Hi. As a few people are sharing LAT connections now as well, I thought I'd make a
suggestion on how to make this a bit more manageable.
If people have questions on LAT, how to set up DECservers, or something else, you can as
usual just mail me.
First of all, please note that LAT is not a safe protocol. Everything goes in clear text,
and malicious people can easily snoop your sessions.
My thoughts right now are in the area of services offered. When I list services I notice
that some machine consoles are available, as well as some general machine logins.
The console services are nice to have (I also have a few of those), however, they are not
useful for the general public, and the hope is that people who don't have anything to
do with them don't connect to them. But they do clutter up the list of available
services anyhow.
What I'd like to propose is that for services that aren't of general use should
switch to another group. The default group is group #0, and that group is nice to continue
to use for generally available systems that people might want to log in to.
I've been using group 1 for consoles for now, and I'd suggest that others do that
too. Or perhaps pick some other group if you want to keep your machines separate. Notice
that this does not really add anything from a security point of view, since people can
change their own port to see services in any group if they really want to.
But if people set up their port to by default only be in group 0, and we place consoles in
group 1, they will not show up in the general case, and you'd have to explicitly turn
on group 1 when you want to play with consoles (or if you want it on by default, feel
free, but it will look nicer to some atleast).
The same goes if you have printers, for instance, as services. Place them also in another
group. Preferably in yet another group, but atleast not in group 0. And modems as well, if
you have those.
So a suggested division of groups would be as follows:
0 General systems where people might log in.
1 Consoles
2 Modems
3 Printers
If you have all of that on the same DECserver you cannot be picky, however, since you can
only specify one group for all services offered. Use the lowest group number for which you
have a matching service in that case.
Note that the group numbers only affect which services are visible to users connected to a
DECserver. It does not affect reverse LAT connections, which will find the right service
no matter which group it is in.
So this is mostly just to make the list of services more convenient when you look as an
interactive user on a DECserver.
Finally a short suggestion for those of you who have consoles as services. If you
haven't found it, or set it up, I'd also suggest you place a password on those
services, which can limit the possibility of others to wreak havoc on your machines...
Just a suggestion.
It will still not prevent others from potentially DoS your console port.
Johnny
--
Johnny Billquist || "I'm on a bus
|| on a psychedelic
trip
email: bqt at softjar.se || Reading murder books
pdp is alive! || tryin' to stay hip" -
B. Idol
Show replies by date