INFO-VAX Tue, 23 Sep 2008 Volume 2008 : Issue 514 Contents: RE: Does anyone know of a "VESTING TOOL" for emulating/porting VMS HP TCP/IP Services vulnerabilties and fixes Re: On V5.5, using the backup command how do I create a listing file Re: On V5.5, using the backup command how do I create a listing file Re: OT: The end of the world in roughly 3 hours Re: OT: The end of the world in roughly 3 hours Re: OT: The end of the world in roughly 3 hours Re: OT: The end of the world in roughly 3 hours RE: SSH break-in attempts UK: RT11 floppies on ebay Re: We only open our wallets when the price is dirt cheap. ---------------------------------------------------------------------- Date: Tue, 23 Sep 2008 11:33:52 +0000 From: "Main, Kerry" Subject: RE: Does anyone know of a "VESTING TOOL" for emulating/porting VMS Message-ID: <9D02E14BC0A2AE43A5D16A4CD8EC5A593ED60D7E6E@GVW1158EXB.americas.hpqcorp.net> > -----Original Message----- > From: Bob Koehler [mailto:koehler@eisner.nospam.encompasserve.org] > Sent: Thursday, September 18, 2008 4:46 PM > To: Info-VAX@Mvb.Saic.Com > Subject: Re: Does anyone know of a "VESTING TOOL" for emulating/porting > VMS > > In article afe47f42d84e@o40g2000prn.googlegroups.com>, Len Whitwer > writes: > > Looking for a tool that allows ALPHA or even VAX application software > > "executables" to > > run on OpenVMS INTEGRITY systems without being modified and re- > > compiled. > > VEST goes from VAX to Alpha and AEST goes from Alpha to Itanium. > AEST can handle the output of VEST. Both are available from HP. > > You can also get simulators that simulate VAX hardware or Alpha > hardware on other platforms. That way you're running on a new > platform but the software thinks you're running on the old. Reference: OMSAIS tool (Alpha to Integrity translator) http://h71000.www7.hp.com/openvms/products/omsva/omsais.html OMSVA (formerly DECmigrate) VAX to Alpha translator: http://h71000.www7.hp.com/openvms/products/omsva/omsva.html Regards Kerry Main Senior Consultant HP Services Canada Voice: 613-254-8911 Fax: 613-591-4477 kerryDOTmainAThpDOTcom (remove the DOT's and AT) OpenVMS - the secure, multi-site OS that just works. ------------------------------ Date: Tue, 23 Sep 2008 00:50:54 -0700 (PDT) From: IanMiller Subject: HP TCP/IP Services vulnerabilties and fixes Message-ID: <3dca7933-e964-4f08-a05a-adb9066b1f33@t54g2000hsg.googlegroups.com> HP have posted information about and fixes for the finger service and cache poisoning vulnerabilities. http://www.openvms.org/stories.php?story=08/09/23/6145507 ------------------------------ Date: Tue, 23 Sep 2008 10:36:55 GMT From: "Tim Wilkinson" Subject: Re: On V5.5, using the backup command how do I create a listing file Message-ID: Always was my pet gripe, "How do I?" RTM. RTMA I always found that once people got used to finding information for themselves they stopped asking silly questions and asked the more interesting ones such as "can you explain why..." or "according to the manual..." I suppose it is typical of the times. We served our apprenticeships in order to sit aloof in ivory towers, the gods that others looked un to, we had system privileges and not even our directors knew what we did. We were the ones who would read those rows of orange manuals. Knew where to look for the answer. Now if you don't know, ask. Standards are slipping ;-) "Richard B. Gilbert" wrote in message news:mv6dnSCq05e7t0XVnZ2dnUVZ_o7inZ2d@comcast.com... > Christopher Lusardi wrote: >> "backup /list file.bck/saveset" displays the inforation to the screen. >> How can I redirect it to a specific file instead. >> >> Thank you, >> Chris > > I think you would find a study of the manuals most helpful. > > HELP is likewise there to help you. Try: > > $ HELP BACKUP /LIST ------------------------------ Date: Tue, 23 Sep 2008 11:44:52 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: On V5.5, using the backup command how do I create a listing file Message-ID: <00A800D8.BA1D616E@SendSpamHere.ORG> In article , "Tim Wilkinson" writes: >Always was my pet gripe, > >"How do I?" > >RTM. >RTMA > >I always found that once people got used to finding information for >themselves they stopped asking silly questions and asked the more >interesting ones such as "can you explain why..." or "according to the >manual..." > > >I suppose it is typical of the times. We served our apprenticeships in order >to sit aloof in ivory towers, the gods that others looked un to, we had >system privileges and not even our directors knew what we did. We were the >ones who would read those rows of orange manuals. Knew where to look for the >answer. Now if you don't know, ask. Blue, orange, gray, white, BookReader, PDF, I read them all. I used to just point at the wall of blue, orange, gray, or white depending on the era, behind me whenever I was asked a stupid question that I knew could be answered with a little doc set research. On occasion, I'd be kinder and tell which volume to find said answer. ;) >Standards are slipping ;-) Welcome to the Micro$oft era. When software -- or, whatever it is that Micro$oft markets -- started shipping without documentation, usenet be- came the world's stupid question and answer oracle. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM ... pejorative statements of opinion are entitled to constitutional protection no matter how extreme, vituperous, or vigorously expressed they may be. (NJSC) Copr. 2008 Brian Schenkenberger. Publication of _this_ usenet article outside of usenet _must_ include its contents in its entirety including this copyright notice, disclaimer and quotations. ------------------------------ Date: 23 Sep 2008 12:34:20 GMT From: billg999@cs.uofs.edu (Bill Gunshannon) Subject: Re: OT: The end of the world in roughly 3 hours Message-ID: <6js62cF4rf5uU1@mid.individual.net> In article , AEF writes: > On Sep 19, 1:16 pm, billg...@cs.uofs.edu (Bill Gunshannon) wrote: >> In article , >> koeh...@eisner.nospam.encompasserve.org (Bob Koehler) writes: >> >> > In article , Michael Kraemer writes: >> >> >> What were the costs to develop the theory of relativity ? >> >> It just took a brilliant brain, a pencil and >> >> (probably numerous) sheets of paper. >> >> > There was cost in performing the experiments that led to knowing >> > we needed Einstein's theory. Not to mention him knowing what his >> > theory had to explain. > > There were also costs in verifying the theory. Accelerators and flying > atomic clocks around the world and what not don't compare to the LHC > in cost, but they aren't free, either. > >> > There was cost in performing Columbus' experiement, too. Failed >> > in his goal to reach the far east by sailing west. Failed >> > experiments can be vitally important. >> >> Now there's a very good comparison. Columbus was a fraud or an idiot >> who successfully sold snake oil to the king and queen of Spain. And >> that is exactly how I see a lot of what passes for science today except >> I have eliminated the possibility that the perps are idiots. (And, > > Can you give some examples (besides global warming as your being > convinced it is doesn't make it so, and that horse is long well dead)? > Thanks. Examples of what? Pseudo-science or that the perps aren't idiots. Examples of the first abound. examples of the second might actually be hard to come by. > >> in case your curious, I hold that Columbus was also no idiot. He was >> however an exceptional fraud who suckered Spain into financing a >> boondogle he knew could not deliver what he promised!!) > > Maybe I'm mistaken, but didn't Columbus and his crew run out of > rations before they hit land? If so, how does that constitute fraud? Yes, he did. Mere days before sighting land. And at a point where he had actually travelled less than half the distance any educated person of the time would have known it would take to reach the far east while traveling in that direction. Contrary to popular belief no educated person of the time aactually thought the earth was flat. The ancient greeks had determined it was round and had done a pretty good job of computing it's circumferance. So, based on the amount of rations Columbus left Spain with and the knowledge he is known to have had (and some he is suspected to have had) it becomes obvious that "The Far East" was never his target because assuming an all sea route in a westerly direction, he left with insuffucient rations to make the trip. Don't believe everything you read in history books. They seldom tell the whole story. (Next busted myth: Marconi did not invent the radio!) bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves billg999@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 23 Sep 2008 06:17:55 -0700 (PDT) From: AEF Subject: Re: OT: The end of the world in roughly 3 hours Message-ID: On Sep 23, 4:02 am, Michael Kraemer wrote: > AEF schrieb: > > > There were also costs in verifying the theory. Accelerators and flying > > atomic clocks around the world and what not don't compare to the LHC > > in cost, but they aren't free, either. > > The two decisive experiments for special and general relativity > were the Michaelson/Morley experiment and the test for the deflection > of light during the total eclipse of the sun 1919. > Rather cheap I presume. No, that's not true. The MM experiment was done before relativity and it did not confirm it. There were other explanations at the time. In fact, IIRC, SR wasn't even well accepted at the time. Also, at least according to Einstein, His Life and Universe, by Walter Isaacson, the eclipse experiment did not provide very accurate or consistent results, but Eddington was so convinced that GR could not be wrong that he threw out the results of one expedition that didn't agree with the more favorable results of another, which still had somewhat large error bars (margin of error). Additionally, there have been many variants of GR proposed by others, and as more research is done, including astronomical observations and terrestrial experiments, the others continue to fall by the wayside. If subatomic physics (nuclear and particle physics) is to progress, it is almost certainly unavoidable that the size and costs will only increase. (There's only so much you can learn from cosmic rays.) I am not aware of any fraud or other bad behavior perpetrated by the scientists who proposed and obtained funding for the LHC. No one promised anything. In fact, we may find nothing new, but I think that's the least likely case. If people are willing to fund it, what's the problem? ... To be continued . . . maybe. (I'm out of time for now. More later, perhaps.) AEF ------------------------------ Date: 23 Sep 2008 13:25:55 GMT From: billg999@cs.uofs.edu (Bill Gunshannon) Subject: Re: OT: The end of the world in roughly 3 hours Message-ID: <6js933F4l7u4U1@mid.individual.net> In article , AEF writes: > > If people are willing to fund it, what's > the problem? ... The problem is when the people are not given the choice of wether or not to fund it and the funding could have been put to better and more immediate use solving real problems today. bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves billg999@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: 23 Sep 2008 15:42:12 GMT From: billg999@cs.uofs.edu (Bill Gunshannon) Subject: Re: OT: The end of the world in roughly 3 hours Message-ID: <6jsh2jF4sci1U1@mid.individual.net> In article , helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) writes: > In article <6js62cF4rf5uU1@mid.individual.net>, billg999@cs.uofs.edu > (Bill Gunshannon) writes: > >> Yes, he did. Mere days before sighting land. And at a point where he >> had actually travelled less than half the distance any educated person >> of the time would have known it would take to reach the far east while >> traveling in that direction. Contrary to popular belief no educated >> person of the time aactually thought the earth was flat. The ancient >> greeks had determined it was round and had done a pretty good job of >> computing it's circumferance. So, based on the amount of rations >> Columbus left Spain with and the knowledge he is known to have had >> (and some he is suspected to have had) it becomes obvious that "The >> Far East" was never his target because assuming an all sea route in a >> westerly direction, he left with insuffucient rations to make the trip. > > Columbus used a smaller value for the circumference of the Earth than > the correct value, Smaller is an understatement as he missed it by more than 50%. A navigator who made mistakes like that would hardly have lasted as long as he had or had a reputaion supposedly as good as his. > even though other folks at the time had something > quite close to the correct value. At the time? Try more than 1400 years earlier. > Was this intentional on his part to > make his plans sound more realistic, or did he really believe in the > smaller value? Or did he have pre-knowledge of the existence of the North and South American (although obviously not under that name) continents and merely bilked Ferdinand and Isabella into financing his boondogle to se what was there!! bill -- Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves billg999@cs.scranton.edu | and a sheep voting on what's for dinner. University of Scranton | Scranton, Pennsylvania | #include ------------------------------ Date: Tue, 23 Sep 2008 12:35:03 -0400 From: "Peter Weaver" Subject: RE: SSH break-in attempts Message-ID: <90154C9161A94093A9F41660C30F1464@CHARONLAP> > -----Original Message----- > From: Steven M. Schweda [mailto:sms@antinode.info] > Sent: September 21, 2008 1:33 AM > To: Info-VAX@Mvb.Saic.Com > Subject: SSH break-in attempts > > SSH break-in attempts seem to be getting more frequent these days. > I'm (still) using: > >... > It seems to me that a useful feature would be a per-IP-address > connection limit. I could easily live with no more than, say, 16 SSH > connections from any particular IP address, and if an attacker hit that > kind of limit, it would not interfere with connections coming from more > legitimate sources. > > Anyone else think that this might be useful? (Or is it already in > some new TCPIP version?) >... Your idea would be nice, but HP does not have it in their TCPIP product yet. Below is the TCPIP$SSH_HOME:LOGIN.COM that I use for both V5.6 and in T5.7. I find that I never get more than 6 to 9 login attempts using this procedure and the 6 - 9 attempts gives me enough evidence to send to the attacker's ISP. $! login.com for HP TCP/IP Services for OpenVMS auxiliary service $! $! Get the address of where they are coming from. $! $ sysrem_node = "''f$trnlnm("SYS$REM_NODE")'" - "::" $! $ set noon $! $! Let's check to see if we have seen this IP in the past 15 minutes $! $ search TCPIP$SSH_RUN.LOG;* 'sysrem_node /status /since=-00:15/output=nl: $ number_of_times = f$integer(SEARCH$RECORDS_MATCHED) $ wait_time = "00:00:00" $! $! If we have seen this IP in the past 15 minutes, then make them $! wait 1 second for every try we have. $! $ if number_of_times .gt. 0 $ then $ set verify $ seconds = number_of_times * 1 $ wait_time = f$fao("00:00:!2ZB",seconds) $! if seconds .gt. 10 then wait_time = "00:00:20" $! if seconds .gt. 20 then wait_time = "00:00:40" $! if seconds .gt. 30 then wait_time = "00:00:50" $! if seconds .gt. 40 then wait_time = "00:01:00" $ wait 'wait_time $ set noverify $ endif $! $ mail nl: spamtrap/subject=- "Someone logging into SSH! from ''sysrem_node' - waited ''wait_time' because of ''number_of_times' tries" $! $! $! To control the purging of .LOG files edit SYS$SYSTEM:TCPIP$SSH_RUN.COM $! I have modified SYS$SYSTEM:TCPIP$SSH_RUN.COM to keep any log created in $! the past 14 days. $! Peter Weaver www.weaverconsulting.ca www.openvmsvirtualization.com www.vaxvirtualization.com www.alphavirtualization.com Winner of the 2007 OpenVMS.org Readers' Choice Award for System Management/Performance ------------------------------ Date: Tue, 23 Sep 2008 01:07:59 -0700 (PDT) From: urbancamo Subject: UK: RT11 floppies on ebay Message-ID: <92c98154-4913-4624-a15d-225a18d0d2f9@d1g2000hsg.googlegroups.com> Folks, Forgive the cross post. Don't know much about RT11, but this looked like a nice set of disks: http://cgi.ebay.co.uk/ws/eBayISAPI.dll?ViewItem&item=260290011599&ssPageName=ADME:B:SS:GB:1123 Regards, Mark ------------------------------ Date: Tue, 23 Sep 2008 13:42:47 -0400 From: "Stanley F. Quayle" Subject: Re: We only open our wallets when the price is dirt cheap. Message-ID: <48D8F257.2549.20196AA1@infovax.stanq.com> On 21 Sep 2008 at 13:58, Neil Rieck wrote: > That is how we ended up moving a mission-critical VAX/VMS application fr= om > "a dual host VAX-4300 cluster with 20 spindles on four DSSI busses" to "= a > platform consisting of two DL380 chassis and one full MSA chassis" even > though we still have the source code. Having the source code isn't always enough. A move to CHARON-VAX can be a= way to avoid an extensive re-qualification or re-write. Not to mention middleware/data= base software that didn't make it to Alpha, much less Itanium. > [...] one of the installers was doing a VMS shutdown at the same time > another installer manually stopped the service Too many cooks spoil the soup. Trite, but true. > did I mention that a fully configured CHARON environment runs as an NT > service? Only if you configure it that way. > its kind of hard to emulate that level of detail when the emulator is > stopped by someone without enough caffeine :-) A little program could capture the Windows shutdown and relay it to VMS. = Unfortunately, I am not a Windows programmer. > The first time our application went off-line seemed to coincide with > something in the Windows event log with a message similar to "arbitratin= g > for Windows domain mastership" or some such nonsense. Yeah, you'll have to get the machine into another domain, or configure it = so it doesn't participate in the election. > Others have told me that smart CHARON users unplug the Windows NIC and o= nly > reconnect it when Windows maintenance is required. I've given up on that approach. Being able to remote manage is useful. > The CHARON installation group warned everyone to restrict McAfee to only > monitoring the "C" partition. Two days later, another nosy Windows exper= t > noticed that McAfee was misconfigured and so decided to help us poor sod= s. And that person should be spit-roasted by management. Your installation g= roup doesn't appear to have enough authority to enforce policy. I suggest that you con= tact the manager who approved the system and get it a special exception, with speci= al penalities for people who screw it up. Be patient, the pain will soon pass... [Shameless Plug Alert(tm) -- I am a CHARON reseller. I, however, didn't d= o this installation.] --Stan Quayle Quayle Consulting Inc. ---------- Stanley F. Quayle, P.E. N8SQ Toll free: 1-888-I-LUV-VAX 8572 North Spring Ct., Pickerington, OH 43147 USA stan-at-stanq-dot-com http://www.stanq.com/charon-vax.html "OpenVMS, when downtime is not an option" ------------------------------ End of INFO-VAX 2008.514 ************************