First6 one's kinda hard, isn't it? Second one is pretty easy.     > > > @ > > > > It is not advisable to use a server as a workstation and > > people who do , > > > > so place themselves at greater risk. > > > > A > > > > A firewall/AV protected server that has stable usage will  > > contiinue toI > > > > be secure until that environment changes. There have been patches @ > > > > applied that did not require a reboot, and the  firewall > > and AV are > > > > kept up-to-date. > > > >  > > > J > > > Remember that 60% of most security issues are from internal sources. > > >  > > I > > Maybe even more than 60%. That's a number that's hard to prove, but I I > > suspect (without proof, gut feeling based on experience) that it'd be < > > closer to 80%. Maybe higher if you consider an incorrect > > system setting= > > that opens an external hole as having an internal source.  > > E > > > > I review the patches as they are released, and will apply the  > > > > ones that B > > > > I feel might be worthwhile. If one requires a reboot, then > > > > that will beD > > > > scheduled. Server updates are different than desktop updates > > > > and shouldD > > > > not automatically cause a reboot like the desktops often do. > > > > < > > > > I also review the 5-20 OpenVMS patches that come out > > monthly and apply  > > > > those as needed. > > > >  > > > A > > > The 5-20 patches per month I am referring to are *security*  > > patches, not > > > bug fixes. > > >  > > @ > > Bugs are bugs. Some bite harder than others, but they're all > > bugs. SomeG > > live only in certain environments, others are global. I don't worry E > > about scorpions where I live, but ants can sure be a nuisanse. My E > > Windows servers don't have problems with desktop software patches  > > because they don't run any.  > >  > . > Re: scorpions vs ants. Ok, let look at this. > F > If I had 5-20 scorpions coming into my house every month, I would beG > much more worried about that than 5-20 ants coming into my house. Now E > add to this, the scorpions are coming in via different places every J > month so you can not simply plug a known hole as they keep finding other > ways to get in.  >     G The point was to not worry about things which don't affect you; Patches G to applications you aren't using, or scorpions if they don't live where  you do. Read it again.    A > > > Exponential difference in terms of whether one applies them  > > or not. Bug I > > > patches can be put off. Most SysAdmins will not risk not applying a > > > > security patch as long as it even remotely seems like it > > might apply toH > > > them.  And keep in mind that most companies today want standard OSF > > > images, so that means even more testing is required as the App's* > > > potentially impacted is even larger. > > >  > > G > > I agree. Most "big" windows servers running "big" applications like E > > database or transaction processing which aren't written in-house. F > > They're purchased from "big" software companies whose job it is toE > > understand how their application works with the operating system.  > > C > > > > I'd imagine my procedures are not too different from others  > > > > who work in  > > > > a similar environment. > > > >  > > > G > > > It sounds like you have a small environment and you maintain your ; > > > systems as you feel it necessitates. That is fine and  > > certainly nothing  > > > wrong with that. > > >  > > @ > > The subject site is indeed a "small" environment. One Win2k3 > > server and > > one VMS server.  > > ; > > > Question - Do you QA/test your important applications  > > before releasingD > > > patches into production or do you simply hope they will be ok? > > >  > > ? > > No custom or in-house developed software runs on the Win2k3  > > server. All C > > non-packaged applications run on the VMS server, and (with rare I > > exception) VMS patches & new releases are not installed on production B > > systems until they have ripened, been tested and proven sound. > > E > > > > > That's certainly a big risk - perhaps the app or their data  > > > > integrity or( > > > > > privacy is not very important?	 > > > > >  > > > > A > > > > Or, maybe we understand our system better than you think.  > > > >  > > > @ > > > No, I don't think so. You seem to have a small environment > > which means H > > > manually patching and testing patches with your applications has a5 > > > minimal impact on you. Nothing wrong with that.  > > >  > > = > > Yes, this is a small environment. The majority of Windows  > > servers exist E > > in small environments; whether it be small company, department or G > > workgroup of a large to mid-sized company. The large Windows server C > > installations --- where Windows is the only server, running all J > > applications --- are (from what I see) a small percentage of the total > > server population. > > H > > > However, with larger environments, operation costs associated withJ > > > testing security patches with applications are a huge cost at a timeA > > > when BU's are screaming at IT to reduce their costs (or get  > > outsourced > > > is the implication). > > >  > > F > > Most large Windows server environments are running special purposeE > > applications, databases, etc. These are normally developed by and I > > purchased, along with support, from vendors who spend a great deal of I > > time certifying their stuff for various environments. Often, security @ > > patches come from those providers. Maybe your Windows server > > experience > > has been different.  > > A > > VMS, more often than Windows, runs more in-house developed or E > > customized packaged  applications as well as existing in back-end I > > environments. That's one of the problems that VMS has faced for quite J > > some time; end-user companies moving from developing in-house & custom  > > to buying packaged software. > > J > > > SysAdmin 101 - if you have an important application, then you do not@ > > > release any patches (security or bug) without testing that > > application : > > > with the new patches. With 5-20 *security* (not bug) > > patches per month J > > > on Windows/Linux, the effort and costs are huge if you have numerousJ > > > applications and servers. And wrt to whether they are workstation or@ > > > server security issues, keep in mind that the most popular > > applicationsJ > > > being hacked (like IE) to get full priv's also exist on the servers. > > >  > > F > > But, servers should not often use IE because servers should not beI > > browsing the internet --- except for occasional maintenance purposes, ; > > and Firefox runs quite nicely on Windows. The fact that  > > software exists F > > on the server is not usually a problem; the problem comes when the > > software is used.  > >  > J > See comments above for web based mgmt agents and programs. Also the factH > that your system can still be violated by IE holes even if you are not > using. > @ > Also, see comments about Windows update only working with I.E. >  >   ) Not relevant. Look again at your options.   I > > I guess I've not encountered a Windows server environment such as you 
 > > describe.  > >  > > > Something to consider: > > > http://tinyurl.com/mhohrA > > > "On August 8, 2006, Microsoft releases its monthly security  > > bulletins."  > > > I > > http://www.microsoft.com/athome/security/update/bulletins/200608.mspx & > > > (Aug Windows Security bulletins) > > I > > You should dig deeper into those patches to see what they really are.  > >  > > > E > > > Does anyone besides me not see an issue with "monthly" security  > > > bulletins? > > >  > > J > > The patches come out more often. Remember: Most of the Windows patchesG > > are needed because of problems in the plethora of layered software. H > > Many of the problems can be traced to the complexity of Windows GUI.+ > > Two problems that OpenVMS doesn't have.  > >  > B > Plus the fact that holes in the Windows/Linux Apps often lead to  > elevated priv's on the system. >   D Huh???? Which holes in which apps on which systems? Maybe yours, but that'd be your fault.   E > > I can't fault anyone for defending VMS --- I've certainly done it I > > myself --- but keeping things within the plane of reality rather that ? > > bobing things around always makes the better argument, IMO.  > >  > D > I am stating reality for med to large businesses. You have a smallI > environment, so the issues I raised about the huge efforts and costs to J > apply monthly security patches do not apply to you. That's certainly ok. >   C I support and have supported more than one type of environment, and D each company has unique problems regardless of size. Patches must beG reviewed and considered accordingly. Blanket statements and assumptions  aren't appropriate.    > I > This is not the case for med-large companies. Let me try and put things H > in perspective for you in terms of what Med-Large companies are facing > today. >    Okay,     D > Take this global company RFP extract as an example. This is from a= > public server consolidation RFP about a year ago (with some J > confidentiality chgs). I have seen bigger server numbers in other RFP's.' > [Note how busy their servers are btw]  > H > "Company ABC has approximately 11,400 servers running various versionsH > of Unix, Linux, and Windows operating systems. Together, these serversE > are using approximately 10% of their combined capacity...The 11,460 B > server environment includes approximately 1,960 proprietary UnixE > servers, xxx Linux servers, 9,020 Windows on Intel servers, and xxx   > Novell file services servers." >     D What are these servers doing? Are they all doing the same thing? AreF they serving remote desktops or database or are they "clustered" doingF what? If you're saying that all Windows systems have the same problemsG regardless of their usage, I think you know better and are just pulling B our legs. I'd imagine that RFP gave a lot more information or also: requested a very thorough study of the server environment.  G You speak of "big" evironments, and 9,000+ Windows servers seems like a F big environement, or it could be a lot of small environments networkedG together, sharing nothing other than things that would be shared on any 7 networked computer. There is no context in the numbers.   F Or maybe you just apply the numbers as they are: Let's see, we're onlyE running 10% capacity on the 9,020 Windows servers so we can eliminate E all but 902 servers. Keep an additional 10% of that for safety, round 5 up on fractions, so we only need 993 Windows servers.   D Yeah, this consolidation stuff is pretty easy. Never mind what theseD servers are doing, just consolidate all the apps on servers that canD run them --- put that design-sim app on the Oracle server, and let's? throw the mail server on there too; there are a few more cycles # available so what else can we load?     ? > Now, consider the effort, time and $'s they need to spend in: J > - keeping their Windows servers current with the 5-20 *security* patches > released every month* > - maintain consistent OS image standardsJ > - test their important Apps with these patches before releasing to Prod. >   D Which apps? Tell me how you think servers should work. Any server atA all: pick an operating system. Pick an in-production application.   B What part of the operating system is exposed? The initial login orC handshake. Once logged in -- connected -- validated --  then what's D exposed? The communication "process" and the application. I mean, doF you think that everyone connecting to every server is seeing C:\> or $E or the server's actual desktop? That isn't the way I've seen the "med ? to large company" servers that you're talking about being used.   G The application insulates the operating system from the bad, bad world. D Once the application is secured and working properly, there are veryF few OS patches that need to be applied. All should be reviewed but fewB will be needed. The application's vendor will release patches thatD secure the application. Ones that should be applied locally might beB comm-proc (TCP/IP,etc) or authentication (log in) related but have+ little to do with the operation of the app.   $ Is your experience really different?   > J > And people wonder why server and data center consolidation is such a hot > item these days? >   G Who wonders? Certainly not people who think consolidation is the answer C to all questions. Consolidation where appropriate, distribution and ; redundancy where appropriate, special purpose servers where % appropriate, well, you know all that.   J > How would you like to be in charge of keeping 9,000+ servers secure with? > 5-20 security patches per month coming out for that platform?  >   F There are companies that are so screwed up that they haven't a clue asF to how things should work, or have grown chaotically to the point thatB no one really has control. Maybe those are the ones you're talking about?  F No one that I know of in the environment you describe *needs* to applyF 5-20 security patches per month to 9,000+ servers. Do you really think# that's the way things should work??    ------------------------------  $ Date: Tue, 5 Sep 2006 15:45:19 -0400' From: "Main, Kerry" <Kerry.Main@hp.com> = Subject: RE: Thoughts on the book: DEC is dead, long live DEC T Message-ID: <FA60F2C4B72A584DBFC6091F6A2B8684019BCE5B@tayexc19.americas.cpqcorp.net>   > -----Original Message-----7 > From: Doug Phillips [mailto:dphill46@netscape.net]=20 ! > Sent: September 5, 2006 1:34 PM  > To: Info-VAX@Mvb.Saic.Com ? > Subject: Re: Thoughts on the book: DEC is dead, long live DEC  >=20 > Main, Kerry wrote:  > > > -----Original Message-----8 > > > From: Doug Phillips [mailto:dphill46@netscape.net]% > > > Sent: September 1, 2006 1:51 PM  > > > To: Info-VAX@Mvb.Saic.Com C > > > Subject: Re: Thoughts on the book: DEC is dead, long live DEC  > > >    [snip..]   >=20 >=20? > The point was to not worry about things which don't affect=20  > you; PatchesA > to applications you aren't using, or scorpions if they don't=20  > live where > you do. Read it again. >=20  A The point is how do you know what App's will be impacted by these B Security patches? Many of the patches readme's state references toF kernel stuff that your Apps may or may not use. Also, you have to readA these readmes a number of times, because many of them are bundled  patches.  H In addition, in most med-large companies, the SysAdmins have very littleG idea of all the services that the App's on their servers actually call.    >=20C > > > > Exponential difference in terms of whether one applies them  > > > or not. Bug ? > > > > patches can be put off. Most SysAdmins will not risk=20  > not applying a@ > > > > security patch as long as it even remotely seems like it > > > might apply toA > > > > them.  And keep in mind that most companies today want=20 
 > standard OS H > > > > images, so that means even more testing is required as the App's, > > > > potentially impacted is even larger. > > > >  > > >   	 [snip...]   B > > Also, see comments about Windows update only working with I.E. > >  > >  >=20+ > Not relevant. Look again at your options.  >=20  E IE is only an example and yes, regardless if you wish to ignore them, $ the IE security issues are relevant.  B > > > I guess I've not encountered a Windows server environment=20
 > such as you  > > > describe.  > > >    [snip..]     > > D > > Plus the fact that holes in the Windows/Linux Apps often lead to" > > elevated priv's on the system. > >  >=20F > Huh???? Which holes in which apps on which systems? Maybe yours, but > that'd be your fault.  >=20  @ Read the Windows/Linux security readme files again. And look for@ references of "this security issue can result in elevated system privileges."  G > > > I can't fault anyone for defending VMS --- I've certainly done it B > > > myself --- but keeping things within the plane of reality=20
 > rather that A > > > bobing things around always makes the better argument, IMO.  > > >  > > F > > I am stating reality for med to large businesses. You have a smallA > > environment, so the issues I raised about the huge efforts=20  > and costs toA > > apply monthly security patches do not apply to you. That's=20  > certainly ok.  > >  >=20E > I support and have supported more than one type of environment, and F > each company has unique problems regardless of size. Patches must be@ > reviewed and considered accordingly. Blanket statements and=20
 > assumptions  > aren't appropriate.  >=20  C That's my whole point. Security patches must be reviewed and tested D against important applications before releasing to productiion. With9 5-20 *security* patches per month, that is a huge effort.    > > ? > > This is not the case for med-large companies. Let me try=20  > and put thingsB > > in perspective for you in terms of what Med-Large companies=20 > are facing
 > > today. > >  >=20 > Okay,  >=20 >=20F > > Take this global company RFP extract as an example. This is from a? > > public server consolidation RFP about a year ago (with some B > > confidentiality chgs). I have seen bigger server numbers in=20 > other RFP's.) > > [Note how busy their servers are btw]  > > < > > "Company ABC has approximately 11,400 servers running=20 > various versions? > > of Unix, Linux, and Windows operating systems. Together,=20  > these servers G > > are using approximately 10% of their combined capacity...The 11,460 D > > server environment includes approximately 1,960 proprietary UnixG > > servers, xxx Linux servers, 9,020 Windows on Intel servers, and xxx " > > Novell file services servers." > >  >=20 >=20F > What are these servers doing? Are they all doing the same thing? AreH > they serving remote desktops or database or are they "clustered" doingH > what? If you're saying that all Windows systems have the same problems? > regardless of their usage, I think you know better and are=20  > just pullingD > our legs. I'd imagine that RFP gave a lot more information or also< > requested a very thorough study of the server environment. >=20  B Sigh, keep it simple. For the important servers, you must test theB security patches before releasing to production. So, if 10% of the> aervers are important, that's 900 servers every month (or someA reasonable close number), that needs to be tested with these 5-20  security patches per month.   ? > You speak of "big" evironments, and 9,000+ Windows servers=20  > seems like aH > big environement, or it could be a lot of small environments networked> > together, sharing nothing other than things that would be=20 > shared on any 9 > networked computer. There is no context in the numbers.  >=20H > Or maybe you just apply the numbers as they are: Let's see, we're onlyG > running 10% capacity on the 9,020 Windows servers so we can eliminate G > all but 902 servers. Keep an additional 10% of that for safety, round 7 > up on fractions, so we only need 993 Windows servers.  >=20  A There are numerous ways to tackle this problem, but companies are B looking for 30-40% reductions in the number of Wintel servers they currently maintain.   F > Yeah, this consolidation stuff is pretty easy. Never mind what theseF > servers are doing, just consolidate all the apps on servers that canF > run them --- put that design-sim app on the Oracle server, and let'sA > throw the mail server on there too; there are a few more cycles % > available so what else can we load?  >=20 >=20A > > Now, consider the effort, time and $'s they need to spend in: < > > - keeping their Windows servers current with the 5-20=20 > *security* patches > > released every month, > > - maintain consistent OS image standards< > > - test their important Apps with these patches before=20 > releasing to Prod. > >  >=20F > Which apps? Tell me how you think servers should work. Any server atC > all: pick an operating system. Pick an in-production application.  >=20D > What part of the operating system is exposed? The initial login orE > handshake. Once logged in -- connected -- validated --  then what's F > exposed? The communication "process" and the application. I mean, doH > you think that everyone connecting to every server is seeing C:\> or $G > or the server's actual desktop? That isn't the way I've seen the "med A > to large company" servers that you're talking about being used.  >=20A > The application insulates the operating system from the bad,=20  > bad world.F > Once the application is secured and working properly, there are veryH > few OS patches that need to be applied. All should be reviewed but fewD > will be needed. The application's vendor will release patches thatF > secure the application. Ones that should be applied locally might beD > comm-proc (TCP/IP,etc) or authentication (log in) related but have- > little to do with the operation of the app.  >=20  F Remember - 60% of the security issues today are internal staff issues,% so the F/W defense means very little.   & > Is your experience really different? >=20  F Absolutely. Most SysAdmins in large companies have very little idea of? what services the 100's of applications call on each system.=20   D Hence, they will tend to try and apply these security patches asap -F just in case. They do not want have their names on the report going toG the BOD which explains how some virus, worm, or trojan hourse took down B the majority of their servers for a number of days because a knownD Windows security patch which would have prevented this issue was not applied.   > > A > > And people wonder why server and data center consolidation=20  > is such a hot  > > item these days? > >  >=20A > Who wonders? Certainly not people who think consolidation is=20  > the answerE > to all questions. Consolidation where appropriate, distribution and = > redundancy where appropriate, special purpose servers where ' > appropriate, well, you know all that.  >=20; > > How would you like to be in charge of keeping 9,000+=20  > servers secure with A > > 5-20 security patches per month coming out for that platform?  > >  >=20H > There are companies that are so screwed up that they haven't a clue asH > to how things should work, or have grown chaotically to the point thatD > no one really has control. Maybe those are the ones you're talking > about? >=20  7 Typical med-large IT shops have been swamped by all the E testing/QA/cert'ing work associated with these security patches. I do D not blame the the IT Operations staff as they are only tring to keep their nose above water.   H > No one that I know of in the environment you describe *needs* to applyH > 5-20 security patches per month to 9,000+ servers. Do you really think% > that's the way things should work??   G Like I stated earlier in these threads, for the important applications, E it absolutely is. For the Windows systems that will not be tested and E will simply have the security patch rolled out, then you just have to : cross your fingers and wait for the support phone to ring.  G Experience states that if you are not following this approach, then you E have fallen into the sloppy habit of trusting that the security patch E will not break anything. Certainly, that is not a best practice to be % following for important applications.   F Of course, you can always ignore the security patch, but then you riskF exposing the company to a higher degree of risk that their data and/or! applications will be compromised.   C And guess who upper mgmt will blame for not installing the security A patch whch might have prevented some major security issue or data  compromise within the company?   ------------------------------   Date: 5 Sep 2006 14:33:25 -0700 - From: "Doug Phillips" <dphill46@netscape.net> = Subject: Re: Thoughts on the book: DEC is dead, long live DEC C Message-ID: <1157492005.052347.291220@m79g2000cwm.googlegroups.com>    Main, Kerry wrote: > From: Doug Phillips  > > Main, Kerry wrote: > > > From: Doug Phillips  >>>>>>  D <snip> (discussion about Windows servers in which Kerry and PhillipsC agree that security is important, but disagree on the extent to and C manner in which humans can understand and secure the Windows server 
 environment.)   F If you agree to that statement, then let's just agree to disagree, andF if we ever meet we can discuss it over a few brews. I'll buy the first
 round. ;-)   ------------------------------  % Date: Tue, 05 Sep 2006 19:35:00 -0400 ' From: Dave Froble <davef@tsoft-inc.com> = Subject: Re: Thoughts on the book: DEC is dead, long live DEC 9 Message-ID: <TN6dna49zNBUmmPZnZ2dnUVZ_qudnZ2d@libcom.com>    Main, Kerry wrote: >  >> -----Original Message----- 6 >> From: Doug Phillips [mailto:dphill46@netscape.net]   >> Sent: August 31, 2006 6:04 PM >> To: Info-VAX@Mvb.Saic.Com@ >> Subject: Re: Thoughts on the book: DEC is dead, long live DEC >> >> Main, Kerry wrote:  >>>> -----Original Message----- 7 >>>> From: Doug Phillips [mailto:dphill46@netscape.net] " >>>> Sent: August 31, 2006 5:00 PM >>>> To: Info-VAX@Mvb.Saic.ComB >>>> Subject: Re: Thoughts on the book: DEC is dead, long live DEC >>>>4 >>>> Phillip Helbig---remove CLOTHES to reply wrote: >>>>> In article  ; >> <1157044676.448111.137240@b28g2000cwb.googlegroups.com>, 5 >>>>> "Doug Phillips" <dphill46@netscape.net> writes:  >>>>> @ >>>>>> IA64 licensing is finally in line with reality; hope it's >>>> not too late.> >>>>> Is there a short summary of commercial prices available?E >>>> I haven't found a short summary for IA64 software at HP, but the  >>>> configurator works: >>>>E >>>> <http://h30099.www3.hp.com/configurator/catalog-hpintegrity.asp>  >>>>5 >>>> And the newer OpenVMS SPD tells about Integrity   >> licensing. That's on a : >>>> PDF screen that doesn't want to come up for me today. >>>>9 >>>> <http://h18000.www1.hp.com/info/XAV12X/XAV12XPF.PDF>  >>>>6 >>>> IIRC, OVMS for I64 switches to Per-Processor and  >> Operating Environment= >>>> licensing. The Foundation Operating Environment license   >> (FOE -- not? >>>> your friend?;-) includes license for unlimited users (user  >>>> licenses not G >>>> required) and many other products that previously cost additional. : >>>> Clustering can be added additionally (can't find the  >> cost), but it is D >>>> included with the Mission Critical Operating Environment (MCOE)
 >>>> license.  >>>>@ >>>> Wouldn't it be nice to be able to just order the VMS system >>>> you want as6 >>>> easily as you can order a Windows or *nix system? >>>> >>>>  -Doug  >>>> >>> ; >>> Which one of the 10+ different types of Windows Server   >> options are you! >>> talking about for comparison? 2 >>> http://www.microsoft.com/servers/overview.mspx >>>  >>> :-) :-)  >>> > >> The one I need (if I were to need one;-) which I can order  >> on-line from @ >> various sources and easily find prices for any configuration 
 >> and option  >>  --- in most cases. >> >> Real life story:  >>I >> A customer just this year replaced his AS1000 NT4 server (the last one = >> in my support area) because: 1. Repair parts were getting   >> hard to find.H >> 2. No new software was available. 3. He needed to do some new things.D >> 4. Adding these applications to his OpenVMS Alpha system would beA >> extremely expensive because of the lack of packaged/supported   >> software. >>H >> Win2003 server was the best option because all of the software he wasG >> then using was available for a reasonable upgrade charge, and all of E >> the new software he needed was available for a reasonable purchase 	 >> price.  >>? >> Being a loyal DEC-Compaq-HP customer from way-back, he went   >> to HP's webD >> site and tried to option out a Win2k3 server. After an hour or soC >> struggling (and calling me at least twice) and never getting the B >> screens to process correctly, he went over to the Dell site andG >> configured two servers in about 10 minutes. The site gave him a nice G >> comparison and after talking to me for a few minutes (and sending me I >> the links) he ordered one. It arrived within a week and I installed it G >> the next. Other than a few issues getting it to play nicely with his ; >> Alpha running OpenVMS Advanced Server, it came right up.  >>H >> Been running fine, doing its job, and haven't rebooted it for months. >> >  > H > Having stated that, then this Cust has obviously not installed many ofJ > the 5-20 *security* patches that come out every month for Windows/Linux. > J > That's certainly a big risk - perhaps the app or their data integrity or  > privacy is not very important?   You need to give it a rest.   E Reading about Alpha based licenses still costing much more than they  I should, and in comparison to itanic based licenses, has depressed me all  @ over again.  'Sticking it' to Alpha users just chases away more  potential 'faithful'.   G Could you detail for me the security risks and patches required for me   to play some games?   E While I understand and respect the security issues, in some cases it  E just isn't relavant.  Such users are as good a customer as those who  H have security concerns.  As an example, how would you like VMS to have, H say, 25% of the games market?  Nothing to be sneezed at, don't ya think?   --  4 David Froble                       Tel: 724-529-0450> Dave Froble Enterprises, Inc.      E-Mail: davef@tsoft-inc.com DFE Ultralights, Inc.  170 Grimplin Road  Vanderbilt, PA  15486    ------------------------------  $ Date: Tue, 5 Sep 2006 21:05:46 -0400' From: "Main, Kerry" <Kerry.Main@hp.com> = Subject: RE: Thoughts on the book: DEC is dead, long live DEC T Message-ID: <FA60F2C4B72A584DBFC6091F6A2B8684019BCF30@tayexc19.americas.cpqcorp.net>   > -----Original Message-----3 > From: Dave Froble [mailto:davef@tsoft-inc.com]=20 ! > Sent: September 5, 2006 7:35 PM  > To: Info-VAX@Mvb.Saic.Com ? > Subject: Re: Thoughts on the book: DEC is dead, long live DEC  >=20  
 [snip ...]   > >=20 > >=20; > > Having stated that, then this Cust has obviously not=20  > installed many of @ > > the 5-20 *security* patches that come out every month for=20 > Windows/Linux. > >=20B > > That's certainly a big risk - perhaps the app or their data=20 > integrity or" > > privacy is not very important? >=20 > You need to give it a rest.  >=20I > Reading about Alpha based licenses still costing much more than they=20 < > should, and in comparison to itanic based licenses, has=20 > depressed me all=20 D > over again.  'Sticking it' to Alpha users just chases away more=20 > potential 'faithful'.  >=20; > Could you detail for me the security risks and patches=20  > required for me=20 > to play some games?  >=20  E We were talking about Windows servers .. How many games do you run on  your Windows servers at work?   C Course the desktop support groups who support thousands of desktops A would likely have a comment or two about keeping them current and F semi-safe in at a semi-current consistent version, but that's not what we were talking about.  I > While I understand and respect the security issues, in some cases it=20 I > just isn't relavant.  Such users are as good a customer as those who=20 ? > have security concerns.  As an example, how would you like=20  > VMS to have,=20 = > say, 25% of the games market?  Nothing to be sneezed at,=20  > don't ya think?  >=20  : What does that have to do with Windows server security????   Regards   
 Kerry Main Senior Consultant  HP Services Canada Voice: 613-592-4660  Fax: 613-591-4477  kerryDOTmainAThpDOTcom (remove the DOT's and AT)=20  4 OpenVMS - the secure, multi-site OS that just works.   ------------------------------  % Date: Tue, 05 Sep 2006 12:56:38 -0400 , From: Hoff Hoffman <hoff-remove-this@hp.com>7 Subject: Re: VMS STARTUP documentation mis-leading V7.3 * Message-ID: <44fdac38@usenet01.boi.hp.com>   BRANDON, JOHN M wrote:  L > The above link is not clear and (I think) should be corrected.  I have not > checked V8.2 or V8.3  O    What I saw for the current releases looked to be what I expected -- I don't  N see an exact match for the table cited in the equivalent parts of the OpenVMS  V8.3 documentation, however.   ------------------------------   End of INFO-VAX 2006.488 ************************