[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Three Dialnet Questions

    Date: Tue, 7 May 1991 13:32 EDT
    From: Paul Cross <paul@PERSEPHONE.aegean-sea.dialnet.symbolics.com>

	Date: Tue, 7 May 1991 10:46-0400
	From: Reti@RIVERSIDE.SCRC.Symbolics.COM

	    Date: Mon, 6 May 1991 14:45 EDT
	    From: paul@aegean-sea.dialnet.symbolics.com (Paul Cross)

	    2) Has anyone updated a file called macterm.lisp, which, combined with a
	    file called password.lisp, allows you to login to Symbolics machines
	    over the phone?  I think these files were originally authored by Mark
	    Tait.  macterm.lisp defines

	    uss:(defmethod (input-top-level nbs-console-async-interface) ()

	    but the package uss does not exist in 8.0.
	Yes, the implementation of serial changed completely.  I'm not familiar
	with the files you refer to (and would appreciate a pointer to them if
	they are available at SCRC). However, you can login via async serial to
	Symbolics machines (and use the same facilities available if you
	telnet to them) without any extra files.  This doesn't give you complete
	access, i.e. you can't run Zmacs, but it is better than nothing.

    I could e-mail the files to you if you want to take a look.  One is 2k,
    the other is 14k in size.  I'll check to see if it isn't online at SGD.
If they are online anywhere on SCRC's networks, I can copy them to Cleveland.
If not, I'd appreciate getting them in the mail.

    Here's what I want to do:  I want to be able to login remotely over the
    phone to my machine and do things like :Scan Mail and :Show File.  If
    there was a simple means of file transfer, I'd like that too, but :show
    file with captured output is good enough for me.  
This all works in 8.0 already (minus password protection), see below.
						      I'm looking for a
    reasonable level of security.  If someone tries to login, they ought to
    be prompted for a password before they are allowed any access.  They
    shouldn't be able to get around supplying a password by any simple or
    obvious means.  The files above gave me this capability in 7.2. Can I
    do all this without extra files?
The password protection is a problem; what with c-m-<suspend> and the debugger,
any password scheme will be easily surmountable by the knowledgable user.  The
approach that has been taken by several customers is to not enable remote serial
terminals until the time they are needed; of course this assumes that the lispm
is attended.  (Without seeing the files in question, I can't say for sure, but
I suspect that they are susceptible to the same attack.  Several password protection
schemes have floated through Symbolics, none [that I have seen, including firewall]
have taken more the a few minutes to subvert.)

It would be fairly easy to initiate write a callback procedure, where you type to
an application which ONLY validates your password, and then causes the real
lisp listener-style connection to be made by calling you back at a number stored
in its database somewhere.  I don't know if anyone has already done this, I'd
estimate it would take about a day's worth of work.

	    how my return address drops the host field.  My return address ought to
	    read paul@persephone.aegean-sea.dialnet.symbolics.com but is
	    paul@aegean-sea.dialnet.symbolics.com instead.
	My customer who uses a Hayes modem doesn't appear to have this problem (but he
	is also not using multiple levels of domain name under dialnet).  Are

    I am only using internet for dialnet.  The problem was that I was
    specifying an incorrect internet domain name attribute for the host, as
    you and RSL correctly guessed.  I have two other clients who had the
    exact same problem, and all of us swear that we followed the
    documentation exactly.  I'll try to find the part of the documentation
    that steered us wrong and suggest that Symbolics change it.
Great.  The documentation was probably right when it was written, but there has been
a great deal of flux in this area and the documentation may very well not have kept up.