[Info-vax] DECnet V proxy problem...
John Santos
john at egh.com
Wed Mar 11 16:38:36 EDT 2009
In article <503646d0-b755-449a-93c5-32ce701fda84
@w35g2000yqm.googlegroups.com>, info-vax at weaverconsulting.ca says...>
> On Mar 11, 3:45 pm, VAXman- @SendSpamHere.ORG wrote:
> > I don't know why but the following no longer functions:
> >
> > HERE$ DIR HERE::
> > ... or ...
> > HERE$ DIR 0::
> >
> > I can do:
> >
> > HERE$ DIR THERE::
> > ... and ...
> > THERE$ DIR HERE::
> > successfully.
> >
> > I have incoming and outgoing proxy on the FAL application.
> > I find (and delete) INTRUSION record whenever I try $DIR 0::
> > I have restarted the security server... all to no avail.
> > Anyone have any ideas?
> >
> > --
> > VAXman- A Bored Certified VMS Kernel Mode Hacker VAXman(at)TMESIS(dot)ORG
> >
> > http://www.quirkfactory.com/popart/asskey/eqn2.png
> >
> > "Well my son, life is like a beanstalk, isn't it?"
>
> In my distant memory I recall seeing this, but I have not touched a
> Phase V system in a number of years and when I did I did not spend
> much time with Phase V. It seems to me that there was a NCL command
> that started with FLUSH and had something to do with a NAMING CACHE
> that cleared this up. When we had the problem I phoned Compaq (I
> mentioned it was a long time ago) and the support person told me "In
> DECNet Phase V you can do no harm, and you will probably do something
> good, if you occasionally issue the command NCL FLUSH ... NAMING
> CACHE..." so I put that on a sign and hung it in the VMS area and once
> every few weeks we would issue the command on the Phase V nodes that
> we had.
>
> Peter
IIRC, $ mcr ncl flush session control naming cache entry = "*"
VAXman, maybe you've trigger breakin evasion? Have you tried deleting
the intrusion records with "$ delete/intusion"? (If you've got
something automated that keeps renewing the breakin evasion, or
if you are just impatient and keep re-trying, it might never time
out...)
If this is the case, there may be an interesting bug, since I
don't think you should be able to trigger evasion using a decnet
proxy... It should always work, and thus not ever bump the "failed
login" count.
--
John Santos
Evans Griffiths & Hart, Inc.
More information about the Info-vax
mailing list