GuruNews, Volume 8 Number 27, 7-31-08

Kevin-PC Gurus microdome at seidata.com
Thu Jul 31 20:45:10 EDT 2008 

Welcome to GuruNews



Brought to you each week by the PC Gurus, a loose collection of volunteers from around the Kentuckiana region.

 

You can interact with the PC Guru team via our Web site, located at http://www.thepcgurus.com.  On our site you can post your computer questions, comments and rants on the forums, e-mail the PC Guru

team members and chat one on one in our nightly IRC chat beginning around 8:00 PM EDT.  You can also subscribe to our RSS feeds so you can get the latest news and forum updates from the PC Guru Web site directly on your computer.

 

If you're new to the Newsletter you can read back issues at Team member JP Durbin's website at http://www.jpdurbin.net.  There are links to all the old 84 Online issues as well as the new GuruNews missives.

 

The WHAS Crusade for Children provides year round support for needy children throughout the Kentuckiana region.  Visit http://www.whascrusade.org to make donations online.

 

USS Rover's list of streaming computer shows is now available for download in Excel, Open Office and Linux ready formats from http://www.vegassellers.com/ussrover/showlist.html. 

 

To subscribe to this newsletter just drop by www.thepcgurus.com and sign up!

 

Vol. 8, No. 27                 

7-31-08

 

1 The beginning of Summer School     

2 That's not a windsock!!!        

3 Scrabumissing, toppling Google, space tourism

4 Play on!

5 Importing email messages 

 

Judging from the response to last week's article, many of you are nervous about your personal and financial data.  This is a good thing, it's a subject that needs to be taken very seriously, but it also elicited some unexpected responses.

 

At the end of the article I said "Time to go to school folks" to indicate that an important component in protecting yourself begins with actually understand the problem.  To paraphrase several of the replies, many of you say, "Fine, I'm ready, when do classes start?"

 

I guess they start this week, and will run for as long as needed to explain the way your computer communicates with the Internet from one end to the other, list the vulnerabilities if any in each step and how to fix or prevent the exploitation of any security flaws.

 

At the very basic level, every connection and network request that you make needs to have a way to convey what you want to do or see.  This is accomplished with something called the socket layer, which is implemented by Winsock in Windows.  This is the base input/output layer that dates back to the early Unix days and acts as the interface between you and the protocol layer, which we'll address next week.

 

Think of the socket layer as the phone jack between your computer and the Internet.  Every bit of data you generate, from web page requests to email messages to IM chats passes through this layer to be passed along to the protocol layer, just like your phone conversations pass through that jack that connects to the outside world.

 

Since so much sensitive data passes through these files they are prime targets for spyware and keyloggers.  Unfortunately there's no way to lock them down because many legitimate programs like .Net Framework and Microsoft OLE need to have access, but at least they're easy to fix if a spyware cleaning breaks them.

 

WinsockFix resets the socket files to the original versions and settings and cleans the Hosts file, which is next on the list to address.  You can get it free and add it to your arsenal at:

 

http://www.softpedia.com/get/Tweak/Network-Tweak/WinSockFix.shtml

 

Make notes of the files mentioned in here over the next several weeks, or go ahead and download them to a folder and hold them.  Eventually you'll have a set of tools you can use to clean up almost anything on your own.

 

The hosts file is the other target for this week.  Back in the early days of the Internet this file matched IP addresses to page names (I've covered this before, as well as DNS which I'll mention in a second, but I'll hit them again soon) to tell a PC where to find a page without typing in a number.

 

Back before ISPs and DNS servers there was Arpanet, which was an early network that only Universities and Military researchers connected to.  Using that they could trade messages back and forth.  "Web pages" still had numerical addresses on this internal network but there was no dedicated server to translate a page name, such as "Experiment #198 results" to an internal address like 10.0.1.75.  The numbers are the address on the network of the page being accessed and the translation of a name to a number led to the Internet we have today.  This was accomplished by assigning that number to the page name in the hosts file.

 

Today this file isn't used for much but it still resides on every load of Windows and can be hijacked to redirect web page addresses, such as www.google.com, to an IP address in another location or even another country.  Of course it's also used by programs like Spyware Blaster to redirect requests for dangerous pages to an internal address, called a loopback, which is 127.0.0.1.  If you try to open a bad page you get a blank window, no content because the hosts file sent it back to your computer where the offending site doesn't exist.

 

Again, there's no good way to protect this file, although Spybot Search and Destroy's Immunize feature will block known malicious changes.  The aforementioned WinsockFix will reset the file if it gets hijacked, and the Netcraft Toolbar from http://toolbar.netcraft.com/install will tell you where the page you're visiting is hosted.  A White Castle home page hosted in China should ring some alarm bells for you, so look at that.

 

(Editor's Note:  Due to the recent leak of a serious flaw in DNS implementation I strongly suggest installing Netcraft now.  The flaw allows hackers to essentially redirect web addresses requested from vulnerable servers off to anywhere, including fake sites that will capture personal and financial information.  35% of public DNS servers are at risk, and one at AT&T has already been compromised (http://tinyurl.com/5j94sp), so pay attention to the hosting information of websites you visit)

 

Just click the big blue E or the Firefox icon to get Netcraft from that link, you don't have to provide a name and email address unless you want emails about updates.

 

There's your first lesson.  Not simple, as I warned you it wouldn't be, but I toned the geek level down to minimum.  Tell me how I did.

 

Still too complicated, can you kinda understand it, are you completely lost?  If I'm going to spend the entire summer on this and you're going to be flashing back to High School we need to know that we can understand each other.

 

And if you have questions, PLEASE email them to me or through the webform at www.thepcgurus.com.  Everyone here is willing to work with this and having our readers informed and safe is important to us.  If all of our readers come out at the end more aware and better able to deal with threats we all benefit.

 

Next week, the TCP/IP layer and DNS.

 

Kevin Mefford, Editor

pcguru at microdome.net

 

 



 

Terry Wise

www.ratland.com

 

 

Tech News of the Week
 

Facebook has removed the popular word game Scrabulous from its U.S. and Canadian sites after Hasbro sued the online game makers:

http://www.informationweek.com/newsletters/daily/showArticle.jhtml?articleID=209800515

Mighty is the ambition to try and top Google, the search engine so popular that its name has become part of the vernacular for Web searching. The effort is not diminished if it is headed up by former Google engineers:

http://www.crn.com/software/209800400

Virgin Galactic, the space tourism firm funded by Richard Branson, has unveiled White Knight Two, the carrier designed to piggyback the yet-unfinished SpaceShipTwo rocket into the upper reaches of the atmosphere:

http://www.technewsworld.com/story/Virgin-Galactics-Mothership-Ready-to-Haul-Tourist-Rocket-to-Space-63978.html

Copy us on the good stuff!

 

Matthew Dattilo

thepcgurus at gmail.com 

www.mattstodayinhistory.com

 

 

Download of the Week
 

OK, you like games, but you're hesitant to spend $90 for Madden '09 Collectors Edition.

 

I've located some free game sites via a major men's magazine to which I subscribe.  Have at it, folks:

 

http://www.kongregate.com/ 

http://raptorsafari.com/ 

http://www.ikariam.org/ 

http://www.instantaction.com/ 

 

Not my bailiwick, so if you have questions or problems, direct them to the specific websites.

 

Happy gaming, 

 

Carlita Lupino

Cards57 at gmail.com

 

 

Email Question of the Week
 

Q:  My hard drive crashed a few weeks ago. I did get recovery from "gillware.com" (in the clean room) the total fees were $625. I thought pretty reasonable for saving my preciuos data. 95% of pictures are fine & 100% of data. My questions 1) how do I open or reinstall a .dbx file from outlook express? Any free programs for this? I have tried to import in OE, this does not work for some reason. 2) When I try to rename any picture I have to put .jpg at the end or it makes picture unviewable. As always, thanks so much for your help.

 

A:  What are the .dbx files stored on a DVD/CD or the hard drive?  They have to be on the hard drive before you can import them.  Also, along with the normal Inbox, Outbox etc. files you have to have one called Folders.dbx.  That file contains data about how the mailboxes that OE has to have to know how and what to import.

 

If you look at a file name on your computer and see the entire thing, such as Picture101.jpg, then your system is set to show all extensions and renaming a file without including the extension renders it useless.  That three character section tells Windows what type of file it is and how to open it.

 

Hope that helps and keep us posted...



Kevin Mefford

pcguru at microdome.net

 

 

Contact info and legal stuff
 

If you have tech support questions or ideas and/or submissions for our newsletter please submit them by visiting www.thepcgurus.com and click on the "Email the Team" icon. 

  

Copyright 2001-2008 The PC Gurus, all rights reserved.  Publication, rebroadcast or storage is prohibited without prior consent, however you may freely forward this publication to friends as long as A) it is forwarded in its entirety and B) no fee is charged.

 

Information provided in this publication is provided "as is" without warranty of any kind, either expressed or implied.  Although the information provided is known to work on most systems, it may not work on ALL systems.  Make use of any information supplied at your own risk.

 

The PC Gurus are a group of volunteers who provide support for the PC, Mac and Linux users in the Kentuckiana region.

 

To unsubscribe from this newsletter visit http://thepcgurus.com/mailman/listinfo/newsletter_thepcgurus.com or send an email to microdome at seidata.com with the words "unsubscribe newsletter" (without the quotes) at the top of the body of the message. 

 

  

 

  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://thepcgurus.com/pipermail/newsletter_thepcgurus.com/attachments/20080731/4a8b60d4/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 33586 bytes
Desc: not available
Url : http://thepcgurus.com/pipermail/newsletter_thepcgurus.com/attachments/20080731/4a8b60d4/attachment.jpe

More information about the newsletter mailing list