Main Line Computer Users Group - June 2001 Issue 229

VILLANOVA UNIVERSITY, ST. AUGUSTINE CENTER

MEETING STARTS - 09:30 - JUN 9 th

Come Join Us !!!


THIS MONTH'S CONTENTS
MAIN LINE PC/128/64 USERS - Room 110

For all attendees, as usual, we will take the opportunity to "go round the table" for announcements and tidbits from everyone. Things that have interested you are likely to interest others, too. We'll try to tackle your problems, too.

Remember, as an aid to any of these items, the club PC has three "current" versions of Windows: Windows 95B (OSR2.1), Windows 98 SE or Windows Millennium. The Windows 95B is our default version.

Interested in "tweaking" your system? Microsoft's techies do it with TweakUI. There's now a version that works with Win95 -> Win ME. We'll take a look...

For our longer term members, Loadstar is still alive - in its disk-based or "internet" based versions. I subscibe to, and have the latest "shipment" of the latter, dubbed eLoadstar 15. So, we can give it a whirl and see how our heritage is doing (Murphy permitting, of course!).

One more thing. We'd like to offer the opportunity for any member to demo an application or utility or tidbit (like Tom Johnson's ICQ a while back) that you particularly like. If you do, we're sure others will too. So, come out and show us that favorite...

See you on the 9th, bring a friend!!!


HAS DISASTER STRUCK YOU, TOO??

Last month, member Peter Whinnery had posted information on the BBS about his being hacked and we published that announcement in our May issue. Pete has agreed to tell us, in some detail, about how he has gone about recovering and protecting himself from a future hack. Here's the next chapter in his story:

Hacked II - Recovery

Before starting the recovery processs I copied the directories and files, that I found the cracker had left, to a floppy for later study. I also make a copy of the /etc directory for the same reason. The cracker left files in carefully hidden directories and edited system configuration files. [cont'd.]

########################################
ANNOUNCEMENTS & COMMENTS
########################################

HITCHHIKER? - Douglas Adams, author of the Hitchhiker's Guide to Galaxy books (and several others), died on May 11th of a heart attack at the age of 49 in Santa Barbara, CA. Infocom published a computer version of the Hitchhiker's Guide to the Galaxy for the C64 and other 8-bit computers back in the 80's.

It was a little known fact that Adams started out with computers using a Commodore PET before switching to the Apple Macintosh when it first came out. Adams was a partner in The Digital Village with the title of Chief Fantasist. The last computer game that he worked on was "Starship Titanic" which is available for the PC and the Macintosh. He was recently named an Apple GrandMaster and was honored at last year's ceremony. ------

I saw Douglas Adams a few years ago when he was a keynote speaker at a Cisco Networkers meeting. During his talk, he spoke about getting a Commodore PET when it first came out. He used it for word processing and for playing around with programming in BASIC. He gave credit to the PET for starting him off with computers and with helping him to write his books and scripts. It was an interesting talk and it was nice to hear someone acknowledge his computer roots, especially at a conference with 3,000+ techies. [John Murphy]

CMD dropping Commodore? - I saw this posted on the Commodore Wire:

"Creative Micro Designs Vice President Charles Christianson posted this on comp.sys.cbm yesterday: "As of June 1, 2001 CMD will no longer be accepting any new orders for Commodore related equipment. We will however entertain all serious offers for the purchase of remaining parts inventories and the production rights to CMD products. Please note that production quantities on many products will be limited to parts that are in stock and as a result CMD reserves the right to cancel any resulting back-orders that exceed our current parts inventories."

This is the latest in a sequence of events from CMD this year which has seen them slowly phase out their Commodore support. Earlier in the year, CMD reorganized by cutting out its 800 telephone number, reducing the number of hours in which orders could be placed, reducing the days in which orders would be shipped, and stating that RAMLinks would no longer be produced after the current stock was gone. Then a few weeks later, CMD sold its non-CMD-specific software to Centsible Software." [John Murphy]

THE CENTSIBLE ANNOUNCEMENT - the sale of the CMD Commodore inventory to Centsible Software was announced on the CMD website www.cmdweb.com as follows:

Centsible Software Purchases
CMD Software Inventory

On April 5, 2001 an agreement was reached between Creative Micro Designs and Centsible Software for the purchase of a major portion of CMD's remaining inventory of Commodore software, books and other third-party products.

The decision was made as part of CMD's overall plan to reduce overheads relating to the Commodore product line. By allowing Centsible Software to service the remaining software market for Commodore compatible products, we will be able to focus our efforts on maintaining our own hardware and software products, including the GEOS product line. CMD has had a long history with Centsible Software and has every confidence that Scott Parker and his staff will continue to offer a high level of support to Commodore users.

Please look closely at our list of available products as it has changed substantially. Please refer all software inquiries to support@centsible.com or visit their website: www.centsible.com"

For those of us who have been with Commodore computers for lo these many years, these are real watershed announcements. CMD was the last company in the US to invent and produce ground breaking technology for the Commodore 8-bit systems. You'll recall that it started with the JiffyDOS ROM chip (a real keystroke and memory saver for users, and its super compatibility made it the preferred choice over many competing products) and moved to the HD series hard drives, the FD series floppy drives, the RAMlink series RAM disk systems, the Smart Mouse and trackballs and culminated with their SuperCPU systems for both the 64 and 128. A pretty amazing run of technology...

HARD DRIVE purchase - If you're in the market for a new hard drive, check CompUSA. I took advantage of their Memorial Weekend special - got a 20 GB hard drive for $100 with a $50 rebate - net $50. That's the lowest price I've seen anywhere for a big drive.

The drive itself is interesting. The package says "CompUSA by Maxtor"

But, when you open the box, there is a little slip inside that says the hard drive can not use the "MaxDiag" software included because the drive is a Quantum. Sure enough, the drive is a Quantum Fireball lct 20, 4500 rpm, ATA/100. It is a nice, quiet drive. It has only a 1-year warranty, instead of Maxtor's usual 3-year. Oh yes, did I mention that Maxtor bought the total hard drive business of Quantum (the latter has got out of the hard drive business, but has other lines; so it is still alive; see: www.quantum.com. My CMD hard drive has a Quantum mechanism, as I recall!!).

I went to the Maxtor website - where they have a special section for their Quantum products and got the diagnostic and low level format utilities that should have been included with the drive.

Looks like an extremely attractive option....

WINDOWS STARTUP DISK - just a reminder that we have the "improved" Windows startup disks available at $1 each. And, for those who got the "label-less" disks, I'll again have the pre- printed labels at the next meeting for you.

LUNCH - some of us regularly adjourn after the meeting for lunch at the Villanova diner. Why not come join us - and continue the converse?

****************************************
WIN 98 TIP OF THE MONTH

This month, I'm showing the successful outcome of my appeal from last month, which went like this:

"When you click START, then PROGRAMS, you get (if you have a lot of items) a SINGLE scrollable column to choose your program from. However, in Win95 you get multiple columns without scrolling. So, you have 2-3 times as many choices on your screen at one time. Somewhere I saw a tip on how to change Win98 to do like Win95. If anyone can run this tip down, please let me have a reference. I'd like to use it and pass it on. Thanks to all ..."

Well, I found it! I was going thru an old pile of papers, to thin it out, and came across the original tip. It turns out that it was published on the website: www.annoyances.org

To make the change requires editing the registry (the system.dat file). But, I followed the recipe and it works! I'll have to remember to make the change on the club PC for the next meeting ....

Replacing Start Menu scrolling with good 'ol multiple columns

"One of the most frequently requested fixes for Windows 98 is to make the Start Menu behave like it did in Windows 95. That is, instead of those tiny arrows that let you scroll through the list, slowly and painfully, you can configure it to have multiple columns. Microsoft has been no help on this issue, but we've found a way:

Run the Registry Editor (REGEDIT.EXE). Navigate to:

 HKEYULOCALUMACHINE
  \Software
   \Microsoft
    \Windows
     \CurrentVersion
      \explorer
       \ Advanced

Select New, then String Value from the Edit menu and type StartMenuScrollPrograms as the name for the new value. Now, double-click on the StartMenuScrollPrograms value, and type FALSE as the data for this value.

Click Ok, then close the Registry Editor when you're done. This setting should take effect immediately.

Note: This will affect your Start Menu's Programs folder and all folders underneath it, but it surprisingly won't affect folders directly in your Start Menu folder (which appear above Programs in the main Start Menu).

Note: If this doesn't work on your PC, try adding a second StartMenuScrollPrograms value, as described above, to the

 HKEYULOCALUMACHINE
  \Software
   \Microsoft
    \Windows
     \CurrentVersion
      \explorer

key (just the parent key of the one above). There have been reports that this is occasionally necessary.

Note: If this still doesn't work, check your spelling and make sure you're putting the values in the right keys. Try restarting Windows to see if that helps. Also, make sure you've installed all the latest Windows Updates, including IE5.

****************************************
Recent Hoax Postings
Where to Check Them Out

Regarding the recent posting about Congress charging for email or about deleting sulfnbk.exe (the long filename utility), it is suggested that:

Ayone getting an "Urgent Forward" from someone about ANYTHING check out these web resources first before passing it on! ----------------------------------------
I refer you to the following sites to check out these terribly urgent and absurd postings:

www.snopes.com/horrors/madmen/mallgrab.htm

urbanlegends.about.com/culture/urbanlegends/library/weekly/aa072998.htm

www.scambusters.org/otherhoaxes4.html

****************************************
HACKED PART 2

[continued from p.1]

I am sure I did *not* find everything he did to my system; so the recovery started with a clean install of the OS. Also, I chose this opportunity to upgrade RedHat Linux from 6.2 to 7.1.

I used the Graphical install routine and opted to manually chose the packages to be installed. The default options that come with the 7.1 install are pretty good, security-wise. There is a dialogue box early in the process that asks one to choose between 3 levels of security and sets options accordingly. I chose the "medium" level, with some network services (programs) started at boot time.

A quick word about servers and clients:
(thanks to Jan Stumpel)

The distinction between servers and clients is not always clear to users. If you want to use ftp, for instance (getting files from and putting files into, another computer) you use an ftp *client program* to connect to the other computer. If that is all you want to do with ftp, the client program is all you need. An ftp *server* is only needed if you want to allow others to get files from, or put them into *your* computer. Similarly with telnet, a client program for your *own* use, a server program for *other* peoples' use.

What servers do is *listen*. They listen for a signal that says "I want your service". For TCP based services the signal is a special IP packet that enters your computer and specifies the number of a service. For instance, the number of the telnet service is 23. These numbers are usually called 'port numbers'. Ports do not exist by themselves, like little doors in your computer that you can open or close. A port is open if a server listens to it. Otherwise it is closed. A TCP port comes into existence if there is a program which listens to it, and if not, it does not exist!

3 Methods of Security

The first is to follow the commonly-heard advice to 'close unneeded ports', in other words not to run servers that you do not need. Examples of unneeded services include: ftp, nfs, finger, ident, httpd, and samba. These services are started in various ways at boot time. There are numerous system tools available to start and stop the various services depending on your needs.

The next step is to secure the services you need to run. Methods include TCP Wrapper programs and Packet Filtering. A Wrapper program is invoked instead of the server program, logs the request, checks to see if the remote host is allowed to use that service, and if this succeeds will execute the real server program. A packet filter is a piece of software which looks at the header of the packets as they pass through and decides the fate of the entire packet. It might decide to deny the packet, accept it, or reject it; but tell the source of the packet that it has done so. There are also a number of services with intrinsic security options. ssh uses encryption for all its connections, samba and X can be started buttoned down pretty tight. The list goes on.

Finally after we *eliminate* unwanted services, *reconfigured* services, *wrapping* them in others, and filtering the packets that do get through we have configured a quite secure system. We now need to monitor for any unwanted activity and log it. One such progam is called TripWire. It essentially takes a snapshot of various config files, logs, and other system info and reports any changes it detects.

Progress So Far

On the home system I have made it thru the first two steps on my machine and will start work on my wife's workstation next. I have downloaded TripWire and installed it, but need to reconfigure it for my system. My office network is about in the same condition. I am using the DSL modem as a "firewall" only allowing ssh and http requests through. More on TripWire, stay tuned - part 3.

****************************************
DENIAL OF SERVICE (DoS) ATTACKS

I'm sure all of you have been hearing increasing accounts of various forms of hacking. Here's a note - grabbed from CNET - on the hacking called "Denial of Service (DoS)". Note especially, the info about the very useful and well-respected website run by guru Steve Gibson:

"The attacks -- which can also take the form of specially formatted data that can crash servers -- are almost impossible to stop, unless the victim has enough clout to convince their Internet provider to help track the source.

Just ask Steve Gibson, an independent security consultant known for his free Shields Up service for testing a PC's security across the Web. Since early May, Gibson has been the target of frequent denial-of-service attacks.

While previous ones have been easily stopped with the cooperation of his ISP, on Friday another, more complex, attack took down his Web site. The attack -- detailed on his Web site -- used the random-source technique to make it seem as if data was coming from all over the Internet.

"There is no defense," he said. "That is what is so important for people to understand."

In a long posting on GRC.com, Gibson described a month of attacks on his site by an allegedly 13-year-old "script kiddie," a term used by security experts for young online vandals.

"I hope it is becoming clear to everyone reading this," he wrote in the posting, "that we can not have a stable Internet economy while 13-year-old children are free to deny arbitrary Internet services with impunity."

The problem is only getting worse.

Earlier in the year, access to many of Microsoft's major Web sites was cut off for more than a day by two denial-of-service attacks. The same week, the FBI's Web site also was bombarded. Last year, the Internet Relay Chat system repeatedly came under attack over a period of more than three months.

Gibson blames a lack of initiative on the part of Internet service providers for many of the problems.

"For three years now, it has been known that we should filter packets on the way out of the network to make sure their addresses are valid," he said. "One of the things that could happen is that major backbone providers should make it a requirement that invalid packets are filtered out."

Companies such as Savage's Asta Networks, and competitors Arbor Networks and Mazu Networks, are attempting to automate the response to such attacks. But such a technique would still require the cooperation of the major Internet service providers to be truly effective.

Until Internet service providers start to police people, who send data with improper sourcing, denial-of-service attacks will continue, Gibson said.

Until then? "I'm going to have a long lunch," he said. "There's nothing I can do. Check GRC.com every day or two and maybe we will come back."

P.S: after reading the above posting, I tried to get to Steve's website - no luck!!! [by ejv]

****************************************
LAST MONTH'S PC/128/64 MEETING
****************************************

May's club meeting was attended by eighteen folks, an above average turnout. Guess backing up is an important topic!

During the Q & A period, Ed Cohen raised the question of "free" internet service providers, a species that seems to be losing population rather quickly !

Juno, Netzero and Bluelight were mentioned in the discussion. The first two did not garner much favorable comment. The latter did not have a user, or tryer, in the group so far; so it remains a question.

If any members are using a free service - WITH GOOD RESULTS - please tell us about it. You can update us at the meeting, or send a contribution for the newsletter. Thanks, in advance...

Main Topic - most of the discussion related to personal experiences and/or ideas on backing up to protect your information. To kick off the discussion, Emil Volcheck presented, in "slide show" format, the summary shown next:

****************************************
"MY" BACKUP STRATEGY

for MLCUG - - 5/12/01
by Emil Volcheck

The strategy discussed next, has evolved RECENTLY after the meeting discussions and demos. It does NOT represent long term experience - yet. So, it is offered for consideration and upgrading. How about some feedback?

TOOLS:

PROCEDURE:
1. Partition my hard drive into:

  - 5 GB C: drive for Windows 98 SE  & applications
  - 8 GB D: drive mainly for DATA
  - 7 GB E: drive for BACKUPS only

2. Re-direct C:\"My Documents" target to D:\WindowsFiles to aid in making sure that data from
whatever source goes to drive D:

3. Backup process itself:

  - run Scandisk & Defrag on the C: and D: drives

  - run Drive Image to place a compressed image of the C: drive on the E: drive

    NOTE: this assures that the Windows
    app, MS Backup is available and 
    useable in the event of a total 
    loss of my C: drive

    NOTE: also put an image on CD-R 
    discs prior to really BIG changes

  -  run MS Backup to backup selected and/or changed DATA on the D: drive to the E: drive

4. At some interval, TBD, will want to put the DATA backups onto a CD-R disc, or other external
backup device

That's it in a nutshell.  I have another sheet that shows my data layout and backup selections -
hopefully to stir some thoughts and discussion.
DIRECTIONS FOR ST. AUGUSTINE CENTER MEETING ROOM

Meetings are in the St. Augustine Center at Villanova University. The 8-bit and PC sessions will be meeting in Room 110. Enter from the ITHAN AVENUE main gate, then proceed to the 2-level parking building adjacent to St. Augustine, on the Ithan Avenue side of the building.

NOTE: maps on our webpage - http://astro4.ast.vill.edu/mlcug/


64/128/PC/Amiga Meetings  2001  Steering Committee Meetings

June 9 June 20 July 14 July 18 August 11 August 21

* = first Saturday ** = second Wednesday *************************************************************************************** EDITOR: Emil J. Volcheck, Jr. 1046 General Allen Lane West Chester, PA 19382-8030 (Produced with C-128D/SCPU 128, RAMlink, HD-40/85, 1571, FD-4000, THE WRITE STUFF 128, XETEC Super Grafix, Canon BJ-200ex, Swiftlink and Motorola 288 modem)

MLCUG BBS: 610-828-1359 ( 300 --> 33600 bps ), 24 hr/day WWW: http://astro4.ast.vill.edu/mlcug/ PUBLICITY: Robyn Josephs 610-565-4058 DISK ORDERS: Charlie Curran 610-446-5239 VILLANOVA SPONSOR: Prof. Frank Maloney, Dept. of Astronomy

MLCUG STEERING COMMITTEE:

PRESIDENT: Emil Volcheck 610-388-1581 SECRETARY: Charles Curran 610-446-5239 TREAS/MEMBERS: Dewitt Stewart 610-623-5145 SYSOP/AMIGA SIG: John Deker 610-828-7897 INTERNET/Linux:Peter Whinnery 610-284-5234 DATABASE: Layton Fireng 610-688-2080 AT LARGE: Tom Johnson 610-525-3440 AT LARGE: John Murphy 610-935-4398