Support Alert

                Your pointer to the very best
           tech support information on the Web.

                Issue 78 - 15th June 2002

Welcome to Support Alert, the email newsletter that
points you to the best technical support resources
on the Internet.

Support Alert is free. If you like it, why not share
the good news and email a copy to a friend or work

Support Alert is sponsored by PC Support Advisor and
PC Network Advisor, the standard reference sources for
support professionals.

Check out the following free tutorials available now
at http://www.pcsupportadvisor.com

* Understanding TCP/IP
* How to Dual Boot Windows 2000
* Understanding the OSI 7 Layer Model
* The Windows Registry Explained
* How to Create Bootable CDs
* JavaScript Tutorial
* IPv6 Tutorial

Plus dozens more.



I recently had an experience that would strike terror into
the heart of any computer user.

Late into the night I was checking out web sites
recommended by subscribers.  It's an activity I enjoy as
the quality of these suggested sites is usually very high

I arrived at one site which was recommended as a
"stunningly good security resource".  From the moment the
first page loaded it was clear that this site was not what
I was expecting.

The opening page had a black background and the border
consisted of red Flash animated flames. The centre of the
screen was blank.  Then, after about 15 seconds, the "fun"

A message appeared suddenly saying that I was going to
regret visiting this site. This was followed by a violent
animated display of a computer being smashed.

At this point I decided I'd seen enough so I reached for my
mouse to shut down my browser.

Then the first shock. My mouse was frozen.

I then reached for the keyboard and typed in ALT F4 to shut
down Windows. No response, the keyboard was dead.

I then noticed out of the corner of my eye that the Norton
Anti-virus icon had just disappeared from the task bar
tray. As I watched helplessly the icon for my Sygate
Personal Firewall Pro vanished as well.

Quickly I reached for the power switch and turned the
machine off.

I rebooted in safe mode with the LAN cable unplugged.
Everything looked OK so I rebooted normally.  That too went
fine. No real damage had been done.  Knowing that I'd have
to give the machine a thorough checkout, I went to bed.

Next day, having reflected on the incident, I came to some
sobering conclusions.

Firstly, if this could happen to me it could happen to
anyone. Perhaps more so. At least my PC has all the latest
Windows XP and Explorer updates installed.  On top of that
I update my virus scanner signature files daily and I run
two firewalls. Not perfect I know, but probably better than
many end-user machines.

Secondly when the incident occurred, I knew what to do and
did so quickly. As a result no permanent harm was done.  A
lot of users would have taken much longer to react and
their PC could have been totally trashed.

Thirdly the problem I encountered was almost certainly a
JavaScript or ActiveX exploit of some sort.  The reason it
worked was because my browser was set at the "Medium"
security level which allows JS and AX execution.

Now normally I surf with by browser set to the "High"
security level which disenables these functions but on this
particular night I had set the level lower because another
site I had visited wouldn't function correctly at the high
setting. I had simply forgotten to reset the security level
when I left that site. This had left me vulnerable.  Mea

Before you chastize me for the oversight please recall that
"Medium" is the default IE setting and consequentially
that's the setting most people use. That's the setting many
of you reading this newsletter will be using right now.

So here's the lesson; learn from my experience and reset
your browser security settings immediately. It may just
save your bacon.

From Internet Explorer select Tools/Internet
options/Security and then just push the slider up from
"Medium" to "High".

From time-to time you'll find a site that won't work with
this high security setting but you can easily lower the
setting to medium for browsing that site and change it back
when you exit.

This may be an occasional inconvenience but it's worth it.
Believe me, I know!

Robert Schifreen



    - How Does Your Virus Scanner Stack Up?
    - Optimize Your Broadband Connection
    - Resolving MS DLL Version Conflicts
    - Tuning Windows
    - USB Resources

    - Great Godzilla! It's Really Mozilla
    - Time to Retire Notepad
    - Un-enhanced Kazaa
    - Free On-line File Format Converter
    - Image Automation to the Max
    - Kill Supercookies Now
    - Tuning Windows TCP Settings

    - RAS Security Patch for Win NT, 2K and XP
    - Yet Another IIS Patch
    - SQL Server 2000 Patch
    - Windows XP Patch
    - Unchecked Buffer in ASP.NET Worker Process
    - Gopher Attacks Internet Explorer
    - New Release of Ad-Aware

    - Web Searches by Phone
    - Fried Brains Tonight Darling?
    - Scare Yourself Silly Department
    - Even Scarier

    - Hard Disk Encryption Software
    - Windows 2000 Tips and Tricks



How Does Your Virus Scanner Stack Up?
Check it out at Virus Bulletin's 100% award where all the
major scanners are tested each month against viruses "in the
wild."  This month Norton AV did well while the highly touted
Kaspersky AV did not.

Optimize Your Broadband Connection
This site offers some excellent free tests and tools to
help you get the most out of your DSL, Cable or Satellite
Internet connection.

Resolving MS DLL Version Conflicts
Different Microsoft applications can install different
versions of the same DLL and this can often create major
problems.  You can sort out the mess at this useful MS site.

Tuning Windows
There are a lot of sites dedicated to getting the most out
of Windows but this well established site remains one of
the best.

USB Resources
I was recently asked quite seriously whether USB was a
computer acronym for You Son of a Bitch. Quite the
opposite, it's a terrific standard that's made adding
peripheral devices to PCs a lot easier. The USB 2.0
standard is now out and many devices are beginning to
appear to take advantage of the higher performance
offered.  For all your USB questions try this great site.


Great Godzilla! It's Really Mozilla
June, 5, 2002. Finally, the long awaited release of the
Mozilla 1.0, the open source Web Browser designed for
standards-compliance, performance and portability. Versions
are available for all major operating systems.  Please
carefully read the release notes before you download.

Time to Retire Notepad
I've tried many replacements for Notepad, the basic text
editor that comes with Windows, but my long term favourite
is EditPad Lite. Unlike other Notepad replacements it makes
no pretensions to being a programming editor or a word
processor but rather concentrates on doing what Notepad
doesn't - efficient plain text editing. You can open as
many files as you like and it even handles my 100MB web log
files with ease.  It's free for non-commercial use.
Un-enhanced Kazaa
Kazaa Lite is a reworked version of the popular Kazaa
file sharing program with the adware, spyware and take-over-
your-computer-ware removed.  Opinion differs whether this
is software theft or a public service. Anyway, the latest
release, 1.7.1 is now out and available for free download.

Free On-line File Format Converter
Need to convert a MS Word file into an Adobe PDF? A MIF
file to a PICT? You can do these and dozens of other file
format conversions at this site. It's not only free - there
aren't even any ads!

Image Automation to the Max
If you need to automate the processing of images, forget
Photoshop and try the just released DeBabelizer Pro 5. It's
also the ultimate image format converter. A free trial
version can be downloaded from

Kill Supercookies Now
Window Media Player has a "feature" which allows the unique
identification of your PC. Unfortunately this can be
captured for commercial use by so called supercookies. The
identification option can be turned off from the Player but
is still accessible via ActiveX. To kill it for good, use
this free utility available here:

Tuning Windows TCP Settings
There are many utilities on the market for fine tuning
Windows TCP settings. All offer the alluring prospect of
getting more performance from your Internet connection.
One day I'll do a full review but in the meantime I can
heartily recommend Tweakmaster Pro whose automatic
optimization gave by far the best results of five programs
I tried last week. A free, full featured, 30 day trial
version is now available.


RAS Security Patch for Win NT, 2K and XP
Microsoft has released a "critical" patch to address a
buffer overrun flaw in the phone book of the Remote Access
Service (RAS), a standard part of Windows NT 4.0, Windows
2000 and Windows XP. An attacker could gain full control
over the machine or cause it to fail.  Anyone using these
operating systems should install the patch immediately.

Yet Another IIS Patch
This one addresses a flaw in Internet Information Server
(IIS) versions 4.0 and 5.0, the Web server components of
Windows NT 4.0 and Windows 2000. An attacker could run
arbitrary code on the system by exploiting a flaw in
software that supports HTR scripting, an older and largely
obsolete scripting language:

SQL Server 2000 Patch
This addresses two vulnerabilities in the SQLXML part of
SQL Server 2000. SQLXML enables the transfer of XML
(Extensible Markup Language) data to and from SQL Server
2000. The most serious of the flaws could allow an attacker
to take over the machine running the database.

Windows XP Patch
Microsoft has posted a patch for Windows XP, to address the
issue of corrupted files preventing the Search Companion from
searching for files or folders, or the Internet.

Unchecked Buffer in ASP.NET Worker Process
Microsoft customers operating web servers running ASP.NET
in StateServer mode may be vulnerable to a DoS attack or
even the running of code of the attacker's choice. The fix
is here:

Gopher Attacks Internet Explorer
A Finnish security company has warned that hackers could
easily exploit Gopher, an outdated and little-used Internet
protocol to seize control of computers running Microsoft's
Internet Explorer Web browser. Microsoft is developing a
patch but meantime a work-around can be found at:

 New Release of Ad-Aware
Ad-Aware, the excellent free Spyware killer, is now
available in version 5.82.  If you're using a version
before 5.81 it's time to update as the Spyware signature
file format has changed.


Fried Brains Tonight Darling?
Discover how well your cell phone rates in the radiation

Web Searches by Phone
Test out the next generation features of the Google search
engine at

Scare Yourself Silly Department
BackStealth is an intriguing security utility demo which
will bypass the outbound protection of a Personal Firewall
in order to establish a remote connection. It effortlessly
went straight through my Sygate Personal Pro firewall. Try
yours!  Note that some anti-virus scanners may identify
this program as a Trojan but it's really only a harmless

Even Scarier
Backstealth has already been disassembled and it looks like
it's methodology can be generalised to many other firewalls
or indeed other software products. This is a reasonably
technical article but fascinating reading.


Hard Disk Encryption Software
BIOS passwords are relatively easy to crack and Windows
sign-on passwords are not that hard to break either.  If
you need serious protection of the data files on your
computer you need to consider third party encryption
programs. You'll find most of the major products covered in
this excellent review from PC Support Advisor. It's
available free now at:

Windows 2000 Tips and Tricks
Windows 2000 boasts myriad secrets that once revealed can
help administrators and users take better control of their
working environment. Find out these insider tricks in this
free full length article. Originally from PC Network
Advisor Journal it's now online at:


                  the small print

Subscribe a friend or colleague today!  Send a blank email
to mailto:supportalert-subscribe-aaaa@itp-journals.com, where
aaaa is your friend or colleague's email address (you must
change the @ to = in the friend/colleague's email address).

For archives, plus our huge catalogue of the best tech
support sites on the web, visit http://www.techsupportalert.com.

Support Alert is produced by International Technology
Publishing, publishers of PC Support Advisor and
PC Network Advisor, the standard resource publications
for tech support professionals.

To unsubscribe from this newsletter, send a blank email
to mailto:supportalert-unsubscribe@itp-journals.com.

For lots more free IT newsletters see

(c) Copyright International Technology Publishing 2002