| Nov 2001 | Issue 234 |
MEETING STARTS - 09:30 - NOV 10 th
CONTINUE WITH THE SHARING!
As in the recent meetings, we'll begin with our announcements, questions, problems and answers (hopefully). About an hour for this ...
Then, the topic will shift to the question of internet security and two aspects of same: virus/worms and firewalls
For the first time in years, I got sent a virus in an email attachment. The message seemed to meet the usual security considerations (which we can discuss) and did not cause any harm. I'll describe my experience and we can mull over the subject.
Next, because of increasing net use by members (& others!) and the expected increase in broadband access, firewall software is getting increasing attention by the trade, the media and users. We want to make sure our members have the benefit of any current experience with this tool.
As a part of the program, we plan to download one of the better products (which happens to be freeware - Zone Alarm). Then, we'll install it and show some of the setup considerations. This will also provide an opportunity to show some of the behavior of such utilities. This should be very informative!!
Any other topics? Make suggestions...
This was last month's topic and is on the agenda again. And, there were interesting developments since:
1) about a week after the meeting, Charlie Curran got a letter from Comcast saying they were upgrading service in his area (Havertown). When completed, high speed internet service would be available.
2) about a week after that, I got a hang-tag on my front door knob with similar information regarding work in our area (outskirts of West Chester)!
Charlie does not use cable - and we have had no clue as to when Comcast might do this - they provide NO cable modem service in Chester County!
########################################
RENEWAL TIME - is here! Our "official" membership solicitation is now underway. So, you may
want to turn to the back page of this issue, fill out the form and see if you can be the first
to renew (no prize!). Because we hit year 20 this time round, we plan to try a couple of extra
approaches to solicit both renewals of existing members and rejoining by former members.
Hopefully, by the celebration time in the April-June 2002 period, we'll have a goodly compliment
to do so.....
One special step will be to directly contact each current member to urge them to renew - to help
us maintain our current (albeit shrunken) member base. This will be done separately from the
monthly newsletter mailing.
20TH ANNIVERSARY! - speaking of the anniversary - in April 2002 MLCUG will arrive at the 20th
anniversary of the founding meeting, which took place at the Main Line Computer Center (hence
the source of our name) in April of 1982. We are still trying to decide on what would be
appropriately special to celebrate that event. Hence, your ideas, thoughts and suggestions will
be welcomed and most appreciated! Pass them on at the meetings, or to one of the steering
members (see p.7) if you can't be at meetings.
BROADBAND: - as an MLCUG member, do you have some form of broadband internet access? If so, how
about contacting Emil, or posting the info on the BBS; so we can add to our meager database on
this subject for the areas our members live in? No one responded to this appeal that first
appeared in the October issue.
WINDOWS XP - any members encountered it? Anyone purchase a new PC in the last month+ that came
with XP pre-installed? Tell us about your experience.
Email Change: - we got an email from our distant member, Ted Dean. He has had an email address
change from his ISP - MSN. Ted's new address is:
tc35d29@msn.com
He'd like to hear from us...
LUNCH - some of us regularly adjourn after the meeting for lunch at the Villanova diner. Why
not come join us - and continue the converse?
The GIBSON RESEARCH CORPORATION (www.grc.com) is an excellent source of information on matters
related to computer security. But, in addition, they offer a set of three test utilities that
do real-time tests of the security of your computer when on the internet.
The tests go by the catchy titles of: "Test My Shields", "Probe My Ports" and "Leak Test".
Following are the reports from a test I ran on my own system, which is connected to the net via
a DSL router.
[The following test was performed with our Zone Alarm firewall turned OFF; so the only
"protection" was the Cisco 802 Router on our iDSL line]
Shields UP! is checking YOUR computer's Internet connection security ... currently located at
IP: 63.238.170.97
Please Stand By. . .
Attempting connection to your computer. . .
Shields UP! is now attempting to contact the Hidden Internet Server within your PC. It is likely
that no one has told you that your own personal computer may now be functioning as an Internet
Server with neither your knowledge nor your permission. And that it may be serving up all or
many of your personal files for reading, writing, modification and even deletion by anyone,
anywhere, on the Internet!
Please Note: On highly secure systems this may take up to one minute. . .
Preliminary Internet connection refused!
This is extremely favorable for your system's overall Windows File and Printer Sharing security.
Most Windows systems, with the Network Neighborhood installed, hold the NetBIOS port 139 wide
open to solicit connections from all passing traffic. Either this system has closed this
usually-open port, or some equipment or software such as a "firewall" is preventing external
connection and has firmly closed the dangerous port 139 to all passersby. (Congratulations!)
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer have FAILED. (This is very UNCOMMON for
a Windows networking-based PC.) Relative to vulnerabilities from Windows networking, this
computer appears to be VERY SECURE since it is NOT exposing ANY of its internal NetBIOS
networking protocol over the Internet.
[The next test was performed with Steve Gibson's IP Agent that read my system's IP Address -
then automatically fired up Netscape and connected to the internet. The Zone Alarm firewall was
still turned off]
The Internet Protocol (IP) Address Specified belongs to a Private Network... 10.10.10.30
Private Networks:
The Internet Engineering Task Force (IETF) demonstrated their amazing foresight by setting aside
several "chunks" of the 32-bit Internet Protocol (IP) address space. They understood that there
would be situations where organizations might want to create an "off the Internet" private
network without needing to get official allocations of "public" IP space.
Since these addresses would be disjoint and disconnected from the rest of the Internet, they
could be freely used and reused without concern of "collision". In other words, two different
machines located in different companies might have identical IP addresses. This would cause no
problem because neither machine could be reachable from the Internet nor to each other.
Four regions of IP addresses were defined, creating four "sub-networks" of differing sizes and
routing complexity:
All this is significant to you and the security of your machine having the IP address shown
above because all such addresses are, by design, "unreachable" from the external "public"
internet. IP Agent has notified the server that it's residing in a machine with this address,
but there is no way for the server or anyone outside of your own network to reach you. Those
addresses are simply "undefined" within the Internet's routing tables.
In other words: Your computer is very secure against typical threats and discovery from passing
Internet scanners.
Where do you go from here?
If our IP Agent brought you directly to this page, without offering you a choice of IP's, your
machine has only this single private IP address and it is invulnerable to outside discovery,
connection, and attack. [This is the case with our system:ejv]
If you are viewing this page after selecting this address from a list you were given, you may
press your browser's BACK button to return to the selection list.
If you wish to review the rest of the content of this web site, you may jump to our home page
with the center link below. Then click the ShieldsUP icon to enter WITHOUT the IP Agent. Note
that in this case the IP shown will be that of your Proxy, Firewall, or network address
translation (NAT) agent; so the tests will be meaningless for your machine!
[The next section shows the results of Gibson's "Probe My Ports" testing routine]
NOTE: when GRC probed our system's ports - with or without the firewall running - it showed the
following ports are OPEN:
I contacted our ISP and learned that they can arrange to close those ports, too. I've asked
them to do so...
The notice below was sent to folks who use the Bee.Net ISP service. I posted it here just to
indicate another side effect of the 9/11 tragedy.
"Hello Bee.Netters!
As a result of the overwhelming increase in mail volume since the 9/11/01 tragedies, we have had
an increased number of customers who are experiencing timeouts while sending mail. While there
is a setting in each customer's mail software to increase the timeout period -- we have chosen
to allow customers to use our secondary ourgoing mail server as their primary mail server. By
doing so, effected customers will see increased performance for their outgoing mail.
So...effective immediately, all customers who use bee.net for Internet access and e-mail are
welcome to switch their outgoing mail server from smtp.bee.net to smtp2.bee.net. This change is
not mandatory, so if you do not know how to make the change, you may disregard this e-mail (or
let me know by return e-mail that you would like us to help you make the change -- and we'll
give you a call to walk you through the process). If you do know how to make the change, we
encourage you to do so -- as not only will you benefit, but so will the customers who continue
to use smtp.bee.net.
The increased mail volume has impacted e-mail delivery throughout the Internet. In addition to
providing alternatives for sending outgoing e-mail, we are in the process of adding additional
hardware and software solutions to improve the overall timeliness of mail delivery. We are
optimistic that most other ISPs are doing the same. Regards, Rich
Rich Goldberg"
As an aid to any and all, we'd like to notify folks of top notch freeware products. When
feasible, we'll demo them at the monthly meetings. And, we'd like to feature them in this
newsletter.
To get the ball rolling, here are two:
1) IrFanView [at www.irfanview.com] - this is an extremely well-written piece of software that
provides a range of image handling functions. They include image file management, image
processing, slide shows, etc. Tom Johnson showed it a couple of meetings back. We keep it on
the desktop of the club PC for ease of use.
2) Zone Alarm [at www.zonealarm.com] - this is a very powerful internet security tool. In
addition to the usual security features - see the item on p.2 - it is one of the very few that
passes the Gibson "Leak Test" - which we hope to show at this month's meeting.
NOW, how about a recommendation for your favorite? You can tell us about it and/or demo it...
When I was younger, I could remember anything, whether it had happened or not; but my faculties
are decaying now and soon I shall be so I cannot remember any but the things that never
happened. It is sad to go to pieces like this but we all have to do it.
-- Mark Twain --
****************************************
October's meeting was attended by 13 members and resulted in a lively roundtable discussion. As
in the recent past, we went round the table a couple of times - for announcements and news items
and for problem solving.
Layton Fireng showed some examples of printouts from an Epson 870 Photo printer (that he had
picked up for $25 at MicroCenter last month!). He had used a digital camera photo and a
precision color printing image (this later has calibrated gray and CMY color scales to very
closely determine the color rendering of printouts) on five different qualities of Epson
printing paper. You could get a real assessment of the capability of the printer and the effect
(or lack of effect) of paper types. Incidentally, Layton noted that his contacts with some folk
in the professional graphics trade indicate that Epson is considered to be the prime quality
printer with those who make their living with graphics output.
After the roundtable, we turned to our discussion of broadband internet access. While we had a
good discussion, the final result is pretty clear. So far, no one of the attendees has cable
modem service and three of them have DSL (one from Conectiv and two from Verizon). These latter
have been satisfactory services - tho the startup has been rocky!
For the rest of the attendees, the key parameter is that the monthly fees are felt to be too
high to justify the move. With one exception, none had yet investigated the availability of
broadband in their area; so we could not judge how widely available it might actually be
(especially since the vendors do not actually come out and identify where it is offered - you
really have to investigate for your specific location).
With not a lot of time available, we briefly glanced at Karen Kenworthy's POWER TOOLS CD. As
mentioned in the last issue, this CD contains all her Power Tools, plus the source code (in
Visual Basic 6) for them. It also has all the columns ahe has written for Windows Magazine
(defunct), the Winmag.com wesite (defunct) and on her own since the demise of the website. The
CD is available fo $30 directly from her website - check it out at: www.karenware.com
Both of the CDs described in last month's issue will be on hand for future meetings, in case of
questions from attendees.
Some tips to help perk up your system: #1, if you use Microsoft Office and #2 for most any
anti-virus software, #3 for most anyone and #4 for those with home networks.
#1) DISABLE FINDFAST
Delete the Findfast icon from your Startup folder. Click on Start, Programs, Startup. Then
right-click on it & choose Delete
#2) MAKE SURE VIRUS SCANNERS AREN'T
SCANNING ALL FILES ON YOUR HARD DRIVE
To save system resources, set your virus scanner to only scan executables when running in the
background (when you do a separate full system scan, as the foreground task, then you can choose
all files), or turn off background scanning altogether and regularly scan your files manually.
#3 YOU CAN STOP WINDOWS FROM ASKING IF
YOU ARE SURE YOU WANT TO ENTER
CERTAIN FOLDERS
Delete the hidden folder.htt & desktop.ini files located in your Windows folder.
#4 USING SWITCHES INSTEAD OF HUBS CAN
NEARLY TRIPLE YOUR BANDWIDTH
If you have a local area ethernet network, spend a few extra $$$ to get a network SWITCH instead
of the regular HUB. The switch allows each of your computer links to operate at maximum
thruput, completely independent of what any of the other systems are doing.
Are you in the market for memory for your existing computer? If so, a very useful assist is
offered by the website: www.crucial.com - the MICRON memory people.
They have a huge database of computers and list exactly what type of memory is correct for the
specific model. For example, I have an older (W1997) model IBM Aptiva PC. When I looked it up
at this website, it listed not just the model (a 2161) but a whole slew of minor model variants
(i.e. the 2161 C8H)! And, the memory I got from that advice worked! Their prices seem to be
very competitive and they give free 2-day FedEx!
Thanks to John Murphy for pointing this one out.
by: Peter Whinnery
Good news for you C-64 graphics guys: (The 1st paragraph was traslated from German with a web
translator.)
On the 9th of September, 2001
Since the 5th of September GoDot is Public Domain! After consultation with all previous
distributors I have myself to this decision durchgerungen. Now it can be handed on in all PD
archives and on club diskettes. Single condition: Godot May be chan ged not without my
permission for a public distribution. I have provided two versions to the download: a minimal
installation on a D64 file which contains the fully functional system, but only the
allerwichtigsten modules and a full installation on s ix D64 files which corresponds to the
previous full version. All files are geZIPpt. Part of the PD distribution is a short BASIC
program which explains(expresses) the manipulation GoDot'S shortly ("RUN.ME").
It is continued, no anxious! And now: a lot of joy!
(And for the Basic programmers out there, more good news) ->
Hello dear Commodorians,
I decided to also (besides GoDot) release a very old project of mine - it was the predecessor of
GoDot - to the public domain: my BASIC interpreter TSB which is short for "Tuned Simons' Basic".
The name says what it is. It is almost 100% compatible t o the original, but lacks its
desastrous bugs and incompletenesses. There are many additional commands and functions
programmers will surely appreciate (about 30). The code wasn't patched but completely new-
written. In spite of that every orginal SB program will most likely run under TSB (some
exceptions of course). Who knows SB will like TSB.
The disk contains some demo programs to showcase some of these new commands, and a short
description of what has changed as compared to SB. I hope TSB will be a handy contribution to
the C64 pool of useful tools.
Have fun! Comments appreciated! Download from my GoDot site.
Arndt
+------------------------------+
+ Arndt Dettke +
+ GoDot C64 Image Processing +
+ http://www.GoDot64.de +
+ support@GoDot64.de +
+------------------------------+
DIRECTIONS FOR ST. AUGUSTINE CENTER MEETING ROOM
Meetings are in the St. Augustine Center at Villanova University. The 8-bit and PC sessions
will be meeting in Room 110.
ANNOUNCEMENTS & COMMENTS
########################################
SECURITY TIP !
10 . 0. 0. 0 --> 10 .255.255.255
169.254. 0. 0 --> 169.254.255.255
172. 16. 0. 0 --> 172. 31.255.255
192.168. 0. 0 --> 192.168.255.255
This yields networks containing in excess of sixteen million, sixty-five thousand, one million,
and sixty-five thousand uniquely identified machines, respectively. Plenty for just about any
purpose.
Port 23 Telnet
Port 79 Finger
Since the ShieldsUP test above shows that the PC is isolated from the internet, it would seem
that these open ports are on our Cisco DSL router.
SEPTEMBER 11 2001
USEFUL FREEWARE?
Your fortune for today:
LAST MONTH'S PC/128/64 MEETING
****************************************
WINDOWS TIPS
BUYING TIP.....
GoDot & Other News!!