[Info-vax] DECnet V proxy problem...
Marc Van Dyck
marc.vandyck at brutele.be
Wed Mar 11 17:31:30 EDT 2009
John Santos pretended :
> In article <503646d0-b755-449a-93c5-32ce701fda84
> @w35g2000yqm.googlegroups.com>, info-vax at weaverconsulting.ca says...>
>> On Mar 11, 3:45 pm, VAXman- @SendSpamHere.ORG wrote:
>>> I don't know why but the following no longer functions:
>>>
>>> HERE$ DIR HERE::
>>> ... or ...
>>> HERE$ DIR 0::
>>>
>>> I can do:
>>>
>>> HERE$ DIR THERE::
>>> ... and ...
>>> THERE$ DIR HERE::
>>> successfully.
>>>
>>> I have incoming and outgoing proxy on the FAL application.
>>> I find (and delete) INTRUSION record whenever I try $DIR 0::
>>> I have restarted the security server... all to no avail.
>>> Anyone have any ideas?
>>>
>>> --
>>> VAXman- A Bored Certified VMS Kernel Mode Hacker
>>> VAXman(at)TMESIS(dot)ORG
>>>
>>> http://www.quirkfactory.com/popart/asskey/eqn2.png
>>>
>>> "Well my son, life is like a beanstalk, isn't it?"
>>
>> In my distant memory I recall seeing this, but I have not touched a
>> Phase V system in a number of years and when I did I did not spend
>> much time with Phase V. It seems to me that there was a NCL command
>> that started with FLUSH and had something to do with a NAMING CACHE
>> that cleared this up. When we had the problem I phoned Compaq (I
>> mentioned it was a long time ago) and the support person told me "In
>> DECNet Phase V you can do no harm, and you will probably do something
>> good, if you occasionally issue the command NCL FLUSH ... NAMING
>> CACHE..." so I put that on a sign and hung it in the VMS area and once
>> every few weeks we would issue the command on the Phase V nodes that
>> we had.
>>
>> Peter
>
> IIRC, $ mcr ncl flush session control naming cache entry = "*"
>
> VAXman, maybe you've trigger breakin evasion? Have you tried deleting
> the intrusion records with "$ delete/intusion"? (If you've got
> something automated that keeps renewing the breakin evasion, or
> if you are just impatient and keep re-trying, it might never time
> out...)
>
> If this is the case, there may be an interesting bug, since I
> don't think you should be able to trigger evasion using a decnet
> proxy... It should always work, and thus not ever bump the "failed
> login" count.
Rather
$ mcr ncl flush session control naming cache entry "*"
that is, without the "=" sign.
--
Marc Van Dyck
More information about the Info-vax
mailing list