HPE Community
Operating System - OpenVMS
1827825 Members
1913 Online
109969 Solutions
New Discussion

Avoid intrusion alerts for DECnet objects

 
Hans Adriaanse
Advisor

‎04-12-2006 08:48 PM

‎04-12-2006 08:48 PM

Avoid intrusion alerts for DECnet objects

Hello,

I have the next situation: one system connects to a DECnet object on another system. This DECnet is created in an application. So if the application is not running (planned or unplanned), the object is not available. But each time the other system tries to connect, I get a security alert. I am not allowed to disable this security alert (security policy of the company). I thought about the next solution: install a dummy object that closes each incomming connection immediately. When the application starts, it first removes this dummy object and installs itself as that object. But when the applciation crashes, I cannot restore the dummy object. Is it possible to installe 2 objects with the same name, but with a difference in priority or something like that.
Please some suggestions to avoid the intrusion alerts without affecting the security settings.

Thanks in advance,
Hans
0 Kudos
4 REPLIES 4
Volker Halle
Honored Contributor

‎04-12-2006 09:50 PM

‎04-12-2006 09:50 PM

Re: Avoid intrusion alerts for DECnet objects

Hans,

I'm pretty sure, that you cannot install two DECnet objects (in NCL speak: session control applications) with the same name or number.

You may need to write some checking DCL procedure (as a batch or detached job), which checks if the real application has crashed and re-instates the dummy object. Depending on how the application process is running (detached process ?), you could wrap it into a DCL procedure, which sets up the dummy object, if the real application program exists.

Volker.
0 Kudos
John Travell
Valued Contributor

‎04-17-2006 10:36 PM

‎04-17-2006 10:36 PM

Re: Avoid intrusion alerts for DECnet objects

I have implemented something similar to what Volker suggests myself.
1. create a batch queue with JOB_LIMIT=1.
2. Wrap your application in a procedure that:
__2a. checks the queue to ensure that a second copy of the job is pending in the queue.
__2b. notifies you if the 'spare' job is missing.
__2c. resubmits itself.
3. submit your job and forget it until you get a notification of failure, then check the logfile to see WHY it failed.
4. fix the cause of the failure, goto 3.

I could supply some sample dcl, but I would have to spend some time anonymising it first.

John T.
0 Kudos
Hans Adriaanse
Advisor

‎04-18-2006 01:45 AM

‎04-18-2006 01:45 AM

Re: Avoid intrusion alerts for DECnet objects

Thank you guys. This is the best solution I can think of (not optimal, but the best).

Thanx.
0 Kudos
John Travell
Valued Contributor

‎04-18-2006 10:25 AM

‎04-18-2006 10:25 AM

Re: Avoid intrusion alerts for DECnet objects

Hans, Can you assign points for this topic, you seem to have done so for only half of the replies to your questions. It is the only way to reward contributors. Remember that you can assign zero points if a comment has zero value...
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.