From dombrowh@sdsc.edu Thu Dec 19 07:24:54 1996 Return-Path: Received: from pauline.sdsc.edu (pauline.sdsc.edu [132.249.40.68]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id HAA02724; Thu, 19 Dec 1996 07:24:53 -0800 (PST) Received: from jayd-fr-mac.remote.sdsc.edu by pauline.sdsc.edu (5.65/1.11-client) with SMTP id AA08838; Thu, 19 Dec 1996 07:24:48 -0800 X-Sender: dombrowh@pop.sdsc.edu Message-Id: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 19 Dec 1996 07:26:08 -0800 To: ntgang@sdsc.edu From: Jay Dombrowski Subject: general info Cc: dombrowh@sdsc.edu Status: RO X-Status: A Hello, I have read the message that Mike V sent to me about the newly formed group "NTgang". Sorry for the wide distribution but I would like to join the mail list and its not clear how one does that. You have touched on a couple of issues reguarding reference system and security. From a network point of view, I would like to ensure that we put the NT systems on the standard workstation ip networks thoughout the building as soon a possible (currently they are on the MAC or net66 networks which are NOT the perferred nets). Depending on which building, the network access can be 10/100Mbs. With most NT systems support very fast pentium processors they could be high network bandwidth contenders. I wanted to bring up the notion of WIN95 management and intergration into the fold. Are these user system to be thought of (from a trust point of view) like MAC's? Is there enought similarity to work them into the NT domain? Im gald to see that we (SDSC) consider the NT a worthy OS that needs our attention. Im prepared to help any way I can in supporting your effort. thanks jd Jay Dombrowski 619-534-5023 dombrowh@sdsc.edu fax 619-534-5152 From zhengc@Sdsc.Edu Thu Dec 19 10:42:48 1996 Return-Path: Received: from mario.sdsc.edu (mario.sdsc.edu [132.249.22.100]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id KAA16502; Thu, 19 Dec 1996 10:42:46 -0800 (PST) Received: from localhost by mario.sdsc.edu (4.1/1.11-client) id AA25775; Thu, 19 Dec 96 10:42:46 PST Date: Thu, 19 Dec 1996 10:42:45 -0800 (PST) From: Cindy Zheng To: Jay Dombrowski Cc: ntgang@Sdsc.Edu Subject: Re: general info In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Status: RO X-Status: Welcome, Jay, for joining the gang and for your input! I'll ask Don to add you in the list. You give very good info and raised good points. Now I know our NT workstations are on the net66 :). Please tell the gang the difference between standard workstation networks and net66? Bandwidth? Security requirement? etc.? Since our goal is to intergrade NT into our UNIX environment, we will want to have them on our standard workstation network. The question is, what are the issues need to be resolved before we can do that. The win95 question acrossed my mind too. Do we have any win95 on our net yet? I know we have some on our remote net - I run win95 at home. NT and win95 are designed to work together, but they are very different. Many issues need to be investigated before we know how to intergrade them into our environment and where to place them on our network. But while our focus is NT, would be beneficial to bear win95 in mind. We definetely will need to answer win95 questions soon.. I'm so glad to have your help in this project, Jay! Any others we need to invite in? Just let me know. Cindy On Thu, 19 Dec 1996, Jay Dombrowski wrote: > > Hello, > > I have read the message that Mike V sent to me about the newly formed group > "NTgang". Sorry for the wide distribution but I would like to join the mail > list and its not clear how one does that. > > > You have touched on a couple of issues reguarding reference system and > security. From a network point of view, I would like to ensure that we put > the NT systems on the standard workstation ip networks thoughout the > building as soon a possible (currently they are on the MAC or net66 > networks which are NOT the perferred nets). Depending on which building, > the network access can be 10/100Mbs. With most NT systems support very > fast pentium processors they could be high network bandwidth contenders. > > I wanted to bring up the notion of WIN95 management and intergration into > the fold. Are these user system to be thought of (from a trust point of > view) like MAC's? Is there enought similarity to work them into the NT > domain? > > Im gald to see that we (SDSC) consider the NT a worthy OS that needs our > attention. Im prepared to help any way I can in supporting your effort. > thanks > jd > > Jay Dombrowski > 619-534-5023 > dombrowh@sdsc.edu > fax 619-534-5152 > > > From joshuap@sdsc.edu Thu Dec 19 10:50:17 1996 Return-Path: Received: from tao.sdsc.edu (joshuap@tao.sdsc.edu [132.249.23.107]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id KAA17002; Thu, 19 Dec 1996 10:50:15 -0800 (PST) Received: from localhost by tao.sdsc.edu (4.1/1.11-client) id AA11354; Thu, 19 Dec 96 10:50:14 PST Date: Thu, 19 Dec 1996 10:50:14 -0800 (PST) From: Joshua Polterock To: Cindy Zheng Cc: Jay Dombrowski , ntgang@sdsc.edu Subject: Re: general info In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Status: RO X-Status: On Thu, 19 Dec 1996, Cindy Zheng wrote: > The win95 question acrossed my mind too. Do we have any win95 on our net > yet? I know we have some on our remote net - I run win95 at home. NT and > win95 are designed to work together, but they are very different. Many > issues need to be investigated before we know how to intergrade them > into our environment and where to place them on our network. But while > our focus is NT, would be beneficial to bear win95 in mind. We definetely > will need to answer win95 questions soon.. I recently attended a one-day seminar on Windows NT/95/3.1.1. The instructor of the NT seminar stated several times throughout the day very specifically, "Windows 95 is not and cannot be entirely secured." For our purposes, I believe we should not allow Win95 on our workstation network. Along these lines, I believe we should not allow dual-boot configurations of Win 95/NT. Dial-up from home through modem/ISDN is another matter. I believe there are fairly secure implementations in this area. As far as answering questions about Windows 95, currently the info tech group does not suppport Windows95. Josh From robertso@sdsc.edu Thu Dec 19 11:01:04 1996 Return-Path: Received: from pauline.sdsc.edu (pauline.sdsc.edu [132.249.40.68]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id LAA17957 for ; Thu, 19 Dec 1996 11:01:02 -0800 (PST) Received: from mr-mac.sdsc.edu by pauline.sdsc.edu (5.65/1.11-client) with SMTP id AA09139; Thu, 19 Dec 1996 11:01:00 -0800 X-Sender: robertso@pop.sdsc.edu Message-Id: In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 19 Dec 1996 11:03:55 -0700 To: ntgang@sdsc.edu From: Michael Robertson Subject: Re: general info Status: RO X-Status: At 10:42 AM -0800 12/19/96, Cindy Zheng wrote: >You give very good info and raised good points. Now I know our NT >workstations are on the net66 :). Please tell the gang the difference >between standard workstation networks and net66? Bandwidth? Security >requirement? etc.? Since our goal is to intergrade NT into our UNIX >environment, we will want to have them on our standard workstation >network. I'm not sure this is the case. There seems to be as much need to get them to talk to the Mac net (200) I think as the Unix net. Since most Unix "talking" is done over IP, it seems more necessary to put them on 200 to get them all playing together (since some services are AppleTalk based). An example of what I'm talking about is printer spooling. Since all the printers are on net 200, the NT server has to be on 200 to setup print spools for the various printers so that other NT users logging into the domain can utilize these printers. There may be pressing reasons to put them all on net 66, but I haven't heard any yet. So far most are configured for net 200. >The win95 question acrossed my mind too. Do we have any win95 on our net >yet? I know we have some on our remote net - I run win95 at home. NT and >win95 are designed to work together, but they are very different. Many >issues need to be investigated before we know how to intergrade them >into our environment and where to place them on our network. But while >our focus is NT, would be beneficial to bear win95 in mind. We definetely >will need to answer win95 questions soon.. The consensus has been to skip 95 and support only NT. I'm not sure of any pressing reasons to support 95 at anytime. Yes, there are a handful of apps that only run under 95, but the vast majority do 95 and NT both. Bringing 95 into the picture just about doubles the work involved since it is a *much* different OS with different problems, concerns, and maintenance issues. Supporting 95 is a vastly different problem than NT because one is a multi-user system and the other is a single user system (ala MacOS). There is an issue of limitting complexity for our support staff simply to make less work. One issue that was mentioned that we seem to have covered for the moment is backups. Any NT machine can be backed up to our present Mac backup system and several machines are currently getting backed up in this manner at the same schedule as the Macs (full backup on weekends, incremental daily). This strategy seems to work well since there's no added hardware, procedures or steps since it utilizes the same software and hardware as the backup system for the Macs. -- Michael ____________________________________________________________________________ Michael Robertson - MR Mac (619) 534-5107 office Personal Computer Consultant San Diego Supercomputer Ctr. robertso@sdsc.edu ____________________________________________________________________________ From joshuap@sdsc.edu Thu Dec 19 11:14:39 1996 Return-Path: Received: from tao.sdsc.edu (joshuap@tao.sdsc.edu [132.249.23.107]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id LAA19073; Thu, 19 Dec 1996 11:14:36 -0800 (PST) Received: from localhost by tao.sdsc.edu (4.1/1.11-client) id AA11550; Thu, 19 Dec 96 11:14:36 PST Date: Thu, 19 Dec 1996 11:14:35 -0800 (PST) From: Joshua Polterock To: Michael Robertson Cc: ntgang@sdsc.edu Subject: Re: general info In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Status: RO X-Status: On Thu, 19 Dec 1996, Michael Robertson wrote: > At 10:42 AM -0800 12/19/96, Cindy Zheng wrote: > >You give very good info and raised good points. Now I know our NT > >workstations are on the net66 :). Please tell the gang the difference > >between standard workstation networks and net66? Bandwidth? Security > >requirement? etc.? Since our goal is to intergrade NT into our UNIX > >environment, we will want to have them on our standard workstation > >network. > > I'm not sure this is the case. There seems to be as much need to get them > to talk to the Mac net (200) I think as the Unix net. Since most Unix > "talking" is done over IP, it seems more necessary to put them on 200 to > get them all playing together (since some services are AppleTalk based). An > example of what I'm talking about is printer spooling. Since all the > printers are on net 200, the NT server has to be on 200 to setup print > spools for the various printers so that other NT users logging into the > domain can utilize these printers. > > There may be pressing reasons to put them all on net 66, but I haven't > heard any yet. So far most are configured for net 200. I think this means we would simply need at least one NT server machine that acted as a gateway to the 200 net. That is, the NT Workstation machines could live on the UNIX subnets with one NT Server machine acting as a gateway between the UNIX subnets and the 200/66 nets. Josh From jeffknee@sdsc.edu Thu Dec 19 11:20:38 1996 Return-Path: Received: from asgard.sdsc.edu (jeffknee@asgard.sdsc.edu [132.249.22.109]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id LAA19558; Thu, 19 Dec 1996 11:20:36 -0800 (PST) Received: from localhost by asgard.sdsc.edu (4.1/1.11-client) id AA04155; Thu, 19 Dec 96 11:20:35 PST Date: Thu, 19 Dec 1996 11:20:35 -0800 (PST) From: Jeffrey Kneeland Reply-To: Jeffrey Kneeland To: Michael Robertson Cc: ntgang@sdsc.edu Subject: Re: general info In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Status: RO X-Status: On Thu, 19 Dec 1996, Michael Robertson wrote: > At 10:42 AM -0800 12/19/96, Cindy Zheng wrote: > >You give very good info and raised good points. Now I know our NT > >workstations are on the net66 :). Please tell the gang the difference > >between standard workstation networks and net66? Bandwidth? Security > >requirement? etc.? Since our goal is to intergrade NT into our UNIX > >environment, we will want to have them on our standard workstation > >network. > > I'm not sure this is the case. There seems to be as much need to get them > to talk to the Mac net (200) I think as the Unix net. Since most Unix > "talking" is done over IP, it seems more necessary to put them on 200 to > get them all playing together (since some services are AppleTalk based). An > example of what I'm talking about is printer spooling. Since all the > printers are on net 200, the NT server has to be on 200 to setup print > spools for the various printers so that other NT users logging into the > domain can utilize these printers. The initial reason for net 66 was security - we had a number of workstations that were here in the building but has unknown characteristics, so we chose to create a new, untrusted network and placed the new hosts there. The macintosh network is not treated as a trusted network, and in that respect is just the same as the 66. When the NT devices had a need to be on net 200, we moved them there. The reason to put the NT devices on the workstation net is for better management of the network - it is much easier to troubleshoot a network of 40 hosts then one with 240. You also see additional benfits on a trusted network as being able to mount filesystems, once the security issues become resolved. I suspect the printing issues could be solved on any of the networks. > > There may be pressing reasons to put them all on net 66, but I haven't > heard any yet. So far most are configured for net 200. There really are not any reasons to have them on net 66, except the effort it takes to move them to 200. > > One issue that was mentioned that we seem to have covered for the moment is > backups. Any NT machine can be backed up to our present Mac backup system > and several machines are currently getting backed up in this manner at the > same schedule as the Macs (full backup on weekends, incremental daily). > This strategy seems to work well since there's no added hardware, > procedures or steps since it utilizes the same software and hardware as the > backup system for the Macs. > > This is the part I am curious about. Is the retrospect backup system for NT appletalk based? If this system cannot use IP for its backup, then that might be a good arguement for keeping the systems on net 200. Traditionally we have been reluctant to run Appletalk on the workstation networks. Jeff From robertso@sdsc.edu Thu Dec 19 11:22:54 1996 Return-Path: Received: from pauline.sdsc.edu (pauline.sdsc.edu [132.249.40.68]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id LAA19781 for ; Thu, 19 Dec 1996 11:22:52 -0800 (PST) Received: from mr-mac.sdsc.edu by pauline.sdsc.edu (5.65/1.11-client) with SMTP id AA10493; Thu, 19 Dec 1996 11:22:50 -0800 X-Sender: robertso@pop.sdsc.edu Message-Id: In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 19 Dec 1996 11:25:49 -0700 To: ntgang@sdsc.edu From: Michael Robertson Subject: Re: general info Status: RO X-Status: Josh, >I think this means we would simply need at least one NT server machine >that acted as a gateway to the 200 net. That is, the NT Workstation >machines could live on the UNIX subnets with one NT Server machine acting >as a gateway between the UNIX subnets and the 200/66 nets. Yes, for this particular instance two ethernet cards in the NT Server will do the trick, but my point is that there are other applications as well. Most of our admin data lives in appletalk accessible services (contact manager, calendar, printers, file servers, etc.) that we'll likely want NT boxes to have access too. -- Michael ____________________________________________________________________________ Michael Robertson - MR Mac (619) 534-5107 office Personal Computer Consultant San Diego Supercomputer Ctr. robertso@sdsc.edu ____________________________________________________________________________ From aaron@sdsc.edu Thu Dec 19 11:24:50 1996 Return-Path: Received: from pauline.sdsc.edu (pauline.sdsc.edu [132.249.40.68]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id LAA20164 for ; Thu, 19 Dec 1996 11:24:48 -0800 (PST) Received: from eva.sdsc.edu by pauline.sdsc.edu (5.65/1.11-client) with SMTP id AA11370; Thu, 19 Dec 1996 11:24:47 -0800 Message-Id: <32B9958E.56B2@sdsc.edu> Date: Thu, 19 Dec 1996 11:20:46 -0800 From: Aaron von Hungen Reply-To: aaron@SDSC.EDU Organization: San Diego Supercomputer Center X-Mailer: Mozilla 3.01 (WinNT; I) Mime-Version: 1.0 To: ntgang@sdsc.edu Subject: subnet Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Status: RO X-Status: Josh pretty much has it here. The way I envision it, the primary focus of the NT machines, as desktop workstations, involves doing things like mounting NFS, and accessing printers on the AppleTalk net seems secondary. Furthermore, as Josh stated, it's only necessary for the NT Server to be on the AppleTalk net in order to make printing available to all the NT clients. Aaron P.S. sorry you got this 2ce, josh. Joshua Polterock wrote: > > On Thu, 19 Dec 1996, Michael Robertson wrote: > > > At 10:42 AM -0800 12/19/96, Cindy Zheng wrote: > > >You give very good info and raised good points. Now I know our NT > > >workstations are on the net66 :). Please tell the gang the difference > > >between standard workstation networks and net66? Bandwidth? Security > > >requirement? etc.? Since our goal is to intergrade NT into our UNIX > > >environment, we will want to have them on our standard workstation > > >network. > > > > I'm not sure this is the case. There seems to be as much need to get them > > to talk to the Mac net (200) I think as the Unix net. Since most Unix > > "talking" is done over IP, it seems more necessary to put them on 200 to > > get them all playing together (since some services are AppleTalk based). An > > example of what I'm talking about is printer spooling. Since all the > > printers are on net 200, the NT server has to be on 200 to setup print > > spools for the various printers so that other NT users logging into the > > domain can utilize these printers. > > > > There may be pressing reasons to put them all on net 66, but I haven't > > heard any yet. So far most are configured for net 200. > > I think this means we would simply need at least one NT server machine > that acted as a gateway to the 200 net. That is, the NT Workstation > machines could live on the UNIX subnets with one NT Server machine acting > as a gateway between the UNIX subnets and the 200/66 nets. > > Josh From joshuap@sdsc.edu Thu Dec 19 11:28:25 1996 Return-Path: Received: from tao.sdsc.edu (joshuap@tao.sdsc.edu [132.249.23.107]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id LAA20379; Thu, 19 Dec 1996 11:28:23 -0800 (PST) Received: from localhost by tao.sdsc.edu (4.1/1.11-client) id AA11642; Thu, 19 Dec 96 11:28:22 PST Date: Thu, 19 Dec 1996 11:28:22 -0800 (PST) From: Joshua Polterock To: Michael Robertson Cc: ntgang@sdsc.edu Subject: Re: general info In-Reply-To: Message-Id: Mime-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Status: RO X-Status: On Thu, 19 Dec 1996, Michael Robertson wrote: > Josh, > > >I think this means we would simply need at least one NT server machine > >that acted as a gateway to the 200 net. That is, the NT Workstation > >machines could live on the UNIX subnets with one NT Server machine acting > >as a gateway between the UNIX subnets and the 200/66 nets. > > Yes, for this particular instance two ethernet cards in the NT Server will > do the trick, but my point is that there are other applications as well. > Most of our admin data lives in appletalk accessible services (contact > manager, calendar, printers, file servers, etc.) that we'll likely want NT > boxes to have access too. Yeeehaah! Now we're flowin'. I am probably wrong on this, but I think all of these services can also be gatewayed by the NT Server box. Also, you probably don't even need to ethernet cards. You can assign more than one IP address to a single ethernet card and tell NT to do the routing if you like. Josh From robertso@sdsc.edu Thu Dec 19 11:41:59 1996 Return-Path: Received: from pauline.sdsc.edu (pauline.sdsc.edu [132.249.40.68]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id LAA21423 for ; Thu, 19 Dec 1996 11:41:57 -0800 (PST) Received: from mr-mac.sdsc.edu by pauline.sdsc.edu (5.65/1.11-client) with SMTP id AA11492; Thu, 19 Dec 1996 11:41:54 -0800 X-Sender: robertso@pop.sdsc.edu Message-Id: In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 19 Dec 1996 11:44:45 -0700 To: ntgang@sdsc.edu From: Michael Robertson Subject: Re: general info - backup systems and what about CHRP boxes?? Status: RO X-Status: A At 11:20 AM -0800 12/19/96, Jeffrey Kneeland wrote: >This is the part I am curious about. Is the retrospect backup system for >NT appletalk based? If this system cannot use IP for its backup, then >that might be a good arguement for keeping the systems on net 200. >Traditionally we have been reluctant to run Appletalk on the workstation >networks. Good question. No, the Retrospect system can run over AppleTalk or IP. So for NT boxes, we're using IP configurations which is great because it doesn't matter what net they're on. We haven't used IP for Macs simply because legacy dictates AppleTalk. Eventually all AppleTalk services will have IP capabilities, it's a general trend. We've already seen that in our database server (Filemaker) which NT boxes can talk directly to our backup server (mentioned above). So if we wait long enough it won't matter what net they live on with respect to accessing our existing admin data sources and services. I'm not saying that they should absolutely be on net 200 - clearly there are lots of issues. I'm just bringing up one side of the coin. Another issue is dual boot systems. First quarter of 97, we should have some CHRP boxes in house which will have the ability to boot up many different OSes like flavors of Unix, NT, and MacOS. This has obvious implications. If you're putting boxes on different nets, then users will need two ethernet cards to have a dual boot system that resides on different nets and the added complexity that goes along with that. Consolidating devices onto nets alleviates this limitation. I guess it depends on the user population you're focusing on serving. If NT boxes are going to Unix heads, then they're much more likely to want NFS and other common Unix services. This would suggest Unix net is better or more important. If you're thinking about incorporating NT boxes into our admin environment, then closer ties with Mac net should be a strong consideration. It's likely we'll want some of both. I imagine that another net for NT boxes would mean lots more work and I'm not sure what it would buy us. Just considering all the possibilities here. -- Michael ____________________________________________________________________________ Michael Robertson - MR Mac (619) 534-5107 office Personal Computer Consultant San Diego Supercomputer Ctr. robertso@sdsc.edu ____________________________________________________________________________ From snangia Thu Dec 19 13:44:02 1996 Return-Path: Received: from silicon (snangia@silicon.sdsc.edu [132.249.22.231]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id NAA02497 for ; Thu, 19 Dec 1996 13:44:00 -0800 (PST) From: Sunit Nangia Received: by silicon (SMI-8.6/1.11-client) id NAA09742; Thu, 19 Dec 1996 13:43:59 -0800 Message-Id: <199612192143.NAA09742@silicon> Subject: NT vulnerable to attack on CPU (fwd) To: ntgang Date: Thu, 19 Dec 1996 13:43:58 -0800 (PST) X-Mailer: ELM [version 2.4 PL25] Content-Type: text Status: RO X-Status: A Just got this from the bugtraq mailing list and thought this might be of interest to those working on the NT project. -Sunit ------ Forwarded message: > Date: Thu, 19 Dec 1996 13:40:58 -0600 > From: Aleph One > Subject: NT vulnerable to attack on CPU > To: Multiple recipients of list BUGTRAQ > > http://www.pcweek.com/news/1216/18ent.html > > December 18, 1996 5:45 PM ET > _NT vulnerable to attack on CPU_ > _By Eamonn Sullivan_ > > Errors in the way Windows NT schedules concurrently running > applications leave it vulnerable to a simple, but very effective, > denial of service attack, according to a Windows NT expert. > > "This is a wide-open hole just waiting for exploitation by an ActiveX > control," said Mark Russinovich, a consulting associate with Open > Systems Resources Inc. who discovered the vulnerability this week. The > flaw is particularly serious, since it can be easily exploited by an > ActiveX control or by a Netscape plug-in. > > Russinovich wrote a simple utility that, while running with no special > security privileges, is able to take complete control of any Windows > NT server or workstation, rendering it useless for any other > applications. The algorithm used by Windows NT to protect itself > against such CPU-hogging attacks appears to be seriously flawed and > ineffective, Russinovich said. > > The source code for the utility, which is called CpuHog, is available > on the Web at www.ntinternals.com. > > _How it works_ > > Basically, Russinovich's program exploits a vulnerability in the way > Windows NT schedules the execution of processes. > > Applications can set their own priority level, which affects how often > Windows NT allows those applications to run. An application running > under a user account with administrative privileges can set its > priority to any of 32 levels, with the highest level giving it more > time slices. Applications running under accounts without > administrative privileges can set their priority to any of the first > 16 of those levels. > > CpuHog sets its priority to the highest level available, which is > level 16 when run by a normal user. Windows NT attempts to deal with > CPU-hogging applications by boosting the priority of other > applications. However, Russinovich found that Windows NT will only > boost applications as high as level 15. Thus, all other applications - > even system utilities such as Task Manager - never get a chance to > execute while CpuHog is running. > > PC Week Labs was able to duplicate Russinovich's findings. When run on > Windows NT 4.0, for example, the only way to regain control once > CpuHog was executed was to reset the PC. > > _Old problem _ > > Hogging the CPU is one of the oldest known forms of denial of service > attack. So old, in fact, that many operating systems have developed a > defense. Many forms of Unix allow administrators to set limits on CPU > usage by user - limiting any one user to 50 percent of available CPU > cycles, for example. > > Almost all forms of Unix also automatically decrease the priority of > the highest-priority processes when applications become starved for > CPU time, which is the opposite of what Windows NT does. > > Russinovich said Microsoft could get around the problem fairly easily > in one of two ways: Either increase the maximum priority given to > other, CPU-starved applications above level 15, or increase the > priority of the Task Manager above level 16, so that it can be used to > end CPU-hogging applications. > > Microsoft officials contacted for this story did not have a comment, > other than to say they are researching the problem. > > [LINK] > > _Copyright(c) 1996 Ziff-Davis Publishing Company. All rights reserved. > Reproduction in whole or in part in any form or medium without express > written permission of Ziff-Davis Publishing Company is prohibited. PC > Week and the PC Week logo are trademarks of Ziff-Davis Publishing > Company. PC Week Online and the PC Week Online logo are trademarks of > Ziff-Davis Publishing Company._ > > > _Send mail to PC Week_ > From robertso@sdsc.edu Thu Dec 19 15:41:27 1996 Return-Path: Received: from pauline.sdsc.edu (pauline.sdsc.edu [132.249.40.68]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id PAA09747 for ; Thu, 19 Dec 1996 15:41:26 -0800 (PST) Received: from mr-mac.sdsc.edu by pauline.sdsc.edu (5.65/1.11-client) with SMTP id AA13645; Thu, 19 Dec 1996 15:41:24 -0800 X-Sender: robertso@pop.sdsc.edu Message-Id: In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 19 Dec 1996 15:42:34 -0700 To: Cindy Zheng From: Michael Robertson Subject: Re: general info - backup systems and what about CHRP boxes?? Status: RO X-Status: >Wow! :) Thanks everyone for all the good information! Would be good >to have a meeting and do some fast talking (not good for me - I'm >slow :) Since we are too close to the holiday break, I think we will >start our meetings after we come back next year. I will solicit for time >and agenda then. Yes, this is a good idea. Collectively, I think we can make some thoughout decisions about the best way to proceed. -- Michael ____________________________________________________________________________ Michael Robertson - MR Mac (619) 534-5107 office Personal Computer Consultant San Diego Supercomputer Ctr. robertso@sdsc.edu ____________________________________________________________________________ From schroede Thu Dec 19 16:29:18 1996 Return-Path: Received: from number6.sdsc.edu (schroede@number6.sdsc.edu [132.249.22.110]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id QAA13364 for ; Thu, 19 Dec 1996 16:29:15 -0800 (PST) Received: by number6.sdsc.edu (4.1/1.11-client) id AA02044; Thu, 19 Dec 96 16:29:14 PST Date: Thu, 19 Dec 96 16:29:14 PST Message-Id: <9612200029.AA02044@number6.sdsc.edu> From: Wayne Schroeder To: ntgang Subject: [usenix-nt-mailing-owner@usenix.ORG: USENIX Windows NT Workshop] Status: RO X-Status: FYI. Might be a worthwhile conference. - Wayne - ------- Start of forwarded message ------- Return-Path: From: usenix-nt-mailing-owner@usenix.ORG Date: Thu, 19 Dec 1996 15:24:54 -0800 (PST) Errors-To: usenix-nt-mailing-owner@usenix.ORG Reply-To: usenix-nt-mailing-request@usenix.ORG Subject: USENIX Windows NT Workshop Dear SOSP Attendee, The USENIX Windows NT Workshop will be held August 11-13, 1997 in Seattle. The workshop is a forum for researchers actively using or planning to use Windows NT to discuss ideas and share information, experiences, and results. While an increasing amount of research work is being done on Windows NT, until now there has been no common forum where researchers could gather and learn from each other's work. This workshop is intended to address this need. The workshop will include technical presentations of submitted position papers, invited talks, break-out sessions for highly interactive focused discussions, informal birds-of-a-feather sessions, and tutorials. While proceedings will be published, the primary purpose of the workshop is to facilitate 2.5 to 3 days of useful interaction among the participants -- not to provide yet another specialized systems publication venue. Position papers are due on March 3, 1997. For more workshop information, including the call for participation, see: http://www.usenix.org/usenix-nt/ We encourage anyone using or adopting Windows NT as their research base to participate. Also, please pass this note on to colleagues who might also be interested. We hope to see you there! Sincerely, Ed Lazowska and Mike Jones Workshop Co-Chairs ------- End of forwarded message ------- From schroede Thu Dec 19 16:48:28 1996 Return-Path: Received: from number6.sdsc.edu (schroede@number6.sdsc.edu [132.249.22.110]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with SMTP id QAA14114 for ; Thu, 19 Dec 1996 16:48:26 -0800 (PST) Received: by number6.sdsc.edu (4.1/1.11-client) id AA02079; Thu, 19 Dec 96 16:48:25 PST Date: Thu, 19 Dec 96 16:48:25 PST Message-Id: <9612200048.AA02079@number6.sdsc.edu> From: Wayne Schroeder To: ntgang Subject: [schroede: [johna@millennianet.com: Microsoft Certified Training at New Horizons]] Status: RO X-Status: One last one... Here's a list of some NT training classes that were available locally a little while ago. I don't know if these are worth the cost and time, but maybe. This sales guy, John Antinone, is no longer with this company, New Horizons Computer Learning Center, but they are probably still offering courses in San Diego. - Wayne - Return-Path: Date: Wed, 6 Mar 1996 11:27:05 -0800 X-Sender: johna@millennianet.com X-Mailer: Windows Eudora Light Version 1.5.2 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: (Recipient list suppressed) From: John Antinone Subject: Microsoft Certified Training at New Horizons Friends, Here is our latest Microsoft training schedule. Due to the high demand for Windows NT training, we have added many new classes! New Horizons is recognized as a Microsoft Authorized Technical Education Center (ATEC). All classes are taught with MS Certified Instructors and courseware developed by Microsoft for ATEC's. Please let mew know if you have any questions re: these course offerings. Also, please forward this schedule on to anyone that you think might be interested. Thanks, John A >>>>>>>>>> NEW HORIZONS COMPUTER LEARNING CENTER <<<<<<<<<< ------------- Microsoft Certified Training ---------------- 505 Supporting Microsoft Windows NT 3.51---$1,879 March 18,19,20,21,22 Mon-Fri>>>7:30-3:30 March 25,26,27,28,29,30 Mon-Sat>>>6-10 M-F, 8-5 Sat April 29,30,1,2,3 Mon-Fri>>>7:30-3:30 487 Supporting Microsoft Windows NT Server 3.51---$1,879 March18,19,20,21,22 Mon-Fri>>>4-11PM April 1,2,3,4,5 Mon-Fri>>>7:30-3:30 April 29,30,1,2,3,4 Mon-Sat>>>6-10 M-F, 8-5 Sat 472 Internetworking Microsoft TCP/IP on MS Windows NT 3.5---$1,499 March4,5,6,7 Mon-Thu>>>7:30-3:30 May 6,7,8,9 Mon-Thu>>>7:30-3:30 May 13,14,15,16,17,18 Mon-Sat>>>6-10 M-F, 8-5 Sat 540 Supporting Microsoft Windows '95---$1,879 March 11,12,13,14,15 Mon-Fri>>>4-11PM April 8,9,10,11,12 Mon-Fri>>>7:30-3:30 April 8,9,10,11,12,13 Mon-Sat>>>6-10 M-F, 8-5 Sat 546 Supporting Microsoft Windows 95 (two-day)---$749 March 26,27 Tue-Wed>>>7:30-3:30 341 Implementing Microsoft Mail 3.2---$1,879 April 22,23,24,25,26 Mon-Fri>>>7:30-3:30 June 3,4,5,6,7 Mon-Fri>>>7:30-3:30 574 System Admin for Microsoft SQL Server 6.0---$1,879 June 10,11,12,13,14,15 Mon-Sat>>>6-10 M-F, 8-5 Sat 646 Supporting Microsoft System Management Server---$1,879 June 24,25,26,27,28,29 Mon-Sat>>>6-10 M-F, 8-5 Sat ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ John Antinone johna@millennianet.com Sun Training Liason (619)558-5555 X133 New Horizons CLC FAX(619)558-5550 9191 Towne Centre Drive Suite 410 San Diego, CA 92122 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ------- End of forwarded message ------- From usenix-nt-mailing-owner@usenix.ORG Thu Dec 19 20:19:34 1996 Return-Path: Received: from rosebud.sdsc.edu (rosebud.sdsc.edu [132.249.40.33]) by franklin.sdsc.edu (8.8.3/8.8.3/SDSCserver-13) with ESMTP id UAA29277 for ; Thu, 19 Dec 1996 20:19:33 -0800 (PST) From: usenix-nt-mailing-owner@usenix.ORG Received: from usenix.ORG (usenix-gw.usenix.ORG [131.106.1.254]) by rosebud.sdsc.edu (8.8.3/8.8.3/SDSC-1) with ESMTP id UAA11501 for ; Thu, 19 Dec 1996 20:19:33 -0800 (PST) Received: (from root@localhost) by usenix.ORG (8.7.5/8.7.3) id TAA07010 for zhengc@sdsc.edu; Thu, 19 Dec 1996 19:22:15 -0800 (PST) Date: Thu, 19 Dec 1996 19:22:15 -0800 (PST) Message-Id: <199612200322.TAA07010@usenix.ORG> Errors-To: usenix-nt-mailing-owner@usenix.ORG Reply-To: usenix-nt-mailing-request@usenix.ORG Subject: USENIX Windows NT Workshop Status: RO X-Status: Dear SOSP Attendee, The USENIX Windows NT Workshop will be held August 11-13, 1997 in Seattle. The workshop is a forum for researchers actively using or planning to use Windows NT to discuss ideas and share information, experiences, and results. While an increasing amount of research work is being done on Windows NT, until now there has been no common forum where researchers could gather and learn from each other's work. This workshop is intended to address this need. The workshop will include technical presentations of submitted position papers, invited talks, break-out sessions for highly interactive focused discussions, informal birds-of-a-feather sessions, and tutorials. While proceedings will be published, the primary purpose of the workshop is to facilitate 2.5 to 3 days of useful interaction among the participants -- not to provide yet another specialized systems publication venue. Position papers are due on March 3, 1997. For more workshop information, including the call for participation, see: http://www.usenix.org/usenix-nt/ We encourage anyone using or adopting Windows NT as their research base to participate. Also, please pass this note on to colleagues who might also be interested. We hope to see you there! Sincerely, Ed Lazowska and Mike Jones Workshop Co-Chairs