Re: OverLord (was Re: MPCS? and source code discussion (semi-long))

Jason Williams (
Thu, 23 Jul 1998 23:18:09 -0500 (CDT)

On Thu, 23 Jul 1998, Scott Lacroix wrote:
> You don't need to allow all the class C subnets for the WhitePine GUI.
> Just the single IP address of the server itself. With RefMarshal you will
> have to allow all addresses. Oops.

Not if you use my proxy allow-wpconfig and you're all set :)
But in general, can become a pain which is why (I believe) Bill
has setup for allow-wpconfig.

> Yes, but if you use ONLY the WP GUI, no-one but the server has it's IP
> address in the allow-wpconfig list. (Before you say it, yes, I understand
> the limitations enforced by that).

The same for the Proxy server.. :) And the Proxy server allows for logging
and many of the same features of the GUI.

> Under what circumstance does telnet break? I'm not sure I follow that...

What I if you don't password the telnet, the GUI works fine.
But with no password, ANYONE with an allow-wpconfig that CAN telnet into
the reflector has complete access to it without requiring a password. In
Bill's case, without the password, ANYONE can do ANYTHING with his
reflector as he has an allow-wpconfig of in it. Why can't
you use the GUI AND password the telnet? They should be two seperate
things with no relationship each another.

> Or did you just mean that you can't use the password and thus are limited
> in functionality? Like I said, using the GUI you don't need a telnet
> password since no-one should be in the allow-wpconfig list anyway.

That's the other problem I've gotten...a lot of the WP staff I've been
talking to about MPCS haven't placed much importance on the problems of
the telnet vs. GUI issue. They just tell me to use the GUI and all will
be well. I don't WANT to use the GUI..I have Refmarshal for that. :) So
you're saying that allow-wpconfig shouldn't really be used except to have
the IP of the server in it. That just doesn't work realistically for me
and others. :)

> You telnetted to port 7642? That would be counter-productive... much like
> telnetting to port 80 on your webserver. In fact, almost EXACTLY like that.
> But if you've got a situation where you can cause telnet to mis-function
> (note the carefully worded sentence :) please send it here! I'd like to
> clear that up quickly!

That was fixed up in MPCS 3.0 RC3 SP3 or SP4..I forget which. I believe I
used to also crash the server by sending invalid GET statements..not
sure if that's been fixed. :)

> Actually, I use it myself for monitoring. (WHOA, Did a guy at WhitePine
> admit to using a non-WhitePine product??? obviously have more than just the server IP as a allow-wpconfig :)

> Next I'll be saying I use the Cornell v1.0 client too! Wait... I DO use
> it... :)

I used to run across a few WP programmers that never seemed to use the WP
client...I got a chuckle out of that. :)

> BTW, sometimes we DO things like that... take the "CU-Cessories"
> (available on the CU-SeeMe client CD-ROM) as examples.

Yep..I noticed. What determines what gets included as a "CU-Cessory"? A
new dialer in the works (CUnnect98) is pretty cool. :)

--    * Jason Williams -- Austin, Tx.  |     |       * University of Texas at Austin  | ___ |         * BS Computer Science             \_|_/
*************** **************|