https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336982#M29210 Brian,<BR /><BR />The whitepapers already mentioned are a good start.<BR /><BR />Another point would be my presentation at HPWORLD 2004 on managing user environments at<BR /><A href="http://www.rlgsc.com/hpworld/2004/n227.html." target="_blank">http://www.rlgsc.com/hpworld/2004/n227.html.</A><BR /><BR />See the reports written by the late John Wisniewski of the (unsuccessful) DEFCON 9 cracking attempts against OpenVMS.<BR /><BR />Also, see some of my published articles on OpenVMS.org.<BR /><BR />I hope that the above is useful.<BR /><BR />- Bob Gezelter, <A href="http://www.rlgsc.com" target="_blank">http://www.rlgsc.com</A> Sun, 12 Dec 2004 09:10:31 GMT Robert Gezelter 2004-12-12T09:10:31Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336974#M29202 Hi Folks,<BR /><BR />Just a quick request for help and information. Like many companies we're trying to persuade our clients to remain with OpenVMS rather than a migration to Windows. We've tried migrations in the past and as a rule it takes too long, the only benefits tend to be that the hardware is cheaper (but fails more frequently).<BR /><BR />Anyway, security of the systems has again raised its head, and I'm just wondering if anybody has come across articles detailing the security/management aspects of the follows OSes. (I've been asked to produce a quick report on the OSes currently in use and I don't have the time at the mo' for a full scale internet browsing session)<BR /><BR />OpenVMS (I know about this bit)<BR />AIX Unix<BR />LINUS<BR />Windows (XP/Server)<BR /><BR />I know I may get a slightly biased view :) from this forum but any links to articles/papers would be appreciated.<BR /><BR />thanks for your help<BR /><BR />Brian<BR /> Wed, 21 Jul 2004 02:27:46 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336974#M29202 Brian Reiter 2004-07-21T02:27:46Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336975#M29203 Brian,<BR />I remember another thread about this argoument <A href="http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=555089" target="_blank">http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=555089</A><BR /> <BR />Perhaps can help you ?<BR /> <BR />Antonio Vigliotti<BR /> Wed, 21 Jul 2004 03:26:39 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336975#M29203 Antoniov. 2004-07-21T03:26:39Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336976#M29204 More interested in security info on all 4 platforms. I've just read John Wisniewski's security for OpenVMS presentation (well worth it), which covers most of what I wanted to know for VMS. <BR /><BR />cheers <BR /><BR />Brian Wed, 21 Jul 2004 03:45:41 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336976#M29204 Brian Reiter 2004-07-21T03:45:41Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336977#M29205 See also<BR /><A href="http://h71000.www7.hp.com/openvms/whitepapers/TCS_2004.pdf" target="_blank">http://h71000.www7.hp.com/openvms/whitepapers/TCS_2004.pdf</A><BR /><BR />and<BR /><A href="http://itmanagement.earthweb.com/erp/article.php/3380341" target="_blank">http://itmanagement.earthweb.com/erp/article.php/3380341</A><BR />and<BR /><A href="http://www.computerweekly.com/articles/article.asp?liArticleID=131808" target="_blank">http://www.computerweekly.com/articles/article.asp?liArticleID=131808</A><BR /> Wed, 21 Jul 2004 05:38:42 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336977#M29205 Ian Miller. 2004-07-21T05:38:42Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336978#M29206 <BR />Here are a few more articles with statements concerning the security of Operating Systems other than OpenVMS.<BR /><BR /><BR />Lead Windows developer bugged by security<BR /><A href="http://www.nwfusion.com/news/2002/0905valen.html" target="_blank">http://www.nwfusion.com/news/2002/0905valen.html</A><BR />Linux is favourite hacker target: Study - Globetechnology<BR /><A href="http://www.globetechnology.com/servlet/story/RTGAM.20030911.gtlinuxsep11/BNStory/Technology/" target="_blank">http://www.globetechnology.com/servlet/story/RTGAM.20030911.gtlinuxsep11/BNStory/Technology/</A><BR />Microsoft cerebrates fifteen years of poor security<BR /><A href="http://www.theinquirer.net/?article=11108" target="_blank">http://www.theinquirer.net/?article=11108</A><BR />Microsoft software 'riddled with vulnerabilities', trade body claims<BR /><A href="http://www.theinquirer.net/?article=11249" target="_blank">http://www.theinquirer.net/?article=11249</A><BR />MS: Secure computing is still a decade away<BR /><A href="http://reviews-zdnet.com.com/4520-7297_16-4207833.html" target="_blank">http://reviews-zdnet.com.com/4520-7297_16-4207833.html</A><BR />Next-Generation Win32 exploits: fundamental API flaws<BR /><A href="http://security.tombom.co.uk/shatter.html" target="_blank">http://security.tombom.co.uk/shatter.html</A><BR />Nimda Worm Shows You Can't Always Patch Fast Enough<BR /><A href="http://www.gartner.com/DisplayDocument?doc_cd=101034" target="_blank">http://www.gartner.com/DisplayDocument?doc_cd=101034</A><BR />Reliance On Microsoft Danger To National Security<BR /><A href="http://www.techweb.com/wire/story/TWB20030924S0008" target="_blank">http://www.techweb.com/wire/story/TWB20030924S0008</A><BR />Software vulnerabilities still dog operating systems<BR /><A href="http://www.theinquirer.net/?article=13420" target="_blank">http://www.theinquirer.net/?article=13420</A><BR />Would the real insecure OS please stand up?<BR /><A href="http://arstechnica.com/news/posts/20021127-882.html" target="_blank">http://arstechnica.com/news/posts/20021127-882.html</A><BR /><BR />The discourse "Next-Generation Win32 exploits: fundamental API flaws" also known as The Shatter Exploit Paper is especially damning of Windows. Essentially, it states that the Win32 API has an inherently flawed design with regard to security, and this design can't be corrected without making all Win32 API based applications incompatible and obsolete.<BR /><BR />Cheers!<BR /><BR />Keith Cayemberg<BR /><BR /><BR /><BR /> Wed, 21 Jul 2004 08:32:37 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336978#M29206 Keith Cayemberg 2004-07-21T08:32:37Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336979#M29207 Hi Brian,<BR /><BR />if security also encompasses "How often do I have to patch the system" the new TCO study comparing VMS and AIX might be of interest.<BR /><BR />It is over at <BR /><BR /><A href="http://h71000.www7.hp.com/news/tco.html" target="_blank">http://h71000.www7.hp.com/news/tco.html</A><BR /><BR />Greetings, Martin Wed, 21 Jul 2004 20:50:59 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336979#M29207 Martin P.J. Zinser 2004-07-21T20:50:59Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336980#M29208 Hi Folks,<BR /><BR />Thanks for your help. At least now we can give some very good reasons for not wanting to migrate important and vital system to a Windows platform. It may still happen but at least we aren't rolling over and agreeing with the client (and their possee of consultants).<BR /><BR /><BR />regards<BR /><BR />Brian Thu, 22 Jul 2004 02:05:57 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336980#M29208 Brian Reiter 2004-07-22T02:05:57Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336981#M29209 See also<BR /><A href="http://groups.google.com/groups?selm=3a65a5c8.0401091542.1df169b%40posting.google.com" target="_blank">http://groups.google.com/groups?selm=3a65a5c8.0401091542.1df169b%40posting.google.com</A><BR />and<BR /><A href="http://www.google.com/groups?hl=en&amp;lr=&amp;ie=UTF-8&amp;threadm=40fec85a%240%2419744%249b4e6d93%40newsread2.arcor-online.net&amp;rnum=1&amp;prev=/groups%3Fq%3Dgroup:comp.os.vms%2Binsubject:OpenVMS%2Binsubject:security%2Bauthor:Keith%2Bauthor:Cayemberg%26hl%3Den%26lr%3D%26ie%3DUTF-8%26as_drrb%3Db%26as_mind%3D21%26as_minm%3D7%26as_miny%3D2004%26as_maxd%3D23%26as_maxm%3D7%26as_maxy%3D2004%26selm%3D40fec85a%25240%252419744%25249b4e6d93%2540newsread2.arcor-online.net%26rnum%3D1" target="_blank">http://www.google.com/groups?hl=en&amp;lr=&amp;ie=UTF-8&amp;threadm=40fec85a%240%2419744%249b4e6d93%40newsread2.arcor-online.net&amp;rnum=1&amp;prev=/groups%3Fq%3Dgroup:comp.os.vms%2Binsubject:OpenVMS%2Binsubject:security%2Bauthor:Keith%2Bauthor:Cayemberg%26hl%3Den%26lr%3D%26ie%3DUTF-8%26as_drrb%3Db%26as_mind%3D21%26as_minm%3D7%26as_miny%3D2004%26as_maxd%3D23%26as_maxm%3D7%26as_maxy%3D2004%26selm%3D40fec85a%25240%252419744%25249b4e6d93%2540newsread2.arcor-online.net%26rnum%3D1</A><BR /> Fri, 23 Jul 2004 03:39:19 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336981#M29209 Ian Miller. 2004-07-23T03:39:19Z https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336982#M29210 Brian,<BR /><BR />The whitepapers already mentioned are a good start.<BR /><BR />Another point would be my presentation at HPWORLD 2004 on managing user environments at<BR /><A href="http://www.rlgsc.com/hpworld/2004/n227.html." target="_blank">http://www.rlgsc.com/hpworld/2004/n227.html.</A><BR /><BR />See the reports written by the late John Wisniewski of the (unsuccessful) DEFCON 9 cracking attempts against OpenVMS.<BR /><BR />Also, see some of my published articles on OpenVMS.org.<BR /><BR />I hope that the above is useful.<BR /><BR />- Bob Gezelter, <A href="http://www.rlgsc.com" target="_blank">http://www.rlgsc.com</A> Sun, 12 Dec 2004 09:10:31 GMT https://community.hpe.com/t5/operating-system-openvms/openvms-security-merits-etc/m-p/3336982#M29210 Robert Gezelter 2004-12-12T09:10:31Z