HECnet

hecnet@lists.dfupdate.se

6 participants
15552 discussions

The 2016 CHIMPY VT100 Retro Tetris Challenge is now officially on!

by sampsa＠mac.com

CHIMPY:: can be reached at telnet to hilant.sampsa.com port 2710. This is for EU players. I still need someone to host a US server as lag really is an issue. Any volunteers? (I?ve got binaries for the AXP version but having some issues getting the VAX one to work) This year's prize is THREE QATARI RIYALS plus of course a printed certificate of your amazing Tetris skills. The competition will run until October 1st, 2016. As before, please if you get the current high score, please take a screenshot of it and email it to sampsa [at] mac.com. sampsa

8 years, 5 months

Looking for VAX 8600 Diagnostic Supervisor (EDSAA.EXE)

by Mark＠infocomm.com

I've been working on rewriting parts of the VAX simulator(s) to avoid some of the undefined behaviors that the C language has relating to overflow and shifts of signed integer values. Changing the details of how instructions are implemented comes with the non trivial potential to break more things than are being fixed. To manage this, I've been trying to use the basic CPU diagnostics that DEC for the systems being simulated. I have found the VAX Diagnostic Supervisor for the 11/730, 11/750 and 11/.780. I'm missing the VAX 8600's diagnostic supervisor. If someone knows where I can find a version of this file it would be helpful. Thanks. - Mark

8 years, 5 months

Updated Rampage Watchdog for OpenVMS 7.3 (and later?)

by system＠TMESIS.COM

supratim at riseup.net writes: >What monitoring tools are folks using here? > >I have so far found Ergosol's Watchdog - it provides a neat solution to >high-level server security, status and connectivity monitoring with >email alerts. I tweaked it a little for adjusting it to OpenVMS 7.3 - >you can grab it from http://sanyal.duckdns.org:81/pub/rampage.sav > >I am getting (NUMEROUS!) emails from all intrusion attempts and whenever >someone logs in to the monitored accounts, as well as when any of the >monitored HECnet nodes or internet IPs are unreachable. >... As maintainer/author of Clyde-Digital's-(then)-> Raxco's-(then)-> ProvN's Intruder Alert product, emails -- such as provided by your Watchdog -- will soon overwhelm you and you'll soon either ignore them, or supress them, or sequester them for review well after the fact. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG I speak to machines with the voice of humanity.

8 years, 5 months

108.31.82.9/QCOCAL

by system＠TMESIS.COM

Johnny Billquist <bqt at softjar.se> writes: >On 2016-06-20 19:30, Brian Schenkenberger, VAXman- wrote: >> Johnny Billquist <bqt at softjar.se> writes: >> >>> On 2016-06-20 18:19, Brian Schenkenberger, VAXman- wrote: >>>> ___ _ _ _ __ __ _ _ _ _ ___ _____ >>>> / __| /_\ | \| | \ \ / / /_\ | | | \| | | __| |_ _| >>>> \__ \ / _ \ | .` | \ V / / _ \ | |__ | .` | | _| | | >>>> |___/ /_/_\_\_|_|\_| |_| /_/ \_\ |____| |_|\_| |___|_ |_| >>>> >>>> You've allowed this node on HECnet, so I assume somebody on this list knows >>>> who runs it. >>> >>> Who runs it can always easily be found by http://mim.update.uu.se/nodedb >>> >>>> Please have it secured! It has been used in the past several >>>> days to try and break into my system(s). It is highly irresponsible to put >>>> access credentials into its SYS$ANNOUNCE allowing ANYBODY access to DCL and >>>> other utilities that can affect systems on the internet. A reasonable way >>>> to allow access would be to have a guest account (restricted/captive) that >>>> can be used to create other login accounts. Validate such accounts with a >>>> valid email address and other schemes that will insure that whomever is on >>>> this system can be vetted in some fashion. >>>> >>>> THANK YOU! >>> >>> I'm curious about what kind of intrusions we're talking about, and over >>> which network. >>> >>> In general, I want to keep HECnet more open than what you are suggesting >>> above, but this also requires that people act responsibly. If there is >>> abuse, I'd like to know. >> >> Well, since I have not yet put any of my systems on HECnet, it should have >> been obvious that it's via the internet. > >Ah. Sorry for being dense. Thanks. > >So what kind of intrusion attempts are we talking about? Essentially >your issue is that someone have a machine on the internet. Getting >access on the machine is easy, and something/someone on that machine is >trying to do something to your machine? Well, for one, trying brute force attacks agains services. Here are some of the FTP attempts from 108.31.82.9. admin support guest vizxv 123 1234 12345 123456 cisco admin service 1234 root support vizxv 123 12345 123456 xc3511 7ujMko0admin root root support 123 12345 123456 xc3511 smcadmin 1234 xc3511 meinsm vizxv admin admin service service root root xc3511 12345 meinsm dreambox user changeme 12345 pass vizxv user changeme root I'm guessing that, due to the repeated nature of the usernames attempted, the system has been logged into by a great many different twits. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG I speak to machines with the voice of humanity.

8 years, 5 months

108.31.82.9/QCOCAL

by system＠TMESIS.COM

Jordi Guillaumes i Pons <jg at jordi.guillaumes.name> writes: > >> El 20 juny 2016, a les 20:14, Brian Schenkenberger, VAXman- = ><system at TMESIS.COM> va escriure: >>=20 >> 108.31.82.9. > >Uh, I=E2=80=99d bet the simulated 3900 is not the real origin of the = >attack you are getting. It is probably behind a home DSL/cable router, = >whith port 23 redirected to the 3900=E2=80=99, which has probably a = >private IP address masqueraded using NAT=E2=80=A6 So probably the node = >owner has been hacked and zombified, regadrless of he having a pet 3900 = >open to the net. That may very well be true too. I have found many attack vectors over the years that have originated from home routers. Several home routers have known/identified/easily exploitable weaknesses. Regardless, I will check to see if this IP address continues to aggrieve me now that it's been reported that FTP is no longer possible from the VMS instance. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG I speak to machines with the voice of humanity.

8 years, 5 months

OpenVMS VAX 6.2 Install/Upgrade kit

by jg＠jordi.guillaumes.name

Hello, Does anyone have that thing? The ALPHA one is in vaxhaven (where there is also a HALF of a TK50 kit), but I?ve not been able to find the VAX one. Thanks in advance.

8 years, 5 months

108.31.82.9/QCOCAL

by system＠TMESIS.COM

Johnny Billquist <bqt at softjar.se> writes: >On 2016-06-20 18:19, Brian Schenkenberger, VAXman- wrote: >> ___ _ _ _ __ __ _ _ _ _ ___ _____ >> / __| /_\ | \| | \ \ / / /_\ | | | \| | | __| |_ _| >> \__ \ / _ \ | .` | \ V / / _ \ | |__ | .` | | _| | | >> |___/ /_/_\_\_|_|\_| |_| /_/ \_\ |____| |_|\_| |___|_ |_| >> >> You've allowed this node on HECnet, so I assume somebody on this list knows >> who runs it. > >Who runs it can always easily be found by http://mim.update.uu.se/nodedb > >> Please have it secured! It has been used in the past several >> days to try and break into my system(s). It is highly irresponsible to put >> access credentials into its SYS$ANNOUNCE allowing ANYBODY access to DCL and >> other utilities that can affect systems on the internet. A reasonable way >> to allow access would be to have a guest account (restricted/captive) that >> can be used to create other login accounts. Validate such accounts with a >> valid email address and other schemes that will insure that whomever is on >> this system can be vetted in some fashion. >> >> THANK YOU! > >I'm curious about what kind of intrusions we're talking about, and over >which network. > >In general, I want to keep HECnet more open than what you are suggesting >above, but this also requires that people act responsibly. If there is >abuse, I'd like to know. Well, since I have not yet put any of my systems on HECnet, it should have been obvious that it's via the internet. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG I speak to machines with the voice of humanity.

8 years, 5 months

108.31.82.9/QCOCAL

by system＠TMESIS.COM

___ _ _ _ __ __ _ _ _ _ ___ _____ / __| /_\ | \| | \ \ / / /_\ | | | \| | | __| |_ _| \__ \ / _ \ | .` | \ V / / _ \ | |__ | .` | | _| | | |___/ /_/_\_\_|_|\_| |_| /_/ \_\ |____| |_|\_| |___|_ |_| You've allowed this node on HECnet, so I assume somebody on this list knows who runs it. Please have it secured! It has been used in the past several days to try and break into my system(s). It is highly irresponsible to put access credentials into its SYS$ANNOUNCE allowing ANYBODY access to DCL and other utilities that can affect systems on the internet. A reasonable way to allow access would be to have a guest account (restricted/captive) that can be used to create other login accounts. Validate such accounts with a valid email address and other schemes that will insure that whomever is on this system can be vetted in some fashion. THANK YOU! -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG I speak to machines with the voice of humanity.

8 years, 5 months

vaxima

by jibanes＠gmail.com

Hello, I'm looking for Vaxima, if someone has preserved a copy of it, it is best described as such (if you don't know Vaxima): MACSYMA (Project MAC's SYmbolic MAnipulation System) is a large computer algebra system for symbolic and numerical computations. Originally MACSYMA was developed by the MATH lab group at M.I.T. The descendants of MACSYMA (circa 1982) fall into two camps, viz., the commercialized Symbolics MACSYMA and its successor from Macsyma, Inc., and the versions released to National Energy Software Center at Argonne, Illinois, which are based on the "public" MIT source code for the DEC PDP-10 MACLisp system. The latter ones do not have the Symbolics enhancements, but they have been modified from time to time by several individuals or groups. One of these modifications is known as VAXIMA. It is an implementation around 1980 on DEC-Vaxes by R. Fateman at the University of California at Berkeley. It uses VAX/UNIX Franz Lisp and runs on some Franz-Lisp hosts. Thanks, Jerome

8 years, 5 months

Introduction and two new systems online

by r3boot＠r3blog.nl

Hi all, My name is Lex van Roon, and for quite some time I've been lurking on this list as a DEC/VMS enthusiast and today I got my link to HECnet working with the help of Johnny. Somewhere during the 90s, a high-school classmate of mine gave me a couple of copies of Hacktic(*). In there I read about these operating systems with weird names like VMS and UNIX, and since I only knew MS based OS's back then, I was intrigued. I soon got my first Linux box running under x86, and not long thereafter I got my first whitelabel Alpha mainboard, on which I happily ran BSD and Linux. After dropping out of school, I went to work as a sysadmin in the UNIX world during the end of the dotcom boom, and nowadays I'm a DevOps engineer working for a large dutch .com. As a hobby, I've been running various Alpha's (and other RISC iron) over the years: - Whitelabel AXPCI133 - AS1000 (lots of them) - PWS 466au - DS10/DS20/DS25 - ES47 and since a couple of years, I finally wiped UNIX off my Alpha's and installed VMS, and have used them for various things. Mostly replicating services I'd normally run under UNIX (dns, ntp, http), but also for software development in C and Python(**). In this time, I've discovered that it's very helpful to know people who know VMS very well (thnx Steven Hoffman), and I am confident enough about my VMS skills that I decided to join, since being in a DECnet with my own systems is not such an interesting learning experience as working with 'the real thing' :) For now I'm online with the following two Alpha's: REI / 1.540 / AlphaServer DS10 / 466MHz / 1GB ram / 2 x 18GB u2w 10k PAI / 1.541 / AlphaServer DS25E / 1GHz / 1GB ram / 6 x 73GB u320 15k In the future, I plan/hope to get my VAX 4000/200 connected, but that system still needs some TLC before it will operate. Most likely I will also spin up some emulated instances of various other DEC operating systems in the future, for learning/discovery purposes. The systems are connected to a 100mbit FttH uplink, located in Amersfoort, The Netherlands and are available 24/7. I have not yet configured any guest accounts, but I intend to do this. Kind Regards, Lex van Roon *) https://en.wikipedia.org/wiki/Hack-Tic **) https://github.com/r3boot/pki -- LRO-RIPE | 570DE0BE | 9BF5 922E AF87 8584 E9CA C3AD C508 39A9 570D E0BE

8 years, 5 months

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

HECnet