[Info-vax] Security, support and VMS, was: Re: A new VMS?

[chris]

On 05/03/21 19:38, Arne Vajhøj wrote:
> On 5/3/2021 2:24 PM, Phillip Helbig (undress to reply) wrote:
>> In article <s6pbt4$5hl$1 at dont-email.me>, Simon Clubley
>> <clubley at remove_me.eisner.decus.org-Earth.UFP> writes:
>>>>> If he is right about this, just think about what will happen when
>>>>> one of the security researchers decide to probe x86-64 VMS. Much of
>>>>> what they find, and they _will_ find vulnerabilities, will apply to
>>>>> earlier architectures as well.
>>>>
>>>> Your obsession!!
>>>
>>> We keep getting told that the remaining VMS are super important to their
>>> owners and are vital to the running of their organisations.
>>
>> Yes, but how many of them are running VMS on private networks? Probably
>> most.
>
> Practical all systems of any importance are on "private" network
> today.
>
> But that does not mean that they can not be attacked.
>
> Unless they are not on a network at all or on a totally
> isolated network then attacks can target a computer
> that can be used to target a computer that ... and
> so on.
>
> Very few networks are totally isolated today. Almost everything
> is somewhat connected.
>
> So the attacker targets your wifes iPad, use that to get
> to your work laptop, use that to get to the company windows
> server and use that to reach the VMS system.
>
> And don't say that can't happen. Remember StuxNet.
>
> Arne
>


That's very true, no system is absolutely secure, given enough time
and resources, but that must be balanced against the benefit for the
attacker. Most systems are just not worth the effort, given the
resources required. Good firewalling, admin and process should stop
all but the most determined attempts.

Here, once systems and apps are installed, with initial patches if
available, they are usually locked down for life. Stability and
consistence being more important than obsessive patching, which
itself can break more then it fixes...

Chris
break something