9 Dec
2005
9 Dec
'05
12:37 p.m.
Subject: Re: A Hobbyist DECnet Network
From: Sridhar Ayengar <ploopster at gmail.com>
Date: Fri, 09 Dec 2005 01:07:33 -0500
To: General Discussion: On-Topic and Off-Topic Posts <cctalk at
classiccmp.org>
Robert Armstrong wrote:
Ciscos will do DECnet Phase IV secure tunnels over IP too. So will IBM
Mainframes.
Peace... Sridhar
At one time DECnet was the routing protocal for other tunneled protocals.
Allison
How would
you protect these older systems against abuse from
the random crackers? VMS is probably tolerably safe in
current versions, if properly managed, but I'm betting there
are problems with other OSes. You could do vpns, I suppose.
Depends on what you mean. Ordinary ("ordinary" :-) people who don't
have
a VAX running Multinet and join the "network" wouldn't be able to get in
to
any of the DECnet machines.
However, it is true that the Multinet DECnet virtual circuit over IP has
virtually no security. It would be easy, if you knew a little bit about
DECnet and were so motivated, to sniff or spoof the traffic. Probably there
just aren't many hackers out there who know enough about DECnet to worry
about, and they have better targets for their efforts.
Yes, you could solve the problem with VPNs. Multinet v5.1 seems to have
the ability to do IPSEC, but I have no experience with that feature. If
it's anything like IPSEC on a PC, it's a lot of overhead for a poor VAX.