VILLANOVA UNIVERSITY, ST. AUGUSTINE CENTER
MEETING STARTS - 09:30 - JUN 9 th
Come Join Us !!!
For all attendees, as usual, we will take the opportunity to "go round the table" for announcements and tidbits from everyone. Things that have interested you are likely to interest others, too. We'll try to tackle your problems, too.
Remember, as an aid to any of these items, the club PC has three "current" versions of Windows: Windows 95B (OSR2.1), Windows 98 SE or Windows Millennium. The Windows 95B is our default version.
Interested in "tweaking" your system? Microsoft's techies do it with TweakUI. There's now a version that works with Win95 -> Win ME. We'll take a look...
For our longer term members, Loadstar is still alive - in its disk-based or "internet" based versions. I subscibe to, and have the latest "shipment" of the latter, dubbed eLoadstar 15. So, we can give it a whirl and see how our heritage is doing (Murphy permitting, of course!).
One more thing. We'd like to offer the opportunity for any member to demo an application or utility or tidbit (like Tom Johnson's ICQ a while back) that you particularly like. If you do, we're sure others will too. So, come out and show us that favorite...
See you on the 9th, bring a friend!!!
Last month, member Peter Whinnery had posted information on the BBS about his being hacked and we published that announcement in our May issue. Pete has agreed to tell us, in some detail, about how he has gone about recovering and protecting himself from a future hack. Here's the next chapter in his story:
Hacked II - Recovery
Before starting the recovery processs I copied the directories and files, that I found the cracker had left, to a floppy for later study. I also make a copy of the /etc directory for the same reason. The cracker left files in carefully hidden directories and edited system configuration files. [cont'd.]
########################################
HITCHHIKER? - Douglas Adams, author of the Hitchhiker's Guide to Galaxy books (and several
others), died on May 11th of a heart attack at the age of 49 in Santa Barbara, CA. Infocom
published a computer version of the Hitchhiker's Guide to the Galaxy for the C64 and other 8-bit
computers back in the 80's.
It was a little known fact that Adams started out with computers using a Commodore PET before
switching to the Apple Macintosh when it first came out. Adams was a partner in The Digital
Village with the title of Chief Fantasist. The last computer game that he worked on was
"Starship Titanic" which is available for the PC and the Macintosh. He was recently named an
Apple GrandMaster and was honored at last year's ceremony.
------
I saw Douglas Adams a few years ago when he was a keynote speaker at a Cisco Networkers meeting.
During his talk, he spoke about getting a Commodore PET when it first came out. He used it for
word processing and for playing around with programming in BASIC. He gave credit to the PET for
starting him off with computers and with helping him to write his books and scripts. It was an
interesting talk and it was nice to hear someone acknowledge his computer roots, especially at a
conference with 3,000+ techies. [John Murphy]
CMD dropping Commodore? - I saw this posted on the Commodore Wire:
"Creative Micro Designs Vice President Charles Christianson posted this on comp.sys.cbm
yesterday: "As of June 1, 2001 CMD will no longer be accepting any new orders for Commodore
related equipment. We will however entertain all serious offers for the purchase of remaining
parts inventories and the production rights to CMD products. Please note that production
quantities on many products will be limited to parts that are in stock and as a result CMD
reserves the right to cancel any resulting back-orders that exceed our current parts
inventories."
This is the latest in a sequence of events from CMD this year which has seen them slowly phase
out their Commodore support. Earlier in the year, CMD reorganized by cutting out its 800
telephone number, reducing the number of hours in which orders could be placed, reducing the
days in which orders would be shipped, and stating that RAMLinks would no longer be produced
after the current stock was gone. Then a few weeks later, CMD sold its non-CMD-specific software
to Centsible Software." [John Murphy]
THE CENTSIBLE ANNOUNCEMENT - the sale of the CMD Commodore inventory to Centsible Software was
announced on the CMD website www.cmdweb.com as follows:
Centsible Software Purchases
On April 5, 2001 an agreement was reached between Creative Micro Designs and Centsible Software
for the purchase of a major portion of CMD's remaining inventory of Commodore software, books
and other third-party products.
The decision was made as part of CMD's overall plan to reduce overheads relating to the
Commodore product line. By allowing Centsible Software to service the remaining software market
for Commodore compatible products, we will be able to focus our efforts on maintaining our own
hardware and software products, including the GEOS product line. CMD has had a long history with
Centsible Software and has every confidence that Scott Parker and his staff will continue to
offer a high level of support to Commodore users.
Please look closely at our list of available products as it has changed substantially. Please
refer all software inquiries to support@centsible.com or visit their website:
www.centsible.com"
For those of us who have been with Commodore computers for lo these many years, these are real
watershed announcements. CMD was the last company in the US to invent and produce ground
breaking technology for the Commodore 8-bit systems. You'll recall that it started with the
JiffyDOS ROM chip (a real keystroke and memory saver for users, and its super compatibility made
it the preferred choice over many competing products) and moved to the HD series hard drives,
the FD series floppy drives, the RAMlink series RAM disk systems, the Smart Mouse and trackballs
and culminated with their SuperCPU systems for both the 64 and 128. A pretty amazing run of
technology...
HARD DRIVE purchase - If you're in the market for a new hard drive, check CompUSA. I took
advantage of their Memorial Weekend special - got a 20 GB hard drive for $100 with a $50 rebate
- net $50. That's the lowest price I've seen anywhere for a big drive.
The drive itself is interesting. The package says "CompUSA by Maxtor"
But, when you open the box, there is a little slip inside that says the hard drive can not use
the "MaxDiag" software included because the drive is a Quantum. Sure enough, the drive is a
Quantum Fireball lct 20, 4500 rpm, ATA/100. It is a nice, quiet drive. It has only a 1-year
warranty, instead of Maxtor's usual 3-year. Oh yes, did I mention that Maxtor bought the total
hard drive business of Quantum (the latter has got out of the hard drive business, but has other
lines; so it is still alive; see: www.quantum.com. My CMD hard drive has a Quantum mechanism,
as I recall!!).
I went to the Maxtor website - where they have a special section for their Quantum products and
got the diagnostic and low level format utilities that should have been included with the
drive.
Looks like an extremely attractive option....
WINDOWS STARTUP DISK - just a reminder that we have the "improved" Windows startup disks
available at $1 each. And, for those who got the "label-less" disks, I'll again have the pre-
printed labels at the next meeting for you.
LUNCH - some of us regularly adjourn after the meeting for lunch at the Villanova diner. Why
not come join us - and continue the converse?
****************************************
This month, I'm showing the successful outcome of my appeal from last month, which went like
this:
"When you click START, then PROGRAMS, you get (if you have a lot of items) a SINGLE scrollable
column to choose your program from. However, in Win95 you get multiple columns without
scrolling. So, you have 2-3 times as many choices on your screen at one time. Somewhere I saw
a tip on how to change Win98 to do like Win95. If anyone can run this tip down, please let me
have a reference. I'd like to use it and pass it on. Thanks to all ..."
Well, I found it! I was going thru an old pile of papers, to thin it out, and came across the
original tip. It turns out that it was published on the website: www.annoyances.org
To make the change requires editing the registry (the system.dat file). But, I followed the
recipe and it works! I'll have to remember to make the change on the club PC for the next
meeting ....
Replacing Start Menu scrolling
with good 'ol multiple columns
"One of the most frequently requested fixes for Windows 98 is to make the Start Menu behave like
it did in Windows 95. That is, instead of those tiny arrows that let you scroll through the
list, slowly and painfully, you can configure it to have multiple columns. Microsoft has been
no help on this issue, but we've found a way:
Run the Registry Editor (REGEDIT.EXE). Navigate to:
Click Ok, then close the Registry Editor when you're done. This setting should take effect
immediately.
Note: This will affect your Start Menu's Programs folder and all folders underneath it, but it
surprisingly won't affect folders directly in your Start Menu folder (which appear above
Programs in the main Start Menu).
Note: If this doesn't work on your PC, try adding a second StartMenuScrollPrograms value, as
described above, to the
Note: If this still doesn't work, check your spelling and make sure you're putting the values in
the right keys. Try restarting Windows to see if that helps. Also, make sure you've installed
all the latest Windows Updates, including IE5.
****************************************
Regarding the recent posting about Congress charging for email or about deleting sulfnbk.exe
(the long filename utility), it is suggested that:
Ayone getting an "Urgent Forward" from someone about ANYTHING check out these web resources
first before passing it on!
----------------------------------------
www.snopes.com/horrors/madmen/mallgrab.htm
urbanlegends.about.com/culture/urbanlegends/library/weekly/aa072998.htm
www.scambusters.org/otherhoaxes4.html
****************************************
I am sure I did *not* find everything he did to my system; so the recovery started with a clean
install of the OS. Also, I chose this opportunity to upgrade RedHat Linux from 6.2 to 7.1.
I used the Graphical install routine and opted to manually chose the packages to be installed.
The default options that come with the 7.1 install are pretty good, security-wise. There is a
dialogue box early in the process that asks one to choose between 3 levels of security and sets
options accordingly. I chose the "medium" level, with some network services (programs) started
at boot time.
A quick word about servers and clients:
The distinction between servers and clients is not always clear to users. If you want to use
ftp, for instance (getting files from and putting files into, another computer) you use an ftp
*client program* to connect to the other computer. If that is all you want to do with ftp, the
client program is all you need. An ftp *server* is only needed if you want to allow others to
get files from, or put them into *your* computer. Similarly with telnet, a client program for
your *own* use, a server program for *other* peoples' use.
What servers do is *listen*. They listen for a signal that says "I want your service". For TCP
based services the signal is a special IP packet that enters your computer and specifies the
number of a service. For instance, the number of the telnet service is 23. These numbers are
usually called 'port numbers'.
Ports do not exist by themselves, like little doors in your computer that you can open or close.
A port is open if a server listens to it. Otherwise it is closed. A TCP port comes into
existence if there is a program which listens to it, and if not, it does not exist!
3 Methods of Security
The first is to follow the commonly-heard advice to 'close unneeded ports', in other words not
to run servers that you do not need. Examples of unneeded services include: ftp, nfs, finger,
ident, httpd, and samba. These services are started in various ways at boot time. There are
numerous system tools available to start and stop the various services depending on your needs.
The next step is to secure the services you need to run. Methods include TCP Wrapper programs
and Packet Filtering. A Wrapper program is invoked instead of the server program, logs the
request, checks to see if the remote host is allowed to use that service, and if this succeeds
will execute the real server program. A packet filter is a piece of software which looks at the
header of the packets as they pass through and decides the fate of the entire packet. It might
decide to deny the packet, accept it, or reject it; but tell the source of the packet that it
has done so. There are also a number of services with intrinsic security options. ssh uses
encryption for all its connections, samba and X can be started buttoned down pretty tight. The
list goes on.
Finally after we *eliminate* unwanted services, *reconfigured* services, *wrapping* them in
others, and filtering the packets that do get through we have configured a quite secure system.
We now need to monitor for any unwanted activity and log it. One such progam is called
TripWire. It essentially takes a snapshot of various config files, logs, and other system info
and reports any changes it detects.
Progress So Far
On the home system I have made it thru the first two steps on my machine and will start work on
my wife's workstation next. I have downloaded TripWire and installed it, but need to
reconfigure it for my system. My office network is about in the same condition. I am using the
DSL modem as a "firewall" only allowing ssh and http requests through. More on TripWire, stay
tuned - part 3.
****************************************
I'm sure all of you have been hearing increasing accounts of various forms of hacking. Here's a
note - grabbed from CNET - on the hacking called "Denial of Service (DoS)". Note especially,
the info about the very useful and well-respected website run by guru Steve Gibson:
"The attacks -- which can also take the form of specially formatted data that can crash servers
-- are almost impossible to stop, unless the victim has enough clout to convince their Internet
provider to help track the source.
Just ask Steve Gibson, an independent security consultant known for his free Shields Up service
for testing a PC's security across the Web. Since early May, Gibson has been the target of
frequent denial-of-service attacks.
While previous ones have been easily stopped with the cooperation of his ISP, on Friday another,
more complex, attack took down his Web site. The attack -- detailed on his Web site -- used the
random-source technique to make it seem as if data was coming from all over the Internet.
"There is no defense," he said. "That is what is so important for people to understand."
In a long posting on GRC.com, Gibson described a month of attacks on his site by an allegedly
13-year-old "script kiddie," a term used by security experts for young online vandals.
"I hope it is becoming clear to everyone reading this," he wrote in the posting, "that we can
not have a stable Internet economy while 13-year-old children are free to deny arbitrary
Internet services with impunity."
The problem is only getting worse.
Earlier in the year, access to many of Microsoft's major Web sites was cut off for more than a
day by two denial-of-service attacks. The same week, the FBI's Web site also was bombarded.
Last year, the Internet Relay Chat system repeatedly came under attack over a period of more
than three months.
Gibson blames a lack of initiative on the part of Internet service providers for many of the
problems.
"For three years now, it has been known that we should filter packets on the way out of the
network to make sure their addresses are valid," he said. "One of the things that could happen
is that major backbone providers should make it a requirement that invalid packets are filtered
out."
Companies such as Savage's Asta Networks, and competitors Arbor Networks and Mazu Networks, are
attempting to automate the response to such attacks. But such a technique would still require
the cooperation of the major Internet service providers to be truly effective.
Until Internet service providers start to police people, who send data with improper sourcing,
denial-of-service attacks will continue, Gibson said.
Until then? "I'm going to have a long lunch," he said. "There's nothing I can do. Check GRC.com
every day or two and maybe we will come back."
P.S: after reading the above posting, I tried to get to Steve's website - no luck!!! [by ejv]
****************************************
May's club meeting was attended by eighteen folks, an above average turnout. Guess backing up
is an important topic!
During the Q & A period, Ed Cohen raised the question of "free" internet service providers, a
species that seems to be losing population rather quickly
Juno, Netzero and Bluelight were mentioned in the discussion. The first two did not garner much
favorable comment. The latter did not have a user, or tryer, in the group so far; so it remains
a question.
If any members are using a free service - WITH GOOD RESULTS - please tell us about it. You can
update us at the meeting, or send a contribution for the newsletter. Thanks, in advance...
Main Topic - most of the discussion related to personal experiences and/or ideas on backing up
to protect your information. To kick off the discussion, Emil Volcheck presented, in "slide
show" format, the summary shown next:
****************************************
for MLCUG - - 5/12/01
The strategy discussed next, has evolved RECENTLY after the meeting discussions and demos. It
does NOT represent long term experience - yet. So, it is offered for consideration and
upgrading. How about some feedback?
TOOLS:
Meetings are in the St. Augustine Center at Villanova University. The 8-bit and PC sessions
will be meeting in Room 110. Enter from the ITHAN AVENUE main gate, then proceed to the 2-level
parking building adjacent to St. Augustine, on the Ithan Avenue side of the building.
NOTE: maps on our webpage - http://astro4.ast.vill.edu/mlcug/
June 9 June 20
July 14 July 18
August 11 August 21
* = first Saturday ** = second Wednesday
***************************************************************************************
EDITOR: Emil J. Volcheck, Jr. 1046 General Allen Lane West Chester, PA 19382-8030
(Produced with C-128D/SCPU 128, RAMlink, HD-40/85, 1571, FD-4000, THE WRITE STUFF 128, XETEC
Super Grafix, Canon BJ-200ex, Swiftlink and Motorola 288 modem)
MLCUG BBS: 610-828-1359 ( 300 --> 33600 bps ), 24 hr/day
WWW: http://astro4.ast.vill.edu/mlcug/
PUBLICITY: Robyn Josephs 610-565-4058
DISK ORDERS: Charlie Curran 610-446-5239
VILLANOVA SPONSOR: Prof. Frank Maloney, Dept. of Astronomy
MLCUG STEERING COMMITTEE:
PRESIDENT: Emil Volcheck 610-388-1581 SECRETARY: Charles Curran 610-446-5239
TREAS/MEMBERS: Dewitt Stewart 610-623-5145 SYSOP/AMIGA SIG: John Deker 610-828-7897
INTERNET/Linux:Peter Whinnery 610-284-5234 DATABASE: Layton Fireng 610-688-2080
AT LARGE: Tom Johnson 610-525-3440 AT LARGE: John Murphy 610-935-4398
ANNOUNCEMENTS & COMMENTS
########################################
CMD Software Inventory
WIN 98 TIP OF THE MONTH
HKEYULOCALUMACHINE
\Software
\Microsoft
\Windows
\CurrentVersion
\explorer
\ Advanced
Select New, then String Value from the Edit menu and type StartMenuScrollPrograms as the name
for the new value. Now, double-click on the StartMenuScrollPrograms value, and type FALSE as
the data for this value.
HKEYULOCALUMACHINE
\Software
\Microsoft
\Windows
\CurrentVersion
\explorer
key (just the parent key of the one above). There have been reports that this is occasionally
necessary.
Recent Hoax Postings
Where to Check Them Out
I refer you to the following sites to check out these terribly urgent and absurd postings:
HACKED PART 2
(thanks to Jan Stumpel)
DENIAL OF SERVICE (DoS) ATTACKS
LAST MONTH'S PC/128/64 MEETING
****************************************
"MY" BACKUP STRATEGY
by Emil Volcheck
PROCEDURE:
1. Partition my hard drive into:
- 5 GB C: drive for Windows 98 SE & applications
- 8 GB D: drive mainly for DATA
- 7 GB E: drive for BACKUPS only
2. Re-direct C:\"My Documents" target to D:\WindowsFiles to aid in making sure that data from
whatever source goes to drive D:
3. Backup process itself:
- run Scandisk & Defrag on the C: and D: drives
- run Drive Image to place a compressed image of the C: drive on the E: drive
NOTE: this assures that the Windows
app, MS Backup is available and
useable in the event of a total
loss of my C: drive
NOTE: also put an image on CD-R
discs prior to really BIG changes
- run MS Backup to backup selected and/or changed DATA on the D: drive to the E: drive
4. At some interval, TBD, will want to put the DATA backups onto a CD-R disc, or other external
backup device
That's it in a nutshell. I have another sheet that shows my data layout and backup selections -
hopefully to stir some thoughts and discussion.
DIRECTIONS FOR ST. AUGUSTINE CENTER MEETING ROOM
64/128/PC/Amiga Meetings 2001 Steering Committee Meetings