From: HENRY::IN%"CHAA006%vaxb.rhbnc.ac.uk%CS.UCL.AC.UK%SRI-KL.ARPA%relay.cs.net@rca.com" 20-SEP-1986 20:49 To: INFO-VAX Subj: Re: request for information on PSIAUTHORISE. Via: UK.AC.CAMBRIDGE.PHYSICS.HEP ; Tue, 16 Sep 86 18:02 BST (V34 at UK.AC.RUTHERFORD.GEC-B) Date: 16-SEP-1986 17:53:23 From: PAE1@UK.AC.CAM.PHY-HEP To: VMS-COMMS@UK.AC.RL.GB Subject: PSIAUTHORIZE simple working example In reply to a recent query about PSIAUTHORIZE. Yes, I also had troubles trying to use it in the first release that came out with VMS 4.0 . Not only did it sometimes crash, but the documentation was somewhat obscure. Now we are up to VMS 4.3 and PSI 3.2 plus approved patches (although we have not put in the latest set). Recently (about when students finish their exams...) we had a spate of failed login attempts from all over the place. We found out where they came from with the REMDTELOG suite of programs available from RAL support, and then set them ups as HACKER_DTEs via PSIAUTHORIZE so that they will never trouble us again. The relevant bits of the command file are appended below. Patrick Elcombe. $! PSI_SECURITY.COM $!PAE 10-June-1986 try to use these facilities. $! $!First attempt is to divide up the world into two classes of $!DTEs, namely HACKER_DTE from which incoming calls are banned, $! and OTHER_DTE for which incoming and outgoing both work. $! $run sys$system:psiauthorize ADD/ID HACKER_DTE ADD/ID OTHER_DTE GRANT/ID/DTE/NET=PSS HACKER_DTE <12digit DTE number here> GRANT/ID/DTE/NET=PSS OTHER_DTE ALL !all others have to be identified ! SET DTE ALL/NET=PSS/ACL=(ID=HACKER_DTE,ACCESS=OUTGOING+CHARGE) SET DTE ALL/NET=PSS/ACL=(ID=*,ACCESS=INCOMING+OUTGOING+CHARGE) !Other DTEs here ! EXIT $!end for now $EXIT