9 Dec
2005
9 Dec
'05
12:20 a.m.
How would you protect these older systems against
abuse from
the random crackers? VMS is probably tolerably safe in
current versions, if properly managed, but I'm betting there
are problems with other OSes. You could do vpns, I suppose.
Depends on what you mean. Ordinary ("ordinary" :-) people who don't
have
a VAX running Multinet and join the "network" wouldn't be able to get in to
any of the DECnet machines.
However, it is true that the Multinet DECnet virtual circuit over IP has
virtually no security. It would be easy, if you knew a little bit about
DECnet and were so motivated, to sniff or spoof the traffic. Probably there
just aren't many hackers out there who know enough about DECnet to worry
about, and they have better targets for their efforts.
Yes, you could solve the problem with VPNs. Multinet v5.1 seems to have
the ability to do IPSEC, but I have no experience with that feature. If
it's anything like IPSEC on a PC, it's a lot of overhead for a poor VAX.
Bob