Brought to you each week by the 84 Online Team, a loose collection of volunteers from around the Kentuckiana region.
84 Online is broadcast live each Sunday from 3:00 PM to 6:00 PM (EDT) on WHAS radio, 840 AM. You may call the show directly during this time period at 502-571-8484 or toll free at 1-800-444-8484. You may also interact with the team online by visiting www.84online.com and clicking on Chat Room. IRC users can access the room through irc://ucanweb.com/84online. Chat hours match the show on Sunday and generally some of the members are in nightly from 8:00 to 10:00 PM EDT.
If you’re new to the Newsletter you can read back issues at http://forums.84online.net/forumdisplay.php?s=&forumid=53. Team member JP Durbin mirrors the archive at
http://www.jpdurbin.net/84archive/.
Looking for answers to your computer questions? The 84Online BBS offers 24/7 tech support directly from the 84Online team. Search for answers to frequently asked questions or post a question of your own. Visit us at http://forums.84online.net.
The WHAS Crusade for Children provides year round support for needy children throughout the Kentuckiana region. Visit http://www.whascrusade.org to make donations online.
The Louisville Linux User Group is a resource for local Linux enthusiasts to communicate with one another via BBS and mailing list. To subscribe to the LouLUG list, visit http://www.loulug.com for more information.
2-12-04
Your regularly scheduled second part of dual booting will not be broadcast due to breaking news, brought to you by yet another high risk Windows security vulnerability and even more MyDoom worms… <Sigh>.
Microsoft has issued a
critical update to fix yet another buffer overflow problem, this time in the
ASN.1 dynamic link library (Abstract Syntax Notation). eEye Security found this particular
problem last July and duly reported it to Microsoft on 7-25-03. Six and a half months later Redmond has
finally issued a patch.
You can read both an
extremely dry high tech explanation (and a rather amusing song lyric hijack) at
http://www.eeye.com/html/Research/Advisories/AD20040210.html,
see the format for the new Homeland Security advisories at http://www.us-cert.gov/cas/techalerts/TA04-041A.html
or read the usual British take on the situation at http://www.theregister.co.uk/content/55/35480.html.
I’ll attempt to explain this
in layman’s terms… wish me luck ;)
First, I’m not going to
attempt to reinvent the wheel, so please read Hash’s excellent explanation of
what a buffer overflow is at http://www.jpdurbin.net/84archive/84%20Online%20Newsletter%20Volume%202%20Number%2018%205-9-02.htm.
This particular exploit
takes advantage of a buffer overflow in some critical security files, like those
that handle Certificates, SSL (Secure Socket Layer, which is the sub-system that
handles sites where you enter credit card data), signed ActiveX script controls
etc. For the end user this means
that if you open an email, visit a website or execute a program that contains
specific code, that code would immediately be executed on your system and do
anything to your PC, from formatting the hard drive to taking full control and
using your PC to attack websites ala MyDoom.A and
.B.
Why it took Microsoft so
long to patch this bug is anyone’s guess but you can expect a virus within the
next few weeks that exploits it.
The Blaster and Code Red worms took advantage of similar vulnerability to
spread out of control.
Like Blaster, this
vulnerability affects NT, 2000 and XP operating systems, but the problems don’t
stop there. MS also issued a patch
this week to close a security hole in NT Server, 2000 Server and Server 2003
that could allow a hacker to shut down the server with a Denial of Service
attack, knocking your web-server off the Internet. Even Macs get an update this time with a
patch for Virtual PC which could allow a hacker to obtain elevated privileges on
a vulnerable system.
Regardless of your OS, do
your Windows Critical Updates at least once a week, every week! As these problems come to light hackers
will immediately start trying to figure a way to exploit them, resulting in
devastating viruses.
And speaking of viruses,
what week could be complete without two more variants of MyDoom? These are called DoomJuice.A and .B and
security experts believe they were both created by the original MyDoom
authors. They both take advantage
of the backdoor opened by the original virus so they’ll spread through machines
that are already infected.
.B is another DDoS vector,
set to launch an attack on microsoft.com on Friday. .A is another animal all together
however. This critter will actually
drop the source code for the original MyDoom virus on your hard drive. Security experts feel this is probably
an attempt to avoid prosecution by the authors, should they ever be caught, by
using the “I didn’t write that code, someone must have planted it” defense
proving effective in the UK.
If you remember the Blaster
outbreak you may also remember Nachi, which came a week later and attempted to
remove Blaster and patch the vulnerability that attracted it. Today Nachi-B made its debut and, once
again, it attempts to repair the damage done by massively spreading virus
(MyDoom) and patch the systems.
Like Nachi, which wreaked more havoc than the Blaster worm it was written
to remove, this one may cause major problems.
And to top it all off, Linux
writer Ed Engelking forwarded a URL to the team (check www.slashdot.org for the link to the story,
the site is currently offline due to massive publicity) that states that the
source code for Windows NT and 2000 has been leaked on the Internet. If this is true it could result in some
MAJOR damage. With the number of
critical systems in this country and around the world that run on these versions
of Windows, a security breach like this could result in attacks against power
plants, water companies, natural gas suppliers etc. A scary week
indeed.
Here come the usual
admonitions… Update your OS frequently, keep your antivirus and spyware scanning
software up to date, use a firewall and don’t open email attachments you weren’t
expecting. Repeat that three times
every Monday morning. Learn it,
live it, love it. By doing those
simple things not only will you avoid being a victim, you won’t become a vector
spewing malware out to both friends and total
strangers.
If nothing happens I’ll get
back to dual booting next week.
Kevin Mefford,
Editor
Microsoft is cutting a
bargain in order to sell more copies of Windows XP in Thailand. Who’s afraid of
Linux?
http://news.com.com/2100-1016_3-5155458.html?tag=st_pop
Australia’s search and
seizure laws are quite a bit different from those of the United States. Sharman Networks, the people who brought
you Kazaa (and located in Sydney), was recently raided by a private
investigation firm working for the Australian Recording Industry
Association. But Sharman is
fighting back in what might be the opening shot of a serious legal backlash
against the recording industry:
http://www.wired.com/news/digiwood/0,1412,62232,00.html?tw=wn_tophead_4
If you’re considering a
wireless network for your home, you’re not alone: overall revenue for wireless networking
gear was up 55 percent for the last quarter of 2003. However, it looks like some of the old
players may be losing steam:
http://news.com.com/2100-7351_3-5156832.html?tag=nefd_top
Could digital photos change
the way we look at crime evidence?
CNN’s tech section shows us the power of a good attorney who knows
Photoshop:
http://www.cnn.com/2004/TECH/ptech/02/10/digital.evidence.ap/index.html
Got a tech news tip? Please send it our way and you’ll
receive the fabulous 84Online Tea Set.
Well, not really, but we’ll certainly be
appreciative.
Matthew
Dattilo
Hello
again to all the 84 Online subscribers. Well, it didn’t take long for all of you
to pipe up about fabulous downloads that you have found and wanted me to feature
so here’s one that Mike B. reminded us about. Three cheers for
Mike!
The
Belarc Advisor (http://www.belarc.com) is a
handy little program for Windows users that gives you all kinds of useful
information about your computer including processor, RAM and chipset
information, as well as installed applications and many other tasty little
tidbits. Belarc generates a report style page with all your system information,
it’s neatly organized and easily understandable.
As
another option a program that seems to be gaining popularity is Aida32,
available for you to download at http://www.aida32.hu/aida-download.php?bit=32
Aida
32 has a nice GUI, is available in several languages and offers many of the same
features as Belarc and more! There are currently 3 “flavors” available and most
of us will want the Personal System Information version, which is free to
download and use to your heart’s content.
Either
of these programs will have handy information for the next time you need to know
something about your system. Maybe you have a program conflict or need to be
sure your CPU meets the minimum requirements of your new game. One of these applications is sure to get
you what you need.
Thanks
again, and keep the ideas coming!
Have
a great week,
Q: I've had InsightBB installed
(by a technician) just recently. Before I could decide upon my ID name he
typed in "my.name" which of course is linked with "@insightbb.com"...no
problem.
In order for me to change my
ID name I had to first create another account then delete the
"my.name".
Now, however, as you can
see, each time I send new mail through Outlook Express, the my.name@insightbb.com
appears in the From
box.
How can I get this to show
my current ID and why is this still appearing after I deleted
it?
Thanks for your
help.
A:
If I'm following you right
you simply need to change the default email box in Outlook
express.
Click on
Tools/Accounts
Click on the Mail
Tab
Click on the account you
wish to be the default mail account (in your case this would be the one you had
just created)
Click on Set as
Default
Click on
OK
If however, I'm not
following you right and you actually wanted to change the name that shows from
my.name to myfullname (or what ever other name you wish to have shown) you
need to also manually change this in Outlook express:
Click on
Tools/Accounts
Click on the Mail
Tab
Click on the account you
wish to change
Click on
properties
Under where it says User
Information, type the name you wish to appear in your emails in the Name
field
In the E-mail address field
type your new email address
Once you have typed the name
you wish to appear, click on OK
Let us know if this doesn't
fix your problem,
Thanks for listening and
Good Luck!
Tam
Cavadias
Editor’s Note: I’m hoping the listener who sent us this
email is a subscriber so he can see the answer. All he included in his question was his
original email address and, since he hadn’t changed the E-mail address field,
his old address was all Tammy had to work with. Her response bounced, of
course.
When sending questions for
us to Bob please include as much information as possible. The smallest detail can sometimes be the
key to answering the question at hand.
If you have tech support
questions or ideas and/or submissions for our newsletter please email them to bob@iglou.com.
Copyright 2004, The 84
Online Team. All rights
reserved. Publication, rebroadcast
or storage is prohibited without prior consent, however you may freely forward
this publication to friends as long as A) it is forwarded in its entirety and B)
no fee is charged.
Information provided in this
publication is provided "as is" without warranty of any kind, either expressed
or implied. Although the
information provided is known to work on most systems, it may not work on ALL
systems. Make use of any
information supplied at your own risk.
The 84 Online Team is a
group of volunteers who provide support for the 84 Online radio broadcast. Team members are not directly affiliated
with nor employed by Clear Channel Communications or WHAS. Views and opinions voiced in this
publication do not necessarily reflect the views held by Clear Channel or
WHAS.
To unsubscribe from this
newsletter send an email to majordomo@84online.net with the
words “unsubscribe newsletter” (without the quotes) at the top of the body of
the message.