| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 531.1 | | VINO::RASPUZZI | Michael Raspuzzi | Fri Aug 14 1987 12:01 | 20 |
| Of course, there is the SET BROADCAST=NOPHONE to prevent the message
from being blasted on a terminal.
I can understand where you are coming from. In the DECNET account
directory you can find the NETSERVER.LOG files to see where this
message came from. All you need to know is the time of the infraction
and who it went to. Then you look at the NETSERVER.LOG file and
see who was talking to the PHONE server at that time. Then you can
severely chastise the perpetrator and use him/her as an example
so no one else wil do this.
It is really hard for PHONE and MAIL to verify if the information
coming to them is valid. If 2 machines are networked together, one
can lie to the other. Networks are "hostile". Clusters are not.
Clusters are "friendly". Of course, "hostile" and "friendly" are
relative terms to each other (from a network/ethernet and a CI
standpoint that is).
Good luck.
Mike
|
| 531.2 | Seek and destroy! | USHS01::BLANDO | Reality, what a concept! | Fri Aug 14 1987 12:02 | 17 |
| I don't have the answer, but does the PHONE object have PROXY enabled,
or does it use a default account? If it uses a default account,
make a UAF cpy of the account, and assign PHONE to that copy. Then
in the LOGIN.COMdo a DEFINE FAL$LOG 17_32. This will cause a lot
of data to be generated, but some of the data will point to the
origine. Also a SHOW LOGICAL SYS$NET.
Then next time it occurs, find the correct .LOG file, and trace
the user. If you use PROXY, you will have to look in the accounting
file to find information. You can do it, and then once 1 person
is caught and is taken care of, publisize it. You will not have
the problem again! (Unless nothing is done about it, in which case
you have a managment problem more than a computer problem)
FJBlando
P.S. What site is having the problem?
|
| 531.3 | set an example | MAY20::MINOW | Je suis Marxist, tendance Groucho | Fri Aug 14 1987 12:13 | 4 |
| Don't chastize the person, fire him. The word will get around.
M.
|
| 531.4 | Brevard | AUNTB::SOEHL | On to Mt. Pilot | Fri Aug 14 1987 13:57 | 5 |
| Thanks for the suggestions. .2, the site is Brevard, NC. Aren't
you at a duPont site? I seem to remember seeing the name Blando
in duPont conferences.
Patrick
|
| 531.5 | Another Duponter... | CHOVAX::YOUNG | Back from the Shadows Again, | Sat Aug 15 1987 01:26 | 22 |
| Re .4:
Yes Pat, Frank is at the Beaumont Texas site, and I am at the Jackson
Labs site (Deepwater NJ). I also am very concerned to hear about
this misuse of our customers system and our DECnet product. There
are a lot of folks at Dupont Corporate headquarters who would love
to embarass us with this kind of information.
Maybe we should get together and stop whoever the hell is doing
this before WE start getting a bad rep.
Re .2:
Are you sure that FAL$LOG will work for a non-fal image like PHONE
and MAIL, Frank? Also if you do use this trick I would recommend
getting rid of the 2nd bit and the byte count, thus;
Define FAL$LOG 13
This will disable the hex dumps which generate a huge amount of
logging, while still keeping all of the other information.
-- Barry
|
| 531.6 | | ERIS::CALLAS | Strange days, indeed. | Mon Aug 17 1987 09:35 | 7 |
| FAL$LOG will do nothing for PHONE. The way to catch the person is to go
sifting through the NETSERVER.LOG files and looking for accesses to the
PHONE object. Now, of course, you have to find the right one, but if
this person is in the habit of doing it, you should be able to find a
pattern.
Jon
|
| 531.7 | | 51586::KEW | I'll let the fancy take you... | Tue Aug 18 1987 08:53 | 11 |
| A friend of mine was having similar trouble and I did
$def/key/terminate pf4 "mc ncp show known links"
in their login.com, then, whenever they got a bother they hit pf4, the link
lasts long enough to spot whoever was coming in.
They caught the offender straight away and used a bother variant to send
the offenders terminal into self-test.
Jerry
|
| 531.8 | Mea culpa | USHS01::BLANDO | Reality, what a concept! | Tue Aug 18 1987 10:25 | 4 |
| oops! I was in the ozone layer, taking a deep breath. FAL$LOG
is not looked at by PHONE!
FJBlando
|
| 531.9 | .7 (bother variant)???? | FXADM::SORRENTINO | | Tue Aug 18 1987 18:37 | 8 |
|
.7
"a bother variant"???
is it better? less detectable? Fill us in...
Peter
|
| 531.10 | Hidden by Big Brother | 51586::KEW | I'll let the fancy take you... | Wed Aug 19 1987 03:28 | 115 |
| 531.11 | Please don't do that! | UFP::MURPHY | Rick Murphy | Wed Aug 19 1987 10:38 | 6 |
| Reluctant moderator here...
As this little toy has made it's way to customers, and is becoming
an embarrasment to Digital, I'd appreciate it if you wouldn't post
copies here. Thanks.
Note 531.10 was a copy of same, and is now hidden.
-Rick
|
| 531.12 | Please E-Mail me a copy | TOOK::MICHAUD | Jeff Michaud | Wed Aug 19 1987 21:43 | 12 |
| Re: .10
Could you please email me a copy since big brother has
hidden your posting. I will not be bothering anyone
with it, but will be using it to see if my DECnet-
Ultrix implementation of PHONE is fooled in the same
way as VMS.
Thanks,
jeff
decnet-ultrix
|
| 531.13 | How about this way? | INFACT::NORTHERN | Look quick, it won't last!!! | Thu Sep 10 1987 20:33 | 9 |
| couldn't you do something with replacing the phone object definition
back to the old style, and to SYS$SYSTEM:PHONE.COM?
You could then hack away at whatever logicals, and things needed
to be run to try and find the perpetrators...
(haven't tried this one myself, but think it might help...)
- Lou
|