========================
                       Support Alert
                  ========================
                  www.techsupportalert.com
 
               Your pointer to the very best
            tech support information on the Web.
 
                 Issue 82 - 15th August 2002
 
Welcome to Support Alert, the email newsletter that points
you to the best technical support resources on the
Internet.
 
Support Alert is free. If you like it, why not share the
good news and email a copy to a friend or work colleague
right now?
 
                      <<<<<<<<<>>>>>>>>

 
FROM THE EDITOR

I plead guilty. I gloated.  Now I know I shouldn't have but
hey, we are all human. Here's how it happened.

I had just finished dinner when my neighbour Fraser burst
through the door in an agitated state.

"Gizmo, come quickly, my computer has gone totally berserk."

Three minutes later I was standing in front of
Fraser's computer smiling.  The screen display was upside
down, the speakers were playing Nirvana very loudly and the
CD drawer was darting in and out at irregular intervals.

"Your computer hasn't gone berserk Fraser, it's got infected
by a trojan horse and some script kiddie is having a bit of
fun with you." While talking I turned the PC off.

"But, I can't have a trojan", he said, "I have a virus
checker and I keep it up-to-date."

And this is where the gloating comes in.  Fraser, you see,
is a software thief.  I don't think there's a single piece
of software on is PC that he has bought and that includes
his virus checker.

He gets most of his "free" software off P2P networks.  For
months I have been telling him that he is sitting duck to
get a trojan.  And always his response is the same "but I
have a virus checker."

The sad fact is that most anti-viral programs suck when it
comes to detecting trojans.  They are designed to seek out
viruses and that's what they do best. Trojans present a
whole series of different detection challenges and most
virus detectors are just not up to the task.

The exception is the Kaspersky AVS. It gives top flight
protection against trojans (and viruses) but unfortunately
is a very resource intensive program and is a bit clunky to
use as well.

I'm pretty conscious of this stuff because earlier this
year I started doing a review of specialist anti-trojan
programs. But other things got in the way, like taking over
this newsletter, so I never completed the review.

But my neighbour's experience has motivated me to finish
what I started.  Lot's of folk download programs from P2P
networks, from the Net or from friends. All are vulnerable
to having their machines being taken over by a script kiddie
or worse.

No promises but I'll try and have the anti-trojan review
finished by next issue.

And Fraser?  He was infected with the Backdoor Death
trojan. After an hour of work, his PC was cleaned up, though
God knows how many of his private files may have been
uploaded. Backdoor Death gives a remote operator complete
control of a PC so Fraser was very lucky that his hard
drive wasn't trashed. The script kiddie chose to have fun
instead.

The following weekend I bumped into Fraser at the local
supermarket. "Hey Gizmo some good news. I managed to
download a copy of that anti-trojan program you told me
about from KaZaa. Thanks."
 

Gizmo Richards
mailto:editor@techsupportalert.com

PS. This is important. I'm running a short on-line reader
survey, the results of which will determine what kind of
articles I run in the future. So if you want more items on
tech utilities rather than tips on "grooming your pony",
then click the link below and have your say before the
equine types beat you to it ;>)
http://techsupportalert.master.com/texis/master/search/+/form/future.html

               <<<<<<<<<<<<<<<>>>>>>>>>>>>>

 
IN THIS ISSUE
 
1. TOP TECH SITES
 - Do Your Own Spying
 - Free Online Books
 - Easier Access to Knowledge Bases
 - Free C++ Resources
 - Ad-free Download Managers
 - HTML Reference Site
 - Free Windows Tips
 
2. UTILITIES
 - Cheaper and Better Web Log Analyser
 - Beat the Hackers to Your Net
 - Weblogs as a Tech Support Tool
 - What's Blogging?
 - Stop PopUps
 - Lock Down Your Palm
 - STOP! You Are Stealing My Laptop
 - New Version of WinAmp
 - Easy Way to Handle CD Image Files
 
3. BUGS, SERVICE RELEASES AND PATCHES
 - Severe Internet Explorer SSL Vulnerability
 - Problems with Windows 2000 SP3
 - Security Flaws in Macromedia Flash Player
 - NET Framework SP2
 - XDR Library Problem Impacts Many Vendors
 - Security Alert for Symantec and Raptor Firewalls
 
4. OTHER USEFUL STUFF
 - How to Delete an Undeletable File in XP
 - Why You Can't Trust Anybody
 - A New Meaning to Earphones
 - Why You Get So Much Spam
 - How to Build a Time Machine
 - Murphy's Law Verified
 
          <<<<<<<<<<<<<<<>>>>>>>>>>>>>

 
1. TOP TECH SITES
=================
 
Do Your Own Spying
If you want to find out more information about a web site,
email address or something else then try this site which
has a huge array of free tools.
http://www.infosyssec.com/infosyssec/ipsectools.htm

Free Online Books
"Linux Installation and Getting Started" ,"Optimizing C++
" and "Object-Oriented System Development" are just three titles
from this excellent collection of free online computer and
mathematical books.
http://onlinebooks.library.upenn.edu/webbin/book/subjectstart?QA
 
Easier Access to Knowledge Bases
Here's an interesting idea. At this site they provide a
natural language front end into the knowledge bases of
Microsoft, Adobe and Intuit. The prospect of being able to
pose plain English questions is enticing. Now if only we
could get plain English answers! Try this free service here:
http://www.freeanswers.com/
 
Free C++ Resources
If you work with free C++, C# or .NET, you'll find this
site to be a gold mine of free resources.
http://www.codeproject.com

Ad-free Download Managers
If you are sick of the ads in your download manager you
should check out this site which reviews several great
freeware products that are ad-free.  The site also contains
some useful tips for removig the ads from some popular
products like DAP though they prudently warn to check your
software licence conditions first.
http://accs-net.com/smallfish/dloaders.htm

HTML Reference Site
The are many HTML reference sites on the Web but this one
is my favourite. Why? Because it always seems to have the
exact answers to questions I want to ask.
http://webreference.com/html/

  
Free Windows Tips
Our favourite IT newsletter site FreeTechMail, is currently
offering an excellent free guide "10 Top Tricks of Windows
IT Pros". It's a PDF file so you'll need Acrobat installed.
http://ad.freetechmail.org/?RC=11&AI=268
 
Know some great tech sites? Send them in to
editor@techsupportalert.com

 
   
2. UTILITIES
============

Cheaper and Better Web Log Analyser
Webtrends Web Log Analyser has long been the industry
standard and my personal choice as well. However recently,
I've switched over to WebLog Expert 1.60 and found it
quicker and better than WebTrends. It's got lot's of useful
features including a unique report that shows the original
external (session) referrer for any web page.  At $79 versus
$699 for WebTrends it's a bargain. There's a free "LITE"
version but it's a bit, er ... lite.
http://www.weblogexpert.com/
 
Beat the Hackers to Your Net
LANguard is great free network security scanner that will
identify vulnerabilities in your network. It utilizes a
large database of common vulnerabilities, including
NETBIOS, CGI, FTP, registry exploits and more. It might be
a good idea to download this tool and scan your network
before the hackers beat you to it.
http://www.gfi.com/lannetscan/index.htm

Weblogs as a Tech Support Tool
The Blogging phenomenon has been driven by free easy-to-use
software that allows anyone to quickly create a Blog. The
same software is ideal for tech personnel to create their
own in-house Blogs to let their users know what happening
with the system, provide tips, give security advice and
other valuable snippets. Great PR.  Here's some of the best
free Blog software suitable for use on your own server.
http://www.noahgrey.com/greysoft/
http://www.movabletype.org/

What's Blogging?
For those folks who have spent the last few years deep cave
exploring in the New Guinea Highlands, here's a good
explanatory article  ;>)
http://www.infotoday.com/lu/may02/conhaim.htm

Stop Popups
For the last week I've been playing with some free popup
killers.  Most work OK but kill off some legitimate new
browser windows as well. This one impressed with it's
intelligent discrimination. As a bonus, it's adware and
spyware free.
http://www.freewarefiles.com/programs.php?ProgramID=2896&categoryid=5&subcategoryid=51

Lock Down Your Palm
Protect your personal data with OnlyMe,a small (194k)
shareware program that automatically locks your Palm device
whenever you turn it off. A password is required to
restart. You can get a free trial version of this $9.95
shareware program from the vendor's site.
http://www.tranzoa.com/html/products.htm#onlyme

STOP! You Are Stealing My Laptop
Here's another approach to laptop security - a $99 PC card
from Caveo that detects motion and triggers a spoken alarm
of ever increasing loudness until the supposed thief puts
the machine down.
http://www.caveo.com/

New Version of WinAmp
WinAmp is the world's most popular free MP3 player.
Version 3.0 is a serious upgrade with a bag of new features
including playback of various video formats and of course,
a bag of new bugs.
http://download.com.com/3302-2139-10137920.html

Easy Way to Handle CD Image Files
If you need to work with ISO CD image files you'll find the
WinISO shareware utility invaluable. Once you associate the
program with the file type you can view and edit ISO files
seamlessly. As a bonus it also can create bootable CDs and
convert between BIN, ISO, WAV and DAT formats.
http://www.winiso.com/

Got some favourite utilities? Why not share the news? Send
your top picks to editor@techsupportalert.com
 
 
3. BUGS, SERVICE RELEASES AND PATCHES
=====================================
 
Severe Internet Explorer SSL Vulnerability
We list vulnerabilities every issue but this one,
identified by Mike Benham on the Security Focus forum, is
one of the most alarming I've seen. Worse still Microsoft
seem to be downplaying it's significance.  In essence, there
is a vulnerability in Internet Explorer V5, 5.5 and 6, that
allows anyone with a valid VeriSign SSL site certificate
to forge any other VeriSign SSL site certificate. This
allows any such site to pretend to be any other site
and in the process the user has no idea what has taken
place. To quote Thomas Green  "... any fool with an
SSL cert can spoof certs for popular, trusted sites, and
intercept communications widely imagined to be secure with
a man-in-the-middle attack. If this should happen to you,
that reassuring little padlock icon is essentially
worthless."  More details here:
http://www.thoughtcrime.org/ie-ssl-chain.txt

Problems with Windows 2000 SP3
Oh dear, it looks there's a jinx on SP3 releases. Remember
the disaster of NT4 SP3? Well, we are shaping up for a
possible re-run with Win2K SP3. Before you install, you
should check out this site which lists problems already
reported, some of which are quite serious.
http://www.labmice.net
 
Security Flaws in Macromedia Flash Player
Macromedia has advised that it's widely used Flash Player
has two security vulnerabilities. The first could allow
malicious hackers to run code of their choice the second
could allow access to files on the user's hard drive.
http://www.macromedia.com/v1/developer/SecurityZone/

NET Framework SP2
Microsoft have released Service Pack 2 for .NET Framework
which apparently addresses both security issues and the
usual raft of bugs.  Full details here:
http://msdn.microsoft.com/netframework/downloads/sp/default.asp

XDR Library Problem Impacts Many Vendors
An integer overflow in one of the functions in Sun
Microsystems XDR library can lead to remotely exploitable
buffer overflows in multiple applications, allowing the
execution of arbitrary code. Although the library was
originally distributed by Sun Microsystems, multiple
vendors, including GNU, Microsoft, HP, IBM and RedHat have
included the vulnerable code in their own implementations.
Resolution is on a vendor by vendor basis.
http://www.cert.org/advisories/CA-2002-25.html

Security Alert for Symantec and Raptor Firewalls
Symantec has issued an advisory relating to the security
module on the Symantec Enterprise Firewall which randomises
the TCP Initial Sequence Numbers (ISN) for each new
connection. As an optimisation feature, the security module
reuses the same TCP ISN for a short time after the initial
connection is closed. During this brief period, an attacker
who could capture the initial TCP handshake of an earlier
session from a valid IP could potentially "spoof" a valid
one-way conversation from a legitimate IP address. A patch
is available from the Symantec Site.
http://www.symantec.com/techsupp/bulletin/archive/firewall/082002firewall.html

 
4. OTHER USEFUL STUFF
=====================
 
How to Delete an Undeletable File in XP
Occasionally Windows won't allow you to delete a file,
because it's "being used by another process" Often there is
no such process. Here's a work-around.
http://www.dougknox.com/xp/tips/xp_undeletable_file.htm
 
Why You Can't Trust Anybody
This excellent article explains just how the Klez virus
fakes the "From:" field, when propagating infected emails.
The message then looks like it's coming from somebody you
know. Moral, you can't trust any email message anymore.
http://www.practical-tech.com/desktop/d061302.htm
 
A New Meaning to Earphones
Yes, it's a phone you can wear on your ear and dials using
voice recognition. Doubles as a wireless mike for your PC.
http://www.arialphone.com/

Why You Get So Much Spam
Spammers trade names.  With lots of spammers active and so
many interconnections between them you end up with a
complex and depressing trading map like this one featured
at Robert West's excellent anti-spam site.  No wonder we
are bombarded.
http://www.cluelessmailers.org/spamdemic/index.html
 
How to Build a Time Machine
A step by step guide from Scientific American.
http://www.sciam.com/article.cfm?articleID=0004226A-F77D-1D4A-90FB809EC5880000

 Murphy's Law Verified
We hadn't had a Web server outage for 3 1/2 months but one
hour after the last issue of Support Issue was distributed,
our server went down.  Apologies to all those folk who
couldn't access the updated "Cheapest Inkjet Cartridges
Sites Review".  Here's the link again. Maybe I'm tempting
fate ;>)
http://www.techsupportalert.com/cheap_inkjet_cartridges.htm

Got some top sites and services to suggest? Send them in
to editor@techsupportalert

<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>

Make Your Mark on the Future
Do you like some of the items that appear in this
newsletter more than others?  Then let me know by filling
in this quick on-line survey.  It takes less than 60
seconds to complete and your responses will shape the
future of this newsletter.
http://techsupportalert.master.com/texis/master/search/+/form/future.html

 <<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>
 
The Small Print
===============
 
Do Yourself a Favour Department
Support Alert is free. If you like Support Alert, some of
your friends and colleagues probably will too. Why not
forward them this issue right now? It's in your interest as
the more readers we have, the more suggestions we get and
the better product for all.  To subscribe, all they have to
do is send a blank email from their email account to:
supportalert-subscribe@webelists.com
 
To unsubscribe from this newsletter, send a blank email
to supportalert-unsubscribe@webelists.com or to the address
shown at the bottom of this page.
 
To change your delivery email address go to
http://www.webelists.com/cgi/lyris.pl?enter=supportalert
Enter your old email address. No password is needed. You
can then change your subscription email address directly.
 
For lots more free IT newsletters see
http://www.freetechmail.org/infobase.asp?TPubId=79
 
(c) Copyright TechSupportAlert.com 2002