INFO-VAX Wed, 28 Nov 2007 Volume 2007 : Issue 652 Contents: Re: GUI Interface Designer Re: GUI Interface Designer Re: HP loses another large customer Re: Infoserver 1000 Software Re: Infoserver 1000 Software Re: Infoserver 1000 Software Re: NASA gets SGI 2048-core Itanium 2 supercomputer Re: NASA gets SGI 2048-core Itanium 2 supercomputer Re: NASA gets SGI 2048-core Itanium 2 supercomputer Re: RFC: Cluster status on a mobile handset Re: SET SECURITY /SECRECY Re: Testing username/password from DCL Re: Testing username/password from DCL Re: Testing username/password from DCL Re: Testing username/password from DCL Re: Testing username/password from DCL Re: Testing username/password from DCL Re: Testing username/password from DCL Re: Testing username/password from DCL ---------------------------------------------------------------------- Date: Wed, 28 Nov 2007 09:34:23 +0100 From: Michael Kraemer Subject: Re: GUI Interface Designer Message-ID: hailsnailtrail@gmail.com schrieb: > Hi there. I'm a very talented multimedia developer/artist, soon to be > entrepreneurial; who is looking to develop a professional network of > individuals whom are looking for graphical interface design services > in the operating system sector. > > I'm hoping that if anybody reads this, and is interested, that they > could maybe connect me to somebody interested in raising the bar on > their users gui experience. It would be excellent if somebody could > refer me to somebody involved in DECwindows / VMS development team, > that might be interested. This comes about 15 years late, I'd say. DECwindows is history and the various owners of VMS have given up on VMS as a GUI-oriented OS. ------------------------------ Date: Wed, 28 Nov 2007 11:17:23 -0500 From: "David Turner, Island Computers" Subject: Re: GUI Interface Designer Message-ID: <13kr58cbdhf25d3@news.supernews.com> I would use it at home if it had a GUI like Ubuntu ! DT "Michael Kraemer" wrote in message news:fij959$csd$02$1@news.t-online.com... > hailsnailtrail@gmail.com schrieb: >> Hi there. I'm a very talented multimedia developer/artist, soon to be >> entrepreneurial; who is looking to develop a professional network of >> individuals whom are looking for graphical interface design services >> in the operating system sector. >> >> I'm hoping that if anybody reads this, and is interested, that they >> could maybe connect me to somebody interested in raising the bar on >> their users gui experience. It would be excellent if somebody could >> refer me to somebody involved in DECwindows / VMS development team, >> that might be interested. > > This comes about 15 years late, I'd say. > DECwindows is history and the various > owners of VMS have given up on VMS > as a GUI-oriented OS. > ------------------------------ Date: 28 Nov 2007 07:26:06 -0600 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: HP loses another large customer Message-ID: In article <63575$474c8bee$cef8887a$4385@TEKSAVVY.COM>, JF Mezei writes: > Bill Gunshannon wrote: >> And, of course, neither covers the case when you actually did want to >> add two windows or multiply a window by a file. :-) > > Actually, i could see "adding two windows" being implemented. > > You would create a new window and populate it with widgets from both the > original windows and create new callbacks for each function that was > common to both original windows (such as File -> Open) that would end up > doing a callback for that function for each of the original window. > Would make for some most interest results. > Which is why you can't overload operators in Java. When people read "+" they thing arithmetic. Using "+" for all kinds of other things makes some really unmaintainable code. Too bad they didn't follow through. "+" in String is not arithmetic. Surely there were already many examples in other languages of using other special characters to mean "concatenate". ------------------------------ Date: Wed, 28 Nov 2007 08:18:19 -0500 From: "David Turner, Island Computers" Subject: Re: Infoserver 1000 Software Message-ID: <13kqqokhi0u65a1@news.supernews.com> to confirm is this the QA-0UWAA-AA This is the software he needs If anyone does have this I would be grateful but as I am not selling it - just looking for it for a friend - I can't really offer anything for it except my thanks David "David Turner, Island Computers" wrote in message news:13kous169tufj03@news.supernews.com... > Part number is QA something or other on CDROM > It's for a friend that can't find the right info > I don't do vaxes and infoservers so any help would be appreciated > > > -- > David B Turner > Island Computers US Corp > 2700 Gregory St, Suite 180 > Savannah GA 31404 > > T: 877-6364332 x201 > Intl: 001 912 447 6622 > E: dturner@islandco.com > F: 912 201 0402 > W: http://www.islandco.com > > > > > The information transmitted is intended only for the person or entity to > which it is addressed and may contain confidential, proprietary, and/or > privileged material. Any review, retransmission, dissemination or other > use of, or taking of any action in reliance upon this information by > persons or entities other than the intended recipient is prohibited. If > you received this in error, please contact the sender and delete the > material from all computers. > > ------------------------------ Date: Wed, 28 Nov 2007 18:09:36 +0200 From: =?ISO-8859-1?Q?Uusim=E4ki?= Subject: Re: Infoserver 1000 Software Message-ID: <474d8f48$0$27828$9b536df3@news.fv.fi> The latest version is 3.5A like JF already mentioned. It is included in VMS Freeware kit #8 (on CDs) and found on http://h71000.www7.hp.com/freeware/freeware80/infoserver/ Regards, Kari David Turner, Island Computers wrote: > to confirm is this the QA-0UWAA-AA > This is the software he needs > If anyone does have this I would be grateful but as I am not selling it - > just looking for it for a friend - I can't really offer anything for it > except my thanks > > David > > > "David Turner, Island Computers" wrote in > message news:13kous169tufj03@news.supernews.com... >> Part number is QA something or other on CDROM >> It's for a friend that can't find the right info >> I don't do vaxes and infoservers so any help would be appreciated >> >> >> -- >> David B Turner >> Island Computers US Corp >> 2700 Gregory St, Suite 180 >> Savannah GA 31404 >> >> T: 877-6364332 x201 >> Intl: 001 912 447 6622 >> E: dturner@islandco.com >> F: 912 201 0402 >> W: http://www.islandco.com >> >> >> >> >> The information transmitted is intended only for the person or entity to >> which it is addressed and may contain confidential, proprietary, and/or >> privileged material. Any review, retransmission, dissemination or other >> use of, or taking of any action in reliance upon this information by >> persons or entities other than the intended recipient is prohibited. If >> you received this in error, please contact the sender and delete the >> material from all computers. >> >> > > ------------------------------ Date: Wed, 28 Nov 2007 17:12:53 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: Infoserver 1000 Software Message-ID: In article <13kqqokhi0u65a1@news.supernews.com>, "David Turner, Island Computers" writes: > > >to confirm is this the QA-0UWAA-AA >This is the software he needs >If anyone does have this I would be grateful but as I am not selling it - >just looking for it for a friend - I can't really offer anything for it >except my thanks David, I was just perusing one of the copies of my InfoServer CDs. In [INFOSERVER.LINE_DOCS]INFOSERV034_SPD.TXT I found: InfoServer CD/R Function Access CD Kit: QA-0UWAA-H8 This was, IIRC, called the InfoServer Scribe. It enabled the used of a CD burner in the InfoServer. I can supply the InfoServer software (from one of my many CDs) but I do not have a copy of the 'Scribe' CD to enable the CD burning capability. The 'scribe' capability required certain CDR hardware. If they have the supported hardware now they are lucky. Trying to find the old CDRs that were required for use with the 'Scribe' software will be problematic. I doubt anyone would find any working model of a CD recorder from a decade ago. If they just want to access the InfoServer, that I can oblige. If they want to burn CDs, I'd suggest getting a new burner, hooking it up to an OpenVMS Alpha or Itanium and using the software available for OpenVMS CD burning. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" http://tmesis.com/drat.html ------------------------------ Date: Wed, 28 Nov 2007 07:39:59 -0800 (PST) From: Neil Rieck Subject: Re: NASA gets SGI 2048-core Itanium 2 supercomputer Message-ID: <219d003b-c9f5-4cf9-b7cf-3d12b22bdb4f@y5g2000hsf.googlegroups.com> On Nov 26, 4:44 pm, koeh...@eisner.nospam.encompasserve.org (Bob Koehler) wrote: > In article <49f32980-721c-49bf-aada-1295efbce...@w40g2000hsb.googlegroups.com>, Neil Rieck writes: > > > [...snip...] > > NASA has transformed from the premier engineering organisation that > did some science on the side to a big bureaucracy that also does > engineering and science. > > But almost everything we do at the Goddard Space Flight Center is > science. JPL does most of the deep space missions, GSFC does most > of the earth orbiting missions; every other NASA installation (JPL > is actually a contractor) has its specialty. > > So why haven't you heard of the GSFC science missions? Because > the Hubble Space Telescope is the only one of them the media pays > any attention enough for its name to be recognised. Its NASA's > number one PR machine as well as one hell of a good science resource. > Thanks for that update. I forgot that there were NASA people hanging out here. p.s. So do you think it's too late for someone like a presidential science advisor to get the USA back on track? In this light it would be nice if we could get back to the 1960's. Neil Rieck Kitchener/Waterloo/Cambridge, Ontario, Canada. http://www3.sympatico.ca/n.rieck/ ------------------------------ Date: Wed, 28 Nov 2007 16:26:54 GMT From: =?ISO-8859-1?Q?Jan-Erik_S=F6derholm?= Subject: Re: NASA gets SGI 2048-core Itanium 2 supercomputer Message-ID: Neil Rieck wrote: > ... to get the USA back on track? What *is* "the track" ? A track leading to what ? Jan-Erik. ------------------------------ Date: Wed, 28 Nov 2007 10:25:52 -0800 (PST) From: Neil Rieck Subject: Re: NASA gets SGI 2048-core Itanium 2 supercomputer Message-ID: <00c4e2d2-3ea5-42e8-8b61-2ceaf1f0b932@o42g2000hsc.googlegroups.com> On Nov 28, 11:26 am, Jan-Erik S=F6derholm wrote: > Neil Rieck wrote: > > ... to get the USA back on track? > > What *is* "the track" ? > A track leading to what ? > > Jan-Erik. A track where America once again leads all of the world's economies in everything it does. A track where America's focus swings back to dominance in science, technology and engineering while putting away religious fundamentalism, xenophobia, rejection of science. A track before the country was politically divided. A track before anyone thought that fighting wars in Vietnam or Iraq were a good idea or possibly an economic benefit. NSR ------------------------------ Date: Wed, 28 Nov 2007 16:57:24 +0200 From: =?ISO-8859-1?Q?Uusim=E4ki?= Subject: Re: RFC: Cluster status on a mobile handset Message-ID: <474d7e5d$0$27813$9b536df3@news.fv.fi> JF Mezei wrote: > For a while now, I have had a WAP/WML script that gave a status of my > cluster over a mobile phone. This was the real WML, with cards. A single > transactions brought all the info over and you could then easily > nagivate from page to page with the navigation keys and quickly go > through to system's status. > > Newphangled phones have abandonned the compact/efficient WML for the WAP > 2.0 which is essentially XHTML with a mobile profile. > > I have therefore begun to convert the dcl procedure to generate that > format, complete with neat colours (CSS styles are now supported). > > However, XHTML lacks the navigation capabilities of WML so it isn't as > obvious how to structure that page. > > anyone with a modern handset can look at it: > > http: // wap.vaxination.ca / clu > > pressing key 0 gets you to the top, > 1 gets you to general cluster status > 2 gets you to list of nodes > 3 gets you list of disks > 4 gets you the list of queues. > > Would appreciate any comments you might have on the format, structure, > how to make it easier to get to the data, and what data should be added > (or removed) from it. > > Also, if you cannot view it, let me know your phone model. I've compared > the developer documents for both Nokia and Ericsson and they seem quite > similar. (they are both based on Symbian so I assume they may share a > similar engine under the hood). > > > > (I'll be doing additional work for authentication later on since > obviously, you don't want the world to look under the hood of your > cluster). > > Am thinking about adding colours to the disk usage. Above what > percentage of usage should a disk become yellow and above what > percentage should it become red ? > > If there is interest, I would release it to the community. The DCL is > generic enough to run an any machine. Hi JF, Really cool application! Works fine on my Nokia E90. I tested it with WLAN and GPRS. No significant difference in speed. My suggestion to the disk usage alarm level is that the yellow threshold would be at 70% used space and red threshold at 90% used space. The yellow level would tell that the filesystem has reached the point where it will grow slower. That has been verified in many tests. Then the red level would tell that the filesystem really needs attention as it soon will cause problems if not taken care of quickly. Another suggestion is that it would be valuable to see if the nodes are heavily loaded. E.g. CPU-time over 90% for more than 5 mins, would turn the nodes colour red. A third suggestion is to show the Cluster Interconnects somehow. If there are any problems with them, it could show in yellow and if cut completely, it could show in red. Also queue states could be shown colour coded. E.g. paused queue in yellow and stopped in red. Maybe a very busy queue could also be shown in yellow. These are just some thoughts, which I have been pondering, because I've been planning to make an cluster monitoring application also (although not in wap, but just in regular html). ;-) You were there first. Good luck with the development! Regards, Kari ------------------------------ Date: 28 Nov 2007 07:40:19 -0600 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: SET SECURITY /SECRECY Message-ID: <1suF4HHbdObE@eisner.encompasserve.org> In article <474CB7F5.6010007@comcast.net>, bradhamilton writes: > > I guess Larry knows best here, having "experience" with SEVMS; I assume > that /SECRECY is latent in non-SEVMS environments. :-) > For a great many years now, the standard VMS kernel has had CIA and ICBM. Some things are not even latent. 8-) ------------------------------ Date: 28 Nov 2007 04:21:50 -0600 From: burley.not-this@encompasserve-or-this.org (Graham Burley) Subject: Re: Testing username/password from DCL Message-ID: In article <37abd$474c8f17$cef8887a$18988@TEKSAVVY.COM>, JF Mezei writes: > What would be the best/easiest way to test those prior to sending the > results back to the remote user ? And would there be a way to test for a > privilege ? Is there a reason you can't use the authentication built into the web server? > Would opening a DECNET task or just attempting to type a some file Tempting, but the intrusion source will be the script account, i.e. LOCALNODE::WEB_SERVER > Is there any sample code that verifies a password and if wrong, does the > right calls to log that failed login attempt ? When I was looking for something similar one of the better examples was in Ruslan Laishev's RADIUS port, also worth taking a look at Ferry Bolhar's CHKLGI package from Hunter's Freeware. ------------------------------ Date: 28 Nov 2007 05:30:10 -0600 From: burley.not-this@encompasserve-or-this.org (Graham Burley) Subject: Re: Testing username/password from DCL Message-ID: In article , burley.not-this@encompasserve-or-this.org (Graham Burley) writes: > When I was looking for something similar Of course, it goes without saying that you should use the $ACM services where available, as long as you don't ask any difficult questions about why the TCP/IP Services POP server doesn't use it ;-) ------------------------------ Date: Wed, 28 Nov 2007 07:27:16 -0500 From: JF Mezei Subject: Re: Testing username/password from DCL Message-ID: <6fc65$474d5ea7$cef8887a$18158@TEKSAVVY.COM> Graham Burley wrote: > Of course, it goes without saying that you should use the $ACM services > where available, as long as you don't ask any difficult questions about > why the TCP/IP Services POP server doesn't use it ;-) Because VMS management refused to have $ACM available on VAX, I can't use it. $ACM is good for specific applications that will run on a specific platform, it can't be used for software that is to be distributed to anyone because roughly 1/3 of the installed base is on VAX. So I essentially have to re-invent the wheel and write my own $ACM which is why I was wondering if something was already available. Really makes me wonder why they didn't compile ACM on VAX to include it with 7.2 or 7.3 (or whenever $ACM appeared). In terms of TCPIP services, they managed to do things right for FTP even on VAX, so it means that having an application generate intrusion detection stuff is possible on VAX. Now, if I do write my own application, I am somewhat concerned about it being installed with the necessary privileges. It means that anyone can use it to test passwords and specify some source that could be the boss' terminal for instance (denial of service to the boss). ------------------------------ Date: Wed, 28 Nov 2007 13:30:43 GMT From: VAXman- @SendSpamHere.ORG Subject: Re: Testing username/password from DCL Message-ID: <74e3j.17$qb6.11@newsfe10.lga> In article <6fc65$474d5ea7$cef8887a$18158@TEKSAVVY.COM>, JF Mezei writes: > > >Graham Burley wrote: >> Of course, it goes without saying that you should use the $ACM services >> where available, as long as you don't ask any difficult questions about >> why the TCP/IP Services POP server doesn't use it ;-) > >Because VMS management refused to have $ACM available on VAX, I can't >use it. $ACM is good for specific applications that will run on a >specific platform, it can't be used for software that is to be >distributed to anyone because roughly 1/3 of the installed base is on VAX. > >So I essentially have to re-invent the wheel and write my own $ACM which >is why I was wondering if something was already available. Really makes >me wonder why they didn't compile ACM on VAX to include it with 7.2 or >7.3 (or whenever $ACM appeared). > > >In terms of TCPIP services, they managed to do things right for FTP even >on VAX, so it means that having an application generate intrusion >detection stuff is possible on VAX. > >Now, if I do write my own application, I am somewhat concerned about it >being installed with the necessary privileges. It means that anyone can >use it to test passwords and specify some source that could be the >boss' terminal for instance (denial of service to the boss). Well, protection on the image itself would keep certain parties out. ACLs my be useful too. I provided a company with a program that was only to be run by their applications which were a nested in a morass of DCL procedures. What I did was have the program check the procedure which was executing it and compare that with an authorized procedure name (in an exec mode logical). As long as the procedures were RE and nobody on the system had privies to change the DCL or the logical, there seemed to be very little in the way of using the program for purposes other than what it was intended for. Even if the procedure was used for something outside of this company's intended use, it wasn't annything that was really deleterious to their operations. -- VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)COM "Well my son, life is like a beanstalk, isn't it?" http://tmesis.com/drat.html ------------------------------ Date: 28 Nov 2007 07:33:05 -0600 From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) Subject: Re: Testing username/password from DCL Message-ID: In article <37abd$474c8f17$cef8887a$18988@TEKSAVVY.COM>, JF Mezei writes: > > Would opening a DECNET task or just attempting to type a some file > aka: > $TYPE/OUTPUT=NLA0:- > 0"''username' ''password'"::SYS$MANAGER:SYSTARTUP_VMS.COM Be very carefull of taking a user's input and putting it in a DCL command that way. The user could enter a variety of lexical functions as either username or password that could get them results other than what you want. > Would having a few SET NOVERIFY in the procedure ensure that the > username/passowrd is never written to any log file ? No. Suppose the user enters f$verify(1,1) as part of those fields. Where does the output then go? > Or would it be considered far more secure/safe/efficient to write an > application installed with privileges that checks the > username/password/privs via $GETUAI system service ? That's a much better idea. But if the web server account is not privileged, what are you going to do with the username and password? Are you just checking that a user can do something before you start a process to do it under his username/password? ------------------------------ Date: Wed, 28 Nov 2007 14:20:14 +0000 From: Tom Wade Subject: Re: Testing username/password from DCL Message-ID: <5Ke3j.23483$j7.444037@news.indigo.ie> > Note that $GETUAI should only be used if you require this to work on VAX. > Otherwise, use $ACM in order to take advantage of breakin evasion and > auditing. And if you do need VAX support and intend to use $GETUAI, you will have to call the $SCAN_INTRUSION calls yourself. ftp://picard.eurokom.ie/setpass.zip contains code that does something like: $ setpass /old= /new= Use as a template, or simply remove the bits that do the actual password changing. --------------------------------------------------------- Tom Wade | EMail: tee dot wade at eurokom dot ie EuroKom | Tel: +353 (1) 296-9696 A2, Nutgrove Office Park | Fax: +353 (1) 296-9697 Rathfarnham | Disclaimer: This is not a disclaimer Dublin 14 | Tip: "Friends don't let friends do Unix !" Ireland ------------------------------ Date: Wed, 28 Nov 2007 07:50:30 -0800 (PST) From: Neil Rieck Subject: Re: Testing username/password from DCL Message-ID: <2946bc9c-0b3f-4dde-8fb1-0d1daafbf07e@f3g2000hsg.googlegroups.com> On Nov 27, 4:41 pm, JF Mezei wrote: > Say I have a DCL script that runs under the account WEB_SERVER which has > no privileges. (except tmpmbx and netmbx). > > That script gets a request with a username/password as parameters. > > What would be the best/easiest way to test those prior to sending the > results back to the remote user ? And would there be a way to test for a > privilege ? > > Would opening a DECNET task or just attempting to type a some file > aka: > $TYPE/OUTPUT=NLA0:- > 0"''username' ''password'"::SYS$MANAGER:SYSTARTUP_VMS.COM > > Be sufficient ? (and then use ON ERROR to detect a failure). This would > require an implicit file access to that file (either via a SYSTEM > account, or someone with SYSPRV). > > Would having a few SET NOVERIFY in the procedure ensure that the > username/passowrd is never written to any log file ? > > I would also have to ensure the username and password fields are not > empty to ensure no default proxies are used (since the WEB_SERVER > account needs some proxies for itself). > > Or would it be considered far more secure/safe/efficient to write an > application installed with privileges that checks the > username/password/privs via $GETUAI system service ? > > Is there any sample code that verifies a password and if wrong, does the > right calls to log that failed login attempt ? JF. Before I chime in please tell us what you are up to. Are you trying to validate a username/password from a web page? If so, what kind of webserver software are you running? p.s. I do this all the time with HP's Apache for OpenVMS. In some instances we let Apache prompt for the OpenVMS username/password while in other instances we do OpenVMS username/password validation from within our served-up applications. http://www3.sympatico.ca/n.rieck/demo_vms/basic_apache_demo.zip http://www3.sympatico.ca/n.rieck/demo_vms/basic-web-pw-change.zip The second demo as written for VMS-7.3 and needs a few tweaks for VMS-8.x Neil Rieck Kitchener/Waterloo/Cambridge, Ontario, Canada. http://www3.sympatico.ca/n.rieck/ ------------------------------ Date: Wed, 28 Nov 2007 18:22:09 +0000 (UTC) From: moroney@world.std.spaamtrap.com (Michael Moroney) Subject: Re: Testing username/password from DCL Message-ID: JF Mezei writes: >In terms of TCPIP services, they managed to do things right for FTP even >on VAX, so it means that having an application generate intrusion >detection stuff is possible on VAX. Not quite right. The reverse the bytes of the IP address in the intrusion record compared to that from, say, a TELNET login failure. ------------------------------ End of INFO-VAX 2007.652 ************************