[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ih] NCP and TCP implementations

for some reason when the C/70's came along, TIP's were renamed to TAC's
(Terminal Access Controllers) or some such... BUT, the Access control (i.e.
login to use/make a connection) of it was known as TACACS (Access Control
System).... and it might have come about via a conversation/discussion
yours truly had with Col. Dave Russell of DARPA:

we were in North Carolina heading/driving to the Fort Bragg ARMY base there
to do a Packet Radio Net demo... as we drove along yours truly brought up
the issue of the lack of security on the TIP's-- i.e. that anyone (i.e.
"randoms") could call up and then connect to any host without having to
"login" to do so.

Col. Russell kinda pushed back saying that without userid on a host there
was nothing you could do -- and therefore would eventually "go away".

yours truly countered this allowed for "crackers" to spend their time
trying to break into systems... which yours truly constantly witnessed on
our systems at SRI was it was common for people to use easily guessable
passwords such as their initials (or even summarily detailed in RFC602
<https://tools.ietf.org/html/rfc602> by Bob Metcalfe of PARC-MAXC "*The
Stockings Were Hung by the Chimney with Care"
<https://tools.ietf.org/html/rfc602> *when a cracker guessed their SYSTEM's
password which was their host name spelled backwards).

so to abate this, a "dead bolt" on the front door of the ARPANET (i.e. the
TIPs) was needed to this vehicle of easy/free remote access "penetration"

there may have been others in other quarters "preaching" the same issues...
but Col. Russell then agreed and sometime later, there was TACACS.

let's not forget that at this time many (most?) of the APRANET systems had
guest accounts on them... user GUEST, password ARPA... and they were
"advertised" via the NIC at SRI-ARC (host 2) where after connecting to the
TIP, you did a @l (for link... the original TIP command to connect to a
host... later also @o (for open) and once getting the SRI-ARC Tenex exec
prompt just typed in NIC and you were then automatically logged in (w/o a
pw) as NICGUEST into an NLS (Doug Engelbart's system) special program that
allowed you to electronically browse the ARPANET Resource Handbook on line
that contained all the Good Stuff about each ARPANET host system.

let's also not forget that the MIT ITS (Incompatible Timesharing System)
hosts MIT-AI, MIT-ML and MIT-DM did not have passwords (let alone any type
of "security" at all, as it's "command" interface was DDT... perhaps it's
where the term Security By/Through Obscurity came about?) and given this
lack of passwords, it was a favorite hangout for "randoms" (along with
SU-AI with its NET,GUE login) that dialed into the NO access controlled
TIP's -- like yours truly did via the AMES-TIP after meeting a summer hire
at Tymshare who wrote its phone # and a few TIP commands on the back of an
envelope in the early 70's... :D


On Tue, Mar 10, 2020 at 8:03 AM Steve Crocker via Internet-history <
internet-history at elists.isoc.org> wrote:

> Argh.  I echoed Leo's use of "TAC."  I read it as referring to the TIP.  If
> I recall correctly, the "TAC" was an access control method on the TIPs.
> "TIP Access Control" I think.
> Steve
> On Tue, Mar 10, 2020 at 1:55 PM Bernie Cosell via Internet-history <
> internet-history at elists.isoc.org> wrote:
> > On 10 Mar 2020 at 13:23, Steve Crocker via Internet-hi wrote:
> >
> > > The TAC was an extension of the IMP.  The original IMP was built on
> > > the
> > > Honeywell 516 (and later 316) platform, which was a 16 bit twos
> > > complement
> > > computer.  I assume Hinden's reference to 15-bit arithmetic reflected
> > > the
> > > fact that the arithmetic was signed.
> >
> > I honestly cannot remember what the TAC was!!   Was that the TIP?
> >  Regardless,
> > yes, the x16s had 16-bit signed arithmetic with 10 bit addressing 9 bits
> > of page
> > address, 1 bit of "this page" or the 0 page, 16Kwords of memory.
> >
> > Things got more complicated with the 316 -- it supported 32K words.  What
> > we
> > did for the TIP [and maybe the TAC, whatever that was] was to keep the
> > *unchanged* in the bottom 16K, and then in the upper 16K we wrote a
> > self-contained "host". There was some [small!] hack to fake interrupts
> and
> > input/output to this host but to the IMP it thought it was just another
> > NCP
> > connected host.  It'd set up a host output buffer and instead of doing a
> > hardware
> > "send" it'd pass control to the upper 16K.  Similarly [at least for the
> > TIP], when it
> > got something in from a terminal it'd copy it into a host-input buffer
> and
> > then
> > issue an "interrupt" down to the IMP.   Worked quite well.
> >
> >   /Bernie\
> >             Bernie Cosell
> >        bernie at fantasyfarm.com
> > -- Too many people; too few sheep --
> >
> >
> >
> >
> > --
> > Internet-history mailing list
> > Internet-history at elists.isoc.org
> > https://elists.isoc.org/mailman/listinfo/internet-history
> >
> --
> Internet-history mailing list
> Internet-history at elists.isoc.org
> https://elists.isoc.org/mailman/listinfo/internet-history

Geoff.Goodfellow at iconia.com
living as The Truth is True