Previous month:
June 2014
Next month:
August 2014

July 2014

TBT: Java's promise spun 3000s into style

Just about 15 years ago from this ThrowBack Thursday, the HP 3000 was having its high moment of renaissance at Hewlett-Packard. The computer was going to make its stretch into the world of a Java-based interface for applications, in an era when Java was considered stylish. A new Java library was going to be patched into the operating environment, and the 3000 division was about to enjoy its fourth straight summertime with the same general manager, something we'd not seen in many years.

HarryYoyoHarry Sterling pushed at the heartstrings of the customers during his tenure leading the division, and in 1999 he threw out the stops to make the HP World conference update on the 3000 memorable. The 3000 was always in style, Sterling maintained, just like the classics of yo-yos (a popular late '90s show giveaway) and tuxedos. Sterling managed to pull off a combination of the two at what amounted to a State of the Product address.

His hour-long talk was built around the theme of "The HP 3000: Always in Style," and featured a video of customer interviews comparing the system to classic dances such as the tango and the waltz. The general manager finished his talk spinning a yo-yo from his hand.

“Just like this yo-yo and just like my tux are always in style, so is the 3000,” Sterling said. The white-hot dot com boom was on, and Sterling felt the yearning from customers to feel the heat.

"You are seeing a new mindset at HP, doing the things that will make it possible for us all to be a pivotal player in Chapter Two of the Internet. Many of you are saying it’s about time — and I agree.”

Continue reading "TBT: Java's promise spun 3000s into style" »


Find :HELP for what you don't know exists

Last week we presented a reprise of advice about using the VSTORE command while making backups. It's good practice; you can read about the details of why and a little bit of how-to in articles here, and also here.

But since VSTORE is an MPE command, our article elicited a friendly call from Vesoft's Vladimir Volokh. He was able to make me see that a great deal of what drives MPE/iX and MPE's powers can remain hidden -- the attribute we ascribed to VSTORE. "Hidden, to some managers running HP 3000s, is the VSTORE command of MPE/iX to employ in system backup verification." We even have a category here on the blog called Hidden Value. It's been one of our features since our first issue, almost 19 years ago.

MPE commands exampleFinding help for commands is a straightforward search, if those commands are related to the commands you know. But how deep are the relationships that are charted by the MPE help system? To put it another way, it's not easy to go looking for something that you don't know is there. Take VSTORE, for example. HP's HELP files include a VSTORE command entry. But you'll only find that command if you know it's there in the operating environment. The "related commands" part of the entry of STORE, identifying the existence of VSTORE, is at the very bottom of the file.

Vladimir said, "Yes, at the bottom. And nobody reads to the bottom." He's also of the belief that fewer people than ever are reading anything today. I agree, but I'd add we're failing in our habits to read in the long form, all the way beyond a few paragraphs. The Millennial Generation even has an acronymn for this poor habit: TLDR, for Too Long, Didn't Read. It's a byproduct of life in the Web era.

But finding help on VSTORE is also a matter of a search across the Web, where you'll find archived manuals on the 5.0 MPE/iX where it was last documented. There's where the Web connects us better than ever. What's more, the power of the Internet now gives us the means to ask Vladimir about MPE's commands and the MPEX improvements. Vladimir reads and uses email from his personal email address. It's not a new outlet, but it's a place to ask for help that you don't know exists. That's because like his product MPEX, Vladimir's help can be conceptual.

Continue reading "Find :HELP for what you don't know exists" »


Stromasys spreads word of spreading wings

Hardware We ReplaceThe makers of the only HP 3000 hardware emulator are not a new company, but Stromasys is starting to outline the new structure of its firm in a communication to its clients and partners. Last week the corporation emailed notice of a set of managers to "strengthen its management team" and a announce the creation of a new R&D center.

In May the company's main HQ was moved to a larger facility in Geneva, and an Asia-Pacific unit will be located in Hong Kong. Some of the changes to the company were reported in brief at the end of 2013. But Chairman George Koukis, who started the banking software Temenous Group and leads that sector of software systems, speaks out in the update about the intrinsic value of CHARON. 

"Charon prolongs the life of software by protecting it from constant change in hardware technology," he said. "Temenos' worldwide success meant that I replaced many systems; I am painfully aware of the immense cost of replacing or migrating application software."

Worldwide expansion through a partner network looks to be a key mission objective of the latest communique. When the company was briefing North American customers for the first time in May 2013 on a Training Day, the managers said that a channel structure for partners was being designed. Frédéric Kokocinski is the new Global Head of Channel Management. The new channel strategy focuses on marketing and communication -- including a comprehensive product roadmap -- certification for resellers, plus support through knowledge sharing, as well as a fresh push on sales.

The company has offices in place in Raleigh, NC, Switzerland, and Hong Kong. Gregory Reut is Head of Support. The company is meeting with partners to outline and detail the changes in its organization. Isabelle Jourdain is Head of Marketing. The company's co-founder, Robert Boers, remains connected to the company as a technology advisor to the board of directors. 


Taking a :BYE before a :SHUTDOWN

BYEHP 3000 systems have been supporting manufacturing for almost as long as the server has been sold. ASK Computer Systems made MANMAN in the 1970s, working from a loaned system in a startup team's kitchen. MANMAN's still around, working today.

It might not be MANMAN working at 3M, but the Minnesota Minining & Manufacturing Company is still using HP 3000s. And according to a departing MPE expert at 3M, the multiple N-Class systems will be in service there "for at least several more years."

Mike Caplin is taking his leave of 3000 IT, though. Earlier this month he posted a farewell message to the 3000-L listserve community. He explained that he loved working with the computer, so much so that he bet on a healthy career future a decade-and-a-half ago. That was the time just before HP began to change its mind about low-growth product lines with loyal owners.

Tomorrow, I’ll type BYE for the last time. Actually, I’ll just X out of a Reflection screen and let the N-Class that I’m always logged in to log me out.

I started on a Series II in 1976 and thought I died and went to heaven after working on Burroughs and Univac equipment.  The machine always ran; no downtime, easy online development, and those great manuals that actually made sense and had samples of code. I still have the orange pocket guide for the Series II.

I found this list about the same time that getting help from HP became a hit or miss. I always got a usable answer after posting a question, usually in under an hour.  So the purpose of this is to say goodbye, but also to say thank you for all of the help over the years.

I was in a headhunter’s office about 15 years ago and he told me that I needed to get away from the 3000 because I’d never be able to make a living until I was ready to retire. I told him that he may be right, but that I was counting on knowing enough to be able to stay employed and that I intended to outlast MPE. I guess I got lucky and won that argument.

Continue reading "Taking a :BYE before a :SHUTDOWN" »


Pen testing crucial to passing audits

Migrated HP 3000 sites have usually just put sensitive corporate information into a wider, more public network. The next audit their business applications will endure is likely to have a security requirement far more complicated to pass. For those who are getting an IT audit on mission-critical apps hosted on platforms like Windows or Linux, we offer this guide to penetration testing.

By Steve Hardwick
CSIPP, Oxygen Finance

Having just finished installing a new cable modem with internal firewall/router, I decided to complete the installation by running a quick and dirty on-line penetration test. I suddenly realized that I am probably a handful of home users that we actually run a test after installing the model. I used the Web utility Shields Up, which provides a quick scan for open ports. Having completed the test -- successfully I may add -- I thought it would be a good opportunity to review Pen, or penetration, testing as a essential discipline.

SecuritypenetrationPenetration testing is a crucial part of any information security audit. They are most commonly used to test network security controls, but can be used for testing administrative controls too. Testing administrative controls, i.e. security rules users must follow, is commonly called social engineering. The goal of penetration testing is to simulate hacker behavior to see if the security controls can withstand the attack.

The key elements of either tests fall into three categories

1) Information gathering: This involves using methods to gain as much information about the target without contacting the network or the system users.

2) Enumeration: To be able to understand the target, a set of probing exercises are conducted to map out the various entry points. Once identified, the entry points are further probed to get more detail about their configuration and function.

3) Exploitation: After review of the entry points, a plan of attack is constructed to exploit any of the weaknesses discovered in the enumeration phase. The goal is get unauthorized access to information in order to steal, modify or destroy it.

Let's take a look at how all this works in practice.

Continue reading "Pen testing crucial to passing audits" »


Using VSTORE to Verify 3000 Backups

Card VerificationHidden, to some managers running HP 3000s, is the VSTORE command of MPE/iX to employ in system backup verification. It's good standard practice to include VSTORE in every backup job's command process. If your MPE references come from Google searches instead of reading your NewsWire, you might find it a bit harder to locate HP's documentation for VSTORE. You won't find what you'd expect inside a MPE/iX 7.5 manual. HP introduced VSTORE in MPE/iX 5.0, so that edition of the manual is where its details reside.

For your illumination, here's some tips from Brian Edminster, HP 3000 and MPE consultant at Applied Technologies and the curator of the MPE Open Source repository, MPE-OpenSource.org.

If possible, do your VSTOREs on a different (but compatible model) of tape drive than the one the tape was created on. Why? DDS tape drives (especially DDS-2 and DDS-3 models) slowly go out of alignment as they wear.

In other words, it's possible to write a backup tape, and have it successfully VSTORE on the same drive. But if you have to take that same tape to a different server with a new and in-alignment drive, you could have it not be readable! Trust me on this -- I've had it happen.

If you'll only ever need to read tapes on the same drive as you wrote them, you're still not safe. What happens if you write a tape on a worn drive, have the drive fail at some later date -- and that replacement drive cannot read old backup tapes? Yikes!

Continue reading "Using VSTORE to Verify 3000 Backups" »


Migrators make more of mobile support app

A serious share of HP 3000 sites that have migrated to HP's alternative server solutions have cited vendor support as a key reason to leave MPE. Hewlett-Packard has been catering to their vendor-support needs with an iPhone/Android app, one which has gotten a refresh recently.

HPSCm screenshotsFor customers who have Connected Products via HP's Remote Support technologies, the HP Support Center Mobile (HPSCm) app with Insight Online will automatically display devices which are remotely monitored. The app allows a manager to track service events and related support cases, view device configurations and proactively monitor HP contracts, warranties and service credits.

Using the app requires that the products be linked through the vendor's HP Passport ID. But this is the kind of attempt at improving support communication which 3000 managers wished for back in the 1990s. This is a type of mobile tracking that can be hard to find from independent support companies. To be fair, that's probably because a standard phone call, email or text will yield an immediate indie response rather than a "tell me who you are, again" pre-screener.

But HPSCm does give a manager another way to link to HP support documents (PDF files), something that would be useful if a manager is employing a tablet. That content is similar to what can be seen for free, or subject to contract by public audiences, via the HP Business Portal. (Some of that content is locked behind a HP Passport contract ID.) This kind of support -- for example, you can break into a chat with HP personnel right from the phone or tablet -- represents the service that some large companies seem to demand to operate their enterprise datacenters.

Weird-zucchiniThere's also a Self-Solve feature in the HP mobile app, to guide users to documents most likely to help in resolving a support issue. Like the self-check line in the grocery, it's supposed to save time -- unless you've got a rare veggie of a problem to look up.

Continue reading "Migrators make more of mobile support app" »


A Week When HP Gave OpenMPE the Floor

OpenMPE2005CSYmeet3000 community members at HP's facility for the OpenMPE meeting that replaced the scrubbed HP World 2005. From left, Walt McCullough, HP's Craig Fairchild and Mike Paivinen, Birket Foster (standing) and Stan Sieler.

It was a Maple floor, to be exact, in the Maple Room of the HP campus that's now long-demolished. On this day in 2005, in the wake of a washout of the user group Interex and its conference, the OpenMPE board met with HP to earn a space for an all-day meeting. HP extended use of its Maple Room -- where many a product briefing for the 3000 line had been held -- to the advocacy group that had fought for more time and better programs for migration and homesteading users.

In what feels like a long time ago, given all else that has changed, Interex closed its doors during this week in 2005 owing $4 million to companies small and large. The unpaid debts ranged from individuals owed as little as $8.30 on the unserved part of a yearly membership, to HP World booth sponsors who paid $17,000 for a space that the group could not mount in San Francisco. Then there were the hotels, which lost hundreds of thousands of dollars in unpaid room reservation guarantees. At five creditors to a page, the list of people and companies which the user group owed ran to more than 2,000 sheets. The file at the Santa Clara courthouse felt thick in my hands.

There was little money left at the end, too. The Interex checking account held $5,198.40, and a money market fund had $14,271.64 — neither of which was enough to satisfy the total unpaid compensation for an outside sales rep ($65,604 in unpaid commissions) or executive director Ron Evans (who had to forego his last paycheck of $8,225).

That OpenMPE meeting in August, in place of the Interex show, was notable in way that Interex could never manage. 3000 managers and owners could attend via phone and the web, using meeting software that let them ask questions and see slides while they could hear presentations.

Continue reading "A Week When HP Gave OpenMPE the Floor" »


Maximum Disc Replacement for Series 9x7s

Software vendors, as well as in-house developers, keep Series 9x7 servers available for startup to test software revisions. There are not very many revisions to MPE software anymore, but we continue to see some of these oldest PA-RISC servers churning along in work environments.

9x7s, you may ask -- they're retired long ago, aren't they? Less than one year ago, one reseller was offering a trio for between $1,800 (a Series 947) and $3,200. Five years ago this week, tech experts were examining how to modernize the drives in these venerable beasts. One developer figured in 2009 they'd need their 9x7s for at least five more years. For the record, 9x7s are going to be from the early 1990s, so figure that some of them are beyond 20 years old now.

"They are great for testing how things actually work," one developer reported, "as opposed to what the documentation says, a detail we very much need to know when writing migration software. Also, to this day, if you write and compile software on 6.0, you can just about guarantee that it will run on 6.0, 6.5, 7.0 and 7.5 MPE/iX."

BarracudaSome of the most vulnerable elements of machines from that epoch include those disk drives. 4GB units are installed inside most of them. Could something else replace these internal drives? It's a valid question for any 3000 that runs with these wee disks, but it becomes even more of an issue with the 9x7s. MPE/iX 7.0 and 7.5 are not operational on that segment of 3000 hardware.

Even though the LDEV1 drive will only support 4GB of space visible to MPE/iX 6.0 and 6.5, there's always LDEV2. You can use virtually any SCSI (SE SCSI or FW SCSI) drive, as long as you have the right interface and connector.

There's a Seagate disk drive that will stand in for something much older that's bearing an HP model number. The ST318416N 18GB Barracuda model -- which was once reported at $75, but now seems to be available for about $200 or so -- is in the 9x7's IOFDATA list of recognized devices, so they should just configure straight in. Even though that Seagate device is only available as refurbished equipment, it's still going to arrive with a one-year warranty. A lot longer than the one on any HP-original 9x7 disks still working in the community.

Continue reading "Maximum Disc Replacement for Series 9x7s" »


HP gives leadership to Whitman top-down

Hewlett-Packard announced that it's giving the leadership of its board of directors to CEO Meg Whitman, after two chairmen had led the board but not the company in the years following CEO Mark Hurd's ouster.

Whitman joined the HP board in 2011, arriving about five months after Hurd left the company, but she didn't take her CEO role until the fall of that year. She's wrapping up her third year as CEO. Analysts see the addition of chairman to her duties as proof that HP's now her company to lead in totality.

Over the last two decades, only three other people have chaired the HP board as well as held the CEO role: Hurd, Carly Fiorina and Lew Platt. It's usually been an ultimate vote of confidence about a CEO's track record. None of the CEOs began their leadership of the company while heading up the board as well. Platt took his chairman's role from founder David Packard within a year of becoming CEO. Fiorina took the post from Dick Hackborn, 14 months after becoming CEO. Whitman becomes the third woman ever to lead the HP board, following Fiorina and Patricia Dunn. The latter took her job in the wake of Fiorina's ouster.

Screen Shot 2014-07-18 at 6.07.39 PMLeadership of Hewlett-Packard remains an issue for the migrated as well as migrating 3000 customers -- at least those who are investing in HP's alternatives to MPE. Whitman's record since taking her CEO duties has been admirable and at times heroic. She presided over a company in the early winter of 2012 with a stock valued at under $12 a share. In the course of her CEO term, Whitman's weathered the detritus of weak acquisitions such as Autonomy as well as the steep slowing of its services business growth. Whitman voted for Autonomy's acquisition as a board member, early in her directorship. But since 2013 she has championed growth through R&D rather than purchasing companies such as EDS and Compaq.

The board now contains only one longstanding HP employee, Ann Livermore, who serves as executive advisor to Whitman. More than 15 years ago, Livermore was passed over for the CEO job in favor of Fiorina -- but Livermore represents one of the last board members whose pedigree is in technology rather than business management. Livermore has been an HP employee since 1982.

Ralph Whitworth, who's reported to be in poor health, resigned the chairmanship he held since last year to make way for Whitman, as well as vacating his board seat. Klaus Kleinfeld, chairman and chief executive of Alcoa, arrives at the board to take Whitworth's seat. 


TBT: When users posterized HP's strategy


PosterLargeThe
Orange County Register captured this picture of the football-field sized poster that users assembled to call notice to the 3000 at the annual Interex show. We offer it in our collection of ThrowBack Thursday photos. Click on it for detail.

Recent news about a decline in the health of community guru Jeff Kell sparked a link to another 3000 icon: Wirt Atmar. The founder of AICS Research shared some medical conditions with Kell, but Wirt was never at a loss for gusto and panache. Twenty-eight years ago he started a print job in July, one that wouldn't be complete until the following month, when HP World convened in Anaheim. The 1996 show was held not too far from a high school football field -- one where ardent users of the 3000 wanted to make publicity for their beloved MPE server.

WirtAtPosterThousands of panels rolled out of Wirt's HP DesignJet plotter, driven by an HP 3000 at his Las Cruces, New Mexico headquarters, each making up a small section of the World's Largest Poster. HP had set the record for largest poster just a few months earlier, with a basketball court's worth of 8x11 sheets, placed carefully to make a giant picture of Mickey Mouse. Wirt and his league of extraordinary advocates took on another element while they aimed at a bigger poster, by far. This World's Largest Poster was to be assembled outdoors, in the Santa Ana winds of Southern California.

All morning on that summer day the winds continued to climb, testing the resolve of a growing number of volunteers. Panels would spring up in the breeze, which seemed to flow from every possible direction. Atmar, whose company had printed the thousands of panels over a six week period and who had driven the poster in a U-Haul truck from New Mexico, stood alongside the poster's edge and gave instruction on holding it in place, using gutter-width roofing nails pressed into the turf.

But by 11 AM, no more nails were on hand, and the question was on everyone's lips -- where are they? The winds climbed with the sun in the sky, and volunteers were forced to use shoes and poster tubes to hold the panels in place. As a section would rise up, dedicated customers would call out,"It's coming up!" and then race to tack it in place, an organic version of a fault-tolerant system.

Wirt on the fieldThe document of about 36,000 square feet was somehow kept in place on the high school football field. The work of printing began in July. When Wirt was finally able to point across the field, at the completed poster, he breathed a sigh of relief and good natured fatigue. He quipped that after printing the four-foot rolls of paper needed for the poster, loading them into a van for the trip to California represented “the summer corporate fitness program for AICS Research.”

Continue reading "TBT: When users posterized HP's strategy" »


Kell carries key account of 3000 revival

We've come to learn that community icon Jeff Kell is battling a serious illness. While I wish this keystone of MPE wisdom a quick recovery, and the best wishes to his wife, I'd like to share some insights he relayed about the transition from Classic 3000s to the ultimate edition of the server he's worked on and cared for most of his career at the University of Tennessee at Chattanooga.

Concept of RISCI'd asked Kell to explain what the HP CEO during that transition era, John Young, might have been talking about while the CEO told Computerworld in 1985 about the strategy of RISC. As the clipping from Computerworld to the left shows, Young was a lot less than clear about what RISC would do for HP's long-term computing plans. A comment in the second paragraph of the clipping -- about networking, one of Kell's most ardent studies -- made me want to reach out to him earlier this summer. Young's conflation of "9000 series terminals emulated the 3000 architecture in some ways, but not really completely" was something Kell could clear up.

I'm not aware of any similarities [Young noted] between 3000/9000 Series except after adoption of RISC, and they used the same processors/hardware. They may have shared some peripheral hardware earlier, but certainly had little in common until RISC. The 3000/9000 had practically nothing in common prior to that other than perhaps HP-IB peripherals.

Network-wise, the 9000-series was following the ARPA/Ethernet track, while the 3000 initially started down the IEEE/OSI architecture. Ethernet was only accepted by the 3000 as an afterthought, it was a checkbox on the NMCONFIG dialogue if you wanted to allow it, and it defaulted to OFF.

So unless Young was talking post-RISC (timeframe is wrong), I'm not sure how he would compare 3000/9000 lines at all. The initial RISC 3000s were in the last half of the 1980s. If I recall correctly, my "migration training" to the "new" 3000s was at the Atlanta response center around 1985 (or a little later) and we were expecting a 930. We ended up with a 950 (since the 930 sucked so badly.) But I do recall many of the details.

Continue reading "Kell carries key account of 3000 revival" »


3000 jobs still swinging their shingles

Help+wantedThe Help Wanted sign remains out in the 3000 community for a couple of positions this week, genuine jobs that involve no migration of the server out of datacenters. Multiple offers inside the same week might actually give the employers a chance to compete with one another. But given the limited number of openings for MPE work, applicants aren't likely to be using one offer to leverage another.

At Cerro Wire, IT Director Herb Statham is looking for a programmer/analyst. Cerro Wire manufactures and distributes electrical wire for the residential and commercial building industries. Statham has been in the news in the past as an IT pro with a serious interest in the Stromasys emulator. Emulator interest has been known to be an indicator of a stable future for MPE applications.

Statham is looking for a P/A who knows COBOL for the 3000, IMAGE, MPE, and Suprtool. There's also Qedit, Adager, Netbase, Bridgeware, and byRequest running at the site in north central Alabama. The job's tasks run to development, change implementation, documentation and design, as well as planning. Applicants can send a resume to Statham at his email address.

Over at Measurement Specialties, the job we first noted near the end of June remains open. Business Systems Director Terry Simpkins is still open to reviewing resumes for a Business Analyst post.

Continue reading "3000 jobs still swinging their shingles" »


Protecting a Server from DDoS Attacks

For anybody employing a more Web-ready server OS than MPE, or any such server attached to a network, Distributed Denial of Service (DDoS) presents a hot security and service-level threat. Migrating sites will do well to study up on these hacks. In the second of two parts, our security writer Steve Hardwick shares preventative measures to reduce the impacts to commodity-caliber enterprise computing such as Linux, Unix or Windows.

By Steve Hardwick, CISSP
Oxygen Finance

SecurityScrabbleDDoS attacks can be very nasty and difficult to mitigate. However, with the correct understanding of both the source and impact of these attacks, precautions can be taken to reduce their impact. This includes preventing endpoints from being used as part of a botnet to attack other networks. For example, a DDoS virus may not affect the infected computer, but it could wreak havoc on the intended target.

One legitimate question is why a DDoS attack be would used. There are two main reasons:

1) As a primary attack model. For example, a group of hacktivists want to take down a specific website. A virus is constructed that specifically targets the site and then is remotely triggered. The target site is now under serious attack.

2) As part of a multi stage attack. A firewall is attacked by an amplified Ping Flood attack. The firewall can eventually give up and re-boot (sometimes referred to as “failing over”). The firewall may reboot in a “safe” mode, fail over, or back-up configuration. In many cases this back-up configuration contains minimal programming and is a lot easier to breach and launch the next phase of the attack. I've had experiences where the default fail-over configuration of a router was wide open -- allowing unfiltered in-bound traffic.

DDoS attacks are difficult to mitigate, as they attack several levels of the network. However, there are some best practices that can be employed to help lessen the threat of DDoS attacks.

Continue reading "Protecting a Server from DDoS Attacks" »


Understanding the Roots of DDoS Attacks

Editor’s Note: While the summertime of pace of business is upon us all, the heat of security threats remains as high as this season's temperatures. Only weeks ago, scores of major websites, hosted on popular MPE replacement Linux servers, were knocked out of service by Distributed Denial of Service DDoS attacks. Even our mainline blog host TypePad was taken down. It can happen to anybody employing a more Web-ready server OS than MPE, to any such server attached to a network -- so migrating sites will do well to study up on these hacks. Our security writer Steve Hardwick shares background today, and preventative measures next time.

By Steve Hardwick, CISSP
Oxygen Finance

DDOS-AttackDistributed Denial of Service (DDoS) is a virulent attack that is growing in number over the past couple of years. The NSFOCUS DDoS Threat Report 2013 recorded 244,703 incidents of DDoS attacks throughout last year. Perhaps the best way to understand this attack is to first look at Denial Of Service, (DoS) attacks. The focus of a DoS attack is to remove the ability of a network device to accept incoming traffic. DoS attacks can target firewalls, routers, servers or even personal computers. The goal is to overload the network interface such that it either it unable to function or it shuts down.

A simple example of such an attack is a Local Area Network Denial. This LAND attack was first seen around 1997. It is accomplished by creating a specially constructed PING packet. The normal function of ping is to take the incoming packet and send a response to the source machine, as denoted by the source address in the packet header. In a LAND attack, the source IP address is spoofed and the IP address of the target is placed in the source address location. When the target gets the packet, it will send the ping response to the source address, which is its own address. This will cause the target machine to repeatedly send responses to itself and overload the network interface. Although not really a threat today, some older versions of operating systems -- such as the still-in-enterprises Windows XP SP2, or Mac OS MacTCP 7.6.1 -- are susceptible to LAND attacks.

So where does the Distributed part come from? Many DoS attacks rely on the target machine to create runaway conditions that cause the generation of a torrent of traffic that floods the network interface. An alternative approach uses a collaborative group of external machines to source the attack. For example, a virus can be written that sends multiple emails to a single email address. The virus also contains code to send it to everyone in the recipient's email address book. Before long, the targeted server is receiving thousands of emails per hour -- and the mail server becomes overloaded and effectively useless.

Continue reading "Understanding the Roots of DDoS Attacks " »


TBT: The month fem-power first led HP

You only have to go back 15 years to find a Throwback Thursday photo that captured watershed change for the HP 3000's creators. Carly Fiorina was named as HP's sixth CEO on a Monday in July, the start of the finale for a company's business way which created Hewlett-Packard-designed products as its biggest business.

HP-CEO-FiorinaFiorina was all of 44 years old when she took a chair that had always been held by men over the first 60 years of HP's existence. In a BusinessWeek story that marked her ascent, the woman who'd become known only as Carly explained that she'd talked Dick Hackborn into staying on HP's board of directors. Telling readers that "Carly Fiorina has a silver tongue and an iron will," reporter Peter Burrows relayed Carly's own admission of feminine business power. The CEO-to-be said she was interviewed in a Chicago airport club restaurant.

"You can't tell me there's a better person for the job,'' she told Hackborn as the Gaslight's waitresses, clad in skimpy uniforms and fishnet stockings, made their rounds. Over the course of three hours, Hackborn agreed [to helm the board]. ''And no, I did not put on fishnet stockings,'' Fiorina says with a laugh. ''Don't even go there.''

Carly and GwenAt the time of her ascent, the business media had pegged Carly as the most powerful woman in business, with Oprah running number 2. “She is quite simply the ideal candidate to leverage HP’s core strengths in the rapidly changing information-systems industry and to lead this great company well into the new millennium,” said board member Sam Ginn, who led the search committee. It was a move that would lead the staid company into new eras of panache.

HP’s board said it was pushing for the company’s first outside CEO to lead the company in its new e-services push. Heading up AT&T spinoff Lucent’s $20 billion Global Service Provider division, Fiorina was named America’s Most Powerful Businesswoman in 1998 by Fortune magazine. Her selfies with pop stars came later.

Continue reading "TBT: The month fem-power first led HP " »


How to Employ SFTP on Today's MPE

Is anyone using SFTP on the HP 3000?

Gavin Scott, a developer and a veteran of decades on MPE/iX, says he got it to work reliably at one customer a year or so ago. "We exchanged SSL keys with the partner company," Scott said, "and so I don't think we had to provide a password as part of the SFTP connection initiation."

At least in my environment, the trick to not having it fail randomly around 300KB in transfers (in batch) was to explicitly disable progress reporting -- which was compiled into the 3000 SFTP client as defaulting to "on" for some reason. I forget the exact command that needed to be included in the SFTP command stream (probably "progress <mumble>" or something like that), but without that, it would try to display the SFTP progress bar. This caused it to whomp its stack or something similarly bad when done in a batch job, due to the lack of any terminal to talk to.

Continue reading "How to Employ SFTP on Today's MPE" »


That MPE spooler's a big piece to replace

PrintspoolerMigration transitions have an unexpected byproduct: They make managers appreciate the goodness that HP bundled into MPE/iX and the 3000. The included spooler is a great example of functionality which has an extra cost to replace in a new environment. Unlike in Windows with MBF Scheduler, Unix has to work very had to supply the same abilities -- and that's the word from one of the HP community's leading Unix gurus.

Bill Hassell spread the word about HP-UX treasures for years from his own consultancy. While working for SourceDirect as a Senior Sysadmin expert, he noted a migration project where the project's manager noted Unix tools weren't performing at enterprise levels. Hassell said HP-UX doesn't filter many print jobs.

MPE has an enterprise level print spooler, while HP-UX has very primitive printing subsystem. hpnp (HP Network Printing) is nothing but a network card (JetDirect) configuration program. The ability to control print queues is very basic, and there is almost nothing to monitor or log print activities similar to MPE. HP-UX does not have any print job filters except for some basic PCL escape sequences such as changing the ASCII character size.

While a migrating shop might now be appreciating the MPE spooler more, some of them need a solution to replicate the 3000's built-in level of printing control. One answer to the problem might lie in using a separate Linux server to spool, because Linux supports the classic Unix CUPS print software much better than HP-UX.

Continue reading "That MPE spooler's a big piece to replace" »


User says licensing just a part of CHARON

Dairylea-Districts-0809Licensing the CHARON emulator solution at the Dairylea Cooperative has been some work, with some suppliers more willing to help in the transfer away from the compay's Series 969 than others. The $1.7 billion organization covers seven states and at least as many third party vendors. “We have a number of third party tools and we worked with each vendor to make the license transfers,” said IT Director Jeff Elmer. 

“We won’t mention any names, but we will say that some vendors were absolutely wonderful to work with, while others were less so. It’s probably true that anyone well acquainted with the HP 3000 world could make accurate guesses about which vendors fell in which camp.”

Some vendors simply allowed a transfer at low cost or no cost; others gave a significant discount because Dairylea has been a long-time customer paying support fees. ”A couple wanted amounts of money that seemed excessive, but in most cases a little negotiation brought things back within reason,” Elmer said. The process wasn’t any different than a customary HP 3000 upgrade: hardware costs were low, but software fees were significant.

Continue reading "User says licensing just a part of CHARON" »


Co-op works out CHARON IO differences

Editor's note: Starting tomorrow it's a business holiday week's-end here in the US, so we are taking a few days to relax in a family reunion on the waters of a very well known Bay. We'll be back at our reporting on Monday.

At the Dairylea Cooperative in the Northeastern US, moving away from classic HP 3000 hardware to CHARON meant a bit of a learning curve. But the changes were something that even had a few blessings in disguise.

Moving files via FTP from the retired HP 3000 would be quicker and easier, said IT Director Jeff Elmer, "but of course it would require the physical box to be on the network. Getting our DLT 8000s to work with the emulator required some research, and some trial and error, but once you know the quirks and work around them, it’s actually quite reliable,” he said.

A new disaster recovery server had to be acquired. Dairylea purchased a ProLiant server identical to the one running what Elmer calls “our production emulator,”  The DR emulator is installed it in the same city where the physical HP 3000 DR box was, complete with tape drives. Stromasys supplies a USB key for the DR emulator as part of the support fees; the key contains HPSUSAN and HPCPUNAME codes required to boot up MPE and other software. The key is good for 360 hours of DR operation “and it expires at the same time our annual support does.”

Continue reading "Co-op works out CHARON IO differences" »


Northeastern cooperative plugs in CHARON

A leading milk and dairy product collective, a century-plus old, is drawing on the Stromasys emulator’s opportunity.

A $1.2 billion milk marketing cooperative — established for more than 100 years and offering services to farmers including lending, insurance and risk management — has become an early example of how to replace Hewlett-Packard’s 3000 and retain MPE software while boosting reliability.

The Dairylea Cooperative has been using the Stromasys CHARON emulator since the start of December, 2013, according to IT director Jeff Elmer. The organization that was founded in 1907 serves dairy owners across seven states in the US Northeast, a collective that had been using two Hewlett-Packard brand RISC servers for MPE operations.

Dairylea has taken its disaster recovery 3000 offline since December 1. Although HP’s physical 3000 server is still powered up, it’s been off the network all year while production continues. “Once we made the switch to the emulator, we never went back to the physical box,” Elmer said. ‘We can’t see any reason to at this point.” 

“However much we may love HP’s 3000 hardware, the disk drives are still older than half of our IS department. Some of our users never knew there was a change.”

Continue reading "Northeastern cooperative plugs in CHARON" »