Inside VESOFT covers tips and techniques you can use with VESOFT’s products, especially MPEX. As always, I am totally open to getting input from you users of MPEX, Security/3000 or VEAudit/3000 — it helps me learn, too. Send me your tricks, and we’ll get a “3000 for 2000” cap out to you as our thanks.

I remember many moons ago when I worked at VEsoft, Eugene Volokh (the E in VEsoft) asked us tech support geeks what we thought about having a background job, because there were all sorts of nifty things he could put in it. I gave the idea a thumbs up, because everyone else on the planet had background jobs for their stuff. Well, eventually BACKG became available, and a number of things that required LOGON UDCs could now be put into the background job and make the system even more secure (theoretically).

For those of you that don’t know, there is a way to log on to an SM user and have it bypass the logon UDCs. UDCs have other undesirable traits for security purposes, so the implementation of the background job and procedure exits was a very nice evolution. There are obviously some issues with the background job, in that it must be running, but you can take reasonable precautions to make sure it always starts up with the system. The BACKG command has the following syntax and parameters:

%SEC BACKG [SHOW]
[STARTJOB]
[STOPJOB]
[START|STOP, taskname[,...]]

“taskname” is one (or more) of:
ALARM AUDITC CMDPROT HELLO LOGOFF
LOGON NETPUSH NETRECV OBSFILL
or the name of a user-implemented task.

%SEC BACKG STARTJOB
%SEC BACKG START,LOGOFF
%SEC BACKG STOP,LOGOFF
%SEC BACKG SHOW
%SEC BACKG STOPJOB

I personally love the LOGON task and its associated HELLO.DATA.VESOFT file. Using the procedure exit AIF, VEsoft have changed how you might think of logging on. You can redefine HELLO so that a user could say HI or HOWDY or FOOBAR instead (whatever you want). This is more fun than anything else, but you can use it to further hide the type of system you are connected to.

The part that I really like and make use of is the HELLO abbreviations. This feature allows you to redefine an entire hello string into a short word, for example:

$HELLO SYS SHAWN,MANAGER.SYS;HIPRI

So at the colon prompt I would simply type SYS and I would be logged on as SHAWN,MANAGER.SYS with HIPRI. I can even go so far as to embed the passwords and any other parameters that I want, but I wouldn’t suggest putting the passwords in.

One way that I’ve made use of this is to devise a logon convention for session names, usually using initials with a region location, or possibly the phone extension or something, and then configure it up so that users would just log on with a short ID code and not have to use HELLO or any of the other stuff you normally have to teach users. Then of course you dump them into Security/3000 menus immediately, so that they never see a colon prompt and never have any idea what they are working on.

The other tasks are all pretty easy to figure out, NETPUSH and NETRECV tasks being the most confusing to set up. I think I was the only person at VEsoft that really understood them at the time I worked there — and that was from having to do extensive setup across seven machines when I worked at L.A.Gear to support network synchronization of logons, so all the security profiles on all the machines were always in sync. I don’t think I remember it well enough to really explain it anymore, but if you have the need, you should call VEsoft tech support or read up on it. I believe it’s easier now than it used to be.

There is a BACKGINI.DATA.VESOFT file that contains startup parameters for the tasks that are executed by BACKG. This can contain things like the execution priority and execution time for certain tasks like OBSFILL, NETPUSH, and AUDITC. A companion file is TASKLIST.BACKG.VESOFT, which contains the names of the tasks that are available to BACKG. If you want to disable a certain task, then remove it from this file. As new tasks are created by VEsoft, they will be added to this file. Theoretically you can create your own tasks and add them to this file, but I’ve never found the documentation on how to do it.

BACKG is a great tool, and if you are a Security/3000 shop, you should be using it. Having it running also gets you access to the little-talked-about batch scheduler that has been fit into the VEsoft suite of programs. STREAMX has some nifty new features that let you take advantage of the expression processing of the VEsoft suite to create your own batch scheduling environment. I’ve only spent a little time in it to date, but I’ll make more of a study of it in the future to put into one of these columns.