[Info-vax] Command Procedure Pipe output to a variable
Dave Froble
davef at tsoft-inc.com
Mon Sep 6 10:55:38 EDT 2021
On 9/6/2021 8:24 AM, Simon Clubley wrote:
> On 2021-09-03, Dave Froble <davef at tsoft-inc.com> wrote:
>> On 9/3/2021 2:30 PM, Simon Clubley wrote:
>>>
>>> In the 1980s, DECnet's good points outweighed its bad points.
>>>
>>> In the changed world of 2021, that is no longer true.
>>>
>>
>> Might I suggest that DECnet is as good as it's ever been. What you're
>> calling "bad points" is more like an omission than a bad point.
>>
>
> The world changed David, but DECnet did not.
Yeah, that's right, so? Sort of what I wrote ...
> Just one example: the implementation of proxies in DECnet opens up
> a _massive_ security hole in today's world as DECnet was designed
> in a world where you assumed 100% trust in the network and in all
> the devices attached to it.
>
> This is because there are no shared secrets or certificates between
> the nodes which have proxies between them so it is trivial for someone
> with any access to the network to impersonate a DECnet node, if they
> manage to disable the real node (to avoid conflicting MAC addresses
> and to avoid responses from the real node) or if the real node is not
> online all the time.
>
> The idea that a machine can impersonate a server simply by using the
> same network address without needing any other information such as
> certificates or shared secrets is unacceptable today.
>
> Outside of that, DECnet itself is about as secure as Telnet or plain
> FTP and we all know how those two protocols are regarded on internal
> networks these days...
As I wrote, an omission.
Do you have all that stuff as boilerplate somewhere, so you can cut n
paste every day or two?
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef at tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
More information about the Info-vax
mailing list