Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Was secreview crap - now OpenVMS!!
From: Ishan Oshadi Jayawardene <oshadi () lfod info>
Date: Sat, 05 Jan 2008 00:02:47 +0100

Once a so-called security expert was pen-testing my VMS shop. We were 
having a nice chat while his eval version of GFI LANguard finished the 
scan, and got to talk about VMS. He didn't believe in the robust 
security of VMS and told me to do a search for vms on bugtraq, and see 
how many results came up.
So I did, and was horrified when I saw thousands of results... Until I 
noticed that the matched string in all the (barring perhaps 1 in 10000) 
results was "VMs"; not "VMS" or "vms".

(This was some years ago. The bugtraq search function's improved now.)

Randal T. Rioux wrote:
Valdis.Kletnieks () vt edu said:

Bonus points for knowing that VMS was mostly written in Bliss/32 or some 
such, and VM and MVS were a mixture of assembler and (later on) PL/S. 
No C knowledge needed for those critters...

OpenVMS is less than 40% Blissful... though I'm not familiar with the original source (wasn't it written on stone 
tablets?). About 50% is C, with a healthy mix of obsoletes making the difference. How something so elegant could be 
spawned from such chaos is beyond me.

Mostly, the VMS basic OS utilities are Bliss-based (think: GNU). 

I really wish HP would open OpenVMS before they kill it.

Security relevance: UNHACKABLE! <grin>

Randy

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault