INFO-VAX Mon, 26 Nov 2007 Volume 2007 : Issue 647 Contents: Re: "Mysterious" system crashes Re: "Mysterious" system crashes Re: "Mysterious" system crashes Re: A Look Ahead to 2008 Re: HP loses another large customer Re: LDAP tools for VMS Re: lexical for terminal attributes? Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: POP attacks and NOSLOT errors Re: Rsync on VMS ---------------------------------------------------------------------- Date: Sun, 25 Nov 2007 16:56:59 -0500 From: JF Mezei Subject: Re: "Mysterious" system crashes Message-ID: <96a76$4749efaa$cef8887a$28352@TEKSAVVY.COM> a Pensy farm boy wrote: > I have one of those. I keep hoping it will start the house ablaze so > that I can collect my insurance pay out and get the hell out of this > gawd forsaken rat hole known as NJ. Just hope when it happens, that your insurance company won't use Google to find this post and wonder if you didn't facilitate the fire :-) :-) ------------------------------ Date: Sun, 25 Nov 2007 22:34:52 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: "Mysterious" system crashes Message-ID: In article <96a76$4749efaa$cef8887a$28352@TEKSAVVY.COM>, JF Mezei writes: > > >a Pensy farm boy wrote: >> I have one of those. I keep hoping it will start the house ablaze so >> that I can collect my insurance pay out and get the hell out of this >> gawd forsaken rat hole known as NJ. > > >Just hope when it happens, that your insurance company won't use Google >to find this post and wonder if you didn't facilitate the fire :-) :-) The insurance company and the state and local inspectors shouldn't have permitted the CO with the electrical system in this rathole I reside in. However, like everything else in proNJ, it's a corrupt bureaucracy that can be purchased "if the price is right"! Someday, when I have the time, remind me to tell you about moving into this place with a gas furnace that was never hooked up to the flue pipe! The basement was sure warm and toasty... and carbon monoxidey too! -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" http://tmesis.com/drat.html ------------------------------ Date: Sun, 25 Nov 2007 17:49:47 -0500 From: "Richard B. Gilbert" Subject: Re: "Mysterious" system crashes Message-ID: <4749FC0B.7060300@comcast.net> VAXman- wrote: > In article <96a76$4749efaa$cef8887a$28352@TEKSAVVY.COM>, JF Mezei writes: > >> >>a Pensy farm boy wrote: >> >>>I have one of those. I keep hoping it will start the house ablaze so >>>that I can collect my insurance pay out and get the hell out of this >>>gawd forsaken rat hole known as NJ. >> >> >>Just hope when it happens, that your insurance company won't use Google >>to find this post and wonder if you didn't facilitate the fire :-) :-) > > > The insurance company and the state and local inspectors shouldn't have > permitted the CO with the electrical system in this rathole I reside in. > However, like everything else in proNJ, it's a corrupt bureaucracy that > can be purchased "if the price is right"! > > Someday, when I have the time, remind me to tell you about moving into > this place with a gas furnace that was never hooked up to the flue pipe! > The basement was sure warm and toasty... and carbon monoxidey too! > > Well, you can always hope that the people who installed it that way talk on their cell phones while driving. ;-) ------------------------------ Date: Mon, 26 Nov 2007 01:45:11 GMT From: Tad Winters Subject: Re: A Look Ahead to 2008 Message-ID: David J Dachtera wrote in news:4741027B.31C9FDB2@spam.comcast.net: [..snip..] > > I want to thank the many who have helped me with all my technical > issues over the years, express my continued support to those who have > benefitted from my experience, and also apologize for having "gotten > into it" those many times when ego and emotion won out over common > sense. I thank *you* for your contributions. You have definitely been a help to me. > > A bit early perhaps, wishing all a Wonderful Holiday Season as well as > a prosperous and health-filled New Year. > I wish the same for you and others here. Tad ------------------------------ Date: Sun, 25 Nov 2007 22:12:03 -0500 From: =?ISO-8859-1?Q?Arne_Vajh=F8j?= Subject: Re: HP loses another large customer Message-ID: <474a3981$0$90270$14726298@news.sunsite.dk> Michael D. Ober wrote: > "Main, Kerry" wrote in message >> Interesting times ahead .. And fwiw, I think 3GL style programming is a >> long, long way from being retired. > > 3GL will always have a place. I have worked in a pure OO environment > and it was an absolute nightmare. The future of development will use a > combination of 3GL and later development methodologies. ???? Some of the most popular OO languages (C++, Java and C#) are 3GL languages. Arne ------------------------------ Date: Sun, 25 Nov 2007 22:47:29 -0500 From: =?ISO-8859-1?Q?Arne_Vajh=F8j?= Subject: Re: LDAP tools for VMS Message-ID: <474a41cb$0$90270$14726298@news.sunsite.dk> Malcolm Smeaton wrote: > We have an OpenLDAP Directory Server but a significant part of our user > account management for staff and students is processed on VMS and > distributed to other platforms - including the OpenLDAP server. It would > be very handy if we could use the above tools to access the directory > server directly from VMS, especially for things like testing. > > We have already written some modules using the C language application > programming interface (API) for LDAP, but if the above tools are already > available from VMS DCL why bother trying to write these ourselves. Probably too late, but: http://www.mozilla.org/directory/javasdk.html has ldapsearch, ldapmodify and ldapdelete in Java ! Arne ------------------------------ Date: Sun, 25 Nov 2007 22:34:54 -0500 From: =?ISO-8859-1?Q?Arne_Vajh=F8j?= Subject: Re: lexical for terminal attributes? Message-ID: <474a3ed8$0$90269$14726298@news.sunsite.dk> Thomas Dickey wrote: > Arne Vajhøj wrote: >> I find it much more likely that people have a terminal emulator >> that are missing obscure features than one that only supports >> VT300 series. > > oh. You forgot to tell us which terminal emulators you're using. > (it has to be more than one, given your postings in this thread). I tried with Reflection and Putty, if you think it is relevant. Arne ------------------------------ Date: Sun, 25 Nov 2007 16:54:20 -0500 From: JF Mezei Subject: Re: POP attacks and NOSLOT errors Message-ID: <44117$4749ef0f$cef8887a$28352@TEKSAVVY.COM> VAXman- @SendSpamHere.ORG wrote: > When on the road, I use ssh. I tunnel port 110 with -L 110:localhost:110. > (as well as -L 25:localhost:25) Then, I have an on-the-road configuration Pardon my ignorance, but in what way does SSH prevent hackers ? I can understand SSH encrypting stuff to prevent spies from looking at your communications, but does it really prevent someone from attempting to use POP to test username/passwords ? Do you have a setup where your SSH is configured to only accept connection from hosts having certain keys ? ( I ask because I have never really configured/looked into SSH seriously, I just used it to connect to my mac). Also, even if you use ssh, when it pipes the data over to port 110 locally, you are still going to have the TCPIP Services POP vulnerability which I had reported quite some time ago. (no intrusion detection nor logging of IP address). > which has localhost 25/110 define for the servers. I can gain access to > mail securely and the outside is still cut off from exploiting my POP and > SMTP servers. Some people need "real" POP and IMAP access from the rest of the world. For instance, unless my mobile handset supports tunneling of POP/IMAP over ssh, I still need to be able to access my host from my handset to check my mail. ------------------------------ Date: Sun, 25 Nov 2007 22:11:46 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: POP attacks and NOSLOT errors Message-ID: In article <44117$4749ef0f$cef8887a$28352@TEKSAVVY.COM>, JF Mezei writes: > > >VAXman- @SendSpamHere.ORG wrote: >> When on the road, I use ssh. I tunnel port 110 with -L 110:localhost:110. >> (as well as -L 25:localhost:25) Then, I have an on-the-road configuration > > >Pardon my ignorance, but in what way does SSH prevent hackers ? I can >understand SSH encrypting stuff to prevent spies from looking at your >communications, but does it really prevent someone from attempting to >use POP to test username/passwords ? If POP is not accessible from the outside and only via an ssh tunnel, then, yes, it does prevent someone from attempting to use POP to test username/passwords. >Do you have a setup where your SSH is configured to only accept >connection from hosts having certain keys ? ( I ask because I have never >really configured/looked into SSH seriously, I just used it to connect >to my mac). Yes. The key is on my Powerbook (and a few other machines) and with- out it, nobody can connect. >Also, even if you use ssh, when it pipes the data over to port 110 >locally, you are still going to have the TCPIP Services POP >vulnerability which I had reported quite some time ago. (no intrusion >detection nor logging of IP address). Only inside networks and localhost can access the POP server. >> which has localhost 25/110 define for the servers. I can gain access to >> mail securely and the outside is still cut off from exploiting my POP and >> SMTP servers. > >Some people need "real" POP and IMAP access from the rest of the world. >For instance, unless my mobile handset supports tunneling of POP/IMAP >over ssh, I still need to be able to access my host from my handset to >check my mail. If you are willing to trade convenience for security, then so be it. I prefer to keep my systems and data secure. I also do not use any mobile handset -- I'm assuming this is a cell phone? Mine rings and I answer it and I know how to dial a number to place a call. Beyond that I have no interest whatsoever in figuring out how to use all of its other silly features of it. I hate the phone but realize it is a somewhat necessary evil in today's society. However, When I drive, I have it turned off. There is nothing more *fucking* annoying than getting a phone call when driving. How the hell did we get outselves to this point in our evolution? There is nothing, AFAIAC, that is so important that one needs to risk an automobile accident to answer one of these asinine Star Trek communicators. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" http://tmesis.com/drat.html ------------------------------ Date: Sun, 25 Nov 2007 17:47:28 -0500 From: "Richard B. Gilbert" Subject: Re: POP attacks and NOSLOT errors Message-ID: <4749FB80.8020702@comcast.net> VAXman- wrote: > In article <44117$4749ef0f$cef8887a$28352@TEKSAVVY.COM>, JF Mezei writes: > >> >>VAXman- @SendSpamHere.ORG wrote: >> >>>When on the road, I use ssh. I tunnel port 110 with -L 110:localhost:110. >>>(as well as -L 25:localhost:25) Then, I have an on-the-road configuration >> >> >>Pardon my ignorance, but in what way does SSH prevent hackers ? I can >>understand SSH encrypting stuff to prevent spies from looking at your >>communications, but does it really prevent someone from attempting to >>use POP to test username/passwords ? > > > If POP is not accessible from the outside and only via an ssh tunnel, > then, yes, it does prevent someone from attempting to use POP to test > username/passwords. > > > > >>Do you have a setup where your SSH is configured to only accept >>connection from hosts having certain keys ? ( I ask because I have never >>really configured/looked into SSH seriously, I just used it to connect >>to my mac). > > > Yes. The key is on my Powerbook (and a few other machines) and with- > out it, nobody can connect. > > > > >>Also, even if you use ssh, when it pipes the data over to port 110 >>locally, you are still going to have the TCPIP Services POP >>vulnerability which I had reported quite some time ago. (no intrusion >>detection nor logging of IP address). > > > Only inside networks and localhost can access the POP server. > > > > >>>which has localhost 25/110 define for the servers. I can gain access to >>>mail securely and the outside is still cut off from exploiting my POP and >>>SMTP servers. >> >>Some people need "real" POP and IMAP access from the rest of the world. >>For instance, unless my mobile handset supports tunneling of POP/IMAP >>over ssh, I still need to be able to access my host from my handset to >>check my mail. > > > If you are willing to trade convenience for security, then so be it. > I prefer to keep my systems and data secure. I also do not use any > mobile handset -- I'm assuming this is a cell phone? Mine rings and > I answer it and I know how to dial a number to place a call. Beyond > that I have no interest whatsoever in figuring out how to use all of > its other silly features of it. I hate the phone but realize it is > a somewhat necessary evil in today's society. However, When I drive, > I have it turned off. There is nothing more *fucking* annoying than > getting a phone call when driving. How the hell did we get outselves > to this point in our evolution? There is nothing, AFAIAC, that is so > important that one needs to risk an automobile accident to answer one > of these asinine Star Trek communicators. > It helps reduce the numbers of the slow/stupid! Consider it evolution in action! ------------------------------ Date: Sun, 25 Nov 2007 18:10:42 -0500 From: JF Mezei Subject: Re: POP attacks and NOSLOT errors Message-ID: VAXman- @SendSpamHere.ORG wrote: >> If POP is not accessible from the outside and only via an ssh tunnel, > then, yes, it does prevent someone from attempting to use POP to test > username/passwords. People used to brag about VMS being secure. The whole point of having robust software, intrusion detection/evasion and good logging is so that you can have services opened to the world and sleep at night. However, the POP server, as furnished by the current owner of VMS does not adhere to those high standards. And while I am at it, the SMTP server/receiver doesn't even support username/password authentication for calls coming from the outside. If you have to shield your VMS system from outside access, then VMS is no better than Windows for security. ------------------------------ Date: Sun, 25 Nov 2007 23:18:37 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: POP attacks and NOSLOT errors Message-ID: In article <4749FB80.8020702@comcast.net>, "Richard B. Gilbert" writes: >{...snip...} >> I have it turned off. There is nothing more *fucking* annoying than >> getting a phone call when driving. How the hell did we get outselves >> to this point in our evolution? There is nothing, AFAIAC, that is so >> important that one needs to risk an automobile accident to answer one >> of these asinine Star Trek communicators. >> > >It helps reduce the numbers of the slow/stupid! Consider it evolution >in action! Nominees for the Darwin Award! Got it! -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" http://tmesis.com/drat.html ------------------------------ Date: Sun, 25 Nov 2007 23:30:49 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: POP attacks and NOSLOT errors Message-ID: In article , JF Mezei writes: > > >VAXman- @SendSpamHere.ORG wrote: >>> If POP is not accessible from the outside and only via an ssh tunnel, >> then, yes, it does prevent someone from attempting to use POP to test >> username/passwords. > > >People used to brag about VMS being secure. The whole point of having >robust software, intrusion detection/evasion and good logging is so that >you can have services opened to the world and sleep at night. > >However, the POP server, as furnished by the current owner of VMS does >not adhere to those high standards. And while I am at it, the SMTP >server/receiver doesn't even support username/password authentication >for calls coming from the outside. The problem is that these *network* *protocols* were not devised by the same security conscientious people who brought you VMS! I'd wager that we'd not know SPAM, other than that ham, pork and potato starch product from Denmark, if the VMS folks devised SMTP -- where the S in SMTP stood for Secure instead of Simple. >If you have to shield your VMS system from outside access, then VMS is >no better than Windows for security. I'm not shielding it. I've configured it so that I permit those whom I want to access my machines and deny those whom I do not. I don't see a problem with VMS security there. I don't want people to access any of my machines via the SYSTEM account either. If I did, I wouldn't bother to establish passwords on their SYSTEM accounts. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" http://tmesis.com/drat.html ------------------------------ Date: Sun, 25 Nov 2007 22:15:04 -0500 From: "Peter Weaver" Subject: Re: POP attacks and NOSLOT errors Message-ID: <005a01c82fda$8a757a70$4d02a8c0@CHARONLAP> >... > No. I reported this some time ago. There is also no breakin evasion > triggered. Yes, I remember seeing your posting the first time this happened to me, it would have be really nice if someone from HP would have seen it too. >... > No. But you can reduce the impact by setting a service limit > ( SET SERVICE POP /LIMIT=2 for instance). So if the hacker make multiple > simultaneous connection attempts, only the first 2 get through and this > limits the damage to your system and also slows down their dictionary > attacks. Thanks, I'll try that. Peter Weaver www.weaverconsulting.ca CHARON-VAX CHARON-AXP DataStream Reflection PreciseMail HP Commercial Hardware ------------------------------ Date: Sun, 25 Nov 2007 22:14:49 -0500 From: "Peter Weaver" Subject: Re: POP attacks and NOSLOT errors Message-ID: <005901c82fda$81e91010$4d02a8c0@CHARONLAP> >... > Do you have some reason for not running a firewall of some sort? My Of course I have a firewall, I only have the ports I need opened. Peter Weaver www.weaverconsulting.ca CHARON-VAX CHARON-AXP DataStream Reflection PreciseMail HP Commercial Hardware ------------------------------ Date: Sun, 25 Nov 2007 22:15:51 -0500 From: "Peter Weaver" Subject: Re: POP attacks and NOSLOT errors Message-ID: <005b01c82fda$a635d160$4d02a8c0@CHARONLAP> >... > Does $ANA/AUDIT/EVENT=BREAKIN tell you anything? Not for POP, it does for FTP and SSH but POP does not trigger anything other than OPCOM messages. >... > (without success) at FTP for hours. Can you change stacks? :-) I would rather run TCPWare myself, but this is not a hobbyist machine. Peter Weaver www.weaverconsulting.ca CHARON-VAX CHARON-AXP DataStream Reflection PreciseMail HP Commercial Hardware ------------------------------ Date: Sun, 25 Nov 2007 22:17:13 -0500 From: "Peter Weaver" Subject: Re: POP attacks and NOSLOT errors Message-ID: <005c01c82fda$d74b2020$4d02a8c0@CHARONLAP> >... > When on the road, I use ssh. I tunnel port 110 with -L 110:localhost:110. > (as well as -L 25:localhost:25) Then, I have an on-the-road configuration > which has localhost 25/110 define for the servers. I can gain access to >... I'll have to see if I can do that with my phone. The phone has Pocket Putty on it but I do not know if it allows me to tunnel like the fully Putty does. Right now I pick up mail on the phone using POP, but if I need to send mail I use Pocket Putty to log into my machine using SSH and I update the mail configuration file to allow relaying from the IP address currently assigned to my phone. The relay automatically gets removed the next time I log in. Peter Weaver www.weaverconsulting.ca CHARON-VAX CHARON-AXP DataStream Reflection PreciseMail HP Commercial Hardware ------------------------------ Date: Sun, 25 Nov 2007 22:20:41 -0500 From: "Peter Weaver" Subject: Re: POP attacks and NOSLOT errors Message-ID: <005d01c82fdb$585025d0$4d02a8c0@CHARONLAP> >... > I've limited ssh in this fashion (but I have a larger value than 2). It > does seem to thwart the port scanners and script kiddies. Things such as > POP and the like are NOT secure. I would limit access to these to inside > networks and trusted hosts/IPs only. I limit my use of POP but there are times when it is my only option so I take the risk of using it. Some sites I visit do not let people use their laptops in their office so I use my phone to get emails. Peter Weaver www.weaverconsulting.ca CHARON-VAX CHARON-AXP DataStream Reflection PreciseMail HP Commercial Hardware ------------------------------ Date: Sun, 25 Nov 2007 22:20:50 -0500 From: "Peter Weaver" Subject: Re: POP attacks and NOSLOT errors Message-ID: <005e01c82fdb$59248cd0$4d02a8c0@CHARONLAP> >... > operator.log doesn say much at all, but ana/audit gives > entries like : FTP does a good job of sending information to the Audit Journal, but POP does not. Peter Weaver www.weaverconsulting.ca CHARON-VAX CHARON-AXP DataStream Reflection PreciseMail HP Commercial Hardware ------------------------------ Date: Mon, 26 Nov 2007 03:02:31 GMT From: "John E. Malmberg" Subject: Re: Rsync on VMS Message-ID: Andrew Black (delete obvious bit) wrote: > Is Rsync or anything equivalent available on VMS and what are peoples > exeperience. > I am trying to synchronise files between different disks (same and > different machines) Rsync needs some work to make it reliable on VMS. I have not had the time to do any updates to it for a few years. I was doing daily builds for a while, but no longer have the time. I do not know how long it would take for me to reproduce the binary that I am using now, and it has too many bugs for me to post it anywhere. -John wb8tyw@qsl.net Personal Opinion Only ------------------------------ End of INFO-VAX 2007.647 ************************