Hello
Believe it or not...
but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
Anyone that has knowledge of such a product for OpenVMS ?

--
kind regards/mvh

Niels S. Eliasen

Eliasen Consult
Oregaardsvaengevej 1
DK-4720 Præstø
Tel/Cell: +45 21779590
mailto:niels@eliasen.co

On Thursday, August 10, 2023 at 8:47:18 AM UTC+1, Niels S. Eliasen wrote:
> Hello
> Believe it or not...
> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
> Anyone that has knowledge of such a product for OpenVMS ?
>
>
> --
> kind regards/mvh
>
> Niels S. Eliasen
>
> Eliasen Consult
> Oregaardsvaengevej 1
> DK-4720 Præstø
> Tel/Cell: +45 21779590
> mailto:ni...@eliasen.co

See OpenVMS FAQ 5.2 http://www.faqs.org/faqs/dec-faq/vms/part3/

There have been a couple of scanners of windows files held on VMS servers and there are various security products for OpenVMS.

In article <0948a0e4-51d5-49c5-974c-5f843d6d84aen@googlegroups.com>,
gxys@uk2.net (Ian Miller) wrote:

> See OpenVMS FAQ 5.2 http://www.faqs.org/faqs/dec-faq/vms/part3/
>
> There have been a couple of scanners of windows files held on VMS
> servers and there are various security products for OpenVMS.

That FAQ is almost 18 years old. Is there no newer version?

Also, some people will wrongly conclude that running on x86 makes VMS
susceptible to the huge number of x86 Windows viruses.

John

On 8/10/2023 3:47 AM, Niels S. Eliasen wrote:
> Hello
> Believe it or not...
> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
> Anyone that has knowledge of such a product for OpenVMS ?
>
>

Contact Network Dynamics, they might have some stuff.

--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486

On 8/10/2023 6:21 AM, Dave Froble wrote:
> On 8/10/2023 3:47 AM, Niels S. Eliasen wrote:
>> Hello
>> Believe it or not...
>> but was asked by a customer yesterday: "What anti-virus software exist on
>> OpenVMS ?"
>> Anyone that has knowledge of such a product for OpenVMS ?
>>
>>
>
> Contact Network Dynamics, they might have some stuff.
>

I must have the wrong name, google search doesn't find them. But I get mail
from them.

--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486

On 2023-08-10, Niels S. Eliasen <nse@eliasen.co> wrote:
> Hello
> Believe it or not...
> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
> Anyone that has knowledge of such a product for OpenVMS ?
>

I don't see that as strange at all and it is a _very_ valid question
for a customer to ask.

However, if they are asking this question, then they may start asking
other questions such as how do you protect data at rest and data in
motion on VMS ?

You may want to think about what your answers to those questions will be
in case you get asked them.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.

On 2023-08-10, John Dallman <jgd@cix.co.uk> wrote:
>
> Also, some people will wrongly conclude that running on x86 makes VMS
> susceptible to the huge number of x86 Windows viruses.
>

No, but what it does make them vulnerable to are backdoors/vulnerabilities
in the firmware, vulnerabilities in the underlying VM, and vulnerabilities
in the underlying hardware.

No doubt the same issues exist on other platforms VMS runs on, but the
difference is that x86-64 is being actively probed by an entire army of
security researchers.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.

On Thursday, August 10, 2023 at 6:32:48 AM UTC-4, Dave Froble wrote:
> On 8/10/2023 6:21 AM, Dave Froble wrote:
> > On 8/10/2023 3:47 AM, Niels S. Eliasen wrote:
> >> Hello
> >> Believe it or not...
> >> but was asked by a customer yesterday: "What anti-virus software exist on
> >> OpenVMS ?"
> >> Anyone that has knowledge of such a product for OpenVMS ?
> >>
> >>
> >
> > Contact Network Dynamics, they might have some stuff.
> >
> I must have the wrong name, google search doesn't find them. But I get mail
> from them.
> --

NetworkING Dynamics (you forgot the ING)

https://networkingdynamics.com/

On Thursday, August 10, 2023 at 3:47:18 AM UTC-4, Niels S. Eliasen wrote:
> Hello
> Believe it or not...
> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
> Anyone that has knowledge of such a product for OpenVMS ?
>
>
> --
> kind regards/mvh
>
> Niels S. Eliasen
>
> Eliasen Consult
> Oregaardsvaengevej 1
> DK-4720 Præstø
> Tel/Cell: +45 21779590
> mailto:ni...@eliasen.co
Niels,

First item, to the best of my knowledge there has never been an OpenVMS virus, as the term is used in the Windows/Mac/linux world.

If you check the industry databases of known vulnerabilities, e.g., CVE , it is rare for OpenVMS to be mentioned. There have been vulnerabilities referencing OpenVMS, generally involving OpenSource software ported to OpenVMS, e.g., the year 2028 issue for Unix style 32-bit dates.

Common pathways used by malware to infect systems are also not as prevalent on OpenVMS as on platforms where web browsers are commonly used.

Holes in underlying processor firmware and virtualizations are a hazard, but I not recall any Windows anti-virus product addressing that class of exploits. All mitigations involving processor timings are typically remediated by "not doing that". I admit that I do not believe that "not doing that" is not a good solution in any context.

Simon's question concerning "data at rest" is a valid concern, but can be addressed by using appropriately configured storage devices.

If you want to speak privately, please feel free to email me directly.

- Bob Gezelter, http://www.rlgsc.com

On 2023-08-10 14:47:12 +0000, Bob Gezelter said:

> On Thursday, August 10, 2023 at 3:47:18 AM UTC-4, Niels S. Eliasen wrote:
>> Hello Believe it or not... but was asked by a customer yesterday: "What
>> anti-virus software exist on OpenVMS ?" Anyone that has knowledge of
>> such a product for OpenVMS ?...
> Niels,

That's going to be an interesting quest.

There's little add-on anti-malware for OpenVMS, with the DECdetect
product (later known as "POLYCENTER System Integrity Checker") being
long retired, and probably then sold off. DECinspect was deprecated
long ago, and some of its security recommendations were... problematic.
Some third-party might have an add-on scanner or related, but I'd tend
to be skeptical about that.

The usual preferred source for these sorts of malware-scanning and
security-scanning products would be VSI, and AFAIK they have none
available. Check with VSI to see what they recommend, of course.

If you don't yet have VSI OpenVMS and VSI layered product app versions
installed and in use, that's going to be an issue you'll want to
address, too.

> First item, to the best of my knowledge there has never been an OpenVMS
> virus, as the term is used in the Windows/Mac/linux world.

I wish that fiction would die, Bob. Yes, there have been classic
viruses on OpenVMS. They are exceedingly rare, but have existed. U Mass
Amherst had a DCL virus wandering around many years ago, IIRC. WANK was
a well-known worm involving DECnet. Those sorts of malware
threats—viruses, worms, etc—are also not the threats most OpenVMS sites
will ever meet. OpenVMS usage is so tiny, nobody is going to bother to
open distribute classic worms or classic self-replicating malware,
though they might distribute it through a breach at various providers
including VSI and some other entities. There are some really good ways
to do that distribution, too.

That written, some of the more modern security practices such as
monitoring outbound network activity from OpenVMS servers, and simply
blocking and alarming various sorts of traffic, for instance, are very
much applicable to local security.

Remote monitoring tools have been around, though those are mostly
open-source add-on tools:
https://groups.google.com/g/comp.os.vms/c/JwPp_iGtkLw/m/3E_RAchfBQAJ
There is (or was?) a Zabbix port around, for instance. VSI IIRC had a
syslog (or syslogng?) port, too.

> If you check the industry databases of known vulnerabilities, e.g., CVE
> , it is rare for OpenVMS to be mentioned. There have been
> vulnerabilities referencing OpenVMS, generally involving OpenSource
> software ported to OpenVMS, e.g., the year 2028 issue for Unix style
> 32-bit dates.

It is rare for OpenVMS to be mentioned because OpenVMS is only rarely
used, and because the OpenVMS vendors didn't and generally don't log
and don't track CVEs.

There have been repeated CVEs involving a couple of packages found on
various OpenVMS configurations, but those CVEs were never listed for
OpenVMS. I reproduced some of the posted exploits for one of the
add-ons against OpenVMS (SMH, which is tied into SNMP), but didn't
bother reporting as the vendor had retired the SMH app on OpenVMS. The
Log4J mess (CVE-2021-44228, CVE-2021-45046) also hit some OpenVMS
configurations. There are others.

2028 (specifically 31-Dec-2028) will break some security-relevant stuff
for existing installations—this effects DEC, Compaq, HP, and HPE
versions, and not VSI versions—but I'd suspect that was not your (Bob)
intended reference. 2038 and not 2028 for the signed 32-bit time_t
overflow, and 2038 AFAIK was not a CVE. 2038 was explicitly outside the
OpenVMS Y2K checks too, so I'd tend to expect the possibility of some
issues arising there.

> Common pathways used by malware to infect systems are also not as
> prevalent on OpenVMS as on platforms where web browsers are commonly
> used.

I've dealt with a half dozen or so OpenVMS breaches, and most were
targeted though some configuration weakness or another, through
data-protection errors, or by insiders.

> Holes in underlying processor firmware and virtualizations are a
> hazard, but I not recall any Windows anti-virus product addressing that
> class of exploits. All mitigations involving processor timings are
> typically remediated by "not doing that". I admit that I do not believe
> that "not doing that" is not a good solution in any context.
> Simon's question concerning "data at rest" is a valid concern, but can
> be addressed by using appropriately configured storage devices.

OpenVMS support for protecting data at rest past the built-in AES
product is weak at best, and support for protecting data in motion is
also weak, and certificate support is just hilariously sad, and
vendor-provided password and certificate storage and related
protections are entirely missing.

Basically, writing secure apps on OpenVMS is a royal pain in the arse,
this having worked on OpenVMS and on other platforms. I'd expect most
installations—OpenVMS or otherwise—don't bother with that work until
and unless some audit or some external linkage requires fixes or
waivers, too.

Whether you want to open up a configuration and app security review,
past answering the mostly-non-existent add-on anti-malware question?

PS: OpenVMS is well-positioned for running an OpenVMS install read-only
with the WRITABLESYS write-locked system disk support, but I'd not
expect to see more general use of that—past CD and DVD media—appear as
a security enhancement anytime soon.

--
Pure Personal Opinion | HoffmanLabs LLC

On 8/10/2023 5:35 AM, John Dallman wrote:
> In article <0948a0e4-51d5-49c5-974c-5f843d6d84aen@googlegroups.com>,
> gxys@uk2.net (Ian Miller) wrote:
>> See OpenVMS FAQ 5.2 http://www.faqs.org/faqs/dec-faq/vms/part3/
>>
>> There have been a couple of scanners of windows files held on VMS
>> servers and there are various security products for OpenVMS.
>
> That FAQ is almost 18 years old. Is there no newer version?

No.

Hoff stopped maintaining it and nobody volunteered to take over.

Classic VMS problem.

Arne

On 8/10/2023 8:14 AM, Simon Clubley wrote:
> On 2023-08-10, Niels S. Eliasen <nse@eliasen.co> wrote:
>> Believe it or not...
>> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
>> Anyone that has knowledge of such a product for OpenVMS ?
>
> I don't see that as strange at all and it is a _very_ valid question
> for a customer to ask.

If the calendar said 2003: yes.

Today the virus threat is a very small piece of the threats.

> However, if they are asking this question, then they may start asking
> other questions such as how do you protect data at rest and data in
> motion on VMS ?
>
> You may want to think about what your answers to those questions will be
> in case you get asked them.

Hopefully somebody has already asked those questions.

Arne

On 8/10/2023 3:47 AM, Niels S. Eliasen wrote:
> Believe it or not...
> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
> Anyone that has knowledge of such a product for OpenVMS ?

I would push back on the idea.

Argument:
* virus (typical including worms even though it technically is distinct
from virus) are very rare on VMS - the most widely known worm case
must have been WANK dating back to 1989 - and I don't think I have
ever heard of a VMS virus if discarding Carl Lydick's
proof-of-concept in DCL sometime back in the 1990's
* even on platform traditionally plagued by virus (Windows) the threat
has diminished a lot - back in the 90's and 00's Windows being hit
by virus was common - today it is rare and many Windows users has
dropped the addon AV products and just use the builtin Windows
* the traditional AV for VMS products did not protect VMS files
but protected Windows files on a network share hosted on VMS - and
using VMS for general network shares must be extremely rare
today

Finding, buying, installing, configuring and running an AV
product on VMS will cost time and money and not increase
security significantly. So a waste.

If there is a desire to tighten security then there are
other areas with much higher RoI.

I would start look for things like:
* accounts with weak passwords
* application accounts with privs
* unnecessary network services
* network accessible standard applications with known vulnerabilities
* network accessible custom applications with vulnerabilities

Maybe even take a look at the classic of unencrypted network traffic.

Arne

On 8/10/2023 2:37 PM, Stephen Hoffman wrote:
> I've dealt with a half dozen or so OpenVMS breaches, and most were
> targeted though some configuration weakness or another, through
> data-protection errors, or by insiders.

Yes.

It is a common misconception that security is a matter of OS.

The biggest security problem is 40 cm (16 inches) in front of
the monitor.

And the second biggest security problem is in the applications
themselves.

Arne

On 8/10/2023 6:57 PM, Arne Vajhøj wrote:
> On 8/10/2023 5:35 AM, John Dallman wrote:
>> In article <0948a0e4-51d5-49c5-974c-5f843d6d84aen@googlegroups.com>,
>> gxys@uk2.net (Ian Miller) wrote:
>>> See OpenVMS FAQ 5.2 http://www.faqs.org/faqs/dec-faq/vms/part3/
>>>
>>> There have been a couple of scanners of windows files held on VMS
>>> servers and there are various security products for OpenVMS.
>>
>> That FAQ is almost 18 years old. Is there no newer version?
>
> No.
>
> Hoff stopped maintaining it and nobody volunteered to take over.
>
> Classic VMS problem.
>
> Arne
>

Regardless, 18 years or so, still lots of rather valuable information there.

--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486

On 8/10/2023 9:09 PM, Dave Froble wrote:
> On 8/10/2023 6:57 PM, Arne Vajhøj wrote:
>> On 8/10/2023 5:35 AM, John Dallman wrote:
>>> In article <0948a0e4-51d5-49c5-974c-5f843d6d84aen@googlegroups.com>,
>>> gxys@uk2.net (Ian Miller) wrote:
>>>> See OpenVMS FAQ 5.2 http://www.faqs.org/faqs/dec-faq/vms/part3/
>>>>
>>>> There have been a couple of scanners of windows files held on VMS
>>>> servers and there are various security products for OpenVMS.
>>>
>>> That FAQ is almost 18 years old. Is there no newer version?
>>
>> No.
>>
>> Hoff stopped maintaining it and nobody volunteered to take over.
>>
>> Classic VMS problem.
>
> Regardless, 18 years or so, still lots of rather valuable information
> there.

Most of the stuff is probably still correct.

18 years is many years. But HP/HPE was not pumping out tons
of new functionality every year in those years.

But all about VSI and the x86-64 port must be missing. And some stuff
about third party products and integration with the rest of the IT world
may be a bit dated.

As an example the referenced section talks about "Microsoft MS-DOS,
Windows 95, Windows 98 and Windows ME variants" and
"Microsoft Windows NT, Windows 2000 and Windows XP".

Arne

On 8/10/2023 9:17 PM, Arne Vajhøj wrote:
> On 8/10/2023 9:09 PM, Dave Froble wrote:
>> On 8/10/2023 6:57 PM, Arne Vajhøj wrote:
>>> On 8/10/2023 5:35 AM, John Dallman wrote:
>>>> In article <0948a0e4-51d5-49c5-974c-5f843d6d84aen@googlegroups.com>,
>>>> gxys@uk2.net (Ian Miller) wrote:
>>>>> See OpenVMS FAQ 5.2 http://www.faqs.org/faqs/dec-faq/vms/part3/
>>>>>
>>>>> There have been a couple of scanners of windows files held on VMS
>>>>> servers and there are various security products for OpenVMS.
>>>>
>>>> That FAQ is almost 18 years old. Is there no newer version?
>>>
>>> No.
>>>
>>> Hoff stopped maintaining it and nobody volunteered to take over.
>>>
>>> Classic VMS problem.
>>
>> Regardless, 18 years or so, still lots of rather valuable information there.
>
> Most of the stuff is probably still correct.
>
> 18 years is many years. But HP/HPE was not pumping out tons
> of new functionality every year in those years.
>
> But all about VSI and the x86-64 port must be missing. And some stuff
> about third party products and integration with the rest of the IT world
> may be a bit dated.
>
> As an example the referenced section talks about "Microsoft MS-DOS,
> Windows 95, Windows 98 and Windows ME variants" and
> "Microsoft Windows NT, Windows 2000 and Windows XP".
>
> Arne
>
>

You seem to miss my point. If one is going to run a VMS system, then, now,
whenever, there is plenty of useful information. I'd call it timeless information.

--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486

On 2023-08-10, Arne Vajhøj <arne@vajhoej.dk> wrote:
> On 8/10/2023 8:14 AM, Simon Clubley wrote:
>> On 2023-08-10, Niels S. Eliasen <nse@eliasen.co> wrote:
>>> Believe it or not...
>>> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
>>> Anyone that has knowledge of such a product for OpenVMS ?
>>
>> I don't see that as strange at all and it is a _very_ valid question
>> for a customer to ask.
>
> If the calendar said 2003: yes.
>

No Arne, when it says 2023.

> Today the virus threat is a very small piece of the threats.
>

A couple of random search results for "anti-virus for linux":

https://www.safetydetectives.com/best-antivirus/linux/

https://www.security.org/antivirus/best/linux/

Note that the above includes when the malware is running on Linux itself,
not just when Linux is being used as a host for Windows files.

There are plenty of other links if you do the same search.

Like I said, it is a _very_ valid question for the OP's customer to ask.

Oh, and anyone thinking that VMS can't have malware and will never be a
target of interest in an organisation is deluding themselves.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.

Den 2023-08-11 kl. 14:31, skrev Simon Clubley:
> On 2023-08-10, Arne Vajhøj <arne@vajhoej.dk> wrote:
>> On 8/10/2023 8:14 AM, Simon Clubley wrote:
>>> On 2023-08-10, Niels S. Eliasen <nse@eliasen.co> wrote:
>>>> Believe it or not...
>>>> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
>>>> Anyone that has knowledge of such a product for OpenVMS ?
>>>
>>> I don't see that as strange at all and it is a _very_ valid question
>>> for a customer to ask.
>>
>> If the calendar said 2003: yes.
>>
>
> No Arne, when it says 2023.
>
>> Today the virus threat is a very small piece of the threats.
>>
>
> A couple of random search results for "anti-virus for linux":
>
> https://www.safetydetectives.com/best-antivirus/linux/
>

When it comes to the usage that is relevant for the topic
at hand, Linux is more like Windows. That is, has a lot of
single user systems having the usual tools like mail and
web browsers that are target channels for virus threats.

So I understand that this is a concern around Linux users.

But VMS does not have these envoronments with single user
systems running tools for mail or web browsing.

Information targeting Linux is not always relevant for VMS.

On 2023-08-11, Jan-Erik Söderholm <jan-erik.soderholm@telia.com> wrote:
>
> When it comes to the usage that is relevant for the topic
> at hand, Linux is more like Windows. That is, has a lot of
> single user systems having the usual tools like mail and
> web browsers that are target channels for virus threats.
>
> So I understand that this is a concern around Linux users.
>
> But VMS does not have these envoronments with single user
> systems running tools for mail or web browsing.
>
> Information targeting Linux is not always relevant for VMS.
>

Linux is mainly a server operating system as is VMS.

Many attacks occur through server-based components in addition to
client-based components.

The difference is that Linux has various industry-standard protections,
including the third-party protections mentioned, that VMS does not.

Oh, and BTW, judging by the fact Eisner has needed to be rebooted multiple
times over the years due to various services locking up presumably due to
attacks, I have little confidence that VMS in general would be robust
within an actively hostile environment.

Simon.

--
Simon Clubley, clubley@remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.

On 11/08/2023 18:35, Simon Clubley wrote:
> On 2023-08-11, Jan-Erik Söderholm <jan-erik.soderholm@telia.com> wrote:
>>
>> When it comes to the usage that is relevant for the topic
>> at hand, Linux is more like Windows. That is, has a lot of
>> single user systems having the usual tools like mail and
>> web browsers that are target channels for virus threats.
>>
>> So I understand that this is a concern around Linux users.
>>
>> But VMS does not have these envoronments with single user
>> systems running tools for mail or web browsing.
>>
>> Information targeting Linux is not always relevant for VMS.
>>
>
> Linux is mainly a server operating system as is VMS.
>
> Many attacks occur through server-based components in addition to
> client-based components.
>
> The difference is that Linux has various industry-standard protections,
> including the third-party protections mentioned, that VMS does not.
>
> Oh, and BTW, judging by the fact Eisner has needed to be rebooted multiple
> times over the years due to various services locking up presumably due to
> attacks, I have little confidence that VMS in general would be robust
> within an actively hostile environment.
>
> Simon.
>

In the commercial world Linux may be mostly server, but there are
millions of home/hobby user of Linux on the desktop

--
Chris

On 8/11/2023 1:35 PM, Simon Clubley wrote:
> On 2023-08-11, Jan-Erik Söderholm <jan-erik.soderholm@telia.com> wrote:
>>
>> When it comes to the usage that is relevant for the topic
>> at hand, Linux is more like Windows. That is, has a lot of
>> single user systems having the usual tools like mail and
>> web browsers that are target channels for virus threats.
>>
>> So I understand that this is a concern around Linux users.
>>
>> But VMS does not have these envoronments with single user
>> systems running tools for mail or web browsing.
>>
>> Information targeting Linux is not always relevant for VMS.
>>
>
> Linux is mainly a server operating system as is VMS.
>
> Many attacks occur through server-based components in addition to
> client-based components.
>
> The difference is that Linux has various industry-standard protections,
> including the third-party protections mentioned, that VMS does not.
>
> Oh, and BTW, judging by the fact Eisner has needed to be rebooted multiple
> times over the years due to various services locking up presumably due to
> attacks, I have little confidence that VMS in general would be robust
> within an actively hostile environment.
>
> Simon.
>

Ok, I'm not about to declare VMS "hack-proof". I doubt anything is.

However, I'm going to call "bullshit" on Simon's statements.

Having had VMS "lock up" in the past, not due to any attacks, Simon's snide
commend about Eisner is just plain bullshit. Too many times I've seen "resource
wait mode" that never recovers. Only a re-boot would clear the problem. Was
that "an attack"?

None of Simon's "industry standard protections" protects against anything other
than some (not all) attacks. I wish he'd stop insinuating that they solve all
problems, and that there must be problems without them.

Even if Linux is used as a "server OS", there are also plenty of desktop Linux
systems. Attacks against such sort of mean that the server OS systems just
might also be vulnerable.

Maybe it is a good thing that there is no VMS desktop environment. Less for
potential hackers to attack. Sorry Philip.

--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef@tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486

On 8/10/2023 9:09 PM, Dave Froble wrote:
> On 8/10/2023 6:57 PM, Arne Vajhøj wrote:
>> On 8/10/2023 5:35 AM, John Dallman wrote:
>>> In article <0948a0e4-51d5-49c5-974c-5f843d6d84aen@googlegroups.com>,
>>> gxys@uk2.net (Ian Miller) wrote:
>>>> See OpenVMS FAQ 5.2 http://www.faqs.org/faqs/dec-faq/vms/part3/
>>>>
>>>> There have been a couple of scanners of windows files held on VMS
>>>> servers and there are various security products for OpenVMS.
>>>
>>> That FAQ is almost 18 years old. Is there no newer version?
>>
>> No.
>>
>> Hoff stopped maintaining it and nobody volunteered to take over.
>>
>> Classic VMS problem.
>>
>> Arne
>>
>
> Regardless, 18 years or so, still lots of rather valuable information
> there.
>

Especially if your still running a Vax!! :-)

bill

On 8/11/2023 3:15 PM, bill wrote:
> On 8/10/2023 9:09 PM, Dave Froble wrote:
>> On 8/10/2023 6:57 PM, Arne Vajhøj wrote:
>>> On 8/10/2023 5:35 AM, John Dallman wrote:
>>>> In article <0948a0e4-51d5-49c5-974c-5f843d6d84aen@googlegroups.com>,
>>>> gxys@uk2.net (Ian Miller) wrote:
>>>>> See OpenVMS FAQ 5.2 http://www.faqs.org/faqs/dec-faq/vms/part3/
>>>>>
>>>>> There have been a couple of scanners of windows files held on VMS
>>>>> servers and there are various security products for OpenVMS.
>>>>
>>>> That FAQ is almost 18 years old. Is there no newer version?
>>>
>>> No.
>>>
>>> Hoff stopped maintaining it and nobody volunteered to take over.
>>>
>>> Classic VMS problem.
>>
>> Regardless, 18 years or so, still lots of rather valuable information
>> there.

Which I also noted:

# Most of the stuff is probably still correct.
# # 18 years is many years. But HP/HPE was not pumping out tons
# of new functionality every year in those years.

> Especially if your still running a Vax!!   :-)

I believe the last VMS version available for VAX is 23 years old, so
the old FAQ should be uptodate for VAX.

Arne

On 8/11/2023 8:31 AM, Simon Clubley wrote:
> On 2023-08-10, Arne Vajhøj <arne@vajhoej.dk> wrote:
>> On 8/10/2023 8:14 AM, Simon Clubley wrote:
>>> On 2023-08-10, Niels S. Eliasen <nse@eliasen.co> wrote:
>>>> Believe it or not...
>>>> but was asked by a customer yesterday: "What anti-virus software exist on OpenVMS ?"
>>>> Anyone that has knowledge of such a product for OpenVMS ?
>>>
>>> I don't see that as strange at all and it is a _very_ valid question
>>> for a customer to ask.
>>
>> If the calendar said 2003: yes.
>
> No Arne, when it says 2023.

Not so sure.

>> Today the virus threat is a very small piece of the threats.
>
> A couple of random search results for "anti-virus for linux":
>
> https://www.safetydetectives.com/best-antivirus/linux/
>
> https://www.security.org/antivirus/best/linux/
>
> Note that the above includes when the malware is running on Linux itself,
> not just when Linux is being used as a host for Windows files.

Companies are still pushing AV for Windows. Companies are trying to
push AV for Linux and macOS. Companies are trying to push AV
for iOS and Android.

But that does not indicate that it is a serious threat today.

The indication for that is usage.

Very few Linux users run an AV program. Server or desktop.

Let us make a tiny poll:

Please reply to:

1) Do you run Linux desktop?
2) If yes - do you run AV software on it?
3) Do you run Linux server?
4) If yes - do you run AV software on it?

> Like I said, it is a _very_ valid question for the OP's customer to ask.

The question indicate that their security focus is 20 years behind.

> Oh, and anyone thinking that VMS can't have malware and will never be a
> target of interest in an organisation is deluding themselves.

It obviously can.

But it seems highly unlikely to be the method of attack
for a VMS system.

Arne