| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 2456.1 | | 3149::REDZIN::DCOX | | Thu Apr 08 1993 12:06 | 10 |
| I believe the issue is with putting your NODE on the card.
Try using the format:
<firstname>.<lastname>@<tla for site>.mts.dec.com
as in, for me, [email protected]
Dave
|
| 2456.2 | | 2082::LIONEL | Free advice is worth every cent | Thu Apr 08 1993 12:18 | 6 |
| See note 174. However, .1 gives a form which is acceptable, though you
must determine if your site's MTS server knows about you. (Easiest way
is to send a message to the address and see if it works.) I have my
Internet address on my business cards.
Steve
|
| 2456.3 | Another sales prevention policy | 21383::BIAZZO | How low can we go? | Thu Apr 08 1993 12:23 | 17 |
| The only policy I have seen is actually on the form you should have
filled out to get your cards is that "nodenames" are not allowed.
When is this company going to wake up and take advantage of the power of the
Internet? All our competitors print their e-mail address on their business
cards. This is not to show they're TCP/IP savvy; they use it to communicate more
effectively with their customers and partners. It should be *mandatory* for
Digital employees to do so; not prohibited!
Besides, we have Internet firewalls in place that provide security.
Yet another stupid and short sighted policy. If it's not printed on your card,
you'll probably hand write it anyway.
My mail address is printed on my card and will continue to be. Just tell the
nice lady that you need your mail address printed to support revenue generating
activities. No revenue, no need for business cards, no need for nice ladies
to process business card orders etc etc etc
|
| 2456.4 | | 4356::PORTER | ceci n'est pas un nom | Thu Apr 08 1993 13:11 | 8 |
| >The only policy I have seen is actually on the form you should have
>filled out to get your cards is that "nodenames" are not allowed.
No problem, then. "nodename" is a DECnet concept :-)
My DECnet nodename is "MU", so I can't say that.
My IP hostname is "mu"; I think I can say that.
|
| 2456.5 | yes, there is one in place | BRYAN::TREBILCOTT | EDS Account Group | Thu Apr 08 1993 14:34 | 10 |
| Apparently there is a policy in place a little over a year old that
says that the only legal way to put an address on your business card is
to give the X.400 address because that is a public addressing.
Internal mail addresses, including internet, are illegal because it
allows potential for break-ins.
Elizabeth
|
| 2456.6 | Never mind | GLDOA::KATZ | Follow your conscience | Thu Apr 08 1993 15:00 | 2 |
| Well note 174 and all 260 replies to it said it all. Time
to tfso this policy.
|
| 2456.7 | Internet address is OK | GOTIT::harley | Pay no attention to that man behind the curtain... | Thu Apr 08 1993 15:01 | 8 |
| re .-1
I have [email protected] printed on my business cards; no node (host)
name, no fuss, no muss...
The fact that I manage the site IP mail forwarders helped a little :^)
/harley
|
| 2456.8 | even if true the answer is better security not a dumb policy | CVG::THOMPSON | Radical Centralist | Thu Apr 08 1993 15:02 | 7 |
| > Internal mail addresses, including internet, are illegal because it
> allows potential for break-ins.
Sounds like urban legend to me. How does having a mail address allow
potential for break-ins?
Alfred
|
| 2456.9 | | MU::PORTER | ceci n'est pas un nom | Thu Apr 08 1993 15:02 | 2 |
| So, what exactly does DECinspect do, if it's still far too dangerous
to even mention our node names in public?
|
| 2456.10 | I guess if you're a hacker... | BRYAN::TREBILCOTT | EDS Account Group | Thu Apr 08 1993 15:12 | 9 |
| I don't know how having an internet address on the card allows
break-ins, but it's what is being given as an answer over here at FHO
As for Inspect...that is only on VMS by requirement...ULTRIX nodes
still don't run it...
Eliz
|
| 2456.11 | | NETRIX::thomas | The Code Warrior | Thu Apr 08 1993 15:44 | 7 |
| If I ever get business cards printed, I'll figure which address I want on it...
[email protected], [email protected], [email protected], [email protected],
[email protected], [email protected], [email protected], or
[email protected].
All of which are legal addresses for a Digital business card.
|
| 2456.12 | | VMSMKT::KENAH | There are no mistakes in Love... | Thu Apr 08 1993 16:03 | 5 |
| My internet address slipped through the "security" net...
It vastly simplifies communication between me and customers.
andrew
|
| 2456.13 | Here's why | XLIB::BRUNELL | Outlanders MRO D Division Champs, Again | Thu Apr 08 1993 18:03 | 10 |
| Having the node name gives someone a point of attack. It doesn't get
them in, but now they know a name of a system behind the wall. Its
something to look for or try and hide as.
DECinspect will warn of a breakin. Actually following its instructions
and locking down your system makes it virtually impossible to use. So
it can stop a breakin by making the system deaf, dumb, and blind. So
its not much help.
Dave
|
| 2456.14 | POLYCENTER Compliance Manager | FUNYET::ANDERSON | OpenVMS Forever! | Thu Apr 08 1993 22:46 | 7 |
| It is very easy to have a secure system by running DECinspect lockdown
procedures and still get all your work done. Its rules make sense for the most
part. Privileged network proxies and product-supplied "template" accounts are
two things it does not like.
Paul, who_runs_an_Inspect-compliant_system_and_has_his_Internet_address_on_his
business_cards
|
| 2456.15 | Another Business prevention policy? | NIKKOR::HICKS | Chas Hicks, WB0LJP | Fri Apr 09 1993 00:11 | 24 |
|
Next, they'll tell us we can't post to Usenet conferences
becuase our mail reply address is present in the message. It
might provide a node name to break into.
I have my Internet address on my card (for about 3 years now).
I also have my amateur radio call on my card. It's another
way to communicate.
It tells clients we are serious about networking. We say we are.
Microsoft employees have their Internet address on their cards.
I'd bet that most large companies do today.
We obviously haven't refined the "business card process" since
some have their Internet address on their cards and some can't
get it done. I don't go along with the security issue. We do
have fire walls in place (at least they tell us they do). I
would think other companies would restrict their employees as well
if it was still considered a serious concern.
--chas
|
| 2456.16 | | AXEL::FOLEY | Rebel without a Clue | Fri Apr 09 1993 00:32 | 12 |
|
Folks, this is all old, re-hashed news... Do what you think
is right and be done with it. If your business card doesn't have
an Internet address and you feel that you'll do Digital better
by having it, then get a little rubber stamp made and stamp
your cards..
Now can we get back to the more important things in DEC, like
Marketing and Communication??
mike
|
| 2456.17 | | CVG::THOMPSON | Radical Centralist | Fri Apr 09 1993 09:55 | 19 |
| > Having the node name gives someone a point of attack.
OH, I see. If they have a node name they now have the telephone number
of the system and can call it up? No? Oh, then how does it give them
a point of attack? How does just knowing a name get them into the
EASYNET? That's what I never understood.
And besides, anyone without the imagination to guess 100 EASYNET node
names without any other access to the network is to stupid, IMHO, to
be likely to break in with just a name.
And let's not forget that a short look through any Internet news group
will result in picking up dozens perhaps hundreds of EASYNET node
names.
Frankly the idea that nodenames on business cards is a security threat
lacks any credibility with me.
Alfred
|
| 2456.18 | | ANARKY::BREWER | nevermind.... | Fri Apr 09 1993 11:37 | 4 |
|
A previous note had it right. Do what you need to do and
the heck with the bonehead rule.
/john
|
| 2456.19 | | VMSMKT::KENAH | There are no mistakes in Love... | Fri Apr 09 1993 11:49 | 7 |
| Mike:
I agree that we should do what we think is right, but I contend that
including our mail addresses on our cards reflect our willingness to
communicate -- in other words, it's marketing.
andrew
|
| 2456.20 | It didn't make much sense to me either | XLIB::BRUNELL | Outlanders MRO D Division Champs, Again | Fri Apr 09 1993 11:50 | 11 |
| re .17
I don't claim it makes sense, but its what a security person told me.
re. the inspect compliant person
You must be running a newer version than I last had. The last time I
did a lockdown, I lost mail and most network access. I now run an
Alpha so I don't have to worry about inspect, for now at least.
Dave Brunell
|
| 2456.21 | It's HAS happened | MSBCS::KELTZ | I'm not nervous, just VERY alert! | Fri Apr 09 1993 12:52 | 7 |
| I'm not going to get into the p*ssing contest here, just pass some
info. Intrusion into Digital because someone had found out the node
name and site HAS HAPPENED IN THE PAST. If you wnat the real gory
details, I suggest you contact the Enterprise Information Security
Group, managed by Vic Thoutte. They're in MSO I beleave.
Ed
|
| 2456.22 | ban street addresses | CSOADM::ROTH | ELVIS:: is alive... and reachable!! | Fri Apr 09 1993 13:01 | 7 |
|
Perhaps street addresses should be banned from the cards in the event
that one of our buildings has poor locks on the door(s). Isn't putting a
street address on biz cards 'giving burglars a place to start'?
Lee
|
| 2456.23 | | ICS::CROUCH | Subterranean Dharma Bum | Fri Apr 09 1993 13:46 | 9 |
| Perhaps business cards should be blank? No way to trace back to
a building, system, etc... No trace, no breakins. Ah, but the
finger prints may provide a clue.
Let's have all DTN numbers become unlisted. Oh, that already may
happen when ELF goes away. ;-)
Jim C.
|
| 2456.24 | between viruses and corporate thiefs... | CARTUN::MISTOVICH | depraved soul | Fri Apr 09 1993 14:31 | 14 |
| In all fairness, folks, Digital's data banks are probably its most
valuable asset. As I recall, a couple DECworld's ago (the one on the
QE2?) a *customer* was caught trying to dump some large, important
file....
No need to invite unauthorized access -- I'm sure security and IM&T
have their hands full already. A couple years back I remember IM&T
(or whatever they were called back then) called me and asked to come up
with a new password for one of my databases -- seems they had spent the
weekend tracking a break-in.
And I believe that individual accounts are one of the easiest ways to
break in, since a lot of people aren't real good at picking obscure
passwords.
|
| 2456.25 | | JURAN::VALENZA | Strawberry notes forever. | Fri Apr 09 1993 15:40 | 19 |
| Not only do we give away our Internet addresses when we post something
to Usenet, but in fact those addresses are stored in a Usenet address
server that anyone on the Internet can query. The server is located at
[email protected], and by sending mail to that address
with a message in a particular syntax, you can request a list of email
addresses that match, for example, the string "enet.dec.com" You will
then get mail back with a list of addresses from digital employees who
have posted to Usenet. Easy as pie. Anyone who wants a point of
attack into Digital can get dozens of them. They don't need a copy of
one of our business cards to do it.
In fact, the email address into the ftp mail server that Digital
operates at DECWRL is published all over the place. I recently thumbed
through a book on the Internet at Border's bookshop in Framingham, MA,
and there it was. Another book on X windows programming also contains
that address. It is widely known, and probably widely used. Is that
also a possible point of attack?
-- Mike
|
| 2456.26 | | AXEL::FOLEY | Rebel without a Clue | Fri Apr 09 1993 17:39 | 15 |
| RE: .24
>> In all fairness, folks, Digital's data banks are probably its most
>> valuable asset.
I guess that's why when whole groups get TFSO'd that it's so
easy to get copies of the sources they were working on.
Obviously their data could be important in the future and good,
available backups are around and online in some central Corp.
asset database..
NOT!
mike
|
| 2456.27 | Offensive names have been given as a reason | FOOBAR::KABEL | Richard Kabel -- Ribald Hacker | Sat Apr 10 1993 19:18 | 3 |
| What about the theory that some of our node names may well offend
some customers? I know a few who might be offended by mine, as well
as by a number of others I have seen.
|
| 2456.28 | Just another symptom of Digital's problems | SMAUG::GARROD | From VMS -> NT; Unix a mere page from history | Sat Apr 10 1993 19:48 | 21 |
| RE .-1
Wouldn't your nodename only be deemed offensive by the weak minded if
it was spelt FUBAR and not FOOBAR?
By the way I don't buy this 'offensive node name' reason either.
Assuming for a moment I accept that some people could find some
nodenames offensive. Wouldn't the first reflection be the person on
whose business card the name resided? Now this person could chose find
an alternative, like move to a different node or use the MTS form
of addressing.
Again this is YET ANOTHER policy that is being applied globally instead of
letting individual employees use their common sense. And in the process
it makes Digital the laughing stock of the electronic community in
general and the Internet in particular. This policy goes right along
with the TELECOM policy on computer use being discussed in another
note. Heh could it be the same people responsible for both? Sound like
good candidates for the next TFSO list.
Dave
|
| 2456.29 | | HAAG::HAAG | Rode hard. Put up wet. | Sat Apr 10 1993 21:07 | 13 |
| using the node name on the business card has literaly nothing to do
with breaching security. even if some say so. gateways between easynet
and internet have everything to do with security. if the internet
gateway drops all packets but those for Email, DNS, NTP, then nobody is
just going to drop in on you. there may be other valid reasons for a
particular address on the card, but security seems rather shallow.
gene for years known to the internet as
[email protected]
[email protected]
both on the business card.
|
| 2456.30 | All may not be lost yet... | GOTIT::harley | Pay no attention to that man behind the curtain... | Sat Apr 10 1993 21:26 | 75 |
| This is an excerpt from a paper published by the Network Systems Laboratory
NSL Network Note NN-17
Internet Resource Guide
Issued: January, 1993
...
1.6 Internet "Appropriate Use"
This section reproduces a memo from Jim Bound, Manager of the TCP/IP
Program Office, describing the ways in which it is appropriate for
Digital to use the Internet.
The TCP/IP Program Office has researched potential uses of the
Internet by Digital Product Groups. Based on discussions and analysis
within NaC, NSL, CRL, and NSL Technical Director Brian Reid's
discussions with the Internet Administrator, this is the present best use
statement we can provide you with today as a guideline. There is work
within the Internet to expand their guidelines to the commercial
sector.
If you wish to use the Internet and need Technical Support please
locate a Technical Leader within your organization to resolve Internet
Technical use and administration issues. In most cases this person can
work out the details with their Easynet Site Coordinator.
Digital Product Groups may use the Internet as follows:
1. Publish our Internet mail addresses in commercial material.
You may publish your Internet mail address in commercial material; for
example, the product manager for a certain software package would be
able to list their Internet address in the release notes.
2. Publish our Internet mail addresses in commercial advertisement.
You may publish your Internet mail address in advertisements so the
marketplace could learn more about the technology provided by your
group.
3. Exchange mail with our customers to resolve product questions.
You may exchange mail with your customers to respond to questions,
provide technical support, maintenance advice, and in general
communicate with your customer where there is no exchange of money or
a fee as a result of the communications.
4. Provide a voluntary product mailing list for our customers.
You may set up a Digital newsgroup, as exists today in the Internet,
where customers may voluntarily subscribe to this news group, to
receive on-line product news letters discussing Digital technology,
which would be of benefit to the Research, Education, and users who
are working with emerging technology in those communities. This should
not contain advertisements or solicitation, but rather information
regarding products that benefit or support technological research or
evolution.
5. Customer option to receive Field Test documentation over the
Internet.
You may provide our Field Test customers with the option of receiving
the documentation for our software over the Internet. This would be for
Field Test documentation as there is no commercial transaction
associated with our Field Test software. Use of this vehicle should be
restricted to that technology which will benefit emerging research
infrastructure such as Operating Systems, Networking Protocols,
Distributed Computing Technology, and Applications Interfaces to that
emerging technology (i.e., X-Windows, ACA services, Network
Management, Routing Interfaces).
6. Provide product suftware patches as anonymous files or through
electronic mail to customers within the Internet using your product,
and are within the scope of #5 discussed above.
|
| 2456.31 | Jumbo Size Business Cards ... | GLDOA::HACK | Don Hack, NIS, 606-784-7843 | Tue Apr 13 1993 15:46 | 13 |
| re: .5
Just how BIG are your business cards if you are putting you full X.400
address on it? 8^)
Country=US
Organization=Digital
Organizational Unit=FHO
Name=Donald Hack
versus
[email protected]
|
| 2456.32 | remember the common carrier ad too | CARAFE::GOLDSTEIN | Global Village Idiot | Tue Apr 13 1993 17:32 | 12 |
| re:.31
Don, I don't think that address is complete. I doesn't name the
Administrative Domain (usually MCI).
Speaking as a hard-core network weenie of many years' experience (yes,
I was receiving ARPAnet mail in the '70s) who receives dozens of
external SMTP messages a day, I haven't got a clue as to what my X.400
official address is. And I know I'm registered, since I once tried to
send something. (I gave up. Our gateway software couldn't generate
addresses in the format needed by the Canadian X.400 network I was
trying to reach. The test subject had an SMTP address too, thanks to
ATTmail.)
|
| 2456.33 | How to Limit MTS?? | 10386::MURPHYRO | | Wed Apr 14 1993 20:52 | 6 |
| Is there a method of restricting incoming mail from an MTS router, mail
from a know address that is not wanted? how is this done. I have a
specific case in mind where I am getting Mail via a Compuserve
subcriber.
Keith
|
| 2456.34 | I'm Sorry, the Number You Have Dialed... | ALAMOS::ADAMS | Visualize Whirled Peas! | Wed Apr 14 1993 22:18 | 13 |
| Keith,
I don't know of any way to restrict _incoming_ mail, or any reason to.
Just treat the unwanted messages as junk mail, and send a polite (or
maybe not so polite) message back to the sender to indicate you don't
want the mail. I have to do this once in a while when one distribution
list gets copied to another, etc...
What would be nice would be a mail reader that the user could specify
what mail is to be treated as junk mail and thrown out. Please leave
MTS alone. It works just fine. :)
--- Gavin
|
| 2456.35 | Check out ABBOTT::OFFICE_FILTER for one solution to this need | RDVAX::KALIKOW | Supplely Chained | Wed Apr 14 1993 22:50 | 1 |
|
|
| 2456.36 | So Just Send your E-mail home;-0 | DPDMAI::WISNIEWSKI | ADEPT of the Virtual Space. | Mon Apr 19 1993 22:47 | 16 |
| I just had new cards made and added [email protected]
to the internet address.
Printer gave me a nice call and verified my internet address before
putting it on.
I thought that was very nice of them to check before butchering
the address;-)
So I have all my E-mail sent to my house -- It's easier than trying
to please the Security folks;-) (and I have a little more security;-)
Be seeing you,
John Wisniewski
|
| 2456.37 | Guidelines for Internet e-mail addresses | GVA02::ROESSLER | | Tue Apr 20 1993 12:30 | 181 |
|
I recently ordred some business cards and wanted to have the Internet
address mentioned. As EHQ purchasing first refused I sent them the
officical Guidelines for Internet E-mail addresses on business cards,
and they accepted.
As mentioned in earlier notes the format of the address is important.
Attached guidelines are extracted from the company_identity notes file
and the are official and hopefully enough to explain purchasing.
Regards,
Brigitte Roessler
European IT Operations & Mgmt
I N T E R O F F I C E M E M O R A N D U M
Date: 16-Apr-1993 10:43am CET
From: Brigitte ROESSLER @GEO
ROESSLER
Dept: Eur IT Ops & Mgmt
Tel No: DTN 821-4331
Doc No: 022840
TO: Roger POLITI @GEO ( POLITI )
CC: ELIANE WALTER @GEO ( ELIANE WALTER @GEO )
Subject: I: Internet address on business cards
Roger,
I have requested through an IPR to re-print the business cards
for Giancarlo Duella and we would like to have his internet
address printed.
I therefore attach the official policy stating that this is
possible.
Best Regards,
Brigitte Roessler
�
I N T E R O F F I C E M E M O R A N D U M
Date: 16-Apr-1993 10:37am CET
From: Bertrand Buclin, IT Ops & Mgmt
BUCLIN@AM_GVA02@EHQMTS@GEO
Dept:
Tel No: DTN: 821-4954
TO: Brigitte Roessler@GEO
Subject: A: Internet addresses on business cards.
Brigitte,
as agreed, here are the latest guidelines concerning Internet addresses on
business cards.
Cheers,
Bertrand
<<< ICS::ICS_SYS01:[NOTES$LIBRARY]COMPANY_IDENTITY.NOTE;1 >>>
-< Company Identity Bulletin Board >-
================================================================================
Note 15.2 Unrestricted Internet Addressing via MTS 2 of 2
ICS::MAZZONE 104 lines 11-MAR-1991 12:14
-< Additional allowed addresses >-
--------------------------------------------------------------------------------
The following note contains information on Internet adresses for TCP/IP
users. IMPORTANT!! Before you request any changes to your business cards,
please test the address from outside Digital.
I N T E R O F F I C E M E M O R A N D U M
I C S A L L - I N - 1 S Y S T E M
Date: 01-Mar-1991 04:40pm EST
From: Paul Devivo @TAY
DEVIVO.PAUL AT A1_CTHQ3
AT MAILMN
Dept: Network Applications
Tel No: DTN 227-3951
Subject: GUIDELINES FOR INTERNET E-MAIL ADDRESSES ON BUSINESS CARDS
I believe these instructions can supersede any previous guidance about
Internet addresses on business cards. The former "secure host" (e.g.
nsl, wrl, decwrl, decuac, etc.) will probably not be needed now because
those folks are now using the Form 2 address cited in the guideline.
GUIDELINES FOR INTERNET ELECTRONIC MAIL ADDRESSES ON BUSINESS CARDS
Revised 01 March 1991
Corporate policy prohibits the printing on business cards of electronic
mail addresses containing the user's host/node name.
There are currently two forms for an Internet electronic mail address
which do not include a host/node name and therefore may be printed on
Digital business cards.
Form 1 - the MTS format: [email protected].
An actual example is: [email protected].
This form works only if the MTS cluster sorter for the sitecode has
an entry for the employee which correctly routes their mail to them.
Form 2 - the tcp/ip format: [email protected]. An actual example is:
[email protected].
This form works only when the tcp/ip subnet manager places a mail alias
entry at the subnet which correctly routes mail to the employee.
Form 2 Address Characteristics:
1. Form 2 only applies to tcp/ip addresses. It does not apply to DECnet
addresses (used by VMSmail) nearly all of which include the subnet
.enet.dec.com. Addresses for the .enet.dec.com subnet always include the
node name and therefore are not permitted.
2. Form 2 addresses currently contain only one "word", a registered
subnet of the .dec.com domain, between the @-sign and the .dec.com. This
subnet name is usually two to four characters in length; it is most
commonly three characters in length representing the Digital sitecode.
Examples include:
[email protected] pa = Palo Alto
[email protected] lkg = sitecode for King Street, Littleton
[email protected] tay2 = sitecode for Taylor St, Littleton, Bldg 2
How to distinguish between permitted and non-permitted Internet addresses
for purposes of printing on Digital business cards:
PERMITTED - Form 1 MTS address
[email protected]
^^^
PERMITTED - Form 2 with one "word" between @-sign and .dec.com
[email protected]
[email protected]
[email protected]
NOT PERMITTED - more than one "word" between the @-sign and
.dec.com, and one "word" is a node or host name which may not
appear on the business card.
[email protected]
^^^^^^^
[email protected]
^^^^^^^^^^
IMPORTANT NOTE
Having a tcp/ip account does not automatically give a user a Form 2
Internet address. The subnet manager must properly configure the
directory/alias information for this to work for you. Do not order
business cards with an Internet address until you have tested the
address and are sure it works for you!
When completing the business card order coupon, enter the Internet
electronic mail address on the Address Line 4 preceded by the word
"Internet:" as follows:
Internet: [email protected]
|
| 2456.38 | In SpitBrook | NASZKO::DISMUKE | WANTED: New Personal Name | Thu Apr 22 1993 16:29 | 4 |
| New business cards received today have the new logo and color.
-sandy
|
| 2456.39 | | ECADSR::SHERMAN | Steve ECADSR::Sherman DTN 223-3326 MLO5-2/26a | Mon Apr 26 1993 19:29 | 10 |
| Is there an EASY way for non-product types who may need to have
customers contact them to get a mailbox? In my case, I'd expect to
be able to list something like
Internet: [email protected]
But, I'm not sure how I'm supposed to get a mailbox set up so that this
address can be recognized. Who am I supposed to call? Thanks!
Steve
|
| 2456.40 | And there isn't even consistency | SMAUG::GARROD | From VMS -> NT; Unix a mere page from history | Mon Apr 26 1993 21:18 | 21 |
| Did anybody notice that the official press release that went out
announcing the availability of Alpha/NT development systems had
an Internet address published of:
[email protected]
Quick somebody tell the security/identity idiots/police that this was
against company policy and they should so something about it, ie fire
all those responsible in the Alpha Program office.
If it's good enough for a press release I say it is good enough for a
business card. I've also seen Internet addresses with nodenames in
documentation.
I'm sure this policy was invented by the same boneheads who say we need
to cut back on use of the EASYNET by not not shipping software across
it.
Some people in this company just make me sick,
Dave
|
| 2456.41 | | QUARK::LIONEL | Free advice is worth every cent | Tue Apr 27 1993 09:55 | 17 |
| Re: .39
Try your facility's Telecom people. Here at ZKO, all employees
(as far as I know) automatically get an MTS mailbox set up with
forwarding to our "VAX mail" [sic] addresses. But you're free
to give customers your .enet.dec.com address individually, the
rules seem to only be applicable to "published" addresses, though
as many have pointed out, this is observed more in the breach than
not. (My business cards, which I got just before we announced the
logo change (but why should I complain; my previous set was so old
that they had gray logos) have my Internet address in .enet.dec.com
form. Curious thing is that I originally requested them that way,
but dutifully supplied my MTS address when told I had to use it
instead, and they still came back with the .enet address! Not that
I'm complaining, mind you!)
Steve
|
| 2456.42 | | PASTA::SEILER | Larry Seiler | Thu Apr 29 1993 09:57 | 8 |
| Steve,
Try mailing to yourself using that address -- except use "MLO" instead of
"MLO5" as your site code. It worked for me without my having to do
anything, probably it'll work for you, too.
Luck,
Larry
|
| 2456.43 | | ECADSR::SHERMAN | Steve ECADSR::Sherman DTN 223-3326 MLO5-2/26a | Thu Apr 29 1993 11:05 | 5 |
| That's the first thing I tried. Got the same results as "MLO5." I
spoke with our on-site person that usually handles these things. She
doesn't know who I'm suppose to talk to. We're stuck.
Steve
|
| 2456.44 | | MU::PORTER | have a nice datum | Thu Apr 29 1993 12:03 | 3 |
| I tried sending MTS mail to you (Steve Sherman) as well.
You definitely don't exist!
|
| 2456.45 | | ECADSR::SHERMAN | Steve ECADSR::Sherman DTN 223-3326 MLO5-2/26a | Thu Apr 29 1993 12:07 | 4 |
| <sigh> I was afraid of that. Cogito ergo sum ... ha! No wonder I can't
remember anything before 17-NOV-1858 ...
Steve
|
| 2456.46 | | ECADSR::SHERMAN | Steve ECADSR::Sherman DTN 223-3326 MLO5-2/26a | Thu Apr 29 1993 12:41 | 20 |
| Update ... my rep found that the "good" Internet addresses (which don't
list nodes and comply with corporate policy) are for ALL-IN-1 accounts.
We, however, all have VMSmail accounts. Thus, our addresses cannot be
given out to potential customers in, for example, published flyers that
we plan to distribute. Ironically, our addresses ARE available to
those who find any postings we may have generated on Internet. We
don't yet know what to do, but my rep is still working the issue.
It has already been suggested that Digital policy be changed.
Then, I told 'em about my experience on trying to get a policy change
regarding Digital bonus disclosure ... I was told by a Personnel rep it
could take 6 months to a year before a getting a decision on a change to
Digital policy, FWIW. We hope to get legitimate addresses on flyers
now ... Digital -- the network specialists ... <sigh>
Maybe one workaround would be to publish something that says something
like, "see our Internet posting number XXX posted in XXX.XXX.XXX for
information on how to contact us by Internet ..."
Steve
|
| 2456.47 | let your fingers do the walking... | USDEV::HCROWTHER | Gotta move these refrigarators! | Thu Apr 29 1993 12:41 | 9 |
| How to arrange an MTS address for yourself is explained (sort of)
in the Digital Telephone Directory, pp. 369-372, mostly in the
section 'How to Handle MTS Message Rejections'. I know the process
*can* work, because I followed it a year or 2 back to get away from
ALL-IN-1. Started with mail to "HELP @???", where ??? is your
facility code, eg. "HELP @ MRO" in my case. For VMS mail this'd
probably be MTS$::"???::HELP", eg. MTS$::"MRO::HELP". Whether this
works for you depends largely on the skills of your local MTS
support people.
|
| 2456.48 | | ECADSR::SHERMAN | Steve ECADSR::Sherman DTN 223-3326 MLO5-2/26a | Thu Apr 29 1993 12:43 | 4 |
| My rep has been going over the stuff in the phone book, but I'm passing
this along to her anyway. Thanks!
Steve
|
| 2456.49 | MTS has been able to forward to VMSMAIL for years | MAZE::FUSCI | DEC has it (on backorder) NOW! | Thu Apr 29 1993 13:19 | 14 |
| re: .46
> Update ... my rep found that the "good" Internet addresses (which don't
> list nodes and comply with corporate policy) are for ALL-IN-1 accounts.
> We, however, all have VMSmail accounts. Thus, our addresses cannot be
Your rep is underinformed. MRMAN (and MRGATE) can deal with VMSMAIL
addresses, as well as ALL-IN-1 addresses (and has been so able for many
years). If your rep does not know how to input an entry that forwards your
MTS mail to VMSMAIL, have your rep ask another site how to do it.
I do not have an ALL-IN-1 account. I receive MTS mail all the time.
Ray
|
| 2456.50 | | ICS::CROUCH | Subterranean Dharma Bum | Thu Apr 29 1993 13:50 | 10 |
| Steve, contact Karl Glenn in PK1. He handles the MTS routers for
a good portion of the GMA area. He'll either set you up or point
you in the proper direction. You only need an entry added somewhere.
I've never had an all in 1 account nor would know what it looks like
but I have an MTS entry that forwards to my VMSMAIL account. Never had
a problem.
Jim C.
|
| 2456.51 | | ECADSR::SHERMAN | Steve ECADSR::Sherman DTN 223-3326 MLO5-2/26a | Thu Apr 29 1993 14:18 | 9 |
| Jonathan Hampton found the problem! (Thanks, Hamp!) The address that
works is:
[email protected]
Why? Turns out that, what, about a year ago my group moved from MSO1
to MLO5. The addresses have apparently not been updated, yet.
Steve
|
| 2456.52 | Just a bit of advanced planning | SMAUG::GARROD | From VMS -> NT; Unix a mere page from history | Thu Apr 29 1993 19:22 | 7 |
| Re .-1
Or maybe it is someone being over zealous about doing their job for the
future. Aren't all you millrats (the ones that don't get TFSOed of
course) moving to MSO when the Mill gets nuked?
Dave
|
| 2456.53 | | ECADSR::SHERMAN | Steve ECADSR::Sherman DTN 223-3326 MLO5-2/26a | Fri Apr 30 1993 10:52 | 5 |
| I thought about that. Right now, we don't know where we're going. All
I know is that it's going to be more expensive, since the Mill space
was available for cheap compared to a lot of other sites.
Steve
|
| 2456.54 | Internet address published in advertising material | JACOBI::JACOBI | Paul A. Jacobi - OpenVMS AXP Development | Thu May 06 1993 17:31 | 17 |
|
O.K., if it is "vorbotten" to publish my internet address in the form of
"[email protected]" on my business card....
Why does the full page ad in the May 1993 issue "Software Magazine", page 13,
about Digital Alpha AXP Software Developers' Program for Windows NT include:
"To enroll, contact Digital via the Internet at
[email protected]"
Hmmmmmmm?
Hey, at least, the ad has the new logo!
-Paul
|
| 2456.55 | The address isn't a secret. The pages are bigger | CARAFE::GOLDSTEIN | Global Village Idiot | Thu May 06 1993 18:44 | 12 |
| re: <<< Note 2456.54 by JACOBI::JACOBI "Paul A. Jacobi - OpenVMS AXP Development" >>>
-< Internet address published in advertising material >-
>O.K., if it is "vorbotten" to publish my internet address in the form of
>"[email protected]" on my business card....
>
>Why does the full page ad in the May 1993 issue "Software Magazine", page 13,
>about Digital Alpha AXP Software Developers' Program for Windows NT include:
> "To enroll, contact Digital via the Internet at
> [email protected]"
That's real simple. Software Magazine isn't a business card. Period.
|
| 2456.56 | Throwing Logic to drones | ESGWST::HALEY | become a wasp and hornet | Thu May 06 1993 21:07 | 15 |
| re .54
Relax, you are trying to throw logic at a security issue. Lawyers,
accountants (which most Digital Finance people really are), MIS, and
Security will not respond to logic.
Why do we spend thousands to approve $50 purchases?
Why do we have legal approval of PIDS that change the meanings to be
incorrect?
Why can't DEC get accurate numbers about how many of what we are selling?
Why can't we publish a way for customers to reach us on a tool created to
make reaching us easy?
Matt
|
| 2456.57 | Pointer to policy originators | LEVERS::PLOUFF | Stars reel in a rollicking crew | Fri May 07 1993 14:23 | 7 |
| The people who set this policy are the Corporate Identity Committee,
whose work is directed mostly at bringing a uniform look to the
company's printed materials. Anyone who wants to take action on this
issue might start by reading notesfile LOOKUP::COMPANY_IDENTITY, then
contacting persons mentioned there.
Wes
|
| 2456.58 | another example | AIDEV::DOUCETTE | More Chuck for the buck! | Fri May 07 1993 17:04 | 9 |
| My roomate just got a new set of business cards yesterday with her
e-mail address on them. I told her that I thought your e-mail address
couldn't be printed on your business card. She said that the policy
had been repealed as of about a year ago.
Has the policy been repealed or is it just being sporadically enforced?
Thanks,
Chuck
|
| 2456.59 | Not an issue for a long time | 2303::WALSH | Follicularly challenged | Wed May 12 1993 21:13 | 6 |
| It has been repealed. For well over a year, my official Digital
business card has included "[email protected]".
Go Green!
=Chris
|
| 2456.60 | Don't blame this on security! | ATPS::BLOTCKY | | Wed May 19 1993 02:31 | 27 |
| For years the computer security folks in the company have been saying
that a having a node name on business is NOT a security problem. For
heaven sakes, if anyone gets in to any Digital system where VTX ELF
works they can get hundreds of username/node name pairs. For that
matter, they can walk most Digital lobbies and run ELF. Or go through
trash bins, since print job header pages are not company classified
material (and don't go into recycle bins if colored.) And other ways
as well.
The group that prohibited node names on business cards was the Company
Identity folks. They control what business cards look like. According
to .37 they still do, according to .59 they no longer do. I have no
idea. I'd like to find out before getting new cards printed. But it
is not the security folks who want then prohibited.
RE: .21
You are correct that folks have gotten into systems by getting people's
node name and site, but you don't need a business card to get that if
you are willing to do a little "social engineering". And such slim
information is far more dangerous as ammo for social engineering
attacks than it is for any direct breakins. In other words, the
hackers which can do the most damage with a node name don't need to see
it on a business card.
Steve
NSM/EMA Security Architect
|
| 2456.61 | Internet address on our business cards yet??? | POBOX::TSUCHIYAMA | Gary Tsuchiyama @CPO DTN 447-2812 | Thu Jan 13 1994 11:55 | 20 |
| I know this has been discussed before, but seeing all the interest in the
Information Highway lately...
Has there been a revision to the restriction against listing our Internet
address on our business cards? It would seem to be a good marketing move.
Other vendors are doing it already and have been doing it for a long time.
In spite of the fact that we've always been the leader in networks, the market
perception is that we're followers. I've even seen a ad by SUN claiming "The
Network is the System"!
I've always been curious as to how we compromise our network security by
listing the address? Can anyone please explain it to me? Our Internet
addresses are pretty easy to reverse engineer for all those ex-Deccies and
hackers to figure out ie "[email protected]".
If we can't list our Internet address, can we list our MCImail id or our X400
address?
Thanks,
Gary
|
| 2456.62 | | BMW318::HARRIS | | Thu Jan 13 1994 12:33 | 12 |
| I thought that "[email protected]" had been allowed for
quite a while. I've had it on my card for the past three years. I thought
the original concern was around publishing actual user/node names which
could be used as a starting point for a hacker. I have also seen people
putting [email protected] on their cards lately.
Is there an official rule?
-Bruce
|
| 2456.63 | | AIMHI::BOWLES | | Thu Jan 13 1994 13:08 | 4 |
| .1 is exactly correct. List your Internet address in that fashion and
I'm told that you won't (shouldn't) have any problems.
[email protected]
|
| 2456.64 | Also seen | TELGAR::WAKEMANLA | Where's the last End If? | Thu Jan 13 1994 14:41 | 8 |
| I have also been told that [email protected] is
legal and I have seen it on several peoples cards. What is
not allowed (and in my mind, useless anyway) is
nodename::username.
go figure
[email protected] (what I tell my customers)
|
| 2456.65 | MX records help | CARAFE::GOLDSTEIN | Global Village Idiot | Thu Jan 13 1994 15:06 | 7 |
| Actually, I had understood that [email protected] would NOT be
good unless the nodename were on a Blessed list. However, it is
possible to use MX records in the site name server for an alias:
[email protected]
This leaves off the nodename, but the name server for sitedomain
(typically a 3-letter site code, though I'm at TAY2 for some obscure
reason) recognizes the real node to direct that username to.
|
| 2456.66 | No node names | DYPSS1::COGHILL | Steve Coghill, Luke 14:28 | Thu Jan 13 1994 15:09 | 14 |
| Re: Note 2456.64 by TELGAR::WAKEMANLA "Where's the last End If?"
�I have also been told that [email protected] is
�legal and I have seen it on several peoples cards. What is
�not allowed (and in my mind, useless anyway) is
�nodename::username.
�go figure
�[email protected] (what I tell my customers)
The order form for business explicitly states that no internal node
names are permitted on the business cards.
|
| 2456.67 | Job security for security's sake? | SYORPD::DEEP | Bob Deep - SYO, DTN 256-5708 | Thu Jan 13 1994 15:46 | 7 |
| Typical case of people regulating something that they know nothing about.
Send a mail message to your customer from VMSmail and guess what your
return address looks like? God help us if our networks are that vulnerable
that a nodename::username would make a difference.
Bob
|
| 2456.68 | I've never had a problem | TOOK::STRUTT | Management - _a_ one word oxymoron | Thu Jan 13 1994 17:27 | 16 |
| I've had my Internet mail address on my business cards since 1987 and
no-one has complained yet.
I'm always confused by the "no internal node names on business cards",
with the presumed logic behind it that (good god!!!) someone might be
able to communicate with me (and we wouldn't want that, would we). The
notion of "giving away" internal info, like the node I use, is just
plain stupid. After all, the same logic would indicate that phone
numbers and internal mail stops are inappropriate.
So I've always been ready with that argument against "the person" who
might refuse to issue my business card with my Internet address on it,
but (sigh!) no-one's ever complained.....
colin
[email protected]
|
| 2456.69 | Maybe our node names aren't politically correct. ;^) | 15377::PILGRM::BAHN | Celebrating IDIC | Thu Jan 13 1994 19:34 | 9 |
|
Maybe someone, somewhere in the company's bureaucracy was/is concerned
that some of our internal node names might offend a sensitive client.
For example, my cluster's alias is DEMON.
I used to have a user whose last name is Angel. He surprised a lot of
correspondents (in-house, of course) with his node name/user name address.
Terry
|
| 2456.70 | Glad my node isn't SUKEGS | FUNYET::ANDERSON | OpenVMS, world's best operating system! | Thu Jan 13 1994 20:41 | 5 |
| I would hope that if someone had a node name that might be offensive to some
customers, one would defer to the .mts.dec.com mail address. On the other hand,
a humorous name might be helpful if a customer notices.
Paul
|
| 2456.71 | | PASTIS::MONAHAN | humanity is a trojan horse | Fri Jan 14 1994 05:53 | 5 |
| It was generally agreed in the security conferences that there was
no security reason for not putting node names on business cards. When
security people challenged the ruling they were told something about
"corporate image". Maybe they don't want the outside to know that we
use DECnet rather than TCP/IP?
|
| 2456.72 | 8-) | SYORPD::DEEP | Bob Deep - SYO, DTN 256-5708 | Fri Jan 14 1994 08:30 | 6 |
|
Maybe I should change my nodename... then I could be:
SIXFT::DEEP
8-)
|
| 2456.73 | Too obvious? ;-) | USHS01::HARDMAN | Massive Action = Massive Results | Fri Jan 14 1994 08:42 | 5 |
| I've always wanted to get an account on node HARRY, then it would be
real easy for folks to remember where to email me! :-)
Harry
|
| 2456.74 | use an alias | SMURF::WALTERS | | Fri Jan 14 1994 09:52 | 20 |
|
Why not ask your local network admin people to set up a mail alias
for your group and put that on *all* business cards for the group.
This has some admin overhead, as the mail needs to be sorted, but
it's better for security.
This is used for the Internet addresses that we publish openly in
Digital documentation, as a way of allowing customer feedback.
It also means that there's one less item on a card to get out
of date, as the alias can be transferred from machine to machine
easily, or redirected toa new home. Saves $$$!
By the way - humour is culture-specific and some node names skate
close to breaching copyright (smurf for example...). So an alias
should be chosen to avoid siuch problems.
Colin
[email protected]
|
| 2456.75 | No, No -- read note 2456.71 above | LGP30::FLEISCHER | without vision the people perish (DTN 223-8576, MSO2-2/A2, IM&T) | Sat Jan 15 1994 07:17 | 13 |
| re Note 2456.74 by SMURF::WALTERS:
> This has some admin overhead, as the mail needs to be sorted, but
> it's better for security.
No, No -- read note 2456.71 above: this restriction has
NOTHING to do with security.
It's probably just the result either of a job description so
narrowly defined that the only decision a person could make
that would affect anything was this one, or pettiness.
Bob
|
| 2456.76 | | SMURF::WALTERS | | Mon Jan 17 1994 08:55 | 7 |
| re : .74
In the suggestion I gave, there are security requirements for setting
up a mail alias in the current version of EL-CP211. This may not hold for
publishing personal internet addresses on cards.
|
| 2456.77 | Just send Internet mail to the house... | DPDMAI::WISNIEWSKI | ADEPT of the Virtual Space. | Tue Jan 18 1994 14:58 | 9 |
| What's all the problems with Internet addresses on business cards?
Just put your home internet address on it and be done with it.. I do...
[email protected]
They cant' complain about that...;-)
|
| 2456.78 | "Digital" not "DEC"? | KOLFAX::WIEGLEB | CB Radio, but with more typing | Fri Jan 21 1994 15:50 | 10 |
| RE: .loc.mts.dec.com format
So what's the probability of the "corporate image" folks changing the
format to ".loc.mts.digital.com" right after I get new business cards
printed with my Internet address?
I would have thought this would have fallen victim to the "digital not
DEC" efforts.
- Dave
|