[Search for users]
[Overall Top Noters]
[List of all Conferences]
[Download this site]
| Title: | -={ H A C K E R S }=- |
| Notice: | Write locked - see NOTED::HACKERS |
| Moderator: | DIEHRD::MORRIS |
|
| Created: | Thu Feb 20 1986 |
| Last Modified: | Mon Aug 03 1992 |
| Last Successful Update: | Fri Jun 06 1997 |
| Number of topics: | 680 |
| Total number of notes: | 5456 |
613.0. "Security Alarms" by DISSRV::NORRIS (What is it, Miss Pfeffernuss?) Mon Nov 30 1987 15:19
Let's try this group. VMSNOTES and SECURITY_INFO have turned up
nothing. Some security alarm questions:
1. I have some files set up as follows:
$ dir/secure test.dir;
Directory DUA1:[000000]
TEST.DIR;1 [100,100] (RW,RWE,RE,E)
Total of 1 file.
$ dir/secure [.test]this.dir;
Directory DUA1:[000000.TEST]
THIS.DIR;1 [100,100] (,RWED,,)
(DEFAULT_PROTECTION,SYSTEM:,OWNER:RWED,GROUP:,WORLD:)
$ dir/secure [test.this]file.txt;
Directory DUA1:[TEST.THIS]
FILE.TXT;1 [100,100] (,RWED,,)
If I issue the command; $ dir/secure dua1:[test.this]file.txt,
I receive a file protection message and a security alarm for
a file access failure.
If I issue the command; $ type dua1[test.this]file.txt, I
receive a file protection message but I don't receive a
security alarm. Why?
2. If I set the security alarm for LOGFAILURE=ALL I don't receive
timeout failures on a system password. They do appear in the
accounting log as a LOGFAIL. Is this an oversight or was it
designed this way?
Ed
| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 613.1 | | NANUCK::SSMITH | Minnesota Vikings' couching staff | Fri Dec 18 1987 11:22 | 14 |
| 1. What is your process' UIC, and what privileges does your process
currently have?
2. I don't believe the system password was intended as the primary
security mechanism within VMS. It is there to *impede* somebody trying
to break in who has no right to be there. As stated elsewhere, the
*real* protection mechanism is a relatively obscure, (frequently)
changed password.
BTW, I'd consider the lack of alarms on it an oversight. QAR it.
-- Shel Smith
P.S. Have you set BREAKIN=ALL to see if it's checked there?
|
| 613.2 | | DISSRV::NORRIS | What is it, Miss Pfeffernuss? | Mon Dec 21 1987 13:53 | 7 |
| Re .1 The UIC is [200,200] or some such thing, it's not within
MAXSYSGROUP and the privileges are TMPMBX and NETMBX.
I have BREAKIN=ALL turned on, but that doesn't do it.
I think I will QAR the timeout on system passwords.
Ed
|
| 613.3 | Mis-read orig. note. QAR *both* issues. | NANUCK::SSMITH | Minnesota Vikings' couching staff | Wed Dec 23 1987 14:39 | 0
|