On 2010-10-17 03:43, Johnny Billquist wrote:
On 2010-10-17 03:34, Johnny Billquist wrote:
Hi. As a few people are sharing LAT connections now as well, I thought
I'd make a suggestion on how to make this a bit more manageable.
If people have questions on LAT, how to set up DECservers, or something
else, you can as usual just mail me.
First of all, please note that LAT is not a safe protocol. Everything
goes in clear text, and malicious people can easily snoop your sessions.
My thoughts right now are in the area of services offered. When I list
services I notice that some machine consoles are available, as well as
some general machine logins.
The console services are nice to have (I also have a few of those),
however, they are not useful for the general public, and the hope is
that people who don't have anything to do with them don't connect to
them. But they do clutter up the list of available services anyhow.
What I'd like to propose is that for services that aren't of general use
should switch to another group. The default group is group #0, and that
group is nice to continue to use for generally available systems that
people might want to log in to.
I've been using group 1 for consoles for now, and I'd suggest that
others do that too. Or perhaps pick some other group if you want to keep
your machines separate. Notice that this does not really add anything
from a security point of view, since people can change their own port to
see services in any group if they really want to.
But if people set up their port to by default only be in group 0, and we
place consoles in group 1, they will not show up in the general case,
and you'd have to explicitly turn on group 1 when you want to play with
consoles (or if you want it on by default, feel free, but it will look
nicer to some atleast).
The same goes if you have printers, for instance, as services. Place
them also in another group. Preferably in yet another group, but atleast
not in group 0. And modems as well, if you have those.
So a suggested division of groups would be as follows:
0 General systems where people might log in.
1 Consoles
2 Modems
3 Printers
If you have all of that on the same DECserver you cannot be picky,
however, since you can only specify one group for all services offered.
Use the lowest group number for which you have a matching service in
that case.
Note that the group numbers only affect which services are visible to
users connected to a DECserver. It does not affect reverse LAT
connections, which will find the right service no matter which group it
is in.
So this is mostly just to make the list of services more convenient when
you look as an interactive user on a DECserver.
Finally a short suggestion for those of you who have consoles as
services. If you haven't found it, or set it up, I'd also suggest you
place a password on those services, which can limit the possibility of
others to wreak havoc on your machines... Just a suggestion.
It will still not prevent others from potentially DoS your console port.
I just had another idea as well.
Would people think it would be an interesting idea to have group numbers
for machines differentiate depending on OS? So that people could see
what VMS systems there are to connect to without seeing other systems?
Or maybe it would be more meaningful if we use group 0 for systems where
guest access is available, and then people use their own groups for
"local" systems?
Oh yeah, I should probably point out that all of this is only relevant to the people
running my bridge program on the same segment I am. Others can obviously do as they want,
since that is not visible to me anyway.
Thinking a bit more about it, it actually makes more sense to use one group (0) for all
publicly available systems, and a separate group (or two) where you can place all private
machines, console ports, printers, modems and so on. That way you can see all services
relevant to you, without being bothered about services that you don't care about, or
can use anyway...
So here is a new suggestion for the bridge which is "hubbed" around Update.
0 Publicly available systems
1 Update
2 BQT
Let me know, and I'll happily assign LAT groups for others as well.
Johnny
--
Johnny Billquist || "I'm on a bus
|| on a psychedelic
trip
email: bqt at softjar.se || Reading murder books
pdp is alive! || tryin' to stay hip" -
B. Idol