- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - OpenVMS
- >
- Re: Keystroke auditing on OpenVMS Integrity v8.3-1...
Operating System - OpenVMS
1753735
Members
4278
Online
108799
Solutions
Forums
Categories
Company
Local Language
юдл
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
юдл
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-11-2010 10:15 AM
тАО01-11-2010 10:15 AM
Re: Keystroke auditing on OpenVMS Integrity v8.3-1H1
Does anyone have any direct experience of support and development of KeyCapture? Any idea whether there's a reasonable amount of development work happening or whether it's a team of one guy somewhere with an old VAX or Alpha maintaining the code?
Thanks
Steve
Thanks
Steve
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-12-2010 04:20 AM
тАО01-12-2010 04:20 AM
Re: Keystroke auditing on OpenVMS Integrity v8.3-1H1
Steve,
I don't have any direct experience with support/development of KeyCapture.
My guess is that none of these three commercial products have a large development group, and I would be surprised if any had more than one primary developer/maintainer for the products. I also doubt that there are many HP engineers dedicated to the VMS terminal driver.
I would guess that all the products that are logging on the node being monitored are intercepting the traffic between the terminal port/class interface via the GETNXT/PUTNXT routine pointers in the terminal UCB (UCB$L_TT_GETNXT/UCB$L_TT_PUTNXT). At least that is the most direct (most efficient) approach that I am aware of. Just for reference, PUTNXT is used for terminal input (it puts into the typeahead buffer); GETNXT is for terminal output (gets the next character or string (burst) to output to the user's terminal.)
In my opinion, the most important question is how well the design is documented by/for the product developers/supporters and how cleanly written the code is. This will determine how easily a new person will be able to support the product. Unfortunately, I know of no way to determine this from the outside, as the code is proprietary and closed source.
One indicator is the quality of the external product documentation. Another is how long it took each vendor to release an IA64 version of the product after OpenVMS IA64 became available. Although this is an indirect indicator, it is an externally visible indicator of the vendor's ability/desire to support the VMS market. Since these products are using internal features of VMS that are not in end user documentation, it implies that the vendors need access to the VMS source code listings (or at least a contact in VMS engineering that can provide select information).
Jon
I don't have any direct experience with support/development of KeyCapture.
My guess is that none of these three commercial products have a large development group, and I would be surprised if any had more than one primary developer/maintainer for the products. I also doubt that there are many HP engineers dedicated to the VMS terminal driver.
I would guess that all the products that are logging on the node being monitored are intercepting the traffic between the terminal port/class interface via the GETNXT/PUTNXT routine pointers in the terminal UCB (UCB$L_TT_GETNXT/UCB$L_TT_PUTNXT). At least that is the most direct (most efficient) approach that I am aware of. Just for reference, PUTNXT is used for terminal input (it puts into the typeahead buffer); GETNXT is for terminal output (gets the next character or string (burst) to output to the user's terminal.)
In my opinion, the most important question is how well the design is documented by/for the product developers/supporters and how cleanly written the code is. This will determine how easily a new person will be able to support the product. Unfortunately, I know of no way to determine this from the outside, as the code is proprietary and closed source.
One indicator is the quality of the external product documentation. Another is how long it took each vendor to release an IA64 version of the product after OpenVMS IA64 became available. Although this is an indirect indicator, it is an externally visible indicator of the vendor's ability/desire to support the VMS market. Since these products are using internal features of VMS that are not in end user documentation, it implies that the vendors need access to the VMS source code listings (or at least a contact in VMS engineering that can provide select information).
Jon
it depends
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-19-2010 02:41 AM
тАО01-19-2010 02:41 AM
Re: Keystroke auditing on OpenVMS Integrity v8.3-1H1
I have direct experience with KeyCapture v5.2.05 that is running on two AlphaServers clustered together. It has been invaluable in monitoring password changes which are normally blocked in SET HOST/LOG files and other AUDITing programs. It even works with terminals set to /NOECHO. Email me or give me a call if you want to talk personally about the product.
Rick Lade
Rick Lade
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2010 01:23 PM
тАО06-29-2010 01:23 PM
Re: Keystroke auditing on OpenVMS Integrity v8.3-1H1
steve wrote:
>Does anyone have any direct experience of
>support and development of KeyCapture? Any
>idea whether there's a reasonable amount of
>development work happening or whether it's
>a team of one guy somewhere with an old VAX
>or Alpha maintaining the code?
I have VAXen, Alphas and Integritys. ;)
What seems to be the issue with AUDIT. If you really need the /NOECHO in the AUDIT log, that can be enabled. However, I think you will find with the other loggers -- as they intercept using the same patented approach -- that the keystrokes are missing from their logs as well.
Make the case to ProvN and it will become.
>Does anyone have any direct experience of
>support and development of KeyCapture? Any
>idea whether there's a reasonable amount of
>development work happening or whether it's
>a team of one guy somewhere with an old VAX
>or Alpha maintaining the code?
I have VAXen, Alphas and Integritys. ;)
What seems to be the issue with AUDIT. If you really need the /NOECHO in the AUDIT log, that can be enabled. However, I think you will find with the other loggers -- as they intercept using the same patented approach -- that the keystrokes are missing from their logs as well.
Make the case to ProvN and it will become.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-29-2010 05:09 PM
тАО06-29-2010 05:09 PM
Re: Keystroke auditing on OpenVMS Integrity v8.3-1H1
Hi Steve,
You can try out the Key Capture tool.
Check the following link -
* Key Capture
http://openvmsalpha.com/75/key-capture/
Key Capture is a OpenVMS tool for logging/aduting the keyboard input for
a set of users. This should give you the feature that you are looking for.
The link mentions that the Key Capture is availble in ALPHA versions.
The Itanium version is yet to be released. Not sure if the IA64 version
has been released.
Hope this helps.
Regards,
Murali
You can try out the Key Capture tool.
Check the following link -
* Key Capture
http://openvmsalpha.com/75/key-capture/
Key Capture is a OpenVMS tool for logging/aduting the keyboard input for
a set of users. This should give you the feature that you are looking for.
The link mentions that the Key Capture is availble in ALPHA versions.
The Itanium version is yet to be released. Not sure if the IA64 version
has been released.
Hope this helps.
Regards,
Murali
Let There Be Rock - AC/DC
- « Previous
-
- 1
- 2
- Next »
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
News and Events
Support
© Copyright 2024 Hewlett Packard Enterprise Development LP