[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Three Dialnet Questions
Date: Tue, 7 May 1991 13:32 EDT
From: Paul Cross <paul@PERSEPHONE.aegean-sea.dialnet.symbolics.com>
Date: Tue, 7 May 1991 10:46-0400
From: Reti@RIVERSIDE.SCRC.Symbolics.COM
Date: Mon, 6 May 1991 14:45 EDT
From: paul@aegean-sea.dialnet.symbolics.com (Paul Cross)
2) Has anyone updated a file called macterm.lisp, which, combined with a
file called password.lisp, allows you to login to Symbolics machines
over the phone? I think these files were originally authored by Mark
Tait. macterm.lisp defines
uss:(defmethod (input-top-level nbs-console-async-interface) ()
but the package uss does not exist in 8.0.
Yes, the implementation of serial changed completely. I'm not familiar
with the files you refer to (and would appreciate a pointer to them if
they are available at SCRC). However, you can login via async serial to
Symbolics machines (and use the same facilities available if you
telnet to them) without any extra files. This doesn't give you complete
access, i.e. you can't run Zmacs, but it is better than nothing.
I could e-mail the files to you if you want to take a look. One is 2k,
the other is 14k in size. I'll check to see if it isn't online at SGD.
If they are online anywhere on SCRC's networks, I can copy them to Cleveland.
If not, I'd appreciate getting them in the mail.
Here's what I want to do: I want to be able to login remotely over the
phone to my machine and do things like :Scan Mail and :Show File. If
there was a simple means of file transfer, I'd like that too, but :show
file with captured output is good enough for me.
This all works in 8.0 already (minus password protection), see below.
I'm looking for a
reasonable level of security. If someone tries to login, they ought to
be prompted for a password before they are allowed any access. They
shouldn't be able to get around supplying a password by any simple or
obvious means. The files above gave me this capability in 7.2. Can I
do all this without extra files?
The password protection is a problem; what with c-m-<suspend> and the debugger,
any password scheme will be easily surmountable by the knowledgable user. The
approach that has been taken by several customers is to not enable remote serial
terminals until the time they are needed; of course this assumes that the lispm
is attended. (Without seeing the files in question, I can't say for sure, but
I suspect that they are susceptible to the same attack. Several password protection
schemes have floated through Symbolics, none [that I have seen, including firewall]
have taken more the a few minutes to subvert.)
It would be fairly easy to initiate write a callback procedure, where you type to
an application which ONLY validates your password, and then causes the real
lisp listener-style connection to be made by calling you back at a number stored
in its database somewhere. I don't know if anyone has already done this, I'd
estimate it would take about a day's worth of work.
how my return address drops the host field. My return address ought to
read paul@persephone.aegean-sea.dialnet.symbolics.com but is
paul@aegean-sea.dialnet.symbolics.com instead.
My customer who uses a Hayes modem doesn't appear to have this problem (but he
is also not using multiple levels of domain name under dialnet). Are
I am only using internet for dialnet. The problem was that I was
specifying an incorrect internet domain name attribute for the host, as
you and RSL correctly guessed. I have two other clients who had the
exact same problem, and all of us swear that we followed the
documentation exactly. I'll try to find the part of the documentation
that steered us wrong and suggest that Symbolics change it.
Great. The documentation was probably right when it was written, but there has been
a great deal of flux in this area and the documentation may very well not have kept up.