========================
                         Support Alert
                       Supporter's Edition
                    ========================
                    www.techsupportalert.com

                 Your pointer to the very best
                  tech information on the Web

                   Issue 99 - 25th July, 2003

     Support Alert is a 100% subscription-only newsletter.
 

                      <<<<<<<<<>>>>>>>>

Quote of the Week
=================

"The thing under my bed waiting to grab my ankle isn't real. I
know that, and I also know that if I'm careful to keep my foot
under the covers, it will never be able to grab my ankle."

- Stephen King

Maybe this is why some people stick exclusively to Microsoft
software ;>)

<<<<<<<<<>>>>>>>>
 
EDITORIAL

Yet more mysterious ways to get locked out of web sites.

A couple of issues ago, I mentioned that my neighbor Fraser had
been unable to buy a pair of golf shoes from a web site because
that site (www.cj.com) was included in the Windows Hosts file on
his computer.

I say "included" but really it was erroneously included.  Sure,
CJ is a known cookie dropper which is why it was on the huge
list of "banned" sites that my neighbor downloaded and imported
into his Hosts file.

But CJ is also a gateway used legitimately by tens of thousands
of Internet merchants.

So if you block CJ you won't be able to buy products from any of
these CJ mediated sites.

Worse still, you won't know why you can't buy. No notices, no
warning, no error messages, nothing at all. All you know is that
it just doesn't work.

Frustrating? You bet. That's why I'm generally not a great fan
of the Hosts file method for blocking sites.

But recently I discovered through subscriber John Malik yet
another way of being secretly locked out of sites.

Internet Explorer maintains an internal list of potentially
hostile web sites. These sites form the so called "Restricted
Zone." When you visit these sites, IE applies a higher level of
security settings than to other sites.

You can change these settings yourself but IE has its own
default settings. One of these is to turn all scripting off,
including JavaScipt.  For a potentially dangerous site, that's a
good thing.

But what if a normal friendly website gets into your restricted
zone list? Well almost certainly it won't operate properly. If
it's an e-commerce site it definitely won't work.

"But", you say "that's not a problem as friendly sites can't get
in the restricted zone list."

Think again.  They can and they do.

When you first install IE, there are no sites listed in the
restricted zone list. However a number of programs, including
some anti-adware and spyware programs automatically add in their
own list of sites. It's one of the ways they "protect" your
computer.

Unfortunately these programs don't tell you what they are doing
so most folk will be unaware of what's happened.  In fact most
users don't know what the restricted zone is anyway, so even if
they were told, it wouldn't help.

I've had a look at couple of the lists installed by these
products.  They include a lot of truly nasty sites but they also
include a whole collection of relatively harmless, cookie
dropping sites like www.cj.com and www.linkshare.com.

So here we have yet another way for you to get secretly locked
out of a web site.

I suggest you check what sites are listed in your restricted
zone right now. In IE go to Tools/Internet Options/Security,
click on the Restricted Zones icon and then click the Sites
button.

For many folks this list will be empty and that's fine. Others
will be surprised to find it heavily populated.  If that's you,
I'd carefully review that list and delete all unwanted entries.

Let me know if you find lots of sites listed. Let me know too,
the program you suspect loaded them. I'll compile a list of
offending programs and publish them in a future issue.
 

Gizmo Richards
mailto:editor@techsupportalert.com
 

<<<<<<<<<>>>>>>>>
 

SUBSCRIBER QUIZ
===============

LAST ISSUE’S QUIZ: - "How to easily delete an unwanted subfolder
called smidx that appears in every folder on a computer"

ANSWER:  Use the Windows "Find" function to search for all
folders called smidx.  Select all the found items.  Scan the
list for any unwanted "hits" and deselect these. Now simply
delete all remaining selected items.   Neat, simple quick.

Wow, literally dozens of you got the correct answer. I guess
either the question was too easy or you guys are too smart!
Either way, I’ve made this weeks question tougher.

With so many identical answers, I awarded the prize by random
draw.  Congratulations to Raymond de Silva from Jamaica. Your
copy of PestPatrol is on its way to you.

THIS ISSUE’S QUIZ: Win a free copy of PestPatrol!

I've now received this question in various forms from three
different subscribers: "Gizmo, I've got a problem. I run a WinXP
SP1 machine with all the latest updates. Recently I've been
getting an error message whenever I right click on an icon and
select "properties"  The message reads "RegOpenKeyEx: the
specified module could not be found." I just click OK and
everything works fine. What’s wrong and how do I fix it?"

Send your answer to the address below and win a copy of
PestPatrol. If you also correctly identify what caused the
problem, you'll get a bonus prize of a free subscription to the
Supporters' Edition of this newsletter as well.

mailto:editor@techsupportalert.com  Use the subject line "The
Subscriber Quiz"
 

<<<<<<<<<<<<<<<>>>>>>>>>>>>>

IN THIS ISSUE

1. TOP TECH SITES
 - Organize Your Partitions Correctly
 - Web Based Collaboration
 - Internet Explorer Update Problems
 - Linux Made Easy
 - New Google Toolbar
 - Free System Admin Tools (SE Edition)
 - Great Security Resource for End-users (SE Edition)
 - Access Your Bookmarks Anywhere for Free (SE Edition)
 - Optimizing the Windows XP Paging File (SE Edition)
 
2. UTILITIES
 - Free PDF Utility
 - Easily Add New Entries to the Windows Hosts File
 - Great Tool for Techies
 - New File Sharing Client Blocks RIAA Scanners
 - Convert an Old PC into a Hardened Firewall
 - The Best PIM? (SE Edition)
 - Convert That Old PC Into a Router (SE Edition)
 - Free Acronym Decoder(SE Edition)
 - Free Tool Helps Techies Write Clearer English (SE Edition)
 - Free Archive Management Utility (SE Edition)

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES
 - Critical Flaw in Most Cisco Routers and Switches
 - Cumulative Patch for Microsoft SQL Server (MS03-031)
 - Unchecked Buffer in DirectX Could Compromise System MS03-030)
 - Flaw in Windows NT 4.0 Server Could Lead to DOS (MS03-029)
 - Flaw in Windows ISA Server Error Pages (MS03-028)
 - Unchecked Buffer Vulnerability in Windows XP Shell (MS03-027)
 - Windows Buffer Overrun In RPC Interface (MS03-026)
 - Flaw in Windows 2000 Message Handling (MS03-025)
 - Buffer Overrun Could Lead to Data Corruption (MS03-024)
 - Buffer Overrun in Windows HTML Converter (MS03-023)

4. OTHER USEFUL STUFF
 - Tiny Printer Derives From Lateral Brainwave
 - Improving Wireless Network Security
 - Microsoft Ships Linux?
 - Run Linux on Your X-Box
 - Good Network Installation Guide
 - Outstanding Free Tweaking Guide  *** HOT FIND *** (SE Edition)
 - Make Windows Run Faster (SE Edition)
 - This Year's Best Gizmos (SE Edition)
 - How to Lock Down Your Folder View in Windows XP (SE Edition)

5. FREEBIE OF THE WEEK

 - Free Data Recovery Utility
 - Fix Outlook & Outlook Express Quoting(SE Edition)

Items marked "SE Edition" appear only in the special Supporter's
Edition of this newsletter. This edition is reserved exclusively
for those generous individuals who have donated to this site.

 
1. TOP TECH SITES
=================

Organize Your Partitions Correctly
What's the best way to organize the partitions on your hard
disk? Now that's a question that would take a long dinner and
two bottles of red wine to sort out.  For those who don't like
wine or simply want a quick introduction to the issues, check
out the following article.
http://aumha.org/win4/a/parts.htm

Web Based Collaboration
A subscriber from a charity organization emailed me asking how a
number of volunteers situated in different countries could work
collaboratively via the Web. I thought of the Xerox Sparrow
system that was around a couple of years ago. A Google search
showed that it’s still around and as beguiling as ever.
http://sparrow10.parc.xerox.com:8000/sparrow_2.0/sparrowhome.html

Internet Explorer Update Problems
I suggest you bookmark this regularly updated MS knowledge base
article (325192) that deals with problems and issues you may
experience after you install IE updates. Unfortunately, they
haven't yet added an entry for the latest update, which is
causing my browsing to run slooow. I've switched to Mozilla
FireBird.
http://support.microsoft.com/default.aspx?scid=kb;en-us;325192

Linux Made Easy
Getting into Linux for the first time? Then check out the Linux
Documentation Project site. It's a gold mine of advice and tips.
http://www.tldp.org/

New Google Toolbar
The old toolbar was my number one surfing aid. The new toolbar
is even better with loads of new features including popup
blocking, form auto-fill and a blogging tool. Make sure you
check out the options button to see all the features.  The
toolbar is currently only a beta but it works fine for me. It's
still free and sigh ... still requires IE ;>(
http://toolbar.google.com/index-beta.php
 

** Bonus Items for Supporters **

Free System Admin Tools
Here's an excellent collection of free admin tools ranging from
a utility that will tell you the age of a user's password
through to a tool that dumps NTFS permissions, user information,
event logs, and registry information. Top stuff.
http://www.systemtools.com/free_frame.htm

Great Security Resource for End-users
If you haven't the patience to answer beginners’ questions about
computer security, you can refer them to this excellent resource
site. Experienced users should check it out, too.
http://www.cert.org/homeusers/HomeComputerSecurity/

Access Your Bookmarks Anywhere for Free
Thanks to subscriber Martin Katz for suggesting this excellent
site that offers free storage and management of your favorites.
http://www.linkagogo.com/

Optimizing the Windows XP Paging File
This is one of the best articles I've yet seen on this subject.
It dispels many myths including setting the max and min sizes
the same and setting the maximum size at 2.5 times the memory
size.
http://aumha.org/a/xpvm.htm

Got some top sites to suggest? Send them to
mailto:supporters@techsupportalert.com
 

 2. UTILITIES
=============

Free PDF Utility
If you use files in Adobe PDF format, you are going to love PDF
Explorer. Just point it to a batch of PDF files and it will show
the filename, title, subject, author and keywords fields.
Furthermore, you can edit these fields and/or store them to a
searchable database. Best of all, you can batch rename the
filenames of all the .pdf files to the Acrobat document title.
This later feature is invaluable. It means you can quickly scan
through your PDF files to locate the document you want, just by
reading the filename. A top product. (1.03MB)
http://planeta.clix.pt/rtt/home.htm

Easily Add New Entries to the Windows Hosts File
In issue 96 I mentioned how you can use the Windows Hosts File
to block web sites that serve ads and other unwanted material.
KillHost is a tiny free utility that allows you to easily add a
new site to the Hosts File. You can do this when you see an
unwanted ad appear on your browser or when you visit a site you
decide to block. Use with care. (18K)
http://www.sillysot.com/other.htm

Great Tool for Techies
I've always found products from Funduc software to be plain,
straight forward and highly functional, which is a breath of
fresh air in a market awash with glamorous but useless products.
Their "Search and Replace" utility is best-in-class but so too
is their less well known "Directory Toolkit". No, it's not
another Windows Explorer replacement; rather, it's a techie's
file and directory manipulation utility. If your work involves
comparing, concatenating, encoding or otherwise manipulating
files and directories, then you really should check this out.
There's a free trial version available. (1.1MB)
http://www.funduc.com/directory_toolkit.htm

New File Sharing Client Blocks RIAA Scanners
Version 2.4 K++ of the popular file sharing client KaZaA Lite
now includes IP blocking. The blocked IPs can be manually
entered or obtained from the regularly updated PeerGuardian
database, which includes all known addresses used by the RIAA
for scanning for copyright offenders. If you are into file
sharing, I guess you'll want to update to the 2.4 version
immediately. (2.67MB)
http://www.kazaalite.tk/

Convert an Old PC into a Hardened Firewall
SmoothWall is a stand alone operating system that allows you to
convert an old PC into a hardened firewall. It is easy to
install, easy to manage via a web browser, works with a wide
range of network hardware, and is totally free for personal use.
The program download is a 20MB bootable ISO image file.
http://www.smoothwall.org/about/
 

** Bonus Items for Supporters **

The Best PIM?
It's an outliner, an appointment calendar, an image editor, an
organizer, a browser, but wait...there's more! Info Select 7
also will import/export data and image files, and search for and
retrieve random notes in seconds. A particularly nice option
allows the user to select from four skill levels (easy to
advanced) so novice and intermediate users can learn to use this
powerful proggie at their own pace.  Its features and strengths
are just too numerous to mention so to sum up: a major contender
for the title of "Mother of all PIM's". How good is it? Good
enough for me to use permanently.  Not cheap at $49.95 but the
best never is. (A.S.)
http://www.miclog.com/index.html

Free Acronym Decoder
I've mentioned Acronymfinder.com before as an excellent, though
ad-laden, resource for decoding acronyms. The site is now
offering a little registry patch that allows you to look up the
meaning of any acronym you encounter while surfing just by right-
clicking on the term. Only works with IE 4 and later. Oh, a word
of warning. Sometimes when I've looked up a term, a pseudo sign
appears on screen. Just ignore it, it's just aggressive
advertising. (169 bytes)
http://www.acronymfinder.com/iemenu.asp

Free Tool Helps Techies Write Clearer English
Bullfighter is a free application that provides an additional
function in Microsoft Word and PowerPoint (2000 and XP) similar
to Spellcheck and Thesaurus. It's a buzzword and jargon detector
that helps you write simple, plain English. (4MB)
http://www.dc.com/insights/bullfighter/index.asp

Free Archive Management Utility
UnZiplify is a useful freeware utility for those who work with
ZIP, RAR and ACE archives. It adds a new Windows right click
option which, when selected, will unzip all archives in a
directory, into corresponding folders. Works well.  (1.56MB)
http://www.silverbandsoftware.com/tabdown/unziplify/

Got some favorite utilities to suggest? Send them to
mailto:supporters@techsupportalert.com
 

3. SECURITY PATCHES, SERVICE RELEASES AND UPDATES
=================================================

Critical Flaw in Most Cisco Routers and Switches
Severity: Critical
Systems Affected: All Cisco devices that use the IOS operating
system and process IPv4 packets.
Problem: This is serious. CERT has released an advisory covering
a vulnerability that exists in the IOS operating system that
powers just about all Cisco routers, switches and other devices.
The flaw could be exploited to mount a DOS attack by using
specially crafted IPv4 packets that would force the inbound
interface to stop processing traffic. Workarounds and fixes are
available directly from Cisco. Install now or face the
consequences.
http://www.cert.org/advisories/CA-2003-15.html

Cumulative Patch for Microsoft SQL Server (MS03-031)
Severity: Important
Systems Affected: SQL Server 7 and 2000, MSDE 1.0 and 2000
Problem: "This is a cumulative patch that includes the
functionality of all previously released patches for SQL
Server 7.0, SQL Server 2000, MSDE 1.0, and MSDE 2000. In
addition, it eliminates three newly discovered vulnerabilities."
http://www.microsoft.com/technet/security/bulletin/MS03-031.asp

Unchecked Buffer in DirectX Could Compromise System (MS03-030)
Severity: Critical
Systems Affected: DirectX 5.2 – 9.0a on specific systems
Problem: "There are two buffer overruns with identical effects
in the function used by DirectShow to check parameters in a
Musical Instrument Digital Interface (MIDI) file." An attacker
could create  "a specially crafted MIDI file and then host it on
a Web site or on a network share, or send it by using an HTML-
based e-mail.  ...  A successful attack could also cause an
attacker's code to run on the user's computer in the security
context of the user."
http://www.microsoft.com/technet/security/bulletin/ms03-030.asp

Flaw in Windows NT 4.0 Server Could Lead to DOS (MS03-029)
Severity: Important
Systems Affected: Windows NT4.0 server
Problem: "A flaw exists in a Windows NT 4.0 Server file
management function that can cause a denial of service
vulnerability. The flaw results because the affected function
can cause memory that it does not own to be freed when a
specially crafted request is passed to it. If the application
making the request to the function does not carry out any user
input validation and allows the specially crafted request to be
passed to the function, the function may free memory that it
does not own. As a result, the application passing the request
could fail."
http://www.microsoft.com/technet/security/bulletin/MS03-029.asp

Flaw in Windows ISA Server Error Pages (MS03-028)
Severity: Important
System Affected: Windows ISA server
Problem: A flaw that could allow a cross site scripting attack.
"The ISA Server contains a number of HTML-based error pages that
allow the server to respond to a client requesting a Web
resource with a customized error. A cross-site scripting
vulnerability exists in many of these error pages that are
returned by ISA Server under specific error conditions." Get the
patch here:
http://www.microsoft.com/technet/security/bulletin/ms03-028.asp

Unchecked Buffer Vulnerability in Windows XP Shell (MS03-027)
Severity: Important
Systems Affected: Windows XP SP1
Problem: "An unchecked buffer exists in one of the functions
used by the Windows shell to extract custom attribute
information from certain folders." A malicious user could "...
create a Desktop.ini file that contains a corrupt custom
attribute, and then host it on a network share. If a user were
to browse the shared folder where the file was stored, the
vulnerability could then be exploited." The attack could result
in system failure or execution of code of choice.
http://www.microsoft.com/technet/security/bulletin/MS03-027.asp

Windows Buffer Overrun In RPC Interface (MS03-026)
Severity: Critical
Systems Affected:  All versions of Windows NT, 2000 and XP as
well as the Windows 2003 server.
Problem: "There is vulnerability in the part of RPC that deals
with message exchange over TCP/IP. The failure results because
of incorrect handling of malformed messages. This particular
vulnerability affects a Distributed Component Object Model
(DCOM) interface with RPC, which listens on TCP/IP port 135. ...
To exploit this vulnerability, an attacker would need to send a
specially formed request to the remote computer on port 135."
http://www.microsoft.com/technet/security/bulletin/ms03-026.asp

Flaw in Windows 2000 Message Handling (MS03-025)
Severity: Important
Systems Affected: Windows 2000
Problem: There is a flaw in the way that Utility Manager handles
Windows messages that make it " ...possible for one process in
the interactive desktop to use a specific Windows message to
cause the Utility Manager process to execute a callback function
at the address of its choice. Because the Utility Manager
process runs at higher privileges than the first process, this
would provide the first process with a way of exercising those
higher privileges. "
http://www.microsoft.com/technet/security/bulletin/ms03-025.asp

Windows Buffer Overrun Could Lead to Data Corruption (MS03-024)
Severity: Important
Systems Affected: Windows NT Server, Windows 2000 & XP Pro
Problem: "A flaw exists in the way that the server validates the
parameters of an SMB packet. ... By sending a specially crafted
SMB packet request, an attacker could cause a buffer overrun to
occur. If exploited, this could lead to data corruption, system
failure, or—in the worst case—it could allow an attacker to run
the code of their choice. An attacker would need a valid user
account and would need to be authenticated by the server to
exploit this flaw. "
http://www.microsoft.com/technet/security/bulletin/ms03-024.asp

Buffer Overrun in Windows HTML Converter (MS03-023)
Severity: Critical.
Systems Affected: All versions of Windows from and including Win
98 as well as the new "secure" Windows 2003 server.
Problem: "There is a flaw in the way the HTML converter for
Microsoft Windows handles a conversion request ... An attacker
could craft a specially formed Web page or HTML e-mail that
would cause the HTML converter to run arbitrary code on a user's
system. A user visiting an attacker's Web site could allow the
attacker to exploit the vulnerability without any other user
action." Get the patch here:
http://www.microsoft.com/technet/security/bulletin/ms03-023.asp
 

4. OTHER USEFUL STUFF
=====================

Tiny Printer Derives From Lateral Brainwave
What a simple idea: print by holding the paper still and moving
the printer. The result is PrintBrush, a tiny handheld printer
that works just as if you were "spray painting" the output onto
the paper.
http://www.pdacortex.com/printdreams.htm

Improving Wireless Network Security
The 802.1X standard offers robust authentication and key
management for Wi-Fi networks. This excellent tutorial provides
a short introduction to the standard and its implementation.
http://www.80211-planet.com/tutorials/article.php/1041171

Microsoft Ships Linux?
No, it's not an urban legend.  It's simply a hoax. Check out
this excellent hoax site - nice job guys.
http://www.mslinux.org/

Run Linux on Your X-Box
This is no hoax.  Free-X have documented an exploit that allows
you to run Linux with no mod chips. The exploit is documented in
this "advisory" which also includes a "proof of concept" showing
how to mount Linux.  Clever, though MS is not amused.
http://lists.netsys.com/pipermail/full-disclosure/2003-July/010895.html

Good Network Installation Guide
Tom's Hardware is featuring an excellent guide to building a
home network. This is a well-researched article that contains
material of interest to both beginners and experts, unlike the
simplistic "guides" you read in some street PC mags.
http://www.tomshardware.com/network/20030630/index.html
 

** Bonus Items for Supporters **

Outstanding Free Tweaking Guide  *** HOT FIND ***
This free 220-page guide by Paul Brown is full of information
for intermediate to advanced users.  I learned a lot even though
I found myself disagreeing with Paul on a number of minor
points. Without doubt, this is one of the best guides around and
it's free. It includes a useful computer security guide as well.
http://www.x9000.net/downloads/tweakdoc_word.zip  (Word document)

Make Windows Run Faster
Most folks are aware that they can improve Windows performance
by putting the system paging file on a separate disk drive than
the one holding the operating system. However, if you only have
one drive, you can still get performance improvement by moving
the paging file to a dedicated separate partition. Full details
for Windows XP here with links to a similar article for Win2K:
http://support.microsoft.com/?kbid=314482

This Year's Best Gizmos
This guide, from Wired magazine, features the best of the latest
crop of digital cameras, key ring MP3 players, Wi-Fi routers,
smart phones, shower MP3 players and more.
http://www.wired.com/wired/archive/11.08/play.html?pg=13

How to Lock Down Your Folder View in Windows XP
Here's a sample tweak from Paul Brown's tweaking guide. It
solves the annoying Windows XP habit of losing your folder view
settings.
1. Backup these RegKeys.
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\BagMRU]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\Bags]
2. After that delete them.  Restart windows to take effect.  Now
you can change each folder and the setting will stay.
http://www.x9000.net/downloads/tweakdoc_word.zip
 

5. FREEBIE OF THE WEEK
======================

Free Data Recovery Utility
PC Inspector File Recovery 3 is a free utility that does an
impressive job recovering accidentally deleted files or files
lost through corruption of the file system. It has some nice
features, like the ability to recover files with lost headers,
and to recover partitions even when the boot sector has been
lost or damaged. It works with the FAT16/FAT32 and NTFS file
systems. This is no home written utility - it is a serious
product from a reputable German company with a long history in
commercial data recovery. PCI is the ideal product for those who
want the security of a data recovery program but are not
prepared to fork our big bucks for the extra features of high
end products. (2.8MB)
http://www.pcinspector.de/file_recovery/uk/welcome.htm

** Bonus Freebie for Supporters **

Fix Outlook & Outlook Express Quoting
Users of Outlook and Outlook Express are all-too familiar with
the way these products mess up quoted text when you reply to a
plain text email. Symptoms include inserted blank lines, lines
wrapped in strange places and other weird artifacts.  This site
offers free add-ins that fix the problem. Once installed, they
operate invisibly and seamlessly. While visiting this site,
check out the neat free games as well. (375KB)
http://home.in.tum.de/~jain/software.php

Got some top sites and services to suggest? Send them in
to mailto:supporters@techsupportalert.com  

Visit the Subscribers-only section of the Support Alert website
================================================================

You'll find all back issues plus a growing list of resources
exclusively available to Supporters.

The area is password protected.  Use the username and password
mailed to you when you first donated.

http://www.techsupportalert.com/supporters/private.htm  

<<<<<<<<<<<<<<<<<<<<<<<<>>>>>>>>>>>>>>>>>>>>>>>

MANAGE YOUR SUBSCRIPTION
=======================

To unsubscribe from this newsletter, send me an email at
supporters@techsupportalert.com. Remember to state the email
address at which you are currently subscribed.

To change your delivery email address, send me an email at
supporters@techsupportalert.com. Remember to state the email
address at which you are currently subscribed and the new
address where you wish to subscribe.

ACKNOWLEDGEMENTS
==============
Thanks to the following volunteer reviewers for their efforts:

Annie Scrimshaw (A.S.)
Jeff Partridge (J.P.)

Reviews written by Annie and Jeff are indicated by their intials at
the end of the review.

Thanks too to A. Belile for proofreading this issue.

(c) Copyright TechSupportAlert.com 2003