| T.R | Title | User | Personal
Name | Date | Lines |
|---|
| 804.1 | I'm not the NRA, but... | TOPDOC::AHERN | Dennis the Menace | Mon May 08 1989 16:48 | 12 |
| Blasters don't harass people. People harass people.
Can you say "hoax"? Can you say "Rumour"? I knew you could.
This is a good example of some well intended people forwarding stuff
around the net without checking on it's source or authenticity.
This alleged "memo" has already been debunked as not being an official
policy of Digital Security, or any other entity authorized to tell all
of us how to behave. Would you work for a company that lets big
brother go through your drawers looking for naughty bits?
|
| 804.2 | Watch over your shoulder! | TILTS::CZARNECKI | Real networks don't pass tokens. | Mon May 08 1989 16:50 | 19 |
| Now THAT sounds serious. What is this wrld coming to?
o I didn't realize Digital Corporate Security could make
something "ILLEGAL". Could this be better stated as
a "Serious violation of company policy"?
o These "Blaster" files must really be horrible if the
mere possession of one can be deemed "OUTLAWED" and
result in termination of employment.
I have never seen one of these and could care less to have one in
my VMS directory. I am a bit concerned about the memo posted in
the base note. It sounds like we all had better keep ALL of our
VMS files on a floppy or a tape and lock them up when not in use.
Who knows what will be the next COMPUTER HORROR targeted by the
Network Police and how many of DEC's users will be made into
instant felons.
|
| 804.3 | official confirmation requested. thanks. | REGENT::LEVINE | | Mon May 08 1989 17:10 | 16 |
|
re: .1
Can anyone in a position to know (ie: someone connected to security
or someone from the site where this memo originated) please post
a reply confirming or denying the accuracy of the basenote?
It is inappropriate to post "rumors" in this conference, since their
presence here lends them credibility. (if this is indeed a rumor.
I got a much forwarded copy last week and I believed it.)
Thanks,
Rick LeVine
DIGITAL moderator
|
| 804.4 | Like fire... | RICKS::KAGER | | Mon May 08 1989 17:25 | 8 |
| I also received a copy of this message. It was sent to everyone
on my cluster by the systems manager.
I must admit that it fooled me. I didn't know what a blaster was,
or how security would know one when they saw it, but I made sure
that I had nothing called blaster.com.
Pat
|
| 804.5 | FUD again | CVG::THOMPSON | Protect the guilty, punish the innocent | Mon May 08 1989 17:31 | 14 |
| A blaster command file, I believe, is one that hacks either the
PHONE or MAIL protocol to send messages with false identification
information. These have been around for some time. I've gotten
mail messages that were sent with them from time to time. They
are not completely untracable though. I usually just check the
accounting logs an spot who sent them. Your system manager can
usually help you out if you get such messages.
In general they are used for fairly harmless practical jokes.
As to security looking through your files, I think we already have
a topic on that. Check out 593 for starters.
Alfred
|
| 804.6 | Intended to resolve (not cause) a panic | PSYCHE::DMCLURE | | Mon May 08 1989 17:34 | 15 |
| I had certainly hoped that the mail message I recieved was, in fact,
a well-intentioned, but poorly worded rumor, but given the somewhat
draconian political climate these days, you never know what sorts of
policy changes can occur over the week-end!
Anyway, given that Dennis (re: .1) seems to have the inside scoop
on this one, I think it is safe to assume that it is just a rumor.
As a result, I think I'll change my note title to something a little
less panic-stricken.
-davo
p.s. The reason I entered this here is because my group tends to take
such things seriously, and I wanted a quick resolution to this
(and I am too busy to chase down rumors).
|
| 804.7 | memo from Corporate Security | LDYBUG::GOLDMAN | He who laughs, lasts | Mon May 08 1989 17:52 | 42 |
| I received this memo this morning. It would appear that there
is no "official policy" on blast programs, other than what is covered
in P&P .
Amy
<local forwarding deleted>
From: FACMTS::FACMTS::MRGATE::"PKOMTS::WITNES::A1::HUMPHREY.RAYMOND" 5-MAY-1989 14:23:10.30
To: MRGATE::"CADSYS::REISS",MRGATE::"ULTRA::HAMILTON"
CC:
Subj: RE: Security position on BLAST.Com?
From: NAME: Raymond F. Humphrey
FUNC: Corporate Security
TEL: 223-4088 <HUMPHREY.RAYMOND AT A1 at WITNES at PKO>
To: See Below
The message is not official policy and was not issued by Corporate
Security.
IS Security has also been queried and did not issue such a
prohibition (Lyons, Maguire, etc.).
There are a number of command files that can cause unexpected or
unacceptable results. It would be impractical to specify a prohibition
against each.
Misuse of Corporate systems is covered generically in Personnel
Policies and Procedures, Section 6.54, "Proper Use of Digital Computers,
Systems and Networks."
Regards,
Distribution List:
NAME: VMS MAIL user REISS <REISS@CADSYS@MRGATE>
NAME: Jim SchWeitzer <SCHWEITZER.JIM AT A1 at WITNES at PKO>,
HAMILTON @ULTRA@VAXMAIL,
BOB LYONS @VRO,
MIKE CONNOR @VRO,
NAME: MARYLYN MORIN <MORIN.MARYLYN AT A1 at WITNES at PKO>
|
| 804.8 | brief cloudy explaination | GIAMEM::MIOLA | Phantom | Mon May 08 1989 18:00 | 15 |
|
for those who asked.......
I believe the command in question is based off of the old Broadcast
command.
You can send a message that flashes accross someones terminal.
The command will ask if you want large letters, how many times you
want it sent, and at how many second intervals you want it sent.
Also, you couldn't tell where the message was coming from.
Lou
|
| 804.9 | | HYDRA::ECKERT | Jerry Eckert | Mon May 08 1989 18:23 | 11 |
| re: .8
> Also, you couldn't tell where the message was coming from.
This statement is incorrect. The source of the message cannot
be determined from the content of the message displayed on the
target user's terminal; however, the system accounting file and/or
NETSERVER.LOG files do contain the necessary information (either
a username or a process id, which can be traced back to a username
by the system manager on the originating node).
|
| 804.10 | past history... | VCSESU::COOK | Can you see the real me? | Mon May 08 1989 18:32 | 5 |
|
This .COM file used to go under the name of BUG.COM about 3-4 years
ago.
/prc
|
| 804.11 | More than meets the eye here... | PSYCHE::DMCLURE | | Mon May 08 1989 18:40 | 16 |
| The thing that bugs me the most is the generally accepted notion
that firing people is an appropriate way to deal with such problems!
The fact that nobody seems to object to even *the idea* that an
employee might be fired as a result of such a seemingly ridiculous
infraction (were it for real) is almost just as scary as anything else.
Instead of questioning the validity of firing people (for any reason),
most of the replies to this note have concentrated upon the validity of
the actual security concern.
How many people feel that firing people for such seemingly minor
infractions as practical jokes (assuming for a momment that this was
a valid corporate memo) is good business practice?
-davo
|
| 804.12 | "Ours not to reason why..." | TOPDOC::AHERN | Dennis the Menace | Mon May 08 1989 19:48 | 16 |
| RE: .11 "More than meets the eye here..."
> The fact that nobody seems to object to even *the idea* that an
> employee might be fired as a result of such a seemingly ridiculous
> infraction (were it for real) is almost just as scary as anything else.
Davo, when this alleged edict was promulgated in our group, I stood
up on my hind legs and requested substantiation. However, before
it was forthcoming we all got the mail mentioned in a previous reply
stating that this was NOT corporate policy, etc.
It does bother me that somebody thought that this type of petty
bullying was "doing the right thing" in response to some problem, but
it bothers me even more that so many people bought the proposed
solution without saying a word.
|
| 804.13 | Spring Cleaning | RTOISB::TINIUS | I dont drink water, fish swim in it | Mon May 08 1989 19:56 | 18 |
| Actually, this is part of a very carefully planned program to free up disk
space on Digital's internal systems. You see, every six or eight weeks we send
out a message saying "it's ILLEGAL to have a copy of X; if you have a copy of X
in your account you'll get fired." Then people all over the network start
deleting all the files which even remotely look like X so they don't get fired.
I estimate each one of these actions releases 5 or 10 percent of the disk
space used world-wide (several thousand RA81's), not to mention fewer tapes
and operator hours needed for backup.
Stephen
Former Network Sheriff
P.S. Hint: next on the list are VAXmails for the Fourth of July which
you EXTR TT: to show exploding firecrackers and Kate Smith singing "God
Bless America".
Be careful out there!
|
| 804.14 | Take a deep breath, count to ten... | DR::BLINN | General Eclectic | Mon May 08 1989 21:16 | 22 |
| OK, calm down, all of you! Davo, go back and READ THE REPLIES.
This is, once again, a HOAX. It's a RUMOR. Corporate Security
DID NOT promulgate any policy.
I work in MKO. I checked with our local IS security staff. I got
the story on how this originated (which I won't share without
their permission -- which I will seek).
Apparently, the person who started this particular copy floating
around (Warren) got it from someone named Dan. Read the message
in .0 -- it's FROM: "Warren", but it's signed "Dan". Doesn't
this tip you off that you can't tell where it really originated?
Technical note: The typical "BLASTER" procedure talks to the
PHONE object. Disabling the PHONE object disables the "BLASTER".
Further reasoned discourse will be welcome, but diatribes about
"How could Corporate Security do such a thing" when THEY NEVER DID
are NOT welcome.
Tom
|
| 804.15 | .0 has turned out to be a useful example | CALL::SWEENEY | Patrick Sweeney | Tue May 09 1989 01:26 | 13 |
| I'd like to know, once and for all what exactly the corporation
considers "firing offenses". Rumor has it that the initiator of the
last EASYNET virus was fired. I wonder what policy applied there?
"You can be fired for that" is often heard, how often is it true?
I'd also like to have all policy-promulgating groups in Digital
identify a person to contact when promulgating a policy. People
believe lots of second-hand information without question. When it
comes down to a skeptic like myself, it's only that much harder to
authenticate an authorless policy.
Part of the creeping erosion of the Digital culture is anonymity.
|
| 804.16 | Anyone recall this? | VCSESU::COOK | Can you see the real me? | Tue May 09 1989 12:31 | 6 |
|
Anyone remember the Late Great DND.EXE controversy a couple of years
back? That was grounds for termination on the spot, or so I was told.
/prc
|
| 804.17 | | SERPNT::SONTAKKE | Vikas Sontakke | Tue May 09 1989 12:40 | 13 |
| From Former Network Sheriff:-
>Actually, this is part of a very carefully planned program to free up disk
>space on Digital's internal systems. You see, every six or eight weeks we send
>out a message saying "it's ILLEGAL to have a copy of X; if you have a copy of X
>in your account you'll get fired." Then people all over the network start
>deleting all the files which even remotely look like X so they don't get fired.
How many people believe that such threats by themselve constiture
SERIOUS harrassment? I believe that it is against the policy to
falsely threaten anyone.
- Vikas
|
| 804.19 | | SCARY::M_DAVIS | nested disclaimers | Tue May 09 1989 15:05 | 19 |
| >I'd like to know, once and for all what exactly the corporation
>considers "firing offenses".
Per policy 6.21 of the orange book (Personnel Policies and Procedures),
U.S. employees are subject to the following:
"MAJOR OFFENSES
"Certain employee conduct may be so serious as to justify immediate
discharge. defining all such instances is impossible; however, the
following are some of the more common examples: serious violations that
endanger other employees, theft of Company or personal property,
fighting, falsification of Company records or time cards, gross
negligence which results in damage to Company property,
insubordination, accepting gratuities from outside sources doing
business with Digital, possession, use or sale of intoxicants on
Company property, inappropriate use or disclosure of Copmpany
proprietary information, absence of three consecutive days without
notifying the supervisor, etc."
|
| 804.20 | not HERE your don't | COMET::LUKENS | | Fri May 19 1989 21:33 | 8 |
|
This program was known as either BOTHER.COM or BUG.COM and they
utilized a portion of VMS.
Here at CXO that portion of VMS has been disabled.
|
| 804.21 | That's silly. | EVETPU::CANTOR | The answer is -- a daily double. | Mon Jun 19 1989 18:04 | 7 |
| Re .20
> Here at CXO that portion of VMS has been disabled.
Do you mean that the PHONE DECnet object has been disabled?
Dave C.
|
| 804.22 | | DEC25::BRUNO | Citizen of the Far Side | Mon Jun 19 1989 18:23 | 4 |
| Not a chance. The programs still work, but they have been
scavenged from many user accounts.
Greg
|
| 804.23 | Phone Object not disabled | COVERT::COVERT | John R. Covert | Mon Jun 19 1989 19:59 | 11 |
| >re COMET::LUKENS
>not HERE you don't
>
> This program was known as either BOTHER.COM or BUG.COM and they
>utilized a portion of VMS.
>
> Here at CXO that portion of VMS has been disabled.
No it hasn't; it works just fine to nodes in the COMET cluster.
/john
|
| 804.24 | | COMET::LUKENS | | Fri Jun 23 1989 21:40 | 16 |
|
Who's talking about PHONE ?
Several years ago I had a program which would transmit messages to
another users screen. The other person did not know where the
message was coming from. One day the program disappeared from my
account & I got my hand slapped. ( Actually the program did have a
real potential for abuse ).
About a year ago a friend of mine back east said they had a really
neat program at their plant site for sending messages and sent it
to me. I recognized it as the same program. Curiosity got the
best of me and I tried to initiate it.
A prompt came back "VMS Software portion (something) disabled".
|