💾 Archived View for gemini.spam.works › mirrors › textfiles › hacking › primos2.txt captured on 2021-12-04 at 18:04:22.
-=-=-=-=-=-=-
_______________________________________________________________________________ INTRODUCTION TO THE PRIMOS OPERATING SYSTEM Part II (Internal Snooping and Basic Commands) Written by Violence Copyright (C) 1989 The VOID Hackers _______________________________________________________________________________ Welcome to Part II of my series on PRIMOS. In this part I will go over such things as how to make your stay on a Prime computer last longer, basic PRIMOS commands to memorize, user-to-user communication, internal PRIMOS security, and how to explore the vast reaches of a Prime computer. _______________________________________________________________________________ MAKING YOUR STAY LAST LONGER Now that you have logged in, there are a few things that you should do immed- iately to insure a nice long visit. You should make this procedure routine and do it everytime you login. Once logged in you will, as illustrated in Part I, see the login herald and then, assuming the account is not captive (there will be a section on Captive Accounts later in this part), get the system prompt (generally an "OK,"). You are now using PRIMOS and the prompt signifies that you are at the PRIMOS comm- and line. Most Primes use the standard "OK," prompt, but some do not. For this series, I shall assume that your Prime uses the "OK," prompt. Now, type some nonsensical command. Try arf. Here is what should happen: OK, arf Not found. ARF (std$cp) ER! Notice that when you enter an invalid command you get a new prompt. On all standard systems, it is "ER!". Again, this prompt can be changed and, through out this series, I shall assume that it is set to "ER!". NOTE: std$cp means Standard Command Processor. Sometimes instead of std$cp you will get a (processcommand) error. They are the same thing, just differ- ent names for different revision levels. Now that you are in, you are going to want to perform a few actions to make sure that you are safe. The first of these actions is to turn off all COMO files. COMO is the abbreviated form of the COMOUTPUT command. COMOUTPUT turns on a buffer if you will, much like your terminal program's copy buffer. From the time a COMO file is turned on everything you type and everything PRIMOS says to you will be logged to a SAM (sequential access method) file (a text file). To turn off a COMO file you will type this at the system prompt: OK, como -e The "-E" argument means "END" and will end any COMO processes. If you can't see what you are typing then perhaps the initiating COMO command turned off all terminal output. You can turn it back on by typing: OK, como -tty To save time, nest the arguments as such: OK, como -e -tty The next thing you should do is make sure that you are the only person using the account you logged in to (we don't want any irate users on our hands, now do we?). Do this by typing: OK, stat -me Assuming you are logged in as user PRIME, PRIMOS will output the following: Line User No oct( dec) Devices PRIME 87 125( 85) <USER05> The "User" column displays your User ID. The "No" column lists your user number. The "Line" column indicates the AMLC line you are using (the physical modem line) in both octal and decimal notation. The "Devices" column displays the current disk partition that you are attached to. In this case, we are attached to the <USER05> disk partition. If you find that there is more than one of you logged in, then you should make a hasty exit and logout. There is a correct way to logout and an incorre- ct way to logout. The correct way to logout is listed below. NEVER hang up on a Prime. Always logout in the illustrated fashion. OK, rsterm OK, lo The RSTERM command empties your terminal read (input) and write (output) buffers. This throws away anything in your type-ahead buffer and gets rid of all output pending. The LO command logs you out of the system. When you logout you will see a message similar to this: PRIME (user 87) logged out Sunday, 22 Jan 89 16:23:56. Time used: 00h 08m connect, 00m 03s CPU, 00m 00s I/O. Everything listed in this message should be self-explanatory by now, but in case you are still bewildered. The connect time is how long your session lasted in hours and minutes. The CPU time indicates how much actual time you manipulated the central processing unit (CPU); listed in minutes and seconds. The I/O time indicates how much actual disk I/O (access) you performed; in minutes and seconds. Assuming that no one else is using the account you are logged in as take a look and see who else is on the system. Do this by typing: OK, stat us The Prime will display the following to you: Line User No oct( dec) Devices SYSTEM 1 asr <COMDEV> SMITH 5 3( 3) <USER05> <COMDEV> JOHNSON 70 104( 68) <USER05> <COMDEV> PRIME 87 125( 85) <USER05> <COMDEV> TIMER_PROCESS 123 kernel <COMDEV> LOGIN_SERVER 124 LSr <COMDEV> (3) DSMSR 125 DSM <COMDEV> DSMASR 126 DSM <COMDEV> SYSTEM_MANAGER 127 SMSr <COMDEV> LIB 129 phant <COMDEV> AL132 LQP 130 phant <COMDEV> AL133 PR0 131 phant <COMDEV> PR2 BATCH_SERVICE 132 phant <COMDEV> SYSTEM 133 phant <USER01> <COMDEV> SYSTEM 134 phant <USER01> <COMDEV> SYSTEM 135 phant <USER01> <COMDEV> SYSTEM 136 phant <USER01> <COMDEV> Notice how the STAT US command's user display procedure is identical to that of STAT ME. Let me explain these users now. What's there to explain about users, you ask? Why, lots. Some of the users listed abover aren't actual people, but rather phantom users, processes that execute on their own. Look at SYSTEM. See how this User ID doesn't have a line listing? Instead of the familiar octal and decimal AMLC line listing, it says "asr" instead. Also notice how TIMER_PROCESS is listed as "kernel". The list goes on too, as you can see. LOGIN_SERVER is "LSr", DSMSR and DSMASR are "DSM", and SYSTEM_MANAGER is "SMSr". Also notice all those users listed as "phant". Basically, all User ID's that lack octal/decimal AMLC line notation are not actual people and cannot harm you with the exception of SYSTEM_MANAGER and SYSTEM. These users, while not people, are consoles, terminals if you will, that are logged in all the time. One monitors the system's front door and logs to screen and disk (and occasionally printer) all logins (successful and unsuccessful) and logouts. The other just sits there, waiting for the system manager to do what ever he likes. A good way to tell if either of these User ID's is active, is to look and see where they are attached to (ie, the info displayed in the "Devices" column). If you see it attached to an MFD (Main File Directory) other than the root MFD, then cruise and come back later. I will explain this a bit more in a second. LSr is the login server. It is what you "talk to" (in a manner of speaking) when you connect to the Prime initially. "kernel" is the heart of the PRIMOS operating system. When you have logged in, you are talking directly to it. "phant" users are phantom processes (batch jobs) that are executing independant of a system terminal. They perform rudimentary tasks such as running the prin- ters, backing up the system, running the RJE and Batch Job managers, etc. They perform many activities, almost always geared towards the system's needs. DSM users are Distributed System Management utilities runnung as phantoms. The DSM utilities are present to help the System Admin administrate his system. There will be more on the DSM utilities in Part III of this series. To help you out, I have prepared these two tables. They cover all of the above procedures and what you should do. For the first few times, you should use the tables. When you have memorized them you will be doing pretty good. LOGIN PROCEDURE 1. COMO -E 2. STAT ME (is there more than 1 of me logged in? Yes? Logout!) 3. STAT US (are there lots of users online? Yes? Logout!) LOGOUT PROCEDURE 1. RSTERM 2. LO That should do it for this section. I will now go into the basic PRIMOS comm- ands that you should familiarize yourself with and memorize. _______________________________________________________________________________ BASIC PRIMOS COMMANDS AND INFORMATION ABOUT PRIMOS FILES We're all ready to start covering the first PRIMOS commands to add to your new repetoire. In this section you will learn how to move around PRIMOS directory structures, how to view files, how to get full status on the Prime system, and how to get further help. First off, let me tell you a little bit about directories and how they are set up. On each logical disk on a Prime, there is a root directory called the MFD (Main File Directory). Each MFD on a system has a unique number after it. In this manner all logical disk MFD's are separate from one another. Below the MFD's are directories called UFD's (User File Directories). It is the UFD's that users login to. Not all UFD's, however, are login directories. All dir- ectories below the UFD level are called sub-UFD's (subdirectories). An illus- tration of what I am talking about follows. MFD 0 ------------- MFD 1 ------------- MFD 3 ------------- MFD 4 ______|______ ______|______ ______|______ ______|______ | | | | | | | | | | | | UFD UFD UFD UFD UFD UFD UFD UFD UFD UFD UFD UFD | | | | | SUB SUB SUB SUB SUB UFD UFD UFD UFD UFD Notice that not all UFD's have sub-UFD's. Not illustrated is the fact that sub-UFD's can have sub-UFD's under them. It's set up a lot like most micro- computer Disk Operating Systems. When you login you will be attached to your account's initial attach point (ie, your "home" directory). This will most likely be a UFD, but in some cases you will attach to an MFD. In any case, to move from directory to directory you'll use the ATTACH command. You can abbreviate ATTACH with an A. PRIMOS underst- ands ATTACH and A as being the same command. The basic format of ATTACH is: ATTACH pathname To attach to an MFD you would type: OK, a mfd # Where # is the logical device number of the MFD you wish to attach to. MFD nu- mbers always start out at 0 and increment sequentially. More on this in a few. If you are attached to an MFD or a UFD you simply need to use the UFD name you wish to attach to as the pathname. If you wish to attach to sub-UFD's then you will need to use the full pathname. Here are some examples: OK, a mfd 0 OK, a primenet* OK, a info Top-level directory not found or inaccessible. INFO (ATTACH) OK, a primenet*>info Notice how when you tried to attach to info you got an error. Well, that was because info is a sub-UFD and you need to supply the full pathname when you at- tach to sub-UFD's. Notice that when you attached to info in the correct manner you used the ">" character to separate the elements of the pathname. Locating all the available MFD logical device numbers is easy. Just type: OK, stat disk PRIMOS returns this output to you: Disk Ldev Pdev System COMDEV 0 1460 USER01 1 31460 USER02 2 32462 USER03 3 462 USER04 4 11062 USER05 5 62060 USER06 6 101062 "Disk" indicates the actual disk partition's root pathname. "Ldev" is the logical device number of a given partition. "Pdev" is the physical device number. The "System" column will be blank unless a given disk partition is located on another system. What? Impossible? Not at all. With PRIMENET, Prime's networking software, disk partitions on system B can be accessed from system A. If you are not on a system equipped with PRIMENET then the "System" column will be blank. More on this in the PRIMENET section. What is important to us immediately is the data in the "Disk" and "Ldev" col- umns. Each of these disk partitions is an MFD On some systems you will find two useful utilities, UP and DOWN. These are ex- ternal commands. They simplify moving about directories in PRIMOS. Here is how to use them. UP [n] UP allows you to move up a specified number of levels. The specification of "n" is optional. If you do not specify a value for it, it will have a default value of 1. DOWN directory_name DOWN allows you to move down one directory in the tree. You must specify the name of the directory that you wish to move down into. You need only specify the UFD or sub-UFD name. There is no need to specify the entire pathname. If these utilities are not on the Prime you are on then you can upload them to the Prime's CMDNC0 directory (where external commands are stored). There will be more information on this in Part V. Viewing files in PRIMOS is as easy as can be. You simply use the SLIST (seq- uential List) command. The format is as follows: SLIST filename You must include the file extension of the file that you are SLISTing. Briefly here is a list of file types and what they mean. Extension SLISTable? Description .ABBREV N Abbreviation files .BAS Y BASIC source code .BIN N BINARY image file .CBL Y COBOL source code .CC Y C Compiler source code .COMI Y COMMAND INPUT data files .COMO Y COMMAND OUTPUT data files .CPL Y CPL (Command Procedure Language) programs .F77 Y FORTRAN-77 source code .FTN Y FORTRAN IV source code .GVAR N Global variable files .PL1 Y PL/1, Subset G source code .PLP Y PLP source code .PMA Y Prime Macro Assembler source code .RUN N Prime-written programs; int cmds (compiled) .SAVE N Prime- and user-written programs (compiled) NOTE: The "SLISTable" column indicates that the file type in question is a SAM file (Sequential Access Method; a text file) and can be viewed normally by the SLIST (Sequential List; like the TYPE command found on most PC's) command. You can SLIST non-SAM files, but they will come out as garbage and that can be a pain in the ass. If you should SLIST a non-SLISTable file type then use BREAK or CONTROL-P to abort the listing. A very important command is the LD command (List Directory). LD will display the contents of the current attach directory. To use it just type: OK, ld The LD command supports wildcarding, too. If you should want to display all the CPL files in a directory, use LD in this manner: OK, ld @@.cpl Notice the "@@" in the above command. It tells LD to do a wildcard search for all files ending with the extension ".CPL". Just experiment with this aspect of LD. It's really quite simple. Getting more information about the Prime you are on is easy. Just use the STATUS (abbreviated STAT) and LIST commands. Here are lists of these commands and what they do. Remember the STAT US and STAT ME commands I mentioned in Part I? Well, as you probably guessed, there are several other options to the STATUS command. Here are the other options and what they do: NOTE: Capitalized letters in this table indicate the option's abbreviation. OPTION MEANING ALl Display all info available through STATUS. DEvice Display physical and logical device numbers of any assigned mag tape drives. NEtwork Displays the status of other systems to which your system is attached by PRIMENET. PRoject Displays the Project ID of all users logged in. SEmaphores Displays the value of user semaphores that have been set on the system. A semaphore is a flag used for synchronizing processes. It is used by cooperating user processes to control access to a single shared resource. SYstem Shows the system nodename and revision of PRIMOS. UNits Shows you what file units you have open. Sub: Other Nets [BitNet etc..] Read: (1-30), Message # 30, (c/r)=Next Msg ?:R 29/30: Prime file 4 of 10 Name: Predat0r #1 @5211 Date: Wed Apr 17 10:33:51 1991 From: Youth International Party Line (Kentucky) Remember, I did not mention the USers, ME, or DIsks options here, as they were fully detailed in part I of this series. If the STATUS command is issued without any options, information is provided on the following options in this order: SYSTEM, UNITS, DISK, SEMAPHORE, NETWORK and ME. NOTE: There will be some information regarding the STATUS NETWORK command in a later section entitled "HINTS ON HACKING PRIMENET". That pretty well sums up the STATUS command. But is that all? Hell no. There is also the LIST command. If you thought STATUS had a lot of options then wait until you check this lovely command out. I will only cover the useful options. First in the syllabus is the LIST_ACCESS command. This command will show you what User ID's have access to the UFD that you are currently attached to. Assume that you are attached to your initial login UFD. Also assume that your User ID is STEVE.SYS. Here is an example of what LIST_ACCESS would display: OK, list_access ACL protecting "<Current directory>": STEVE.SYS ALL SYSTEM ALL $REST: NONE The above command example displays all of the ACL's (Access Control Lists) regarding your UFD. Notice that you, STEVE.SYS, have ALL rights to your UFD (naturally). Also notice that SYSTEM has ALL rights too. Why? Most likely backup purposes. Also notice that $REST (meaning all other user ID's) has NO rights. Now, lets assume you ATTACHed to another user's UFD. Say, JOHN. Here is what you might get: OK, a john OK, list_access ACL protecting "<Current directory>": JOHN ALL SYSTEM ALL SIMSON DALURW $REST LUR Quite a different story here. Again JOHN and SYSTEM have ALL rights here. But wait, SIMSON has DALURW access and $REST (everyone else) has LUR. What do these cryptic phrases mean? This, I would gather, would be a good time for me to explain the PRIMOS access codes. So without further ado: Code Right Applies to Allows user to ---- --------- ------------- -------------------------------- P Protect Directories Change accesses and attributes D Delete Directories Delete directory entries A Add Directories Add directory entries L List Directories List directory entries U Use Directories ATTACH to directories R Read Files Read file contents W Write Files Change file contents As illustrated above, the ALL and NONE mnemonics are also PRIMOS access codes. ALL indicates YES to ALL of the above and, as you can full well guess, NONE indicated that all access is denied. Also be aware that file systems (groups of files) can be protected by an access category. To list the access of an access category type the following command: LIST_ACCESS [category_filename] Next is the LIST_GROUP command. It lists all of the ACL groups to which you belong. These groups may govern access to some files on the system. If you don't belong to any groups then PRIMOS will reply with: No groups. (list_group) Otherwise PRIMOS will respond in the following format: Groups are: .HELP .ADMINISTRATORS .ETCETERA The LIST_GROUP command can be abbreviated to LG. LIST_PRIORITY_ACCESS (abbreviation LPAC) is used to display your priority access on any given disk partition. While normally you would use LIST_ACCESS to examine all access rights and priority ACL's on file system objects, LPAC is available since a priority ACL can prevent you from accessing directories and from using the LIST_ACCESS command. Command format is as follows: LIST_PRIORITY_ACCESS [pathname] [-brief] The LIST_QUOTA command (abbreviated LQ) is, in my opinion pseudo-worthless since file quota information is displayed when the LD (List Directory) comm- and is issued. The LQ command displays current disk quota and storage info- rmation for the current (or specified) directory. To issue this command, you need to have L (list) access to the target directory and U (use) access to all higher directories. The proper command format is: LIST_QUOTA [pathname] [-brief] Executed without pathname, LIST_QUOTA returns information regarding the current directory you are ATTACHed to. Quotas are storage space constraints set on a directory. The limits are listed in disk records. A 0 quota is great (indicates no quota). A quota of 1 is absolutely lousy. A quota of 1000+ is ok. If a directory has a quota of, say, 1000, then the total number of disk records used in that directory and ALL sub- UFD's below that may NOT exceed the quota. If you have P (protect) access on the current UFD then you can use the SET_QUOTA command to change the UFD quota constraints. I know I am getting off the subject at hand, but I'll just say this anyway! :-) The format is: SET_QUOTA pathname [-Max N] The abbreviation for SET_QUOTA is SQ. The argument -MAX indicates the max. number of quotas that the specified pathname can store. N is a decimal number. Back to the LIST commands. Next up is LIST_ASSIGNED_DEVICES. This command invokes a utility in CMDNC0 that will display all devices hooked up to your Prime, such as printers, etc. Disk partitions are not listed by the LIST_ ASSIGNED_DEVICES command. Some assignable devices are listed below: Device Code Meaning ASYn Asynchronous Communications Line (a leading zero is required for single digit names; for example ASY07 must be used to specify line 7). Line numbers are in decimal. CARDR Serial Card Reader CRn MPC Parallel Card /reader or Reader/Punch DISK pdisk Physical Partition (pdisk is a partition (volume) number) GS0 - GS3 Vector General graphics display terminal MG0 - MG3 Megatek graphics display terminal MTn Magnetic tape unit PRn Line Printer PTR Paper Tape Reader PUNCH Paper Tape Punch PLOT Printer/Plotter SYNCn Synchronous Communications Line (a leading zero is required to specify single digit lines). You can use the -USER [option] argument to specify a list of users, by name or number. Assigned devices whose assigning user is not in this list are not displayed. The default is all users. The format is either: LIST_ASSIGNABLE_DEVICES -USER {user name} or LIST_ASSIGNABLE_DEVICES -USER {user numbers} Remember, the -USER argument is optional, and not required. It is just useful for listing assigned devices that were assigned by a particular user. LIST_ASYNC is another good one. This command displays all of the systems hard- wired lines and what they are doing. There are three types of assignments that a line can have, and these are: FREE Line is free to be assigned ASSIGNED Line is assigned to a hardware device (printer/etc) LOGIN Line is available for login (terminal or remote) The header for the display is as follows: Line Line Auto speed Line line User User number use enabled speed protocol number name Line number is the physical line's identification name. Line use indicates how the line is assigned (free, assigned, login). Line speed indicates the speed of the physical line. Line protocol indicates the line factor (either TTY or TTYNOP). TTYNOP means TTY not operational. User number indicates the user number associated with the AMLC line. User name is the actual name of any user/phantom using that line. I am not too sure about the Auto speed enabled column. LIST_COMM_CONTROLLERS displays information on all the communication controllers present in a system, excluding the Prime Node Controller. Information is given for each controller and includes the controller name, its type, its device address, the number of synchronous lines attached, and the number of asynchro- nous lines attached. LIST_CONFIG displays the current system configuration. LIST_LAN_NODES displays all nodes on a Prime LAN300 system. Be aware that this external command works only with Prime's LAN300 system (so far as my experience goes). LIST_SYNC displays all synchronous lines on a Prime system. LIST_PROCESS displays the environment of a specified user process. The user's process identity is displayed, together with details of its environment which include: attach points; abbreviation file; active COMI and COMO files; connect, CPU and I/O times and limits; the user's ACL groups; and all active remote identities. There are several more LIST_ commands, but they are not too important at the present moment. I'll let you learn about them on your own via Prime's excel- lent online help facility. To use the PRIMOS online HELP facility, just type HELP. Or, if you know what you need help with, type HELP commandname. Really quite simple. _______________________________________________________________________________ USER-TO-USER COMMUNICATION It is always useful to know how to send and receive messages when on a computer system, and PRIMOS is no exception. Whether communicating with other hackers online, or attempting to social engineer a legitimate user or system operator. Any user on a Prime may send or receive messages. Messages may be sent from: o any user terminal to any other user terminal o any user terminal to the system console o the system console to all user terminals o the system console to any specific user terminal o the system console to any system console on another node of the network (PRIMENET-equipped systems only) Sending messages to users on a Prime is very easy. The message command form- at is as follows: MESSAGE [username] [-NOW] [-ON nodename] [-usernumber] The abbreviation for MESSAGE is M. So instead of typing MESSAGE all the time, you can type M instead. Notice [username] and [-usernumber]. When sending messages to a user you need only specify one or the other. If you were to send a message to user SYSTEM you would type: OK, m system That would enable you to send a message to user SYSTEM. Be aware that the message you send will be displayed to ALL users logged in under the User ID of SYSTEM. In the case that there are more than 1 user with the same User ID log- ged in at the same time, you might want to do use the [-usernumber] argument. It works like this: OK, m -2 That would send a message to the user with the user number of 2. The message you send in this case would ONLY be sent to the user with the user number of 2. Use either the user name or the user number, but not both, for using both will cause an error to be displayed by PRIMOS. If may omit the [username] and [-usernumber] arguments then the message will be sent to the system console. Be careful about this! The -NOW argument is optional. If it is specified then the message will be sent to the user immediately. Otherwise the message will be put into a queue and sent only when the target user has returned to PRIMOS command level. The -ON argument need only be specified if you wish to send a message to a user that is logged in on a remote site. This argument will not be required at all if the Prime you are on is not equipped with either the PRIMENET or the LAN300 networking software packages (by Prime Computer, Inc., of course). In order to use this argument you need to know the remote system's nodename. An example of sending a message to a remote system user is: OK, m hacker -on sys.c This would send a message to User ID "HACKER" on the networked Prime system called "SYS.C". Remember, you need to know the correct nodename of the remote system. Just like in real-life situations (people-to-people), PRIMOS users may or may not wish to speak to you. So before sending a message, you should make sure that the user you wish to communicate with is accepting messages. There are several ways to obtain this information. Message -STATus - Lists receive state of ALL users Message -STATus username - Lists receive state of all users with the name of "username" Message -STATus usernumber - Lists receive state of all users with the number of "usernumber" Message -STATus ME - Lists the receive state of your own terminal/process. NOTE: Capital letters in the above forms of the message status commands ind- icate the legal PRIMOS abbreviations for the commands. When first initiating a session in which you feel you might be doing some user- to-user communication you should issue the "Message -STATus" command. This will display the message receive state of all users presently online. Here is an example of the output you might receive: OK, m -stat User No State SYSTEM 1 Accept PRIME 13 Defer PRIMOS 24 Accept HACKER 37 Reject RAGE 42 Accept In the above example you notice that there are five processes logged in, one of them being the physical system console. The "No" column denotes the user's user number, while the "State" denotes their message receive state. Notice how there are three message receive states listed, accept, defer, and reject. In theory, these states are defined as such: ACCEPT - Enables reception of all messages DEFER - Inhibits immediate messages REJECT - Inhibits all messages If you are set to accept then all messages sent to you will be displayed on your terminal immediately. In defer mode messages will not appear until what you are doing is done (ie, a message will not appear while in the middle of a currently executing command). In reject mode no messages will be received by you. Setting a receive state is useful when you do not wish to be disturbed. It is especially useful to use receive states when using any of the PRIMOS editors or utilities. Sending messages while in reject mode and sending immediate messages while in defer mode is not permitted as the user you are attempting to communicate with will not be able to respond. To set your message receive state, simply type: Message -state '-state' is either accept, defer, or reject. Quite simple. You are advised to avoid sending messages to the system console as that could be potentially hazardous to your stay on a Prime computer system. Pestering legitimate users is also not desired. Use your common sense. _______________________________________________________________________________ A DISCOURSE ON INTERNAL SNOOPING TACTICS Once inside a Prime, your paths are many. Some lead to glory, others to delet- ion of your account (gulp). To aid you in choosing the correct paths, you must snoop about your newfound host. By doing this, you can learn many things, some of which include: o Who owns the Prime and what they are doing on it o More accounts on the system o More accounts on DIFFERENT Prime systems There is plenty for you to do. I strongly urge that you make the snooping pro- cedure a routine and that you do it *immediately* upon obtaining an account, as you never know how long it might last. Finding out who owns the Prime and what they do on it is always rewarding. The best systems I have been on were Prime Computer, Inc. development systems, 3rd party development systems, and Prime's belonging to certain telephone companies (which shall, of course, remain unmentioned). Depending upon who owns the host you may obtain a bit more information that you had expected. More accounts on the system is what you are really after, however. Many users are exceedingly lax. A brief inspection of all mail in the queue can sometimes yield accounts, as can individual programs (source code) and documents. There will be more on this topic in the section entitled, "Exploring the Vast Reaches of a Prime". As for more accounts on different systems, I am saving that for the article on Prime networking (Part IV). There will be a host of information regarding the advanced snooping tactics used in order to snoop about PRIMENET-based systems and their respective Token-Ring/LAN300 networks. _______________________________________________________________________________ INTERNAL SECURITY Before you can really start exploring your new Prime, you need to understand how PRIMOS internal security is implemented and how to get around it. As you have seen from the section con basic PRIMOS commands, PRIMOS utilizes access control lists (ACL's). Getting around ACL's is almost an impossibility. There will be a full discussion on ACL's in Part V. Also you will occasionally run into passworded directories. To attach to a passworded directory, you would type something similar to this: OK, a 'dirname password' Notice how you followed the directory name with the password and enclosed the entire deal with quotes. If you were going to attach to a passworded sub-UFD you might type something like this: OK, a 'primenet*>info>source password' Passworded directories can be a pain in the ass, but, unlike ACL's, they can be gotten around. Look inside CPL programs (by SLISTing them) for occurrances of ATTACH statements enclosed in single quotes. Thats about all the internal sec- urity in PRIMOS up to the current revision level (22.0.0). _______________________________________________________________________________ EXPLORING THE VAST REACHES OF A PRIME When looking around a Prime, always start in your initial attach UFD. Check out every file in it and every file in sub-UFD's under it. When finished there cruise on up to MFD 0 and start down-attaching to the many UFD's there and look at everything. SLIST all SAM files, read all mail, look at EVERYTHING. Leave no UFD un-attached to! Leave no file un-read. Understandably it will take a good few hours (sometimes as many as 12) to fully investigate a Prime, but believe me, it is worth it. Capture everything that looks valuable to your buffer. When done looking, follow up everything you captured. Well, that about wraps up Part II of this series. Look forward to lots of use- ful information regarding the myriad of PRIMOS applications in the next part of this series. Just some of the information in the next part will be: o Using EDIT_PROFILE to create and modify accounts o The DSM (Distributed System Management) utilities o Using the myriad of MAIL utilities o Editing and Uploading text via the ED text editor Until then may the forces of darkness become confused on the way to your house. _______________________________________________________________________________ End of Part II of the "Introduction to the PRIMOS Operating System" _______________________________________________________________________________