INFO-VAX Thu, 31 Jan 2008 Volume 2008 : Issue 61 Contents: Re: "file locked by another user" mystery Re: "file locked by another user" mystery Re: "file locked by another user" mystery CIFS on VMS, multi-user share per user security setup question Re: CIFS on VMS, multi-user share per user security setup question Re: Looking for a DECserver 200/MC/ or 300 Re: Looking for a DECserver 200/MC/ or 300 Re: M$IE; was: DSPP Integrity remanufactured h/w... Re: M$IE; was: DSPP Integrity remanufactured h/w... Re: M$IE; was: DSPP Integrity remanufactured h/w... Re: PowerTerm 525 & eXcursion Re: PowerTerm 525 & eXcursion Re: PowerTerm 525 & eXcursion Re: PowerTerm 525 & eXcursion Re: PowerTerm 525 & eXcursion Re: PowerTerm 525 & eXcursion Re: Restricting Access to TCP/IP and DECnet Re: Restricting Access to TCP/IP and DECnet Re: Restricting Access to TCP/IP and DECnet Re: VT100 standards and EDT Re: VT100 standards and EDT Re: VT100 standards and EDT Re: VT100 standards and EDT Re: VT100 standards and EDT ---------------------------------------------------------------------- Date: Wed, 30 Jan 2008 15:36:14 -0800 From: Fred Bach Subject: Re: "file locked by another user" mystery Message-ID: briggs@encompasserve.org wrote: > In article <479FB364.4010505@triumf.ca>, Fred Bach writes: [snip] >> One thing that IS important to know is that after an "ON" >> condition is acted upon, the last pertinent ON statement is >> more or less rendered 'cancelled' by its having its specified >> action taken. The ON condition executed then returns to its >> default condition, so another set of ON ... statements is >> frequently needed. Now even though the HELP confirms this, >> that IS something that I learned the hard way. And I had >> built myself a little DCL test procedure to prove it and in >> some of my coding you would find a block of ON conditions >> repeated many times. The code looks funny, too. How does >> a fellow set the *default* ON conditions themselves?? > > The default ON is "ON ERROR THEN EXIT" > > That continues sequential execution on warnings. > And it exits on errors and severe errors. Many thanks for all the great ideas about $STATUS and $SEVERITY ! You know, I will be using them. Looks like I've got a lot of editing to do.... Is there some way to start a completely new daughter (or detached) DCL process where these ON conditions can be set to default to something other than ON ERROR THEN EXIT? Thanks. ..fred .. ------------------------------ Date: Thu, 31 Jan 2008 01:17:29 -0500 From: "Carl Friedberg" Subject: Re: "file locked by another user" mystery Message-ID: <890539d90801302217w14f4f34fi9267137aa7998997@mail.gmail.com> Hi Fred, "Experience is what you get when you don't have it" I have a template I use most of the time. It goes something like this: (Thanks to the former Alan J. Barr for the maxim to always run with "ON WARNING" in effect) .. $! free use without any warranty, support, or reliability $ xitsts = 1 $ on warning then goto BadDCL $! your code starts here $... $Egress: $ exit xitsts $BadDCL: $ xitsts = $status $ msgtxt = "Ouch, Carl, " + f$message(xitsts) $ write sys$output "''msgtxt'" $! you can also send mail at this point if desired $ goto Egress Running with ON WARNING enabled (along with the DECUS DCL_CHECK procedure from Mr. Hammond) is a very good way to reduce unintended side effects and surprises, and late-night support calls. Just my 2 cents. ------------------------------ Date: Thu, 31 Jan 2008 01:49:09 -0500 From: "Richard B. Gilbert" Subject: Re: "file locked by another user" mystery Message-ID: <47A16F65.1020102@comcast.net> Carl Friedberg wrote: > Hi Fred, > > "Experience is what you get when you don't > have it" > > I have a template I use most of the time. It goes > something like this: > > (Thanks to the former Alan J. Barr for the maxim > to always run with "ON WARNING" in effect) > > .. > $! free use without any warranty, support, or reliability > $ xitsts = 1 > $ on warning then goto BadDCL > $! your code starts here > $... > $Egress: > $ exit xitsts > $BadDCL: > $ xitsts = $status > $ msgtxt = "Ouch, Carl, " + f$message(xitsts) > $ write sys$output "''msgtxt'" > $! you can also send mail at this point if desired > $ goto Egress > > Running with ON WARNING enabled (along with the > DECUS DCL_CHECK procedure from Mr. Hammond) > is a very good way to reduce unintended side effects > and surprises, and late-night support calls. > > Just my 2 cents. I've been using Charlie Hammond's DCL_CHECK for several years. It's great. After that though, you have to know what could go wrong and invent a way to recover from each possible error in your DCL and also in any application that your run from your DCL. Generally though, it was not DCL errors that caused me to be paged after hours, but rather applications that bombed, or files that should have existed but didn't or that did exist and should not have. Much of my DCL ran for years without problems. Once you get it right it usually stays right at least until something else changes. At McGraw-Hill there were enough clusters that on-call nights could result in a lot of lost sleep but the problems were seldom DCL errors. A lot of the time it was very old hardware that decided to go belly up when I should have been sleeping; with 25 clusters in the data center and another hundred or so in various field offices, there was plenty to go wrong and something usually did. ------------------------------ Date: Wed, 30 Jan 2008 15:03:44 -0800 (PST) From: Rich Jordan Subject: CIFS on VMS, multi-user share per user security setup question Message-ID: We're working with a test installation of CIFS on an Alpha V8.3 test box. Its turning out to be quite difficult getting what seems like basic security going. Samba is in PDC mode running its own domain using local authentication (local UAF accounts with associated tdbsam password database. The PC client logging in is in a separate windows AD domain, and 'connects as another user' to log in to the samba provided shares. We are not using "home" shares per user; these are common shares, though some users have full access while others should be read/write with no delete/control ability. We create a shared directory and share. Several test accounts (user1, user2, user3, user4, user5) are setup and entered into the password database. user5 is in the 'administrators' group (so defined by creating a resource identifier called 'administrators' and using the NET RPC GROUP ADDMEM to stick user5 in it). The VMS directory is owned by a UIC group different from any of the user UICs so access should be controller by the ACL on the directory and its subsidiary files. The initial ACEs set IDENTIFIER=administrator, access=read+write +execute+delete+control (and a option=default ACE to force that on any subsidiary files/directories). user5 was able to connect, and create a file, but was then unable to rename or delete it. Without the ACL in place, user5 was not even able to connect to the share, so I know its being read and having effect. When I added new sets of ACEs for the CIFS identifiers of each of the other users, (CIFS$U_username) some read+write+execute, others with full access, both access and option=default with the same access, the same symptom appeared. The other accounts could now connect to the share, and create files, but could not rename or delete files they or any other account had created. It doesn't seem to matter if the ACEs are specifying the delete+control options or not. Another item is attempting to modify the security profile from the peecee side. I can bring up security properties but (so far, with any account) the attempt to modify anything fails saying I don't have the required access. Thats even with a file owned by the account, in a directory owned by the account, with both UIC and ACE granting full (and control) access, or just UIC or ACE based full access. Nothing works. Finally, is the security properties of a file or directory accessed through samba supposed to show numeric IDs instead of names for access? The owner of the file shows up as a name "user3 (DOMAIN \user3)" but all other ACE provided access rules show up as "-2147418078 (Unix User\-2147418078)" with the numbers depending on the CIFS$U_username identifiers in the ACEs. I've only plowed through about 1/3 of the samba docs so far. The ACLs on the share should provide full access to the owner of a file, but its obviously not working as expected. The VMS specific docs for Samba are very incomplete and honestly pretty disorganized; I haven't found any detail security setup info that translates well from the unixy docs to VMS yet. I'm going to go through real diagnostics with file audits enabled, samba logging turned up higher, etc, but in the meantime I'm hoping someone else might have had to set up reasonable per-user access security in CIFS or Samba before and maybe has some wisdom to share on the best way to do it. ------------------------------ Date: Wed, 30 Jan 2008 15:42:04 -0800 (PST) From: Rich Jordan Subject: Re: CIFS on VMS, multi-user share per user security setup question Message-ID: <18bb3568-1039-4310-a107-3ccdbf6b18a7@i72g2000hsd.googlegroups.com> On Jan 30, 5:03 pm, Rich Jordan wrote: > We're working with a test installation of CIFS on an Alpha V8.3 test > box. Its turning out to be quite difficult getting what seems like > basic security going. Samba is in PDC mode running its own domain > using local authentication (local UAF accounts with associated tdbsam > password database. The PC client logging in is in a separate windows > AD domain, and 'connects as another user' to log in to the samba > provided shares. We are not using "home" shares per user; these are > common shares, though some users have full access while others should > be read/write with no delete/control ability. > > We create a shared directory and share. Several test accounts (user1, > user2, user3, user4, user5) are setup and entered into the password > database. user5 is in the 'administrators' group (so defined by > creating a resource identifier called 'administrators' and using the > NET RPC GROUP ADDMEM to stick user5 in it). > > The VMS directory is owned by a UIC group different from any of the > user UICs so access should be controller by the ACL on the directory > and its subsidiary files. > > The initial ACEs set IDENTIFIER=administrator, access=read+write > +execute+delete+control (and a option=default ACE to force that on any > subsidiary files/directories). > > user5 was able to connect, and create a file, but was then unable to > rename or delete it. Without the ACL in place, user5 was not even > able to connect to the share, so I know its being read and having > effect. > > When I added new sets of ACEs for the CIFS identifiers of each of the > other users, (CIFS$U_username) some read+write+execute, others with > full access, both access and option=default with the same access, the > same symptom appeared. The other accounts could now connect to the > share, and create files, but could not rename or delete files they or > any other account had created. It doesn't seem to matter if the ACEs > are specifying the delete+control options or not. > > Another item is attempting to modify the security profile from the > peecee side. I can bring up security properties but (so far, with any > account) the attempt to modify anything fails saying I don't have the > required access. Thats even with a file owned by the account, in a > directory owned by the account, with both UIC and ACE granting full > (and control) access, or just UIC or ACE based full access. Nothing > works. > > Finally, is the security properties of a file or directory accessed > through samba supposed to show numeric IDs instead of names for > access? The owner of the file shows up as a name "user3 (DOMAIN > \user3)" but all other ACE provided access rules show up as > "-2147418078 (Unix User\-2147418078)" with the numbers depending on > the CIFS$U_username identifiers in the ACEs. > > I've only plowed through about 1/3 of the samba docs so far. The ACLs > on the share should provide full access to the owner of a file, but > its obviously not working as expected. The VMS specific docs for > Samba are very incomplete and honestly pretty disorganized; I haven't > found any detail security setup info that translates well from the > unixy docs to VMS yet. > > I'm going to go through real diagnostics with file audits enabled, > samba logging turned up higher, etc, but in the meantime I'm hoping > someone else might have had to set up reasonable per-user access > security in CIFS or Samba before and maybe has some wisdom to share on > the best way to do it. Another wierdness. With auditing enabled for access failures, when I try to map a drive I get a series of access failures from an Apache (SWS) process trying to do a "read file attributes request" on the root directory of the system's only disk. The error is a %SYSTEM-F- NOPRIV This happens on a failed connection, after the server has been chewing on the request for about 10 seconds (its an AS200 4/233 so its pretty slow with CIFS). The windows client pops up the username dialog again about the time these Apache errors finish. It is repeatable. Apache is running on the system, but why would it be involved in any way with CIFS and a client connection attempt? Rich ------------------------------ Date: Wed, 30 Jan 2008 12:32:22 -0800 (PST) From: "tomarsin2015@comcast.net" Subject: Re: Looking for a DECserver 200/MC/ or 300 Message-ID: <7c5177f7-fe1b-4cbb-9996-10712c9e5819@e10g2000prf.googlegroups.com> On Jan 29, 4:53=A0am, VAXman- @SendSpamHere.ORG wrote: > In article <48072fe0-b8ca-4517-90c8-491429780...@i7g2000prf.googlegroups.c= om>, "tomarsin2...@comcast.net" writes: > > > > >Hello > >Was wondering if anybody has a 200/MC or 300 laying around that they > >are not using and really dont want to send the item(s) to the trash. > >tks > >phil > >p.s. > >trying to stay away from e-smell (ebay), and this is for personal use. > > I had one and gave it away. =A0Any reason why you want a 200/MC or 300 > specifically? > > -- > VAXman- A Bored Certified VMS Kernel Mode Hacker =A0 VAXman(at)TMESIS(dot)= COM > > =A0 "Well my son, life is like a beanstalk, isn't it?" > > http://tmesis.com/drat.html Hello Found out that the power supply board blew. The part # is 30-27484-01, POWER SUPPLY, 59W 3 OUTPUT. Just wondering is this a generic power supply or did DEC do something special so it would only work in the 100/200/300 series? tks phil ------------------------------ Date: Wed, 30 Jan 2008 21:12:07 -0500 From: "Richard B. Gilbert" Subject: Re: Looking for a DECserver 200/MC/ or 300 Message-ID: <47A12E77.2080100@comcast.net> tomarsin2015@comcast.net wrote: > On Jan 29, 4:53 am, VAXman- @SendSpamHere.ORG wrote: > >>In article <48072fe0-b8ca-4517-90c8-491429780...@i7g2000prf.googlegroups.com>, "tomarsin2...@comcast.net" writes: >> >> >> >> >>>Hello >>>Was wondering if anybody has a 200/MC or 300 laying around that they >>>are not using and really dont want to send the item(s) to the trash. >>>tks >>>phil >>>p.s. >>>trying to stay away from e-smell (ebay), and this is for personal use. >> >>I had one and gave it away. Any reason why you want a 200/MC or 300 >>specifically? >> >>-- >>VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM >> >> "Well my son, life is like a beanstalk, isn't it?" >> >>http://tmesis.com/drat.html > > > Hello > Found out that the power supply board blew. The part # is 30-27484-01, > POWER SUPPLY, 59W 3 OUTPUT. Just wondering is this a generic power > supply or did DEC do something special so it would only work in the > 100/200/300 series? > tks > phil Knowing DEC, the power supply is probably unique to that model DECserver or at most to a couple of similar models. DEC appeared to design EVERYTHING from scratch ------------------------------ Date: Wed, 30 Jan 2008 20:29:51 GMT From: John Santos Subject: Re: M$IE; was: DSPP Integrity remanufactured h/w... Message-ID: <375oj.9513$v86.2373@trnddc08> VAXman- @SendSpamHere.ORG wrote: > In article <479f5328$1@mvb.saic.com>, Mark Berryman writes: > >> >>VAXman- @SendSpamHere.ORG wrote: >> >>>In article , Kilgallen@SpamCop.net (Larry Kilgallen) writes: >>> >>>>In article , VAXman- @SendSpamHere.ORG writes: >>>> >>>>>In article , Kilgallen@SpamCop.net (Larry Kilgallen) writes: >>>>> >>>>>>In article , VAXman- @SendSpamHere.ORG writes: >>>>>> >>>>>> >>>>>>>Sending them as PDF would make them more *universally* "compatable". (sic) >>>>>> >>>>>>Providing you do not generate the form of PDF that is unreadable >>>>>>by Adobe Acrobat 4. >>>>> >>>>>I read PDF with Preview. >>>> >>>>That is irrelevant in the long term. >>>>A statement relevant in the long term would be "I always upgrade my >>>>operating system to adapt to format changes." >>> >>>:D >>> >>>I need to upgrade my OS (VMS) to support the gobbledegook reformatted >>>quoted-printable shite that Micro$oft mailers create whenever they send >>>out preformatted text! >> >>You might get a chuckle out of this (or a groan if you're stuck with it). >> >>Microsoft sells an email system they claim is fit for the enterprise >>called Exchange. The standard client for Exchange is Microsoft Outlook >>which, naturally, only runs on Windows. Microsoft also sells an >>Exchange client for Mac called Entourage. Remember, these are all >>Microsoft products. >> >>Here's the fun part: if folks exchange email messages where there is a >>mix of Entourage and Outlook clients, something somewhere in the message >>path, Outlook, Entourage, or Exchange, starts changing the font size on >>each message in the message stream. If you have a message containing >>multiple replies, each reply in the message is rendered in an ever >>decreasing font size, rapidly making the replies unreadable. >> >>If there is a fix for this, I have yet to find it. > > > Contact SPECTRE. Supply them with the latitude/longitude coordinates for > M$ in Redmond. Request that they take over a missle silo in the midwest > and input those coordinates into a MIRV which will shower the adjacent > areas around M$ to insure that none of the brain-damaged, mind-clones of > Billzebub survive to breed. I think this is the ONLY solution. > > Huh? Why would SPECTRE destroy one of its most important installations? Or do you mean we should hack into SPECTRE's targeting system and supply our own targets? -- John Santos Evans Griffiths & Hart, Inc. 781-861-0670 ext 539 ------------------------------ Date: 30 Jan 2008 21:43:48 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: M$IE; was: DSPP Integrity remanufactured h/w... Message-ID: <47a0ef94$0$25064$607ed4bc@cv.net> In article <375oj.9513$v86.2373@trnddc08>, John Santos writes: >{...snip...} >> Contact SPECTRE. Supply them with the latitude/longitude coordinates for >> M$ in Redmond. Request that they take over a missle silo in the midwest >> and input those coordinates into a MIRV which will shower the adjacent >> areas around M$ to insure that none of the brain-damaged, mind-clones of >> Billzebub survive to breed. I think this is the ONLY solution. >> >> > >Huh? Why would SPECTRE destroy one of its most important installations? > >Or do you mean we should hack into SPECTRE's targeting system and supply >our own targets? ROTFLMFAO! Reminds me of a Dennis Miller monologue from Saturday Night Live: Bill Gates is just a white Persian cat and a monocle away from being a villian in a James Bond movie. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" http://tmesis.com/drat.html ------------------------------ Date: 30 Jan 2008 17:05:30 -0600 From: Kilgallen@SpamCop.net (Larry Kilgallen) Subject: Re: M$IE; was: DSPP Integrity remanufactured h/w... Message-ID: In article <60bqqcF1qirg5U2@mid.individual.net>, billg999@cs.uofs.edu (Bill Gunshannon) writes: > In article , > Kilgallen@SpamCop.net (Larry Kilgallen) writes: >> In article <47a06890$0$25065$607ed4bc@cv.net>, VAXman- @SendSpamHere.ORG writes: >>> In article <479fdfb0$0$90276$14726298@news.sunsite.dk>, =?ISO-8859-1?Q?Arne_Vajh=F8j?= writes: >>>>VAXman- @SendSpamHere.ORG wrote: >>>>> I need to upgrade my OS (VMS) to support the gobbledegook reformatted >>>>> quoted-printable shite that Micro$oft mailers create whenever they send >>>>> out preformatted text! >>>>> >>>>> I just received an email from a site which should have been text -- text >>>>> that was generated by some SDA commands I asked the customer to enter. >>>>> I now have a display full of "= 20" and similar shite. What is it with >>>>> M$ and text? It does NOT need to be encoded. >>>> >>>>Any characters outside 32-126 or any lines longer than 76 characters ? >>> >>> Text! However, the lines were longer than 76 characters as I had them >>> output some information that is best viewed 132. >> >> Looking at the SMTP headers you should find one indicating that your >> buddy Bill Gates has graciously converted the body to "quoted printable", >> another great lie from Microsoft. >> >> I have in mind when I get the time to arrange an MTA to reject such >> messages. > > Can you really afford to just kiss off potential customers like that? That would be a potential customer who: 1. Cannot control their email client in the face of a clear rejection message about what they are doing wrong. 2. Is not allowed by their employer to make long distance calls. Is that customer really worth the cost of providing support if they are allowed to initiate a purchase ? By the way, in our experience, initial discussions are always by phone, even after they have spent months researching our web site. ------------------------------ Date: Wed, 30 Jan 2008 21:12:43 +0200 From: "Markku Vaarankorpi" Subject: Re: PowerTerm 525 & eXcursion Message-ID: Hi, I use both. There were v 7.3 pathworks cd and works fine in Vista. PT version is 5.5.0, excursion version i don't remember but it was in same cd as PT Regards, Markku "Marc Van Dyck" kirjoitti viestissä:mn.dcdf7d8133adaafe.30579@brutele.be... > Is there a Vista-compatible version of those two softwares > available somewhere ? What is the vista compatibility status > of the versions distributed on the OpenVMS consolidated > distribution CDs ? > > Thanks in advance, > > -- > Marc Van Dyck > > ------------------------------ Date: Wed, 30 Jan 2008 22:58:19 +0100 From: Marc Van Dyck Subject: Re: PowerTerm 525 & eXcursion Message-ID: Doug Phillips expressed precisely : > On Jan 27, 1:47 pm, Marc Van Dyck wrote: >> Is there a Vista-compatible version of those two softwares >> available somewhere ? What is the vista compatibility status >> of the versions distributed on the OpenVMS consolidated >> distribution CDs ? > > > I run (have for a few weeks) PowerTerm v5.6 from the PW v7.4 CD on > Vista without problem. > > I run (have for a few months) Reflection (as old as v6.0) on Vista > without problem. > > I doubt that any of these configs would be "supported" but I've never > needed "support." They all have licenses which predate Vista. > > I don't use eXcursion. Have you tried it? Well, I use ReflexionX at work and eXcursion at home. Having spent 11 years of my professional life with Digital and not being able to forget it, I tend to be partial towards (ex-)Digital products, so my preference goes to eXcursion. I have not tried any of them under Vista yet, will do so next week-end and report the results. -- Marc Van Dyck ------------------------------ Date: Wed, 30 Jan 2008 22:59:22 +0100 From: Marc Van Dyck Subject: Re: PowerTerm 525 & eXcursion Message-ID: Markku Vaarankorpi was thinking very hard : > Hi, > > I use both. There were v 7.3 pathworks cd and works fine in Vista. > PT version is 5.5.0, excursion version i don't remember but it was in > same cd as PT > > Regards, > > Markku > > "Marc Van Dyck" kirjoitti > viestissä:mn.dcdf7d8133adaafe.30579@brutele.be... >> Is there a Vista-compatible version of those two softwares >> available somewhere ? What is the vista compatibility status >> of the versions distributed on the OpenVMS consolidated >> distribution CDs ? >> >> Thanks in advance, >> >> -- Marc Van Dyck >> >> Many thanks for that feedback. As said above, I'll give it a try next week-end. -- Marc Van Dyck ------------------------------ Date: Wed, 30 Jan 2008 22:00:34 -0000 From: "John Wallace" Subject: Re: PowerTerm 525 & eXcursion Message-ID: <13q1ss6e1llhg24@corp.supernews.com> "Bill Gunshannon" wrote in message news:60b7m7F1q8vfcU1@mid.individual.net... > In article <47a063af$0$16226$c3e8da3@news.astraweb.com>, > JF Mezei writes: > > P. Sture wrote: > > > >> "Windows 7 won't be released in 2009 after all" > > > > Remember: > > ftp://atlas.csd.net/pub/vms100.jpg > > > > > > OpenVMS is *today* what Microsoft wants Windows NT v8.0 to be! > > > > > > This was on the VMS home page in september 1998, already under "Compaq" > > administration. 10 years later, we are 1.5 versions away from it. > > Current MS products resemble NT about as much as VMS resembles CP/M. > Microsoft never wanted NT to be like VMS. They prefer it to be wanted > and used by customers. > > bill > > -- > Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves > bill@cs.scranton.edu | and a sheep voting on what's for dinner. > University of Scranton | > Scranton, Pennsylvania | #include In what way does "wanted and used by customers" apply to the various flavours of Vista, and its associated Office package whose name I forget? "Forced down the throats of customers" is a description many people, including me, could be comfortable with. VMS made a big thing out of upward compatibility. Ancient code and apps still run today, DCL looks much the same, system services haven't changed much, etc. Meanwhile, more VMS features have been architected than Windows will ever have (multi-language interoperability, decent networking, proper clusters, security that works, Galaxy, etc). It also helped that a lot of things were done right first time in VMS, and consequently you don't get incompatibilites arising to fix design mistakes. Billco has repeatedly made a big thing out of new releases breaking existing things (new OSes needing more hardware, new apps, new GUIs, new training, etc), and not just because MS didn't get the design right enough originally. This version churn has of course traditionally been a wonderful revenue opportunity for the whole Wintel-centric ecosystem. Which model really suits the customer better, the "investment preservation" one (call it TCO if you will) or the "IT investment largely worthless after 2-3 years" one? Which one is doing better in the "market"? Why? Will Vista finally make a few more folks wake up, given that even the likes of Dell have been forced to continue to offer Windows XP on some end user PCs (the corporate users don't care what they get from the factory, they'll put their own Win2K or WinXP on if Dell insist on supplying Vista pre-installed)? Regards John ------------------------------ Date: Wed, 30 Jan 2008 23:14:17 +0100 From: Marc Van Dyck Subject: Re: PowerTerm 525 & eXcursion Message-ID: After serious thinking John Wallace wrote : > "Bill Gunshannon" wrote in message > news:60b7m7F1q8vfcU1@mid.individual.net... >> In article <47a063af$0$16226$c3e8da3@news.astraweb.com>, >> JF Mezei writes: >>> P. Sture wrote: >>> >>>> "Windows 7 won't be released in 2009 after all" >>> >>> Remember: >>> ftp://atlas.csd.net/pub/vms100.jpg >>> >>> >>> OpenVMS is *today* what Microsoft wants Windows NT v8.0 to be! >>> >>> >>> This was on the VMS home page in september 1998, already under "Compaq" >>> administration. 10 years later, we are 1.5 versions away from it. >> >> Current MS products resemble NT about as much as VMS resembles CP/M. >> Microsoft never wanted NT to be like VMS. They prefer it to be wanted >> and used by customers. >> >> bill >> >> -- >> Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves >> bill@cs.scranton.edu | and a sheep voting on what's for dinner. >> University of Scranton | >> Scranton, Pennsylvania | #include > > In what way does "wanted and used by customers" apply to the various > flavours of Vista, and its associated Office package whose name I forget? > "Forced down the throats of customers" is a description many people, > including me, could be comfortable with. > > VMS made a big thing out of upward compatibility. Ancient code and apps > still run today, DCL looks much the same, system services haven't changed > much, etc. Meanwhile, more VMS features have been architected than Windows > will ever have (multi-language interoperability, decent networking, proper > clusters, security that works, Galaxy, etc). It also helped that a lot of > things were done right first time in VMS, and consequently you don't get > incompatibilites arising to fix design mistakes. > > Billco has repeatedly made a big thing out of new releases breaking existing > things (new OSes needing more hardware, new apps, new GUIs, new training, > etc), and not just because MS didn't get the design right enough originally. > This version churn has of course traditionally been a wonderful revenue > opportunity for the whole Wintel-centric ecosystem. > > Which model really suits the customer better, the "investment preservation" > one (call it TCO if you will) or the "IT investment largely worthless after > 2-3 years" one? Which one is doing better in the "market"? Why? Well, it looks pretty desperate, doesn't it ? Makes you wonder whether IT manager have normal brains, or even brains at all, for that matter... But let me tell you, each time I've seen a VMS installation displaced (and I've seen far too many of them for my taste), it's been for the same reason : lack of applications running on the VMS platform... At the place I work now, the only platform that remains alive is the one for which we develop the code in-house. As soon as one company puts on the market a generic app that does the same, presumably on some sort of Unix box, bye-bye VMS... > > Will Vista finally make a few more folks wake up, given that even the likes > of Dell have been forced to continue to offer Windows XP on some end user > PCs (the corporate users don't care what they get from the factory, they'll > put their own Win2K or WinXP on if Dell insist on supplying Vista > pre-installed)? > > Regards > John -- Marc Van Dyck ------------------------------ Date: 30 Jan 2008 22:21:33 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: PowerTerm 525 & eXcursion Message-ID: <47a0f86d$0$25034$607ed4bc@cv.net> In article <13q1ss6e1llhg24@corp.supernews.com>, "John Wallace" writes: >{...snip...} >In what way does "wanted and used by customers" apply to the various >flavours of Vista, and its associated Office package whose name I forget? >"Forced down the throats of customers" is a description many people, >including me, could be comfortable with. > >VMS made a big thing out of upward compatibility. Ancient code and apps >still run today, DCL looks much the same, system services haven't changed Unless they were written in C and relied upon mktime(). Sorry, couldn't resist the temptation. >much, etc. Meanwhile, more VMS features have been architected than Windows >will ever have (multi-language interoperability, decent networking, proper >clusters, security that works, Galaxy, etc). It also helped that a lot of >things were done right first time in VMS, and consequently you don't get >incompatibilites arising to fix design mistakes. > >Billco has repeatedly made a big thing out of new releases breaking existing >things (new OSes needing more hardware, new apps, new GUIs, new training, >etc), and not just because MS didn't get the design right enough originally. >This version churn has of course traditionally been a wonderful revenue >opportunity for the whole Wintel-centric ecosystem. > >Which model really suits the customer better, the "investment preservation" >one (call it TCO if you will) or the "IT investment largely worthless after >2-3 years" one? Which one is doing better in the "market"? Why? > >Will Vista finally make a few more folks wake up, given that even the likes >of Dell have been forced to continue to offer Windows XP on some end user >PCs (the corporate users don't care what they get from the factory, they'll >put their own Win2K or WinXP on if Dell insist on supplying Vista >pre-installed)? Isn't VISTA an acronym for Veritable Incentive Switch To Apple? -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" http://tmesis.com/drat.html ------------------------------ Date: Thu, 31 Jan 2008 07:02:29 +1100 From: Jim Duff Subject: Re: Restricting Access to TCP/IP and DECnet Message-ID: <47a0d7d6@dnews.tpgi.com.au> Bob Gezelter wrote: > On Jan 30, 7:41 am, Jim Duff wrote: >> Bob Gezelter wrote: >>> On Jan 29, 6:58 pm, "Robert Jarratt" wrote: >>>> Is it possible to restrict access to TCP/IP (5.1) and DECnet (IV) on a >>>> per-user basis? In other words I would like someone to be able to access my >>>> machine, but not to go from that machine to anywhere else on the network. >>>> Thanks >>>> Rob >>> Rob, >>> WADU, I will have to disagree with Jim Duff. Restricting access to >>> particular images is a good idea, but since these are essentially non- >>> privileged images, a (somewhat) inventive user can circumvent the >>> security by finding and using copies of the images or equivalent from >>> his own directory. >>> [snip] >> How is the user going to get a copy of the executable if it is marked >> ACCESS=NONE? >> >> Jim >> --www.eight-cubed.com > > Jim, > > The comments that have been posted in the interim have mentioned > several various approaches that concern me. > > Preventing access to executables has its utility, but it presumes that > the users being secured against have no capability of getting > executables on their own power. > > From an auditing perspective, it is a far surer thing to prohibit > access to the device that serves as a mandatory gateway to the TCP/IP > stack (or to remove NETMBX, after verification that it is indeed > needed for ALL network accesses), than to say "Well, I have blocked > access to known network utilities". Blocking access to utilities is > akin to applications level controls, they have some utility, but they > are not airtight in the face of user belligerence, which is what > security measures are intended to prevent. > > [snip] OK, I'm paranoid. But am I paranoid *enough*? ;-) -- www.eight-cubed.com ------------------------------ Date: Wed, 30 Jan 2008 20:28:57 GMT From: "Robert Jarratt" Subject: Re: Restricting Access to TCP/IP and DECnet Message-ID: "Robert Jarratt" wrote in message news:S4Pnj.34169$a61.25452@newsfe3-win.ntli.net... > Is it possible to restrict access to TCP/IP (5.1) and DECnet (IV) on a > per-user basis? In other words I would like someone to be able to access > my machine, but not to go from that machine to anywhere else on the > network. > > Thanks > > Rob > Thanks for all the replies. A few people have pointed out that my question is not entirely clear. The reason I want to do this is that I want to give an acquaintance access to my hobbyist VAX. I have opened up telnet access to it from the internet, but the machine is on my home network and just to be safe I would rather he be unable to go anywhere else on the home network, including back out on to the internet. I suppose I could put the machine in a DMZ if I was doing this properly, but my firewall server only has 2 nics at the moment. I will remove NETMBX and see if that does the trick. Thanks Rob ------------------------------ Date: Wed, 30 Jan 2008 20:42:35 GMT From: "Robert Jarratt" Subject: Re: Restricting Access to TCP/IP and DECnet Message-ID: <%i5oj.36406$a61.21359@newsfe3-win.ntli.net> "Robert Jarratt" wrote in message news:d65oj.6703$L73.3723@newsfe1-win.ntli.net... > > "Robert Jarratt" wrote in message > news:S4Pnj.34169$a61.25452@newsfe3-win.ntli.net... >> Is it possible to restrict access to TCP/IP (5.1) and DECnet (IV) on a >> per-user basis? In other words I would like someone to be able to access >> my machine, but not to go from that machine to anywhere else on the >> network. >> >> Thanks >> >> Rob >> > > Thanks for all the replies. A few people have pointed out that my question > is not entirely clear. The reason I want to do this is that I want to give > an acquaintance access to my hobbyist VAX. I have opened up telnet access > to it from the internet, but the machine is on my home network and just to > be safe I would rather he be unable to go anywhere else on the home > network, including back out on to the internet. I suppose I could put the > machine in a DMZ if I was doing this properly, but my firewall server only > has 2 nics at the moment. > > I will remove NETMBX and see if that does the trick. > > Thanks > > Rob > For the record, I have just tried removing NETMBX and it does what I want. I tried ping, telnet out, ftp, and set host, none of these worked after removing netmbx. Thanks all Rob ------------------------------ Date: Wed, 30 Jan 2008 14:30:50 -0500 From: "Richard B. Gilbert" Subject: Re: VT100 standards and EDT Message-ID: <47A0D06A.2040005@comcast.net> Bill Gunshannon wrote: > In article <47A099E5.6000003@comcast.net>, > "Richard B. Gilbert" writes: > >>Bill Gunshannon wrote: >> >>>In article <47a06c47$0$25065$607ed4bc@cv.net>, >>> VAXman- @SendSpamHere.ORG writes: >>> >>> >>>>In article <60aab6F1q5o77U1@mid.individual.net>, billg999@cs.uofs.edu (Bill Gunshannon) writes: >>>> >>>> >>>>>In article , >>>>> John Sauter writes: >>>>> >>>>> >>>>>>Bill Gunshannon wrote: >>>>>> >>>>>> >>>>>>>I remember back in my pre-academia days...... >>>>>>> >>>>>>>Working on a VT-xxx emulator, written in TurboPascal, with a good friend >>>>>>>and having it continuously bomb out running EDT. We used a datascope >>>>>>>(anybody remember them?) and hand documented all the apparently un-documented >>>>>>>things that DEC did with their terminals. Of course, I would have thought >>>>>>>that all stopped when the ANSI standard was published, but knowing the vendor >>>>>>>involved, maybe not. :-) >>>>>>> >>>>>>>bill >>>>>>> >>>>>> >>>>>>EDT supported the VT52, VT100 and its successors. All of the escape >>>>>>sequences it used were in the manual for the appropriate terminal. >>>>> >>>>>Sorry to disappoint oyu, but that just is not true. we found a number >>>>>of undocumented control sequences and we did eventually get the terminal >>>>>emulator running I supose we could have stepped back to VT52, but the >>>>>customer had their heart set on VT100. :-) >>>> >>>>Control sequences or escape sequences? >>> >>> >>>What's the difference? The VT seriesx of terminals use sequences of >>>non-printable and printable characters to control the appearance of >>>text ont he screen. >>> >>> >>> >>>> I can't imagine that EDT was >>>>sending any undocumented control sequences (bell, tab, FF, LF, & CR). >>>>I have a utility that relies upon faithfully tracking escape sequences >>>>and EDT doesn't toss any wrenches (spanners for the UK readers) into >>>>the works. >>> >>> >>>Maybe not now, but 20 years ago....... That was before the ANSI definition >>>became common. >>> >>>bill >>> >> >>The X3-64 standard was first published in 1979! The DEC VT100 series >>was one of the few to comply with it. It took a while to catch on but >>VT100 became the standard terminal and the terminal to emulate. > > > I actually thought it was the other way around. I thought the ANSI committee > sat down to come up with a standard, looked at VT100 and said, "Boy, this is > good" the rest was history. > > >>Prior to this there was a hodge-podge of proprietary terminals, each >>with it's own unique set of control codes. > > > Not just prior to. I had many a Televideo 900 series after I was already > very familiar with X3-64 (wasn't there a "J" on the end of that?) > > bill > Don't recall any "J". Some interesting history is available at: http://www.cs.utk.edu/~shuford/terminal/dec.html ------------------------------ Date: 30 Jan 2008 20:03:53 GMT From: billg999@cs.uofs.edu (Bill Gunshannon) Subject: Re: VT100 standards and EDT Message-ID: <60c3h9F1pvaupU1@mid.individual.net> In article <47A0D06A.2040005@comcast.net>, "Richard B. Gilbert" writes: > Bill Gunshannon wrote: >> In article <47A099E5.6000003@comcast.net>, >> "Richard B. Gilbert" writes: >> >>>Bill Gunshannon wrote: >>> >>>>In article <47a06c47$0$25065$607ed4bc@cv.net>, >>>> VAXman- @SendSpamHere.ORG writes: >>>> >>>> >>>>>In article <60aab6F1q5o77U1@mid.individual.net>, billg999@cs.uofs.edu (Bill Gunshannon) writes: >>>>> >>>>> >>>>>>In article , >>>>>> John Sauter writes: >>>>>> >>>>>> >>>>>>>Bill Gunshannon wrote: >>>>>>> >>>>>>> >>>>>>>>I remember back in my pre-academia days...... >>>>>>>> >>>>>>>>Working on a VT-xxx emulator, written in TurboPascal, with a good friend >>>>>>>>and having it continuously bomb out running EDT. We used a datascope >>>>>>>>(anybody remember them?) and hand documented all the apparently un-documented >>>>>>>>things that DEC did with their terminals. Of course, I would have thought >>>>>>>>that all stopped when the ANSI standard was published, but knowing the vendor >>>>>>>>involved, maybe not. :-) >>>>>>>> >>>>>>>>bill >>>>>>>> >>>>>>> >>>>>>>EDT supported the VT52, VT100 and its successors. All of the escape >>>>>>>sequences it used were in the manual for the appropriate terminal. >>>>>> >>>>>>Sorry to disappoint oyu, but that just is not true. we found a number >>>>>>of undocumented control sequences and we did eventually get the terminal >>>>>>emulator running I supose we could have stepped back to VT52, but the >>>>>>customer had their heart set on VT100. :-) >>>>> >>>>>Control sequences or escape sequences? >>>> >>>> >>>>What's the difference? The VT seriesx of terminals use sequences of >>>>non-printable and printable characters to control the appearance of >>>>text ont he screen. >>>> >>>> >>>> >>>>> I can't imagine that EDT was >>>>>sending any undocumented control sequences (bell, tab, FF, LF, & CR). >>>>>I have a utility that relies upon faithfully tracking escape sequences >>>>>and EDT doesn't toss any wrenches (spanners for the UK readers) into >>>>>the works. >>>> >>>> >>>>Maybe not now, but 20 years ago....... That was before the ANSI definition >>>>became common. >>>> >>>>bill >>>> >>> >>>The X3-64 standard was first published in 1979! The DEC VT100 series >>>was one of the few to comply with it. It took a while to catch on but >>>VT100 became the standard terminal and the terminal to emulate. >> >> >> I actually thought it was the other way around. I thought the ANSI committee >> sat down to come up with a standard, looked at VT100 and said, "Boy, this is >> good" the rest was history. >> >> >>>Prior to this there was a hodge-podge of proprietary terminals, each >>>with it's own unique set of control codes. >> >> >> Not just prior to. I had many a Televideo 900 series after I was already >> very familiar with X3-64 (wasn't there a "J" on the end of that?) >> >> bill >> > > Don't recall any "J". I could hve been wrong, like I said, it was a long time ago. Don't even think about much beyond ANSI terminals today. I have enough VT2xx terminals to last me well into my retirement. And about all I use them for anymore are PDP-11 and MicroVAX consoles. > > Some interesting history is available at: > http://www.cs.utk.edu/~shuford/terminal/dec.html Probably worth a visit. I remember so many. Televideo, Hazletine, ADM3 Beehive, HDS, PTxx (from Prime), Perkin Elmer and the first one I did emulation for -- Infoton 100!! I did emulators in UCSD-Pascal, Macro-11, Z80 asm and M68K asm. What a trip!! bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves bill@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Wed, 30 Jan 2008 22:11:16 GMT From: John Santos Subject: Re: VT100 standards and EDT Message-ID: <8C6oj.67925$75.22173@trnddc05> Bill Gunshannon wrote: > In article <47A0D06A.2040005@comcast.net>, > "Richard B. Gilbert" writes: > >>Bill Gunshannon wrote: >> >>>In article <47A099E5.6000003@comcast.net>, >>> "Richard B. Gilbert" writes: >>> >>> >>>>Bill Gunshannon wrote: >>>> >>>> >>>>>In article <47a06c47$0$25065$607ed4bc@cv.net>, >>>>> VAXman- @SendSpamHere.ORG writes: >>>>> >>>>> >>>>> >>>>>>In article <60aab6F1q5o77U1@mid.individual.net>, billg999@cs.uofs.edu (Bill Gunshannon) writes: >>>>>> >>>>>> >>>>>> >>>>>>>In article , >>>>>>> John Sauter writes: >>>>>>> >>>>>>> >>>>>>> >>>>>>>>Bill Gunshannon wrote: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>>>I remember back in my pre-academia days...... >>>>>>>>> >>>>>>>>>Working on a VT-xxx emulator, written in TurboPascal, with a good friend >>>>>>>>>and having it continuously bomb out running EDT. We used a datascope >>>>>>>>>(anybody remember them?) and hand documented all the apparently un-documented >>>>>>>>>things that DEC did with their terminals. Of course, I would have thought >>>>>>>>>that all stopped when the ANSI standard was published, but knowing the vendor >>>>>>>>>involved, maybe not. :-) >>>>>>>>> >>>>>>>>>bill >>>>>>>>> >>>>>>>> >>>>>>>>EDT supported the VT52, VT100 and its successors. All of the escape >>>>>>>>sequences it used were in the manual for the appropriate terminal. >>>>>>> >>>>>>>Sorry to disappoint oyu, but that just is not true. we found a number >>>>>>>of undocumented control sequences and we did eventually get the terminal >>>>>>>emulator running I supose we could have stepped back to VT52, but the >>>>>>>customer had their heart set on VT100. :-) >>>>>> >>>>>>Control sequences or escape sequences? >>>>> >>>>> >>>>>What's the difference? The VT seriesx of terminals use sequences of >>>>>non-printable and printable characters to control the appearance of >>>>>text ont he screen. >>>>> >>>>> >>>>> >>>>> >>>>>> I can't imagine that EDT was >>>>>>sending any undocumented control sequences (bell, tab, FF, LF, & CR). >>>>>>I have a utility that relies upon faithfully tracking escape sequences >>>>>>and EDT doesn't toss any wrenches (spanners for the UK readers) into >>>>>>the works. >>>>> >>>>> >>>>>Maybe not now, but 20 years ago....... That was before the ANSI definition >>>>>became common. >>>>> >>>>>bill >>>>> >>>> >>>>The X3-64 standard was first published in 1979! The DEC VT100 series >>>>was one of the few to comply with it. It took a while to catch on but >>>>VT100 became the standard terminal and the terminal to emulate. >>> >>> >>>I actually thought it was the other way around. I thought the ANSI committee >>>sat down to come up with a standard, looked at VT100 and said, "Boy, this is >>>good" the rest was history. >>> >>> >>> >>>>Prior to this there was a hodge-podge of proprietary terminals, each >>>>with it's own unique set of control codes. >>> >>> >>>Not just prior to. I had many a Televideo 900 series after I was already >>>very familiar with X3-64 (wasn't there a "J" on the end of that?) >>> >>>bill >>> >> >>Don't recall any "J". > > > I could hve been wrong, like I said, it was a long time ago. Don't even > think about much beyond ANSI terminals today. I have enough VT2xx terminals > to last me well into my retirement. And about all I use them for anymore > are PDP-11 and MicroVAX consoles. > > >>Some interesting history is available at: >>http://www.cs.utk.edu/~shuford/terminal/dec.html > > > Probably worth a visit. I remember so many. Televideo, Hazletine, ADM3 > Beehive, HDS, PTxx (from Prime), Perkin Elmer and the first one I did > emulation for -- Infoton 100!! I did emulators in UCSD-Pascal, Macro-11, > Z80 asm and M68K asm. What a trip!! > > bill > > Infoton's were cool! They had a fan inside that took a while to spin up and sounded like something on the bridge of the (TOS) Enterprise. Too noisy for an office environment, though. We had ours down in the computer room, next to the line printer, where you could use it to reprint your job if the printer jammed in the middle. -- John Santos Evans Griffiths & Hart, Inc. 781-861-0670 ext 539 ------------------------------ Date: Thu, 31 Jan 2008 04:09:18 +0000 (UTC) From: moroney@world.std.spaamtrap.com (Michael Moroney) Subject: Re: VT100 standards and EDT Message-ID: billg999@cs.uofs.edu (Bill Gunshannon) writes: >>> >>>> I can't imagine that EDT was >>>> sending any undocumented control sequences (bell, tab, FF, LF, & CR). >>>> I have a utility that relies upon faithfully tracking escape sequences >>>> and EDT doesn't toss any wrenches (spanners for the UK readers) into >>>> the works. >>> >>>Maybe not now, but 20 years ago....... That was before the ANSI definition >>>became common. >> >> 20 years ago: V4.7 (1987) V5.0 (1988). My VT220 which was manufactured >> 3-May-1984 and the sequences were/are well documented in the programmer >> reference that shipped with it. I have things stacked up on the VT100 >> or I'd check its manufacture date. I think I can safely state that the >> programmer reference that arrived with it also documented the sequences >> that controlled cursor positioning and character attributes without the >> need to check on its manufacture date. I don't use my VT100 because I >> prefer the keyboards on its later bretheren but I still use the VT220. >> It's still working happily after almost 24 years! > >And, unless you have tried every possible combination, how do you know >there are no undocumented escape sequences? What you need to do is run >a datascope on the output of something like EDT (as we did) and then >compare the things it sends to that documentation. 20 years ago EDT >used escape sequences that were not in the documentation. DEC knew it >and admitted it to our corporate people but would not tell us what they >were or what they did. We certainly didn't invest all that time and >money learning them for nothing. We were contractually bound to deliver >a VT100 emulator that worked with VMS programs including MAIL and EDT. >And it was a lot more work than just reading the documentation. I know one thing: EDT did stretch the ANSI standards but didn't necessarily break them. For example, missing parameters in an escape sequence were supposed to be treated as if they were 0, and in many cases a 0 was the same as a 1. There is an escape sequence to position the cursor: [ x ; y H where x and y are ASCII encoded integers. (I may have x and y reversed). [ 2 0 ; 3 H would put the cursor at column 20 line 3. But if either x or y was 1, EDT would leave it out entirely (since missing = 0 and in this case 0 is the same as 1) So to position to column 1, line 3 EDT would send [ ; 3 H and column 20 line 1 was: [ 2 0 H (also deleting the unnecessary ";") to make it a bit faster over a 300 baud line. Line 1 column 1 was, of course, [ H. Many terminals and terminal emulators didn't work right with the cursor positioning escape sequence if it didn't have exactly two nonzero parameters. I learned this the hard way when my allegedly ANSI Standard H19 terminal didn't work with EDT. EDT also uses scrolling regions which many terminals and emulators didn't deal with correctly. ------------------------------ Date: Thu, 31 Jan 2008 06:36:47 GMT From: Roger Ivie Subject: Re: VT100 standards and EDT Message-ID: On 2008-01-31, Michael Moroney wrote: > I learned this the hard way when my allegedly ANSI Standard > H19 terminal didn't work with EDT. Yeah, but the H19 worked very well with EDT in VT-52 mode. -- roger ivie rivie@ridgenet.net ------------------------------ End of INFO-VAX 2008.061 ************************