IRIX and Software

Anyone using this ? From freeware ? I had it working, but suddenly I'm headless for a while. I'd like to at least be able to marginally use some graphical programs but I neglected to set up the server password and all before it got decapitated. Anyone know where the VNC settings and password files live ?

Hamei,

yep, me - right now. Works like a charm!
A TightVNC server on a NT4 crapbox to give me some access to windnose only programs, mainly DigiMap for route planning and GPS navigation.

Some guesses:
ping OK?
Remote TightVNC server up and running?
Do you get the little Xwindow for IP and password entry when calling vncviewer manually?
there´s lots of stuff in .xnviewrc and a .xnview directory in my home dir.

Cheers

Walther

edefault wrote: Hamei,

A TightVNC server on a NT4 crapbox to give me some access to windnose only programs, mainly DigiMap for route planning and GPS navigation.

Don't hate me I need to use it the other way. I did have it working on the Octane as a client. The Octane got beheaded tho, so for a while I need to use it as a server. I never thought to set up the password, etc in the server direction before I lost all visual contact. (Nothing else syncs on green around here.) If someone knew where the appropriate files are it'd save some huntin' and essperimentin' .

I use it since months, with Octane as the server, and my office workstation as client when i'm at work..

i love it and it works perfectly. I usually use it in a 'screen' session when i need apps like Lopster, or xchat running from home when i'm at office.

Vague I know, but for memory the comand to set the password is vncpasswd or vncpassword.

I can't remember where executable resides, but if it's in your path shouldn't be any problem.

There may be some caps in there.

Telnet in to run it and then run vncserver to start the daemon.

It's been a while since I did this, but I'm fairly well on the right track.

One tip, I was having problems connecting from a winbloze box and had to use 192.168.0.1:1 to desingate the correct screen/session.

ruckusman wrote: Vague I know, but for memory the comand to set the password is vncpasswd or vncpassword.

thanks, vncpasswd was it !

Telnet in to run it and then run vncserver to start the daemon.

rats. Looks like I got overzealous with chkconfig off some time in the past. I can ftp but no telnet. And no sshelll daemon running. Looks like I screwed up

You could also chose to run an X server on the other computer as well. And to fix this telnet problem, log in with FTP as root and edit /etc/inetd.conf then reupload the file and reboot the machine. If the line is insecure, don't forget to change your root passwd since it was send via cleartext (assuming you don't use FTP over SSL). You could also use the serial line + Hyperterminal.

Orakel wrote: log in with FTP as root

I certainly hope hamei doesn't allow for root ftp!! It's one of the highly suggested security measures...
No other UNIX (or Linux) box to try rlogin? rsh?

unixmuseum wrote:

Orakel wrote: log in with FTP as root

I certainly hope hamei doesn't allow for root ftp!! It's one of the highly suggested security measures...

Uhm. I, for one, don't care about IRIX security. I allow Telnet and FTP as root with no root passwd set. Big deal, the machine is NATed. That could be very well the case in hamei's situation as well. I certainly hope so, given it makes the situation much easier.

Orakel wrote: Uhm. I, for one, don't care about IRIX security. I allow Telnet and FTP as root with no root passwd set. Big deal, the machine is NATed. That could be very well the case in hamei's situation as well. I certainly hope so, given it makes the situation much easier.

You are? Don't advertise it in public, you might attract some fucknuts trying to break in... Yes it is a big deal, NAT or not... Imagine a nice little java script running as root coming out of you browsing the web... Could do some damage...

hamei is in a business environment in which security is a concern (not that home users shouldn't be concerned) ... root password is most definitely set, password file shadowed, and most likely root ftp & al. disabled... When it comes to network security, it doesn't hurt to be paranoid...

unixmuseum wrote: You are?

Not arrogant.

Don't advertise it in public, you might attract some fucknuts trying to break in...

Advertise to whom? Break in to what? I stated the security consequences. He/she (assuming male gender for the rest of the post) is able to think for himself wether the solution is worth it or not.

Imagine a nice little java script running as root coming out of you browsing the web... Could do some damage...

Not really possible here given my browser doesn't run as root nor runs on IRIX. You're welcome to try it though. What website would you wish me to travel to (please no flash/shockwave/activex/java, it won't work)?

hamei is in a business environment in which security is a concern (not that home users shouldn't be concerned) ... root password is most definitely set, password file shadowed, and most likely root ftp & al. disabled...

He stated he has FTP enabled. It could be (according to you "most likely not") that FTP using the root account is possible. Wether it is passworded doesn't matter in that case since he knows his password. Shadowed passwd file is also completely irrelevant. IF it he is able to get Telnet working via this way he's also able to enable SSH and change his password although he'll have to reboot to get Telnet working which might be unpleasant, you're right on that. So why not state the possible solution to the problem?

When it comes to network security, it doesn't hurt to be paranoid...

Really? He firmly agrees, that's why he's using Telnet and FTP, not SSH! Why haven't i read any of your preachings on hamei's usage of Telnet/FTP? Finally i also hope you're not using too much fw_* packages, for the sake of your brilliant (network) security paranoia....

Orakel wrote:

unixmuseum wrote: You are?

Not arrogant.

Oh yes you are! One of the worst kinds actually! Look how strongly you react to the simplest disagreement...

BTW, the question wasn't "what are you?". To mark surprise after an affirmation, it is usually common practice to repeat the affirmation in an interrogative manner...

I think you covered your use of the word arrogant pretty well... For next week, your homework assignment is to insult people with a word starting with the letter B...

Orakel wrote: Advertise to whom? Break in to what? I stated the security consequences. He/she (assuming male gender for the rest of the post) is able to think for himself wether the solution is worth it or not.

You just did... This was a joke... Such an angry kid... You stated nothing and braged that you had no need for a root password and everything open because NAT was protecting you.

Orakel wrote: Not really possible here given my browser doesn't run as root nor runs on IRIX. You're welcome to try it though. What website would you wish me to travel to (please no flash/shockwave/activex/java, it won't work)?

You crack me up! You can't possibly be that naive! Oh sorry, my arrogant side coming out again... BTW, do you even have an arrogant sgi running that arrogant IRIX OS? Just arrogant curiousity...

Orakel wrote: He stated he has FTP enabled. It could be (according to you "most likely not") that FTP using the root account is possible. Wether it is passworded doesn't matter in that case since he knows his password. Shadowed passwd file is also completely irrelevant. IF it he is able to get Telnet working via this way he's also able to enable SSH and change his password although he'll have to reboot to get Telnet working which might be unpleasant, you're right on that. So why not state the possible solution to the problem?

Try to understand what I'm saying... Read the post over and over before spewing. Maybe in your world it's OK to have open root password and such (although I'm wondering what world that would be); in a business it is never the case. Disabling root ftp is part of the standard procedure to secure a UNIX workstation, just like shadow password file is.

As hamei is running in a business environment, it is very likely that the admin or himself has spent more time making sure his workstations are secured than decorating them with LEDs...

As for solutions to the problem, I believe I talked about rlogin, which would be a possible solution... Wasn't as earth shattering as "try to overwrite a file by ftp", but that's all my arrogant self could come up with...

So, let me propose another one: "why not sacrificing a black goat over the machine, it should fix it". If anybody disagrees with me, I'll call them arrogant. Sounds familiar?

Orakel wrote: Really? He firmly agrees, that's why he's using Telnet and FTP, not SSH! Why haven't i read any of your preachings on hamei's usage of Telnet/FTP? Finally i also hope you're not using too much fw_* packages, for the sake of your brilliant (network) security paranoia....

All hail to Mr Orakel, IT Security Technical Giant. Read again what you wrote: "no root password, I don't care about IRIX security"...

There is no brilliance in my somewhat secured network, I never claimed anything like that... Just common sense, a dose of reality and great information from many arrogant people who happen to know a lot more than I do. You should try it, it's quite nice to learn something (step #1 for Mr Orakel: quit thinking you're so smart ands so original).

An arrogant link for your reading pleasure: http://www.blacksheepnetworks.com/security/resources/IRIX_65.html

Unixmuseum, that is quite enough. No personal attacks please.

If someone's idea of system seciurity is sitting behind a NAT and letting every bsd protocol open, that is their choice. My Crimson at home is also behind a NAT, but i teach myself to compile the latest openSSL/H and login only via that. Not only it's good practice to do so, but you also get to know the Crimson quirks of compiling that code, and in general it increases the work needed for an occasional hacker who succeeds in breaking into my Firewall.

dexter1 wrote: Unixmuseum, that is quite enough. No personal attacks please.

If someone's idea of system seciurity is sitting behind a NAT and letting every bsd protocol open, that is their choice. My Crimson at home is also behind a NAT, but i teach myself to compile the latest openSSL/H and login only via that. Not only it's good practice to do so, but you also get to know the Crimson quirks of compiling that code, and in general it increases the work needed for an occasional hacker who succeeds in breaking into my Firewall.

dex, you baffle me on this one... Did you read the posts or just the last one? I guess it is OK to allow little obnoxious kids to insult other people, but responding to them is a personal attack? I do not understand how you can come to the conclusion "I have to stop unixmuseum" and at the same time encourage Orakel's moronic blurb and aggressivity...
Stopping this useless conversation is fine by me...,

Yes, i have read the thread.

Look; putting irony or even sarcasm in posts is fine, as long as you use smileys or an obvious joke to express the irony or sarcasm itself. Your post doesn't even contain one. How am i supposed to know then, which remark is irony and which one is not?

Please people, use the smileys! That's what they are there for...

Sorry if my response was a bit harsh, but the conversation was getting very offtopic, and in my view Orakel didn't deserve your reply, which only widens the gap between your points-of-views.

Also I have received flak for other (non)moderation decisions in the past. That's ok, i can take it. Please please PM me to state your complaints, so i can moderate better in the future.