HP3000-L Archives

November 2006, Week 5

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: MPE/iX Virus Vulnerability
From:
Jack Connor <[log in to unmask]>
Reply To:
Jack Connor <[log in to unmask]>
Date:
Thu, 30 Nov 2006 14:35:52 -0800
Content-Type:
text/plain
Parts/Attachments:
text/plain (173 lines) 
Agree, Gilles...

That and the fact that the instruction set is far off the beaten hacker
path as well as the data orientation in memory being backwards from
typical Intel architecture.

It'd be awfully hard to load up a data stack with bogus code and then do
a branch and link to it...MPE doesn't like to execute data :-)

I would think the same is true of IBM VM or OS/400 environments...

Jack Connor 

-----Original Message-----
From: HP-3000 Systems Discussion [mailto:[log in to unmask]] On
Behalf Of Gilles Schipper
Sent: Thursday, November 30, 2006 4:38 PM
To: [log in to unmask]
Subject: Re: [HP3000-L] MPE/iX Virus Vulnerability

Could it be that reason the HPe3000 is (relatively) immune to viruses is
related to the fact that MPE is characterized by a clear distinction
between and separation of code and data stacks ?

In many cases, viruses exploit OS's that do not have that distinction
and are thus able to modify otherwise innocuous code to achieve their
malicious effects.



At 02:03 PM 2006/11/30, Reid Baxter wrote:

>Joe,
>
>Thanks and yes we do use Vesoft Security/3000. I was looking for a more

>technically definitive answer though. I once recall seeing someone post

>(programmer perspective) a response that eluded to stacks, storage 
>area, etc. based reasons that a virus could not exist within the MPE/iX

>OS architecture. Anyone recall that ? Wirt ? Stan ?
>
>Regards,
>
>Reid E. Baxter
>
>
>
>
>              J Dolliver
>              <[log in to unmask]
>              ET>
To
>              Sent by: HP-3000          [log in to unmask]
>              Systems
cc
>              Discussion
>              <[log in to unmask]
Subject
>              TC.EDU>                   Re: [HP3000-L] MPE/iX Virus
>                                        Vulnerability
>
>              11/30/2006 01:39
>              PM
>
>
>              Please respond to
>              [log in to unmask]
>                      T
>
>
>
>
>
>
>The short answer is->
>
>MPE/iX was NOT a mass marketed operating system and thus NO ONE was 
>interested in hacking it.
>
>The Audit answer is ->
>
>Modem access and making changes to the catalog.pub.sys file making the 
>"expected hello" line was one of the things we did to make sure that 
>anyone hunting down systems by modem would not know how the system was 
>addressed for access.
>You could also add passwords to getting access to the service line to 
>the HP.
>and another thing...  VeSoft Security3000 product allows you to encrypt

>passwords and you are using that as a standard tool correct ;-).
>
>
>
>
>
>-------------- Original message from Reid Baxter
><[log in to unmask]>: --------------
>
>
> > I have an auditor asking about what tools we have in our arsenal for

> > detecting viruses on the HP3000. I explained that the MPE/iX OS 
> > "does not
>
> > lend itself to viruses", but they would like me to expand on that
reply.
> > I've been searching but have not been successful in locating a
>'technical'
> > reason for this capability. Can anyone point me in the right 
> > direction A link or otherwise ? Thank you in advance.
> >
> > Regards,
> >
> > Reid E. Baxter
> >
> >
> > -----------------------------------------
> > This transmission may contain information that is privileged, 
> > confidential, legally privileged, and/or exempt from disclosure 
> > under applicable law. If you are not the intended recipient, you are

> > hereby notified that any disclosure, copying, distribution, or use 
> > of the information contained herein (including any reliance
> > thereon) is STRICTLY PROHIBITED. Although this transmission and any 
> > attachments are believed to be free of any virus or other defect 
> > that might affect any computer system into which it is received and 
> > opened, it is the responsibility of the recipient to ensure that it 
> > is virus free and no responsibility is accepted by JPMorgan Chase & 
> > Co., its subsidiaries and affiliates, as applicable, for any loss or

> > damage arising in any way from its use.
> > If you received this transmission in error, please immediately 
> > contact the sender and destroy the material in its entirety, whether

> > in electronic or hard copy format. Thank you.
> >
> > * To join/leave the list, search archives, change list settings, *
> > * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
>* To join/leave the list, search archives, change list settings, *
>* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
>* To join/leave the list, search archives, change list settings, *
>* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
>
>
>
>--
>No virus found in this incoming message.
>Checked by AVG Free Edition.
>Version: 7.5.430 / Virus Database: 268.15.2/559 - Release Date: 
>2006/11/30 5:07 AM

------------------------------------------------------------------------
-------------------------
Gilles Schipper
GSA Inc.
HP System Administration Specialists
300 John Street, Box 87651   Thornhill, ON Canada L3T 7R4
Voice: 905.889.3000     Fax: 905.889.3001
email:  [log in to unmask]  web: http://www.gsainc.com
------------------------------------------------------------------------
-------------------------

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2