Re: VMS Security Rundown
From: Larry Kilgallen (Kilgallen_at_SpamCop.net)
Date: 09/29/03
- Next message: Paul Sture: "Re: Logical names question"
- Previous message: norm.raphael_at_metso.com: "Logical names question"
- In reply to: Bob Koehler: "Re: VMS Security Rundown"
- Next in thread: Main, Kerry: "RE: VMS Security Rundown"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: 29 Sep 2003 15:45:00 -0500
In article <Klevqhi4PBfN@eisner.encompasserve.org>, koehler@eisner.nospam.encompasserve.org (Bob Koehler) writes:
> In article <3F787662.676191BC@istop.com>, JF Mezei <jfmezei.spamnot@istop.com> writes:
>>
>> VMS was born as a multi user (and inherently multi-tasking) operating system.
>> As a result, it was designed with security at its core whereas some other
>> operating systems which started off as single user machines got security
>> features as an afterthought.
>
> Not designed. Re-designed. Anyone who knows VMS 1.x password
> encryption can tell you.
There have been various algorithm changes over the years (and the old
algorithms continue to work if you have not changed your password in
25 years). But the greatest vulnerability I recall was eliminated
when VMS V1 when from field test to production.
The most recent algorithm change I recall was to defend against user
subterfuge to get around minimum password length requirements.
- Next message: Paul Sture: "Re: Logical names question"
- Previous message: norm.raphael_at_metso.com: "Logical names question"
- In reply to: Bob Koehler: "Re: VMS Security Rundown"
- Next in thread: Main, Kerry: "RE: VMS Security Rundown"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
