HP3000-L Archives

April 2002, Week 4

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Hacker question
From:
"Shahan, Ray" <[log in to unmask]>
Reply To:
Shahan, Ray
Date:
Wed, 24 Apr 2002 08:02:18 -0500
Content-Type:
text/plain
Parts/Attachments:
text/plain (106 lines) 
Now that's cool.

> -----Original Message-----
> From: Knight, Sam [SMTP:[log in to unmask]]
> Sent: Wednesday, April 24, 2002 8:01 AM
> To:   [log in to unmask]
> Subject:      Re: Hacker question
> 
> You can also do:
> 
> listf ci.pub.sys,8
> 
> ****************************************************************
> 
> Sam Knight                      Phone   (904)745-7509 
> Sr. Programmer/Analyst  Fax     (904)745-7238 
> Jacksonville University 
> Jacksonville, FL 32211 
> 
> 
> 
> 
> -----Original Message-----
> From: Richard Barker [mailto:[log in to unmask]]
> Sent: Wednesday, April 24, 2002 5:57 AM
> To: [log in to unmask]
> Subject: Re: [HP3000-L] Hacker question
> 
> 
> Wow, I wish I knew about that about a hour ago, of course I have since
> aborted the guy.
> 
> Thanks anyway.
> 
> -----Original Message-----
> From: Per Östberg /labmed 
> Sent: 24 April 2002 11:45
> To: [log in to unmask]; [log in to unmask]
> Subject: SV: Re: [HP3000-L] Hacker question
> 
> 
> as an addition to Wirts suggestion of using an "option logon"-udc  
> (where you have acces to all session-info), there's an enhancement to  
> the :SHOWVAR command, where you can specify a job/session number (as in:
> 
> :showvar @;job=#S6224
> HPSTDIN_ACCESS_TYPE = NS/VT
> HPSTDIN_TERMINAL_TYPE = 0 (T_DATA_ENTRY(4))
> HPSTDIN_TRANSPORT_TYPE = TCP/IP
> HPSTDIN_NETWORK_NODE = MYPC.MYDOMAIN.SE
> HPSTDIN_NETWORK_ADDR = x.y.z.x
> HPSTDIN_LINK_ADDR = not set yet...
> HPVT_CLIENT_VENDOR = WRQ_CONNECTION_3000_FOR_WINDOWS
> HPVT_CLIENT_OPSYS = MS_DOS
> HPVT_CLIENT_MODE = STREAM_MODE
> HPVT_CLIENT_TCP_PORT = 3840
> HPVT_CLIENT_LDEV_NUM =   
> HPVT_CLIENT_JOB_NUM =   
> HPVT_CLIENT_JOB_NAME =                            
> TZ = MET-1METDST
> VSETNEXTCENTURY = 3
> )
> 
> hth
> /per
> 
> --------------------------------------------------
> Per Östberg  / [log in to unmask]
> tel 08-585 812 13  
> mob 070-484 02 53 / fax 08-585 877 10
> LabMedicin-IT, Huddinge Universitetssjukhus
> C1 51 / 141 86  HUDDINGE
> --------------------------------------------------
> 
> 
> > -----Ursprungligt meddelande-----
> > Från: Richard.Barker /internet [mailto:[log in to unmask]]
> > Skickat: den 24 april 2002 10:50
> > Till: HP3000-L /internet
> > Kopia: Richard.Barker /internet
> > Ämne: Re: [HP3000-L] Hacker question
> >  
> >  
> > Hi
> >  
> > We've got someone logging on to our system as an unauthorised  
> > user.  Now I
> > can easily kick them off, but I would love to know if it is someone
> > internally logging on.
> >  
> > Is there anyway I can narrow down the Reflection session or  
> > the IP address.
> >  
> > * To join/leave the list, search archives, change list settings, *
> > * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
> >  
> 
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
> 
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2