Paul Koning wrote:
"Johnny" == Johnny Billquist <bqt at softjar.se> writes:
Johnny> Paul Koning wrote:
>> RSTS does too (for sufficiently recent versions, like V10 or so)
>> -- though the NCP bits don't seem to be there. But there's a
>> driver and it can be told to turn on if you issue the DECnet
>> control syscalls directly.
Johnny> Aha. I think I looked at RSTS/E DECnet SPD only, and didn't
Johnny> find any mention of it, back when I was playing with that.
That would make sense given that the support isn't complete.
Aha. Yes, that would explain it. :-)
Johnny> I wonder why you can't set it from NCP though? Weird if they
Johnny> have the functionality, but no "normal" way of enabling it.
Probably history. I created the async DDCMP driver when I was doing
the (unreleased) PRO port for RSTS (9.6 originally). I handed it to
RSTS development, and they integrated it into the release. But I
personally never did the NCP work. Probably because it wasn't
familiar code and it would have been a lot of work. Instead, I just
wrote a little 10 line utility to issue the line on/off syscalls to
the kernel.
Way fun, and impressive. Thanks for that piece of information and history.
I guess they didn't see much need of DDCMP support in RSTS/E at that point. How did you select which serial port it would use, by the way? Or was this only done for the PRO?
Hmm, I guess it could have been passed in in the syscall...
>> On a Pro it even works in synchronous mode (because there the
>> "UART" is actually a USART).
Johnny> I don't think you can set it to synch mode in DECnet, though,
Johnny> so that is more of a theoretical thing. But yes, RSX
Johnny> supports both synch and asynch mode.
What I meant is that I did synch mode, including for DECnet, in RSTS.
Ok. I misunderstood you. While you can use the serial port for DDCMP DECnet under P/OS, I don't think you can set it to synch mode there.
Even though the hardware supports it.
But for code that you wrote, obviously you could take advantage of all the possibilities. :-)
Johnny
Johnny Billquist wrote:
But as far as security issues goes, there are probably a bunch of them on our different systems.
After all. Apart from VMS, we all now seem to have opersting systems that have been abandoned, as far as support goes. And incomplete sources... :-(
Well, I think that TOPS-20 sources are available and complete, but as far as I know, no PDP-11 OS with DECnet have all sources available.
(Boy, what wouldn't I do to get the RSX sources complete, including layered products... :-) )
Johnny
Sampsa Laine wrote:
i was gonna bring it up here but considering the reception I got on c.o.v. I couldn't be bothered...
I would hope the people around here are a bit more humble.
But as far as security issues goes, there are probably a bunch of them on our different systems.
I know of a couple under RSX atleast...
Johnny
Sampsa
On 22 Aug 2008, at 16:54, gerry77 at mail.com wrote:
I suppose you all have read about the VMS security bug that is being discussed
since about a week on comp.os.vms. Anyway, having read nothing about it here,
I thought useful to warn all the system administrators who read this mailing
list and which have VMS nodes with guest access on HECnet and/or Internet
about potential security treats to which their systems are exposed.
All VMS versions (VAX since V5.x, AXP and I64 since their beginning) are
exposed to a local exploit that allows any unprivileged user to gain almost
any privilege! The problem lies in SYS$SHARE:SMGSHR.EXE which is used for CLI
processing in many system utilites installed with high privileges (i.e.
INSTALL.EXE, SYSMAN.EXE, SHWCLSTR.EXE, etc.).
HP has just released mandatory patches for some versions while others, notably
all the VAX and older Alpha ones, are still exposed. Look for kits named like
VMSxxx_SMGRTL-V0100 in ftp://ftp.itrc.hp.com/openvms_patches
A partial solution for those systems for which there isn't a patch appears to
be an ACL to deny access to some utilities by non trusted users. The list that
follows contains the names of those images that I think most dangerous, but I
will be "happy" to add more names if you discover them:
AUTHORIZE.EXE
INSTALL.EXE
NCP.EXE
SHWCLSTR.EXE
SYSMAN.EXE
TCPIP$FTP_CLIENT.EXE (VAX)
TCPIP$TELNET.EXE (AXP)
TCPIP$UCP.EXE
Please note that I'm NOT sure about this, i.e. there may be a workaround for
this workaround which I haven't thought of.
G.
"Johnny" == Johnny Billquist <bqt at softjar.se> writes:
Johnny> Paul Koning wrote:
RSTS does too (for sufficiently recent versions, like V10 or so)
-- though the NCP bits don't seem to be there. But there's a
driver and it can be told to turn on if you issue the DECnet
control syscalls directly.
Johnny> Aha. I think I looked at RSTS/E DECnet SPD only, and didn't
Johnny> find any mention of it, back when I was playing with that.
That would make sense given that the support isn't complete.
Johnny> I wonder why you can't set it from NCP though? Weird if they
Johnny> have the functionality, but no "normal" way of enabling it.
Probably history. I created the async DDCMP driver when I was doing
the (unreleased) PRO port for RSTS (9.6 originally). I handed it to
RSTS development, and they integrated it into the release. But I
personally never did the NCP work. Probably because it wasn't
familiar code and it would have been a lot of work. Instead, I just
wrote a little 10 line utility to issue the line on/off syscalls to
the kernel.
On a Pro it even works in synchronous mode (because there the
"UART" is actually a USART).
Johnny> I don't think you can set it to synch mode in DECnet, though,
Johnny> so that is more of a theoretical thing. But yes, RSX
Johnny> supports both synch and asynch mode.
What I meant is that I did synch mode, including for DECnet, in RSTS.
It successfully talked to a DMR (both in 4.0 mode and DMC mode -- I
remember digging up the details of the "DMC bugs" that DMC mode on the
later devices is meant to handle).
It was an interesting experience. The DDCMP spec is so well written
that you can simply implement what it says and it all works. That's
how it should be, but specs that good are unfortunately quite rare
(and essentially nonexistent in more recent times).
BTW, a DDCMP driver for Linux would be a pretty easy thing to do. I
started looking into it but didn't have the spare time to do the
actual coding.
paul
i was gonna bring it up here but considering the reception I got on c.o.v. I couldn't be bothered...
Sampsa
On 22 Aug 2008, at 16:54, gerry77 at mail.com wrote:
I suppose you all have read about the VMS security bug that is being discussed
since about a week on comp.os.vms. Anyway, having read nothing about it here,
I thought useful to warn all the system administrators who read this mailing
list and which have VMS nodes with guest access on HECnet and/or Internet
about potential security treats to which their systems are exposed.
All VMS versions (VAX since V5.x, AXP and I64 since their beginning) are
exposed to a local exploit that allows any unprivileged user to gain almost
any privilege! The problem lies in SYS$SHARE:SMGSHR.EXE which is used for CLI
processing in many system utilites installed with high privileges (i.e.
INSTALL.EXE, SYSMAN.EXE, SHWCLSTR.EXE, etc.).
HP has just released mandatory patches for some versions while others, notably
all the VAX and older Alpha ones, are still exposed. Look for kits named like
VMSxxx_SMGRTL-V0100 in ftp://ftp.itrc.hp.com/openvms_patches
A partial solution for those systems for which there isn't a patch appears to
be an ACL to deny access to some utilities by non trusted users. The list that
follows contains the names of those images that I think most dangerous, but I
will be "happy" to add more names if you discover them:
AUTHORIZE.EXE
INSTALL.EXE
NCP.EXE
SHWCLSTR.EXE
SYSMAN.EXE
TCPIP$FTP_CLIENT.EXE (VAX)
TCPIP$TELNET.EXE (AXP)
TCPIP$UCP.EXE
Please note that I'm NOT sure about this, i.e. there may be a workaround for
this workaround which I haven't thought of.
G.
Paul Koning wrote:
"Johnny" == Johnny Billquist <bqt at softjar.se> writes:
Johnny> Hmm. As far as I know, HECnet have never made use of any
Johnny> homemade hardware. However, the first links I used, were over
Johnny> serial ports talking DDCMP, that I tunneled. I could still do
Johnny> that, if needed. It's even simpler than bridging
Johnny> ethernet. The only "problem" is that asynch serial DECnet
Johnny> don't go any faster than 9600 bps. Atleast under RSX.
Johnny> Another problem is that as far as I can tell, only RSX and
Johnny> VMS supports that.
RSTS does too (for sufficiently recent versions, like V10 or so) --
though the NCP bits don't seem to be there. But there's a driver and
it can be told to turn on if you issue the DECnet control syscalls
directly.
Aha. I think I looked at RSTS/E DECnet SPD only, and didn't find any mention of it, back when I was playing with that.
Or perhaps I got the information from somewhere else. Can't remember for certain right now.
I wonder why you can't set it from NCP though? Weird if they have the functionality, but no "normal" way of enabling it.
On a Pro it even works in synchronous mode (because there the "UART"
is actually a USART).
I don't think you can set it to synch mode in DECnet, though, so that is more of a theoretical thing.
But yes, RSX supports both synch and asynch mode.
Johnny
"Johnny" == Johnny Billquist <bqt at softjar.se> writes:
Johnny> Hmm. As far as I know, HECnet have never made use of any
Johnny> homemade hardware. However, the first links I used, were over
Johnny> serial ports talking DDCMP, that I tunneled. I could still do
Johnny> that, if needed. It's even simpler than bridging
Johnny> ethernet. The only "problem" is that asynch serial DECnet
Johnny> don't go any faster than 9600 bps. Atleast under RSX.
Johnny> Another problem is that as far as I can tell, only RSX and
Johnny> VMS supports that.
RSTS does too (for sufficiently recent versions, like V10 or so) --
though the NCP bits don't seem to be there. But there's a driver and
it can be told to turn on if you issue the DECnet control syscalls
directly.
On a Pro it even works in synchronous mode (because there the "UART"
is actually a USART).
paul
gerry77 at mail.com wrote:
On Fri, 22 Aug 2008 15:04:57 +0200, you wrote:
Definitely. So, why did you pick area numbers that were already used in HEcnet? :-)
We started as a group of people with some DEC hardware, not ever thinking that
some day we would have a working DECnet. Many systems hadn't DECnet loaded and
others had addresses like 1.1, 1.2, and so on just to play with some local
link. Johnny bridge didn't existed and we didn't knew anything about Multinet.
I think a lot of places have used area 1 at one time or another... So an area change is sometimes needed. No way of avoiding that. :-)
When we first heard about HECnet it was running with some homemade hardware
and there was Magica online! :-) We were not able to do that and stopped.
Hmm. As far as I know, HECnet have never made use of any homemade hardware. However, the first links I used, were over serial ports talking DDCMP, that I tunneled. I could still do that, if needed. It's even simpler than bridging ethernet. The only "problem" is that asynch serial DECnet don't go any faster than 9600 bps. Atleast under RSX.
Another problem is that as far as I can tell, only RSX and VMS supports that.
Anyway, at that point it should have been obvious that you had a node number clash if you ever wanted to connect to HECnet. :-)
The addressing scheme was enforced but not changed and we ended with the
actual setup. Once we thought about changing our area number from 1 to 39
(because +39 is the international dialling prefix for Italy), but we didn't
need such a change so it's still only an almost forgotten idea. :-)
It would definitely be great if you were to do the number change, and then connect to the rest of us. That should be pretty easy, and shouldn't have to take that much time.
Johnny
On Fri, 22 Aug 2008 15:04:57 +0200, you wrote:
Definitely. So, why did you pick area numbers that were already used in
HEcnet? :-)
We started as a group of people with some DEC hardware, not ever thinking that
some day we would have a working DECnet. Many systems hadn't DECnet loaded and
others had addresses like 1.1, 1.2, and so on just to play with some local
link. Johnny bridge didn't existed and we didn't knew anything about Multinet.
When we first heard about HECnet it was running with some homemade hardware
and there was Magica online! :-) We were not able to do that and stopped.
Some years later we tested Multinet and TCPware tunnels, but our ADSL (and
ISDN) dynamic IP address links proved to be very troublesome. we hadn't enough
bandwith to create a central site for a star topology network and mesh
networks with Multinet were not feasible, so we stopped again. Anyway, with
Multinet we started to (very) loosely coordinate addresses among us.
Years later (autumn 2006) we started for the third time to think about a true
DECnet and we tried again either Multinet tunnels or DECnet Plus, and finally
discovered that HECnet had grown and there was Johnny's bridge available...
The addressing scheme was enforced but not changed and we ended with the
actual setup. Once we thought about changing our area number from 1 to 39
(because +39 is the international dialling prefix for Italy), but we didn't
need such a change so it's still only an almost forgotten idea. :-)
G.
I suppose you all have read about the VMS security bug that is being discussed
since about a week on comp.os.vms. Anyway, having read nothing about it here,
I thought useful to warn all the system administrators who read this mailing
list and which have VMS nodes with guest access on HECnet and/or Internet
about potential security treats to which their systems are exposed.
All VMS versions (VAX since V5.x, AXP and I64 since their beginning) are
exposed to a local exploit that allows any unprivileged user to gain almost
any privilege! The problem lies in SYS$SHARE:SMGSHR.EXE which is used for CLI
processing in many system utilites installed with high privileges (i.e.
INSTALL.EXE, SYSMAN.EXE, SHWCLSTR.EXE, etc.).
HP has just released mandatory patches for some versions while others, notably
all the VAX and older Alpha ones, are still exposed. Look for kits named like
VMSxxx_SMGRTL-V0100 in ftp://ftp.itrc.hp.com/openvms_patches
A partial solution for those systems for which there isn't a patch appears to
be an ACL to deny access to some utilities by non trusted users. The list that
follows contains the names of those images that I think most dangerous, but I
will be "happy" to add more names if you discover them:
AUTHORIZE.EXE
INSTALL.EXE
NCP.EXE
SHWCLSTR.EXE
SYSMAN.EXE
TCPIP$FTP_CLIENT.EXE (VAX)
TCPIP$TELNET.EXE (AXP)
TCPIP$UCP.EXE
Please note that I'm NOT sure about this, i.e. there may be a workaround for
this workaround which I haven't thought of.
G.
