SYSMGR

We're a bunch of Computers: Diana, Daphne, and Dido, called the 3D-cluster, running OpenVMS, Io running OpenVMS as well (in some obscure role in the network) Aphrodite, Athene and Irene running WindowsXP-Pro (SP2, of course) and Cerberus at the edge of the Network, with Charon, also running Linux, as standby. SYSMGR takes care of us.

Sunday, October 30

30-Oct-2005

Updating systems
Downloaded latest patches for Diana (VMS 7.3-2) and IO/Daphne (8.2) as a single .ZIp file (each, that is), copied these to the systems and extracted them under VMS: 7.3-2 on Diana, and 8.2 on IO, on the second disk. Next, copied the extracted files on IO to Alpha082 - the base OS disk.

Did AUTOGEN on Diana (to get more global sections - from 950 to 1250) and installed the patches. Reboot deferred until IO got upgraded...
Started update on IO, after SET DEF to IO_DATA:[INSTALL] - where I had put the files:

$ PROD INSTALL *
%PCSI-E-OPENOUT, error opening IO_DATA: as output
-PCSI-E-INVSPIDST1, destination device is not mounted or does not have an associated logical volume name
%PCSI-E-S_OPFAIL, operation failed
%PCSIUI-E-ABORT, operation terminated due to an unrecoverable error condition
$

?????? No list. Nothing, just this message....

Had this before when applying the first set of patches.
Use the same sequence:

On DIANA:

$ dismount IO_SYS082 ! dismount system disk of IO
$ dismount IO_DATA ! dismount data disk of IO where the pathes are

and retry: no help.

Copied the files to SMAN:[INSTALL] - on IO_SYS082 - but that was no help either.

What DID help was, on IO:

$ dismount IO_DATA
$ mount $2$DKA100: IO_DATA IO_DATA

and that helped.

$ PROD INSTALL *

I got the whole list (no entry to install all files...) and specified all patches to be installed.

Didn't work either:

%PCSI-E-READERR, error reading DKA0:[SYSMGR.][install]DEC-AXPVMS-TCPIP-V0505-11ECO1-1.PCSI$COMPRESSED;1
-RMS-W-RTB, 813 byte record too large for user's buffer
%PCSI-E-OPENIN, error opening DKA0:[SYSMGR.][install]DEC-AXPVMS-TCPIP-V0505-11ECO1-1.PCSI$COMPRESSED;1 as input
%PCSI-E-S_OPFAIL, operation failed
%PCSIUI-E-ABORT, operation terminated due to an unrecoverable error condition
$

Well, do all except this one, and after that:

$ PROD INSTALL */KIT_ATTRIBUTES=(FORMAT=COMPRESSSED)

that dieectly tried to access this file, but again: it didn't work that way.

DIR/FULL showed the file was STREAM-LF, where all others were FIXED 8192. Done the same with this file, but again, this error was returned.

Time to ask the Experts.
Created a message on ITRC
(http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=970254, in the mean time rebooted DIANA, and after that one was back up and running (including redoing the TOMCAT startup) IO was rebooted and Communigate started once up.

Checked the SOAP - but that worked. Of course.

Friday, October 28

28-Oct-2005

Our recurring SOAP event
(what happened before)
Test the method used for testing - which did not give the right results:

<soapenv:body>
<soapenv:fault>
<faultcode>soapenv:Server.userException</faultcode>
<faultstring>
com.thoughtworks.xstream.io.StreamException: : only whitespace content allowed before start tag and not % (position: START_DOCUMENT seen %... @1:1)
</faultstring>
<detail></detail>
</soapenv:Fault>
</soapenv:Body>

% - as first character ?? Looks like some VMS error!

(today's episode)
How to debug this? Well, since the type was temporary changed to "string" in stead of "boolean", why not dump a text into it, to see where is ended, in stead passing SYS$OUTPUT to xstream to translate. And read out all of SYS$OUTPUT and add it to the result, line break in between:

if (line == null) {
// Object result = xml.fromXML(br);
// toegang = (String) result ;
toegang = "OUT: " ;
while ((line = br.readLine()) != null) {
toegang = toegang + "\n" + line ;
;}
br.close();
}

so SYS$OUTPUT lines go into toegang (which is of type java.lang.String).
Now involking the method gives: ( I edited the outcome for clearence; line breaks did not occur)

<hasMedewerkerreadpermissionresponse xmlns="">
<ns1:Hasmedewerkerreadpermissionresult
xmlns:ns1="http://xxxx.xx/webservices/organisatie">
%DCL-W-IVVERB, unrecognized command verb - check validity and spelling \BPS2002B%DCL-W-ACTIMAGE, error activating image BUIG$EXE:BUIG_CGI_BOB
-CLI-E-IMGNAME, image file BUIG$EXE:[SYSEXE]BUIG_CGI_BOB.EXE;
-RMS-F-DEV, error in device name or inappropriate device type for operation

</ns1:HasMedewerkerReadPermissionResult>
</hasmedewerkerreadpermissionresponse>

The DCL code has been invoked! Otherwise this result wouldn't have shown up!
BPS2002b is a foreign command to set the user's environment - actually, it's one of the first commands given - but it should have been defined first! In fact: the full user login sequence is to be executed - which implies execution of a number of other commandprocedures as well.
This was anticipated - but not thought of....
Not just that, because errors kept up appearing after the commandprocedure had been adapted, since the user that runs the service (APACHE$WWW, since it runs under Apache) needs Read and Execute access to each of the procedures and executables.
Another thing NOT to forget in the future, is that all output needs to be suppressed until output is exepceted to turn up. So the procedure starts with

$ DEFINE SYS$OUTPUT NL:

and has

$ DEASSSIGN SYS$OUTPUT

immediately before starting the actual working program that produces the XML, and after it,

$ DEFINE SYS$OUTPUT NL:

suppresses output again.

(The java code checks the contents of SYS$ERROR before reading SYS$OUTPUT, assuming errors go there. But as seen above, that is NOT always the case....)

After this has been done, I got the expected output!

<hasmedewerkerreadpermissionresponse xmlns="">
<ns1:hasmedewerkerreadpermissionresult
xmlns:ns1="http://xxx.xx/webservices/organisatie">OUT:
<hasmedewerkerreadpermissionresult>
<1111111111111111>
</hasmedewerkerreadpermissionresult>
</ns1:HasMedewerkerReadPermissionResult>
</hasmedewerkerreadpermissionresponse>

XML-in-XML but that was to be expected.
Next step is to restore the code to have xstream translate the outcome and return it as a string.
But first have the report module changed to return the EXACT name in the tag, matching the class; even case must be equal: "hasMede..." is different from "HasMede...". It might even be that the namespace addition matters. But that is "outside" the service code.

(Second episode)
I made a backup of the whole lot, zipped the backup files and and dropped it on Diana.
The restoration failed since I made a mistake on creating the zip but after I corrected the file format, backup gave the wrong version number for some files. No problem but for one: the service implementation code. Invoking the "version" method, I got the wrong, old data. Nor did the WSDL show up. But that had another reason: it had to do with weird behaviour of java: I decided to bypass the weird adaption I had to do in OTVMS1's server-config.wsdd file (use a short named logical for Tomcat's home directory) and use "catalina_home" as I have that one defined already. But ?wsdl did return a 404 (page not found) errror, so I reversed the idea and after that, the wsdl showed up (have to tell Brad).
After a full rebuild, placing the .jar in the right place and restarting Tomcat, the right values were returned from the "version" and "isAlive" methods, but the testfunction gave an unexpected result since only that one will actually start DCL:

<hasmedewerkerreadpermissionresponse xmlns="">
<ns1:hasmedewerkerreadpermissionresult>
xmlns:ns1="http://xxxx.xx/webservices/organisatie">
IOException:Child creation error: no such device or address
</ns1:HasMedewerkerReadPermissionResult>
</hasmedewerkerreadpermissionresponse>

It puzzled me a bit, until I realized that I hadn't setup the required system logical....And since I don't have the required code and files, I need to emulate them somehow.
But that was all expected to be done.

Ok, just a minor issue! Most important: IT ACTUALLY WORKS!

(Preview)
Let XStream do the translation - perhaps, it's better to use a file in stead of SYS$OUTPUT?
Waiting for the collegues to finish their test application, and find out why they get a 404 - page not found error som often.
(will be continued)

Other issues
Added one of the new 36Gb disk on Diana, fired up the second shelf (that is in the DSSI chain) and copied all data stored there onto the 36GB disk. Now that shelf can be taken off - and added to teh HSZ50.
Tried to start Advanced Server but it had too few Global Sections (requires 75 at least but none were free. Due to Java? Stopping Tomcat made no difference... So added another 100 to modparams.dat, to be used in the next autogen, install patches (are already on Diana) and reboot...
Or would I try 8.2 on Diana? Might be a good idea also (after backing up the current system disk once again)

Thursday, October 27

27-Oct-2005

SOAP continues (of course)
(Review)
Just read yesterday's episode.
(Today's developments)
From the axis user mailing list I got a web page http://www.oio.de/axis-wsdd/wsdlFile.htm that says that adding the code in server-config.wsdd like done is NOT the answer: the WSDL must be referenced.
Today I had the chance to try the recommendations to export the same WSDL that is the base for all code. I removed ALL code, except for the service definition itself, and added:

<wsdlFile>bps_amazone.wsdl</wsdlFile>

and placed the file in Tomcat's [.webapps.axis.WEB-INF.classes] directory, because the same page tells:

The file is sought in the current directory which is typically the directory in which the VM was started. The file is not sought in the base directory of the Axis Web application. However, the file is sought in the classpath, so the WSDL file can be placed inside the directory WEB-INF/classes.


That is not true - on OTVMS1 at least: It wasn't found.
What I dislike most is that accessing the service with ?wsdl (that should show the WSDL, either generated or specified) just returns a HTTP 500 error (internal Server error) but that the reason doen't show up ANYWHERE - I checked all logs but found nothing!

Tried the lib directory, aside the .jar file, but that didn't help much either.
At least, I followed the same syntax as the page:

<wsdlFile>/srv/webapps/axis/bps_amazone.wsdl</wsdlFile>

and I placed the file in the axis directory.
That requires that SRV is defined as a system logical (concealed attribute, at least) :

"SRV" = "systemdisk:[SYS0.SYSCOMMON.APACHE.JAKARTA.TOMCAT.]

but that can easily be handled.
Anyway: Now the right WSDL shows up

Oops: I made a change in the type of one of the methods, for testing purposes, and that was included in the service but didn't show up in the WSDL file: I copied the wrong one. Got it in the editor, copied the line, commented one ot and changed the other - and checked without stopping and starting Tomcat - and found the FULL change, including the out-commented line - as a comment.. Appearently, when a WSDL-file is referenced like now, ?wsdl does just a TYPE over HTTP, in stead of generating a WSDL file.

Told the collegues that a correct WSDL is available - the same the generated the code - and have them retry in their .NET environment. Now wait....
(Next episode)
Get everything on Diana in line with OTVMS1, deploy the service on Diana - the same way as on OTVMS1 - and test the basic functions currently ready.
(Preview)
Wait for the .NET testprogram to test the other functions.
Work on header info, because information in theer is required (authentication and authorisation - and setting environment in commandprocedure run by java code of service.
(will be continued)

Note:
Of course, I stopped and started Tomcat after each change - except when editing bps_amazone.wsdl....

Wednesday, October 26

26-Oct-2005

The usual SOAP
(What happened since last episode)
A problem with the client is that the WSDL (WebService Description) that is created by AXIS cannot be handled by the .NET development environment, so the creation of a test client is blocked.
How to overcome this? I mailed it to a mailing list (axis-user@ws.apache.org), got an answer (including a German website with a lot of (English) information), but have to wait for an opportunity to check it out.
When the application code was generated on OTVMS1, a 7.3-1 system, one file was created where the classname exceeded 39 characters, and the filename was chopped to these 39. Renaming the file to the right name caused failures: the compiler failed to read it. So I had to change a number of sources before I got it compiled.
Had discussed this with Brad, and a question to upgrade to AXIS 1.3 (current).
Updated the commandprocedures to set the right environment varaibles and logicals for test and application, to match the physical environment on Diana (which is different than OTVMS1).
(Today's episode)
Got an answer from Brad on the Java issues, and gave him the answer it's weird that a file that should be named over 39 characters was chopped. Even on an ODS-5 disk, where case preservation worked (so it must be a ODS-5 disk anyway). Anyway, it IS consistent: java cannot create such a file, nor read it.
Brad also found out that update to AXIS 1.3 should not be a problem. "Just try".

Back to the real job (well, locally).

Job is to get it all built on Diana, environment must now be correct (just a physical difference, not a logical one).
Starting with the test sources.
NO WAY.
They don't compile. Because of variable format with carriage return carriage control? Might be a problem for java. So changed them to stream-lf and no record atributes - but that didn't help. The compiler seems to read the source as one line, and find illegal characters: \18, \0 - quite a number of them. Even worse: the files could not be edited: Input line (> 7000 bytes) exceeds user buffer.... get the files from OTVMS1; there may be something gone wrong with expanding the zipfile.

Turned to the application code and just tried brute force (invoke the building procedure) and pray for the best.
They all compile without ANY change.
Decided to give this long-named file a try on Diana, and found an unexpected difference with OTVMS1: On Diana compilation of a file with a name exceeding 39 characters succeeded without a problem, and checking the files's attrributes, found that though all files are variable format, carriage return carriage control, the Java compiler takes them.
That's the way I like it!!!!
On VMS1 though, the sources are all stream-lf and have carriage return carriage control. I haven't tried there (and won't since it compiles there AND files are editable)
The behaviour of Java is weird, at least, not consistent.
Or is it the C-runtime library? After all, VMS versions are different.

Back to the test sources: changed the format to variable and implied CC (carriage return carriage control) like the application sources. Compilation failed again, but differently: Now read line by line, but the same errors. DUMP/RECORD showed the reason: the files seem to have been VFC (Variable with Fixed Control): each line is preceeded with a word size (00 12 hex) which is (per byte) 0 and 18 decimal. Edited the files (luckily they are small) and behold: they compile.
But for one.
The biggest file does not compile. Changed that to stream-lf (just that), found it editable AND it did compile....
Mailed my experiences to Brad to pass the info.
(Preview)
Try out what has been specified to show the right WSDL on OTVMS1
Get the thing deployed on Diana - I now know how to do it.
Update to AXIS 1.3 - must be easy to do.

Tuesday, October 25

25-Oct-2005

Security update
Checked the logfiles this week and found a number of attempts again - I guess (not yet checked) these were from script kiddies - there may have been one more serios attempt. None succeeded (of course):

13 october: Script kiddy at work:

Operator.log:
%%%%%%%%%%% OPCOM 13-OCT-2005 08:39:10.17 %%%%%%%%%%%
Message from user TCPIP$FTP on DIANA
User Name: anonymous
Source: static-64-83-19-37.dsl.cavtel.net
Status: NOPRIV -- File access violation
Object: WEB_DISK:[public.anonymous.051013042324p]


ftp_run.log:
%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from static-64-83-19-37.dsl.cavtel.net at 13-OCT-2005 08:39:08.72
%TCPIP-I-FTP_NODE, client host name: static-64-83-19-37.dsl.cavtel.net
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: WEB_DISK:[public.anonymous.051013042324p]
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC00005: Failed to create directory
%SYSTEM-F-NOPRIV, insufficient privilege or object protection violation
%TCPIP-I-FTP_NODE, client host name: static-64-83-19-37.dsl.cavtel.net
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: /pub/
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC00005: Failed to set default directory
%SYSTEM-W-BADIRECTORY, bad directory file format
%TCPIP-I-FTP_NODE, client host name: static-64-83-19-37.dsl.cavtel.net
%TCPIP-I-FTP_USER, user name: anonymous

same for:

%TCPIP-I-FTP_OBJ, object: /public/
%TCPIP-I-FTP_OBJ, object: /_vti_pvt/
%TCPIP-I-FTP_OBJ, object: /_vti_txt/
%TCPIP-I-FTP_OBJ, object: /_vti_cfg/
%TCPIP-I-FTP_OBJ, object: /_vti_log/
%TCPIP-I-FTP_OBJ, object: /_vti_cnf/
%TCPIP-I-FTP_OBJ, object: /_private/
%TCPIP-I-FTP_OBJ, object: /incoming/
%TCPIP-I-FTP_OBJ, object: /pub/incoming/
%TCPIP-I-FTP_OBJ, object: /public/incoming/
%TCPIP-I-FTP_OBJ, object: /public_html/
%TCPIP-I-FTP_OBJ, object: /upload/
%TCPIP-I-FTP_OBJ, object: /wwwroot/
%TCPIP-I-FTP_OBJ, object: /mailroot/
%TCPIP-I-FTP_OBJ, object: /ftproot/
%TCPIP-I-FTP_OBJ, object: /home/
%TCPIP-I-FTP_OBJ, object: /images/
%TCPIP-I-FTP_OBJ, object: /web/
%TCPIP-I-FTP_OBJ, object: /www/
%TCPIP-I-FTP_OBJ, object: /html/
%TCPIP-I-FTP_OBJ, object: /cgi-bin/
%TCPIP-I-FTP_OBJ, object: /usr/
%TCPIP-I-FTP_OBJ, object: /usr/incoming/
%TCPIP-I-FTP_OBJ, object: /temp/
%TCPIP-I-FTP_OBJ, object: /~temp/
%TCPIP-I-FTP_OBJ, object: /tmp/
%TCPIP-I-FTP_OBJ, object: /~tmp/
%TCPIP-I-FTP_OBJ, object: /outgoing/
%TCPIP-I-FTP_OBJ, object: /anonymous/
%TCPIP-I-FTP_OBJ, object: /anonymous/_vti_pvt/
%TCPIP-I-FTP_OBJ, object: /anonymous/_vti_cnf/
%TCPIP-I-FTP_OBJ, object: /anonymous/incoming/
%TCPIP-I-FTP_OBJ, object: /anonymous/pub/
%TCPIP-I-FTP_OBJ, object: /anonymous/public/
%TCPIP-I-FTP_OBJ, object: /tagged/
%TCPIP-I-FTP_OBJ, object: /tagged.by/


Finally:

%TCPIP-I-FTP_SESDCN, FTP SERVER: session disconnection from static-64-83-19-37.dsl.cavtel.net at 13-OCT-2005 08:39:16.41

Indeed - an ISP: http://www.cavtel.net, will be notified.
(Notification failed on abuse@cavtel.net)
----- The following addresses had permanent fatal errors -----
ABUSE@cavtel.net
(reason: 550 Gateway: 550 This user's mailbox is full (abuse@cavtel.net) - Try again later)
----- Transcript of session follows -----
... while talking to mx-incoming.cavtel.net.:
>>> RCPT To:<abuse@cavtel.net>;
<<< <abuse@cavtel.net>... User unknown

And this mail address is on their website!

16 october: a break-in attempt via port 20 or 21 (plain FTP)
ftp_run.log

%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from sipco92.sipco.fr at 16-OCT-2005 02:55:17.59
%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from sipco92.sipco.fr at 16-OCT-2005 02:55:17.69
%TCPIP-E-FTP_LOGFAL, remote interactive login failure test
-TCPIP-I-FTP_NODE, client host name: sipco92.sipco.fr
-LOGIN-F-NOSUCHUSER, no such user

followed by 15 more attempts...

%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from sipco92.sipco.fr at 16-OCT-2005 02:55:21.80
%TCPIP-E-FTP_LOGFAL, remote interactive login failure test
-TCPIP-I-FTP_NODE, client host name: sipco92.sipco.fr
-LOGIN-F-NOSUCHUSER, no such user

A French company (www.sipco.fr) but they can be contacted.
They have been.

18 october. This one is different:

Operator.log:
%%%%%%%%%%% OPCOM 18-OCT-2005 22:09:43.76 %%%%%%%%%%%
Message from user TCPIP$FTP on DIANA
User Name: anonymous
Source: 67.90.151.213.kve.cz
Status: NOPRIV -- File access violation
Object: WEB_DISK:[public.anonymous.web.temp^.5995]

%%%%%%%%%%% OPCOM 18-OCT-2005 22:09:48.37 %%%%%%%%%%%
Message from user TCPIP$FTP on DIANA
User Name: anonymous
Source: 67.90.151.213.kve.cz
Status: NOPRIV -- File access violation
Object: WEB_DISK:[public.anonymous.temp^.5995]

anonymous_ftp.log:

18-OCT-2005 22:09:29.71 User:anonymous logged in ident:bot@search.net from Host:67.90.151.213.kve.cz
18-OCT-2005 22:09:53.71 User:anonymous ident:bot@search.net logged out

ftp_run.log:

%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from 67.90.151.213.kve.cz at 18-OCT-2005 22:09:28.33
%TCPIP-I-FTP_NODE, client host name: 67.90.151.213.kve.cz
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC0001B: insufficient privilege or file protection violation!
%TCPIP-I-FTP_NODE, client host name: 67.90.151.213.kve.cz
%TCPIP-I-FTP_USER, user name: anonymous

Tries this a number of times:

%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -

Then tries another location:

%TCPIP-I-FTP_OBJ, object: WEB_DISK:[public.anonymous.web.temp^.5995]
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC0001B: Failed to create directory
%SYSTEM-F-NOPRIV, insufficient privilege or object protection violation
%TCPIP-I-FTP_NODE, client host name: 67.90.151.213.kve.cz
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC0001B: insufficient privilege or file protection violation!
%TCPIP-I-FTP_NODE, client host name: 67.90.151.213.kve.cz
%TCPIP-I-FTP_USER, user name: anonymous

and again, tries it again to get up:

%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -

and another location:

%TCPIP-I-FTP_OBJ, object: WEB_DISK:[public.anonymous.temp^.5995]
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC0001B: Failed to create directory
%SYSTEM-F-NOPRIV, insufficient privilege or object protection violation
%TCPIP-I-FTP_NODE, client host name: 67.90.151.213.kve.cz
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC0001B: insufficient privilege or file protection violation!
%TCPIP-I-FTP_NODE, client host name: 67.90.151.213.kve.cz
%TCPIP-I-FTP_USER, user name: anonymous

yet again, a number of attempts to browse up:

%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -
%TCPIP-I-FTP_OBJ, object: -

Finally gives up...

%TCPIP-I-FTP_SESDCN, FTP SERVER: session disconnection from 67.90.151.213.kve.cz at 18-OCT-2005 22:09:53.86

What is he trying to achieve? browsing from give points? 'Search.net' may hold a clue. Anyway, address 213.151.90.76 is now to be investigated. Or is it a proxy from kvw.cz?

21 October: The usual again
A bit different, though.

Operator.log:

%%%%%%%%%%% OPCOM 21-OCT-2005 07:29:49.17 %%%%%%%%%%%
Message from user TCPIP$FTP on DIANA
User Name: anonymous
Source: BSN-77-159-9.dsl.siol.net
Status: NOPRIV -- File access violation
Object: WEB_DISK:[public.anonymous.051021092357p]

anonymous_ftp.log:

21-OCT-2005 07:29:47.94 User:anonymous logged in ident:Qgpuser@home.com from Host:BSN-77-159-9.dsl.siol.net
21-OCT-2005 07:29:49.02 User:anonymous ident:Qgpuser@home.com status:00010001 CWD dir:WEB_DISK:[public.anonymous]
21-OCT-2005 07:29:50.41 User:anonymous ident:Qgpuser@home.com status:000186D4 CWD dir:/c:/
21-OCT-2005 07:29:50.69 User:anonymous ident:Qgpuser@home.com logged out

How pathetic: notice he tries to access a Windows disk...

ftp_run.log:

%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from BSN-77-159-9.dsl.siol.net at 21-OCT-2005 07:29:47.71
%TCPIP-I-FTP_NODE, client host name: BSN-77-159-9.dsl.siol.net
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: /pub/
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC0001F: Failed to set default directory
%SYSTEM-W-BADIRECTORY, bad directory file format
%TCPIP-I-FTP_NODE, client host name: BSN-77-159-9.dsl.siol.net
%TCPIP-I-FTP_USER, user name: anonymous

Now the normal sequence:

%TCPIP-I-FTP_OBJ, object: /public/
%TCPIP-I-FTP_OBJ, object: /pub/incoming/
%TCPIP-I-FTP_OBJ, object: /incoming/
%TCPIP-I-FTP_OBJ, object: /_vti_pvt/

Tries another location:

%TCPIP-I-FTP_OBJ, object: WEB_DISK:[public.anonymous.051021092357p]
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC0001F: Failed to create directory
%SYSTEM-F-NOPRIV, insufficient privilege or object protection violation
%TCPIP-I-FTP_NODE, client host name: BSN-77-159-9.dsl.siol.net
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: /upload/
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC0001F: Failed to set default directory
%SYSTEM-W-BADIRECTORY, bad directory file format
%TCPIP-I-FTP_NODE, client host name: BSN-77-159-9.dsl.siol.net
%TCPIP-I-FTP_USER, user name: anonymous

and again, the same sequence:

%TCPIP-I-FTP_OBJ, object: /cgi-bin/
%TCPIP-I-FTP_OBJ, object: /images/
%TCPIP-I-FTP_OBJ, object: /~tmp/
%TCPIP-I-FTP_OBJ, object: /.tmp/
%TCPIP-I-FTP_OBJ, object: /_tmp/
%TCPIP-I-FTP_OBJ, object: /tmp/
%TCPIP-I-FTP_OBJ, object: /_vti_log/
%TCPIP-I-FTP_OBJ, object: /_vti_txt/
%TCPIP-I-FTP_OBJ, object: /_vti_script/
%TCPIP-I-FTP_OBJ, object: /wwwroot/
%TCPIP-I-FTP_OBJ, object: /scripts/
%TCPIP-I-FTP_OBJ, object: /bin/
%TCPIP-I-FTP_OBJ, object: /usr/
%TCPIP-I-FTP_OBJ, object: /c:/
%TCPIP-I-FTP_OBJ, object: / /

Finally logs out - having achived nothin, just leaving his trails:

%TCPIP-I-FTP_SESDCN, FTP SERVER: session disconnection from BSN-77-159-9.dsl.siol.net at 21-OCT-2005 07:29:50.74

an ISP http://www.siol.net located in Slovania. Will be notified.
(Notification failed on abuse@siol.net)
----- The following addresses had permanent fatal errors -----
ABUSE@siol.si
(reason: 550 Invalid recipient: ABUSE@siol.si)
----- Transcript of session follows -----
... while talking to mailhub.siol.si.:
>>> DATA
<<< (Lost this data in publishing (was between < and >) including </span)

They can only be notified by a page on their website.
22 October: The usual.

Operator.log:
%%%%%%%%%%% OPCOM 22-OCT-2005 22:29:27.47 %%%%%%%%%%%
Message from user TCPIP$FTP on DIANA
User Name: anonymous
Source: d078025.adsl.hansenet.de
Status: NOPRIV -- File access violation
Object: WEB_DISK:[public.anonymous.051023002919p]

anonymous_ftp.log:
22-OCT-2005 22:29:26.27 User:anonymous logged in ident:Fgpuser@home.com from Host:d078025.adsl.hansenet.de
22-OCT-2005 22:29:27.36 User:anonymous ident:Fgpuser@home.com status:00010001 CWD dir:WEB_DISK:[public.anonymous]
22-OCT-2005 22:29:28.37 User:anonymous ident:Fgpuser@home.com logged out


ftp_run.log:
%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from d078025.adsl.hansenet.de at 22-OCT-2005 22:29:26.06
%TCPIP-I-FTP_NODE, client host name: d078025.adsl.hansenet.de
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: /pub/
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC00020: Failed to set default directory
%SYSTEM-W-BADIRECTORY, bad directory file format
%TCPIP-I-FTP_NODE, client host name: d078025.adsl.hansenet.de
%TCPIP-I-FTP_USER, user name: anonymous

Same for:
%TCPIP-I-FTP_OBJ, object: /public/
%TCPIP-I-FTP_OBJ, object: /pub/incoming/
%TCPIP-I-FTP_OBJ, object: /incoming/
%TCPIP-I-FTP_OBJ, object: /_vti_pvt/


Another attempt:

%TCPIP-I-FTP_OBJ, object: WEB_DISK:[public.anonymous.051023002919p]
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC00020: Failed to create directory
%SYSTEM-F-NOPRIV, insufficient privilege or object protection violation
%TCPIP-I-FTP_NODE, client host name: d078025.adsl.hansenet.de
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: /upload/
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC00020: Failed to set default directory
%SYSTEM-W-BADIRECTORY, bad directory file format
%TCPIP-I-FTP_NODE, client host name: d078025.adsl.hansenet.de
%TCPIP-I-FTP_USER, user name: anonymous

and the same for:

%TCPIP-I-FTP_OBJ, object: /wwwroot/
%TCPIP-I-FTP_OBJ, object: /admin/
%TCPIP-I-FTP_OBJ, object: /administrator/
%TCPIP-I-FTP_OBJ, object: /web/
%TCPIP-I-FTP_OBJ, object: /webmaster/
%TCPIP-I-FTP_OBJ, object: /webadmin/
%TCPIP-I-FTP_OBJ, object: /temp/
%TCPIP-I-FTP_OBJ, object: /backup/
%TCPIP-I-FTP_OBJ, object: /test/
%TCPIP-I-FTP_OBJ, object: /site/
%TCPIP-I-FTP_OBJ, object: /website/
%TCPIP-I-FTP_OBJ, object: /sites/
%TCPIP-I-FTP_OBJ, object: /homepage/
%TCPIP-I-FTP_OBJ, object: / /

Finally:

%TCPIP-I-FTP_SESDCN, FTP SERVER: session disconnection from d078025.adsl.hansenet.de at 22-OCT-2005 22:29:28.42

Some company from Germany (www.hansanet.de) that offers training - and allows this access? Their e-mail link give an invalid page. And according the error page (in Dutch!) gives information on their server:

Apache/2.0.49 (Linux/SuSE)

I don't know if they can be contacted...Site hacked, or proxied?
At least, mailed to what I found there: info@hansanet.de.

GOOGLE

Found Google in the anonymous-FTP log that goes back to 22-Aug-2004: it seems that google is scanning anonymous-FTP as well, since 8-Sep-2005:

8-SEP-2005 21:51:36.87 User:anonymous logged in ident:googlebot@google.com from Host:crawl-66-249-66-8.googlebot.com
8-SEP-2005 21:51:37.71 User:anonymous ident:googlebot@google.com status:00010001 CWD dir:WEB_DISK:[public.anonymous.perl]
8-SEP-2005 21:51:38.33 User:anonymous ident:googlebot@google.com logged out

I haven't seen google in this log before!

FTP_Run.log:

%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from crawl-66-249-66-8.googlebot.com at 8-SEP-2005 21:51:36.41
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_SESDCN, FTP SERVER: session disconnection from crawl-66-249-66-8.googlebot.com at 8-SEP-2005 21:51:38.47


It doens't access the site very often, the next access is 17-Sep-2005 and that one contains an error, and every access after that as well:

%TCPIP-I-FTP_SESCON, FTP SERVER: session connection from crawl-66-249-65-80.googlebot.com at 17-SEP-2005 10:06:27.74
%TCPIP-I-FTP_NODE, client host name: crawl-66-249-65-80.googlebot.com
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_OBJ, object: 66.249.65.80
%TCPIP-I-FTP_CHINFO, TCPIP$FTPC00013: Can't open data connection
%SYSTEM-F-TIMEOUT, device timeout
%TCPIP-I-FTP_USER, user name: anonymous
%TCPIP-I-FTP_SESDCN, FTP SERVER: session disconnection from crawl-66-249-65-80.googlebot.com at 17-SEP-2005 10:08:29.83

Since nothing changed, what caused it? I warned them of the issue.

No SOAP?
Not much this time since the project on the customer site was just an investigation and it dies work. Some issues still exist: How to get header information inside, differences in WSDL... For both, clues have been passed by the axis-user mailgroup so I can get on, testing it on Diane. A collegue is willing to investigate usage of Delphi for a client, but since the project itself is using plain .NET, it might be a better idea to use a client of that. The difference in WSDL could be solved by specifying the WSDL myself in deployment. Now to find out how the do that...
(To be continued)

Tuesday, October 18

18-Oct-2005

Soap - new views
(what happened since last episode)
For some unknown reason, things got worse: no way to build, nor deploy; perhaps after Tomcat has stopped and restarted, something changed in the Java environment; Who knows....
Not all details are at hand, but the weirdest things happened. Restarting Tomcat seems to have solved the problem.
But once build succeeded, created a jar file. But by no means got it deployed. Very annoying, since not any clue was found....
(Today's episode)
Idea # 1: What I could try is copy the .jar files to axis's web-inf directory. But that didn't help.
Idea # 2: Subscribed to axis-user mailing list and posted the problem. Got two hints:

  • Add the WSDD-data manually in server-config.wsdd.
  • Look what is shown when debug enabled.

The first isue is to find the right server-config.wsdd. There are several... Searching for the one(s) that have the deployed services in it, from Tomcat's home directory downwards, revealed the one in Tomcat's [.webapps.axis.WEB-INF] directory. Added the part in there, restarted Tomcat, but no reaction....
Idea # 3: Copy the .jar files to [webapps.axis.WEB-INF.classes]? No solution. expand them there?
Now things got REALLY worse: whenever axis/services was accessed. it ends up with a fatal error. Removing the whole lot, and the problem was gone...
Idea # 4: Look in Tomcat's logging. Found a clue there, why deployment failed: cannot locate the type-mapping - the first one in the wsdd!
Idea # 5: Copy the jar files to [.webapps.axis.WEB-INF.lib].
Don't forget to restart Tomcat.

IT SHOWS UP!

Even beter: IT WORKS. Even from the .NET application on the other side.

Next, adapt the code, rebuild the single class and rebuild the .jar file, and copy it.
But: Nothing changed ???
Looking for clues, scanned for all .jar files: No wonder if the created jar-file is in another location. After the right one was copied, it works, and gives the expected answers.
(Preview of next episode)
The only thing still to check is the outcome of using the DCL code. If that works (as I expect it will since it did in the test program) the research is to be finished.
(to be continued)

Saturday, October 15

15-Oct-2005

SOAP again
Could set up the environment on Diana as on the client's machine, but where deployment was no problem at the clients's site, here an old error turned up again:

$ java "org.apache.axis.client.AdminClient" "deploy.wsdd"
Exception in thread "main" java.lang.NoClassDefFoundError:
org/w3c/dom/ranges/DocumentRange
at java.lang.ClassLoader.defineClass0(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java)
...

Could it be some .jar missing in JAVA$CLASSPATH? Probably not, since I used EXACTLY the same setting as on the client site....
What was done at the customer site that the error didn't show up there? Could it be that building AXIS prevented the problem to occur? I don't like the idea of rebuilding AXIS on Diana usiang ant (remember the page-file issues????) but perhaps i just have to.
Luckylu no: There is no need to rebuild. Location from where deployment is done, matters:

$ set def ws:[000000]
$! this os where all webservice files are located, including deply script
$ java "org.apache.axis.client.AdminClient" "deploy.wsdd"
Exception in thread "main" java.lang.NoClassDefFoundError:
org/w3c/dom/ranges/DocumentRange
at java.lang.ClassLoader.defineClass0(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java)

fails, but:

$ set def sys$login
$ set def [.services.ws] ! the same place as set def ws:[000000]
$ java "org.apache.axis.client.AdminClient" "deploy.wsdd"
Processing file deploy.wsdd
Done processing$
$

succeeds. Who explains???
However, as on the customer's site, the service doesn't show up in Axis's Show Services.

But compiling the webservice itself had no problem shown up here! One good thing, for a change.

(to be continued)

Friday, October 14

14-Oct-2005

Update
Updated Hera (had still to be done) and cleaned and reorganized the boot partition.

No SOAP today.
(By the way: it's all done at a client's site, finding this out)

No trouble on the VMS front (would you expect otherwize??)

Thursday, October 13

13-Oct-2005

More SOAP
Now compilation succceded, why not try to build the webservices? With some changes in the order, it worked out fine. Up to one generated source, that contains a class with a name over 50 characters, and of which the filename was limited to the 39 characters that RMS supports. That meant the class needed to be renamed, and so were the references in other generated java sources. But once that was done, the service could be deployed using the generated deploy.wsdd file, but the service didn't show up; perhaps the classes need to be combined in a .jar file and that one copied to the AXIS environment, or directly under Tomcat (including the AXIS files. To be checked on Diana.
But no matter what: we're getting somewhere....
(To be continued)

Wednesday, October 12

12-Oct-2005

Soap - once more
A double (triple?) size epsiode, since some updates have been missed)
(What happened before)
Compiling AXIS itself using ANT fails:


BPS2004A> @setup_ant DKA0:[AXIS.AXIS-1_1.openvms.libjars]
BPS2004A> set def DKA0:[AXIS.AXIS-1_1]
BPS2004A> ant
Buildfile: build.xml
setenv:
check-javadoc-needed:
printEnv:
...
compile:

BUILD FAILED

file:/dka0/axis/axis-1_1/build.xml:91: Could not create task or type of type: depend.

Ant could not find the task or a class this task relies upon.

This is common and has a number of causes; the usual solutions are to read the manual pages then download andinstall needed JAR files, or fix the build file:
- You have misspelt 'depend'.
Fix: check your spelling.
No, is Ok
- The task needs an external JAR file to execute
and this is not found at the right place in the classpath.
Fix: check the documentation for dependencies.
Nothing in there...
Fix: declare the task.
??? What is that?
- The task is an Ant optional task and optional.jar is absent
Fix: look for optional.jar in ANT_HOME/lib, download if needed
Exists, but something might be missing in there??
- The task was not built into optional.jar as dependent libraries
were not found at build time.
Fix: look in the JAR to verify, then rebuild with the needed
libraries, or download a release version from apache.org
That might be the case, but I consider this a deliverable, so it SHOULD already be in there...
- The build file was written for a later version of Ant
Fix: upgrade to at least the latest release version of Ant
1.5 is good, isn't it?
- The task is not an Ant core or optional task
and needs to be declared using .
Using what?
...
Total time: 8 seconds

I removed the DEPEND line, but that did not really help (edited lines to fit on screen):


[javac] /dka0/axis/axis-1_1/src/org/apache/axis
/encoding/ser/MimeMultipartDataHandlerDeserializer.java:65:
package javax.mail.internet does not exist
[javac] import javax.mail.internet.MimeMultipart;
[javac] ^
[javac] /dka0/axis/axis-1_1/src/org/apache/axis
/encoding/ser/MimeMultipartDataHandlerSerializer.java:65:
package javax.mail.internet does not exist
[javac] import javax.mail.internet.MimeMultipart;
[javac] ^
[javac] /dka0/axis/axis-1_1/src/org/apache/axis
/handlers/EchoHandler.java:58:
warning: java.io.StringBufferInputStream in java.io has been deprecated
[javac] import java.io.StringBufferInputStream;
[javac] ^
[javac] /dka0/axis/axis-1_1/src/org/apache/axis
/handlers/EchoHandler.java:59: package javax.servlet.http does not exist
[javac] import javax.servlet.http.HttpServletRequest;
[javac] ^
[javac] /dka0/axis/axis-1_1/src/org/apache/axis
/holders/MimeMultipartHolder.java:57:
package javax.mail.internet does not exist
[javac] import javax.mail.internet.MimeMultipart;



Left this to Brad to solve. It might be a problem when building the webservices thenselves.
Try it all using a test program, and build that to see whether the method itself will work.
(Today's episode)
I tried to include the xstream package but compiling failed, because the package could not be found:


BPS2004A> javac "ExecTest.java"
ExecTest.java:3: package
com.thoughtworks.xstream does not exist
^
met als gevolg dat alle
referenties fout gaan:
ExecTest.java:36: cannot resolve symbol
symbol :
class XStream
location: class ExecTest
^
ExecTest.java:36: cannot
resolve symbol
symbol : class XStream
location: class
ExecTest
^
ExecTest.java:74: cannot resolve symbol
symbol : variable
xstream
location: class ExecTest
^
ExecTest.java:98: cannot resolve
symbol
symbol : variable length
location: class
ExecTest.Args
^
ExecTest.java:100: cannot resolve symbol
symbol :
variable arg
location: class ExecTest

Stupidly enough, the package is IN the path.
As a last resort, unpacked the package:



jar -xvf xstream112.jar


and the result (com.thoughtworks.xstream) came in a completely unexpected directory. Next copied the files to the base location (aside the source directory) and all of a sudden: COMPILATION SUCCEEDED.
It seems that the java compiler has a problem with the number of entries in logical JAVA$CLASSPATH ???

Running was another problem, it proved to need another package - even the older version (1.0.2, I used 1.1.2 to start with). The same applied here: when a package is included in a .JAR file, the java compiler, nor the runtime did read it.
(I checkd the file format: RFM:STREAM_LF was missing but setting this didn't change it. However, jar had no problems with it).
Once that was solved, and a few other things had been changed, the test process did work:




BPS2004A> java "ExecTest" "Grooters" "Willem" "19520212"
Param
0:Grooters
Param 1:Willem
Param 2:19520212
Executing string:
test_ws:[000000]display_args.com Grooters Willem 19520212
### Following lines
came back from SYS$ERROR:
### Following lines came back from
SYS$OUTPUT:
Achternaam=Grooters
Achternaam=Willem
Achternaam=19520212
***
End of ExecTest ***
BPS2004A>


The thing found, to be reckoned with (and which is AGAINST the standard (I think): The XML that is written in the native application MUST have exactly the same case as the field- and class specification it is translated to!

And by the way: the com.microsoft.wsdl/types problem has been soved as well. I guess it was in some package that was expanded, but the required classes are found.
(Next epsiode preview)
Since the webservices use arrays of classes, the example program will have to be rewritten ot faciliate that. There has already been done some in that but there is a problem with xstream.fromXML complaining on something "empty". That should be solved first, and after that, the webservices are to be done. But first, need to report....
(will be continued)
Updates to WindowsXP
Loaded and installed a bunch of security updates to Windows, on Athene and Aphrodite. No time to do this on Hera (yet).
Of course updates Virus scanner andadware/malware/spyware removers.
No breaches in the last days - just a number of spammers to track.

Tuesday, October 11

11-Oct-2005

Power failure
This morning, when accessing Io's secure Communigate port, it didn't react. Diana's mail access was no problem, so I had to find out what was wrong. Telnetting to Diana from Athene worked and I could see the system had recovered from some error 15 hours earlier. There were no clues in operator.log, errorlog or sysdump, so the only solution was a power failure. And indeed, yesterday there had indeed been a power failure of about 20 minutes. Since Charon and Diana are set up to boot automatically on power up, these systems were up and running. But Io has no such setting (yet) so therefore, it could not be accessed.
Technical updates
Yesterday and today were the VMS Technical Update Days (1) where we (system developers (some), system managers (most) and CIO's (were there any?)) were briefed on the current and future state of VMS, including what is to come in 8.3. And, of course, it's always fun to meet good friends, from the OpenVMS SIG and the bootcamp, including the HP technicians and our one and only soul-sister Sue Skonetski.
The last hours I joined the sessions on security and computer forensics by Laura Chappell of the Protocol Analysis Institute, mostly Windows and Unix based. Of course there was a question (not mine...) if she had any experience on and with VMS. She hadn't, "... but if anyone could lend me one"... I offered her access, and she might take it. I'll keep you updated.
And to those trying to hack their way in: Beware. I have new tools (toys?) to track you down.
The continueing story - AKA Soap
Of course, there has been no action on this front these two days. Just that I had a chance to ask HP's Brad McCusker (Mr. Unix Protability) who asked for more detail. I'll send info down to him.
(will (no doubt) be continued)
Athene problems
Working on Athene is troublesome. It's sometimes very sluggish, and typing even this text jumps now and then, just showing up the text when the type-ahead buffer is emptied. Telnet doesn't work fine either: as if the video cannot keep up with the connection. Might be NETBIOS, just learned (one of thos Windows protocols that behave like a stubborn, naughty, bad behaving child (The way Lause Chappell visualised it can (alas) not be repeated in text. And there is no video available...)
---------------------------------------------------
notes
[1] Thanks, of course, to Gerrit Woertman, one of the Dutch OpenVMS ambassadors, for getting this event to the Netherlands once again. And, of course, to Sue Skonetski and all those VMS engineers for their willingness to leave their families for a few weeks: Guy (who just turned 30 and misses his little daughter badly), Brad, Doug and those I didn't mention.

I had to explain where I spent these two days. And VMSTUD is an abbreviation that can easily be misunderstood: I guess VMS.TUD is another event than VM.STUD.

Thursday, October 6

06-Oct-2005

Soap (a continuing story)
(What happened before)
The problems found in Diana yesterday were cause by copying the wrong files - from Athene. These were generated by WDL2Java on this Windows machine so that is the reason that Microsoft references showed up.
I have asked for some support - just a few hours to get on track in coding, but it could take some time. Perhaps it's better to keep it at rest for a while....
One thing to find out is how to run a DCL script. A collegue sent me something but wasn't sure it would work on VMS: Kind of Telnet session....
(What happened today)
It came faster than I expected, so I had some explanation today, on a number of issues involved: how to get a DCL proceduere started (with parameters), how to get the parameters (well, these are generated, so already existing) and how to get the result (which is XML) back where a method result is a complex type.
Having it explained to "innocent" collegues - they know a lot about Java but hardly anything on webservices, let alone SOAP - clears the mind. It remains to be seen whether the code created by WSDL2Java is the one to be used. Dig deeper into the WSDL2Java documentation - if it can be found. - to see if another type of code (Document type) will do.
One issue however, had been cleared completely. When we searched Google for "Runtime getRuntime exec DCL", it revealed an early question I pushed on ITRC on this subject, and one answer brought up the userguide of java on VMS - and there it was: a complete example of how to run a DCL procedure. Right under the nose. I needed a bit of editing - comment out a bit of code that wouldn't be used - before compilation, and ran the test. Good - gives some idea of how to do it as well.
Another suggestion made: use the xstream package, jar is sent so it can be used. It's uncertain what dependencies will arise on runtime, but we'll see.
(to be continued - no doubt)
Mail problems?
For some reason, the web interface (the one directly on VMSMail) didn't show ANY message all day. In the evening it tuned out that all messages were read by Communigate (has been configured that way) but thouhg it was specified to leave messages on the server, all have been removed - sent to Wastebasket. Nothing found anywhere: not in operator.log, not in the TCPIP$POP_RUN.LOG. Stopped and restarted the POP server on Diana solved the problem. Next is to restore the messages so they can be retrieved again. Perhaps Communigate will retrive them again but that's no problem.
Communigate config and what came to it
Added account for KIM sio she will be able to exchange documents easily: create and modify them on Hera, store them in Communigate so they can be retrieved when she's with a collegue. (it might be an idea for Willemijn as well) .
Added a RPOP connection to the company mailbox - and what's in the inbox is retrieved. Good!
Added a local domain so the error of a non-supported domain has been solved. Added the same one in in DNS. but something seems not Ok there: but after stopping BIND, removing the .PID and .db_jnl files, and restart BIND, "homebox" can be translated but that seems not to be enough... well, keep it by address, no problem.

Wednesday, October 5

05-Oct-2005

SOAP (continued)
(Last day's review)
Missed some updates - nevertheless, could do some more on the project (which is on VMS as well, though on a different location) . Specified aURL to the "counterpart" to see if it works - basically.
It does.
Had some feedback, and could run all tests. again, and build the code - at least, almost everything. Next, since WSDL was present, created the webservices with skeleton again (as did at DIANA), but weird things happened.
(Current state)
Pushed the matter on ITRC - it came up with another blabla article that however proved the point: The track is right. Tried to build the application but no messages, and no resulting classes....
Tried to do the same on Diana, with a WSDL, it gave me the same files, but named all lowercase. Tried building it and it fails where on the project, no message was delivered:


/ApplicatieGegevens.java:11:
package com.microsoft.wsdl.types does not exist

private com.microsoft.wsdl.types.Guid parentLoggingID;

^


This is weird: com.microsoft.wsdl ???
I can imagine something's wrong, when on a VMS box!

So it might be that WSDL2Java has been executed against the wrong (.NET) WSDL? It explains the lowercase names, probably. Check against the project, some way....

(To be continued)

PC Trouble
Kim phoned -a friend said a Word document she received from Kim should contain a VIRUS. Well, Hotmail.com said so. Given the standard procedures not likely, nevertheless she scanned Hera and found no infections (to be expected with the rigorous update scheme) except for a number of questionable issues - malware and adware probably - and she had them removed.
(AV files have been updated yesterday evening, and she'd been busy yesterday morning. Infection is hardly possible since no mail is enetered directly on the machine, or it would be brought in by MSN)
Anyway, Hera is clean.
Scanned Aphrodite as well, no infections found.
Outlook troubles
Want to reach the company mailbox, set up Outlook but it seems there is a max of 3 internet services??? So added another profile for that account, and have Outlook ask for the profile.
NO WAY. No chnage in Outlook, it comes uop with the default settings as has been for years. The new profile is shown, but NEVER activated....Repaired - we'll see after reboot....
And for the rest:
CommunigatePro is working fine, the problem is that locally IO can only be accessed by address, since the webmail subdomain cannot be accessed from the intranet. http://io:8100 doesn't work either:



Will add " webmail" (without domain) as an alias to the nromal domain - for internal use.

Security issues:
No FTP break-in attempts since last one.
Spam attempts in October, as seen in consolidated log (it might be an idea to publish it on a daily basis, thinking of that):

1-OCT-2005 06:52:57.62 CLNTINRBL 12.219.254.126
2-OCT-2005 05:35:19.03 CLNTINRBL 213.98.39.93
2-OCT-2005 06:13:25.31 NOSPAMRLY 222.101.92.49 gjwns_44@daum.net
3-OCT-2005 03:28:17.09 CLNTINRBL 200.78.121.253
3-OCT-2005 12:08:19.03 BADMF whittledo@yahoo.com
3-OCT-2005 17:08:12.46 CLNTINRBL 83.17.58.19
3-OCT-2005 19:55:48.84 NOSPAMRLY 217.149.193.37 new_openrelay_test@internl.net

Ok, that's one I can understand - it's my ISP checking the mail server to be closed for relaying

3-OCT-2005 21:08:22.69 NOSPAMRLY 222.101.92.79 gjwns_44@daum.net
4-OCT-2005 15:22:02.55 NOSPAMRLY 222.156.4.147 sogiant.service@msa.hinet.net
4-OCT-2005 19:20:41.45 CLNTINRBL 202.86.205.3
4-OCT-2005 22:30:00.15 NOSPAMRLY 222.101.92.249 gjwns_44@daum.net

Some explanation:
CLNTINRBL: Client In RBL: This address is found in one of the references RBL's. An obvious one.
BADMF: Banned Domain Found: Client is found to be in a domain that is locally banned. I banned part of Yahoo except for some known senders because I have had very bad SPAM experieneces coming from YAHOO.
NOSPAMRLT: No SPAM Relay : the first (IP address) mentioned tries to relay to the second one. So the first one is the spammer. It's fun ti track them down:

$ dig -x 222.101.92.249
; <<>> DiG 9.2.1 <<>> -x 222.101.92.249
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45411

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;249.92.101.222.in-addr.arpa. IN PTR
;; AUTHORITY SECTION:
92.101.222.in-addr.arpa. 10800 IN SOA rev1.kornet.net. domain.rev1.kornet.net. 2001040300 43200 3600 604800 43200
;; Query time: 702 msec
;; SERVER: 192.168.0.2#53(192.168.0.2)
;; WHEN: Wed Oct 5 21:39:44 2005
;; MSG SIZE rcvd: 103

Who owns kornet.net:

$ whois kornet.net
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registeredwith many different competing registrars. Go to http://www.internic.net/for detailed information.


Domain Name: KORNET.NET
Registrar: INAMES CO., LTD.
Whois Server: whois.inames.co.kr
Referral URL: http://www.inames.co.kr
Name Server: NS.KORNET.NET
Name Server: NS2.KORNET.NET
Status: ACTIVE
Updated Date: 24-apr-2005
Creation Date: 08-jul-1998
Expiration Date: 07-jul-200
8

www.kornet.net is a korean site - with an English entry. They lease lines, to Internet cafes, it seems.

I don't think it will have a chance to contact them for blocking these relay attempts.

Sunday, October 2

2-Oct-2005

SOAP (continued)
(What would you expect?)
SOAP configured according the manual and following experiences from a project where it is used as well. Did some setup of user environment to have all the required logicals set(JAVA$CLASSPATH - to bypass a typically UNIX way of "solving" references) and compile at least two of the tools that are used anyay in that project: WSDL2Java and SOAPMonitor. The gory detail: When case is important (which is normal for java) strings need to be enclosed in double quotes. And that means: practically all options MUST be within quotes.
Tried the examples - same problems as in the projects. Again, the full path need to be specified, even if in current directory! Deployment of a service requires a lot of typing:

$ java "org.apache.axis.client.AdminClient" -
_$ "samples/userguide/example3/deploy.wsdd"

Nor does SOAPMonitor show anything, but that could well be a matter of configuration (one more!).

Still, it doesn't work as expected, but later it was found that this was partly the result of a typo in the commandprocedure that sets the paths (set_axis.com): used "-" in stead of "_" and some access matter in example1. But for the rest, all went all right in the projects, so to be tested here as well - guess it's all Ok now:

$ java "samples.userguide.example1.TestClient"
java.net.UnknownHostException: nagoya.apache.org
$ java "samples.userguide.example2.CalcClient" add 1 2
Got result : 3
$ java "samples.userguide.example3.Client" "Test me!"
You typed : Test me!
$ java "samples.userguide.example4.Client"
Hi, you've reached the testMethod.
$ java "samples.userguide.example5.Client"
Hi, Glen Daniels!

You seem to have ordered the following:

1 of item : mp3 jukebox
4 of item : 1600mah Battery


If this had been a real order processing system, we'd probably have charged you about now.

example 6 seems NOT to have an entry point????

On the project, WSDL2Java for a server created deployment files, because this was specified. But without, above message caused a stop at that point.
Will try in the project, and after that, here as well.

Monthly Maintenance
New month = zip logs of previous month. Not all, yet, but operator logs to start with. Still need to do something on the web- and FTP logs, and the ones from the router.
Checked updates for PC's - there are some, but no time to install them. (There rea for the VMS boxes as well but none critical, it seems).

By the way: have to test the new router/firewall. Has been set up (mostly, just Communigate needs to be enabled) but it requires a test. If that succeeds, Charon can be swithed off (saving power).