Actrix Newsletter September 2000

This newsletter has been produced to help you get the most out of the Internet,
and to keep you, as an Actrix customer, informed of developments and services within the company.
Past newsletters may be viewed at http://editor.actrix.gen.nz/
Questions and comments about the newsletter can be emailed to editor@actrix.co.nz
Other inquiries should be emailed to support@actrix.co.nz

Spyware and OptOut

More by chance than by design, this month's newsletter has pretty much an internet security focus. I had long planned to introduce the small, free, safe and useful OptOut program which eliminates spyware from your machine. We also have the second hacker-based article by Dean Moor. As promised, our Boy Wonder Jeremy Fairbrass has also reviewed ZoneAlarm.

OptOut
So Just what is Spyware?

Spyware is any software that sits on your machine and reports information about you or your internet activities without your knowledge. Reckon you don't have any on your machine? You might be surprised.

The last time I ran OptOut, it found I had been housing a couple of these little spyware programs that had been doing their dastardly work on me for who knows how long. OptOut removed them. For the purpose of this article, I ran the program again and was thankfully clean. Now while I don't particularly have anything to hide, I do find it extremely irritating to have my internet activity reported to someone else without my knowledge or consent, and that's why a program like OptOut is so useful.

Spyware typically finds its way onto your machine through adware programs that are built into other software that you download. Adware programs squirt advertising at you, usually as a way free software distributors have of making money. The other type of spyware is reportedly employed even by big and well-known companies such as Netzip, Real Networks and even Netscape/AOL. These companies provide download programs that report back to their makers with varying amounts of information about you and just what it is you have been downloading.

Other known spyware culprits are Aureate/Radiate, GoHip, Conducent and Comet Cursor.

Spyware is not destructive in the way that viruses are. It does not interfere with your files or erase anything. Unlike Trojan Horses, Spyware doesn't open your ports sneakily or provide access to your machine to someone else. The fact is, though, that in one way or another, they spy on you and hide from you. This is bad, bad, bad!

OptOut is currently free to good homes, though its creator, Steve Gibson, is now working on a new, improved and commercial version that will be for sale. Until then, he invites any Windows user to freely download and use the free version.

The program is small, taking less than a minute to download with a 56K modem. It is simple to use, having only one main button. When you open the program it scans your registry and reports its findings. Clicking the Deep Scan button will cause it to scan your hard drive for Spyware. The button then gives you the option of removing or leaving any spyware it has found. That's really about as complicated as it gets. The downside is that it can only scan for and detect spyware that it already knows about.

OptOut
I do thoroughly recommend that you acquaint yourself with the web site of OptOut's creator, Steve Gibson. Steve is well-known and appreciated by many security conscious Windows users, for providing help and free security-related programs. There are a number of interesting features of his web site (http://grc.com) beyond links to his OptOut program. He also runs a free service called Shields Up which will scan your computer and report on its security vulnerabilities. If you're new to and alarmed by some of these things, then that would be a great place to go to start learning and getting some protection.
The Truth Hurts (An Oldie but a Goodie)

At a recent computer expo (COMDEX), Bill Gates reportedly compared the computer industry with the auto industry and stated: "If GM had kept up with technology like the computer industry has, we would all be driving twenty-five dollar cars that got 1000 miles to the gallon." In response to Bill's comments, General Motors issued a press release stating (by Mr Welch himself): If GM had developed technology like Microsoft, we would all be driving cars with the following characteristics:

1. For no reason whatsoever your car would crash twice a day.
2. Every time they repainted the lines on the road you would have to buy a new car.
3. Occasionally your car would die on the freeway for no reason, And you would just accept this, restart and drive on.
4. Occasionally, executing a manoeuvre such as a left turn, would cause your car to shut down and refuse to restart, in which case you would have to reinstall the engine.
5. Only one person at a time could use the car, unless you bought "Car95" or "CarNT." But then you would have to buy more seats.
6. Macintosh would make a car that was powered by the sun, reliable, five times as fast, and twice as easy to drive, but would only run on five per cent of the roads.
7. The oil, water temperature and alternator warning lights would be replaced by a single "general car default" warning light.
8. New seats would force everyone to have the same size butt.
9. The airbag system would say "Are you sure?" before going off.
10. Occasionally for no reason whatsoever, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key, and grab hold of the radio antenna.
11. GM would require all car buyers to also purchase a deluxe set of Rand McNally road maps (now a GM subsidiary), even though they neither need them nor want them. Attempting to delete this option would immediately cause the car's performance to diminish by 50% or more. Moreover, GM would become a target for investigation by the Justice Department.
12. Every time GM introduced a new model car buyers would have to learn how to drive all over again because none of the controls would operate in the same manner as the old car.
13. If you didn't keep moving the steering wheel every few minutes your windscreen would start throwing windows at you or stars or some other strange things would appear in front of you
14. You'd press the "start" button to shut off the engine.
Farewell Pauline

Ain't she just a peach!

It's a sad day when an organisation has to say goodbye to someone the likes of our dear Pauline. I am sure that most of our readers know her, at least by name. She's the cheerful one you're likely to get if you call or come into our reception area. Pauline will be moving to the USA with her husband, and somehow, things just ain't going to be the same without her. I'm sure you'll join me in thanking her for her contribution to Actrix, and in wishing her and John well for the future! Goodbye messages can be sent to her at perils@actrix.co.nz.

Games Site Design Winner!

Well done Scott!

Congratulations are in order for Scott Miller, the winner of our web site design competition. A number of excellent entries were received and judging was correspondingly difficult.  Pictured here is our managing director, Hal King (left), handing the $500 prize money to Scott.

You can see Scott's winning design at the user interface for our games servers (http://games.actrix.co.nz/).

Official Olympic Games Site

Official Olympic Games Site

Let the Games Begin!

The official Olympic Games web site contains the latest in sports news, results, Olympic city information, Olympic news, Press Releases, ticket purchasing and, of course, an online souvenir shop.

Click www.olympics.com/eng/.

You can connect with your favourite athletes at the Sydney Olympic Games through the Olympics Fan Mail Web Site. Fan Mail is your free pass to the Olympic Village and the Athlete Surf Shack - a cyber pavilion where Olympians read and respond to FanMail and build their own Home Pages.

Click www.fanmail.olympic.ibm.com/.

Tip for Emailing our Help Desk

The Actrix customer support team are available between 6:30 a.m. and 1:30 a.m. each week day, and between 8 a.m. and 10:30 p.m. on the weekends. You can phone them on 0800-228749 or you can email them at support@actrix.co.nz.

If you're emailing support, you would help them a great deal if you included your user-name inside your email, especially if you are sending from one of your mail boxes instead of from your main Actrix email address. Likewise, if you're emailing support from a domained email address.  Before our support worker can begin to help you, he or she needs to look you up in our main database, and if they don't have to search on your mailbox or domain first to find your account details, it saves them a lot of time and you get a reply quicker. The help desk can be pretty hectic, and every little bit helps.

Oh, and please don't email me with support enquiries. It's not that I don't want to help; it's just that I have other work, and unfortunately it is now necessary for me to become fairly ruthless in passing these back to the support team to answer.

Hacking 101 by Dean Moor.

This month we are privileged to be able to include the second in a series of articles by one of our customers, Dean Moor.  Dean has a long-standing interest in computer security and has graciously agreed to share some of his knowledge.

Always remember - one of the best ways to protect your security online is to change your password on a regular basis. Haven't done that for a while? Do it now. Call our help desk (0800-228749) if you're not sure how. -Ed.

Well I hope you all found last month's article useful. This month, I have been asked to explain to just what a "Hacker" is looking for and how they go about finding it. Obviously, I am not about to give you a step-by-step guide to Hacking, but I do aim to give you a bit of basic knowledge on the process involved so that you can be more aware and hopefully safer.

Before I go too far ahead I need to ensure you have a basic knowledge of how the Internet works. I find the analogy of a city is the best to use. A city is made up of thousands of houses, connected to each other by roads. The Internet, in comparison, is made up of thousands of computers, connected by modems. Now, every house in a city has an address, which may look like this:

15 Somewhere St.
Atawhai
Nelson

On the Internet, every computer has an address, similar to that of a house somewhere in a city, the only difference is the way that address looks. An Internet Address consists of 4 numbers separated by a "." such as, 203.96.28.15

Knock, knock, anybody home?
Now to compare these two address types lets look at them side by side,
15
Somewhere St
Atawhai
Nelson
=
=
=
=
15
28.
96.
203.

Notice how the last number in the Internet Address is the equivalent of the house number, the second to last is the street, and so on. You may be wondering what the significance of this is. You shall see shortly.

Now that we have a basic understanding of the address scheme the Internet uses, lets look at one more thing you need to be aware of - Ports. I am sure most of you may have heard about ports, yet don't completely understand them. Most of my customers seem to think they are the things on the back of your machine box where your mouse, keyboard and various other peripherals are plugged in. This is true, but when talking about the Internet, ports are something completely different.

Let us take the analogy that we used before with the city.

Your Internet connected computer could now be referred to as your house. Now, almost all houses have doors and windows. There is a front door, back door, sometimes a door through to the garage, and so forth. Each room has windows that are most likely referred to by style or size. Well, now lets call these doors and windows, ports. Just as we have a way of describing the doors and windows there is a method of describing ports, and as with almost all computing related names, it a numerical method. For example, almost every one comes in through the front door so we shall refer to this as the port that the web pages come in on. This is port 80. Now, emails come in through the large opening windows in the lounge (Port 110) and out through the small window in the dining room (Port 25). Please remember that this is a very simple model.

To sum it all up, I would say ports are the entry/exit points to our computer that its programs use to interact with other computers. Certain types of program use certain ports, while others use other ports.

Ok, now to answer the question of how does someone find me? From my own experience, the majority of "Hackers" are not looking particularly for you. They are usually opportunistic, just after anyone online that they can "Hack." One way they find a computer is to run a domain scanner. You may be wondering what a domain scanner is? Well, lets go back to our city analogy. A domain in the city model would be the suburb in a city. For example, Atawhai, Nelson. If we were to place this in the Internet address scheme, we would end up with,

Nelson = 204.
Atawhai=96.

Therefore, the IP (Internet Protocol) address for Atawhai, Nelson would be 204.96.

Notice how the Internet seems to have the address back to front? Well this is because a computer generally processes things in a logical order, where as we humans process information completely back to front!

Saw your light on, thought I'd drop in! Anyway, if I wanted to find someone online in the Actrix domain, how would I go about it? Using the city analogy again, I find the city of New Zealand, and the suburb of Actrix to get the Domain Address of 203.96. Having already skipped a couple of steps I fire up my domain scanner and enter the address for the Actrix domain, and click Start. What happens now is my domain scanner searches for every online I.P. address starting with those numbers (pings every complete IP Address in the range). To return to our analogy, this is like it quickly running around every house in every street knocking on all doors and listening for a reply. It then returns to me with a list of people who are home (computers online).

Now I have a list of computers online, I need to find one I can get into. This is where the ports come in. I now run a port scanner, pick an IP address and scan certain or all ports on that computer. The analogy equivalent is like the burglar, having found a secluded house, looking around the house for an entry point. Now, to scan all ports will take a long time, mainly because there are 65535 ports in the TCP Protocol (the main language of the internet). Some "Hackers" scan the ports that various Trojan Virus Programs open, some scan for others. It all depends on what they are looking for, and what tools they have compared to what vulnerabilities they find.

Anyway, here we have an interesting situation. Almost all computers hear this scanner knocking on the doors or windows. They peer outside to see what is going on, and call out "No one's home!"

The hacker now has the IP Address of a computer online, and some doors or windows that are open.

Now, depending on what ports responded and how they responded (answered the port scan) the Hacker can use a Trojan client, or other methods to take control of your computer. For example, if you unwittingly had the Netbus Trojan virus on your machine, your computer would have responded to a knock on port 12345. This is the default port for the NetBus Trojan Virus and all the Hacker would need to do now is run the NetBus Client on his machine, and connect through port 12345 to the Trojan Server on yours. He would then have complete control of your machine.

I know that this may seem a bit hard to understand, but over the next couple of months I will try to explain the whole process in a bit more detail, and give you a few examples of "interesting" attacks that I have personally received. See you next time.

Dean Moor
www.startech.co.nz

Recommended Sites

Metric Conversion Calculators
www.worldwidemetric.com/metcal.htm - Convert from metric to imperial and back again.

Fun and Games for Thinkers
http://thinks.com/ - Heaps and heaps of fun and games for playful brains.

The Pregnancy Calendar
www.pregnancycalendar.com - The Interactive Pregnancy Calendar will build a day-by-day customised calendar detailing the development of a baby from before conception to birth.

Bubble Dome
www.bubbledome.co.nz - Once, in a distant valley, there lived Mella Hexi. Mella Hexi had a beautiful hexagon egg that was almost ready to hatch. One day Mella Hexi left her egg in the care of her good friend Pibble. But when Pibble awoke the next morning Mella Hexi’s egg was gone.

New Zealand Writer's Website
www.nzwriters.co.nz - All sorts of resources and forums for New Zealanders interested in writing.

Unofficial Silly Olympic Games Site
http://www.silly2000.com/ - A site designed to keep you sane through the Sydney 2000 Olympic Games.

Te Papa Tongarewa Museum of New Zealand
www.tepapa.govt.nz - The official site for Te Papa, our national museum in Wellington.

Keeping Hackers at Bay with Zone Alarm - by Jeremy Fairbrass

A few points before Jeremy begins....

  • You will understand this article better if you read the one above by Dean Moor first.
  • Zone Alarm is a popular program that seems to run smoothly and effectively, but even such a program as this will not be able to stop a truly knowledgeable hacker who wants to get at you in particular.
  • While Zone Alarm is popular and effective, it cannot be officially endorsed by Actrix. Nor can we take any responsibility for what does or doesn't happen if you decide to install and run it.
  • Zone Alarm is easy to install and use, even for complete novices, the only bad things I have ever heard about it have to do with un-installing it. If you decide to install Zone Alarm, you do so entirely at your own risk; and that applies to uninstalling it too. We cannot support un-installation problems from our help desk.

-Ed.

Zone Alarm Command Centre


As the internet becomes more and more widespread, there is increasing concern about the risk of "hackers" being able to get inside people's computers through their internet connection, and steal their passwords, read sensitive information from their hard drives, and even take control of the computer itself. (The word "hack" simply means to break into someone else's computer without their permission, usually through the internet from a remote location). While it is quite a skill for a person to hack into someone else's computer like that, it is nonetheless not impossible to do, especially if you use special hacking software.

So what can be done to prevent your computer from the risk of hackers? Probably the best thing that anyone can do, is to install a program on their computer called a "firewall". A firewall is a piece of software that runs on your computer and blocks all the "ports" of that computer from the outside world, only allowing connections to be made to those ports from sources that you approve of. In reality it's a lot more technical than that, but it would take me more space than I'm allowed to fully explain how they work!

Firewalls are primarily recommended for computers that have permanent connections to the internet - such as JetStream or cable - because these connections are the ones that are most at risk from hackers. For the average person connecting on a dial-up modem, a firewall isn't as important - and there are some other tweaks and tricks that you can do to your computer to make it harder to hack without the use of a firewall, if you have a good knowledge of network protocols and messing around in your Control Panel (see http://grc.com/su-fixit.htm and http://grc.com/su-bondage.htm for more info). However, it can never hurt to use a firewall anyway!

Many of the firewalls available on the internet cost money, and they have different features and pros and cons. But probably one of the best firewalls around at the moment is a program called ZoneAlarm. It's designed especially for the personal home computer, it has great features, it's relatively simple to set up, and best of all it's free! When it's running on your computer, it will let you know every time a program on your computer tries to access the internet, and it will allow you to prevent that program from doing so, if you wish. It will also alert you every time another computer or server on the internet tries to make a connection to your computer. That "other computer or server" could very well be a hacker trying to see if your computer is vulnerable - although it could also be a legitimate connection attempt made by a trustworthy server such as a search engine you're using, or even one of the Actrix servers. In my own experience, I've found that when I use a search engine to do a search, that engine will make a connection back to my computer - for what purpose I'm not sure - but ZoneAlarm will then alert me of the fact, even though what the search engine is doing is quite normal.

However simply alerting you that a remote computer is trying to connect to you isn't enough. The best thing that a firewall does is that it makes the "ports" on your computer appear to the outside world as though they don't exist. Which means that as far as any potential hacker is concerned, your computer might as well be disconnected from the internet - it just isn't there for him to see!

ZoneAlarm also has the ability to stop certain types of viruses from coming into your Inbox, although it should never be used as a replacement for a normal anti-virus program.

Zone Alarm's Warning Panel ZoneAlarm now has a "big brother" program called ZoneAlarm Pro, which has all the great features of ZoneAlarm, plus a whole heap more. The "Pro" version isn't free, but in my opinion it's definitely worth its price for the amount of new features it brings! Perhaps the only complaint I can make about ZoneAlarm (including the Pro version) is that you can't password-protect the options or settings, which means that other users of your computer (eg. the kids) could potentially disable it, or could allow an unsafe program to access the internet without knowing what they were doing. However the benefits of this firewall over the other firewalls available far outweigh this complaint!

You can read more about ZoneAlarm at their website, http://www.zonelabs.com, and download the free version from http://www.zonelabs.com/zafreedownload.htm. It works on all versions of Windows (95, 98, NT, 2K, and ME). There's an excellent tool at https://grc.com/x/ne.dll?bh0bkyd2 that you can use to see how well ZoneAlarm works, too - when you hit the "Probe My Ports" button on that page, it will deliberately scan the ports on your computer to see if any are vulnerable or "open", and it will tell you the results (don't worry, this process is quite safe!).

You should try this before installing ZoneAlarm, and then try it again after ZoneAlarm is running on your computer, and see the difference in the results!

A lot of the information regarding ports, hacking, firewalls and so on can be quite technical, so installing a program like this by yourself is probably not recommended if you find the terms used here to be quite unfamiliar! I'd recommend having a read through the links at the bottom half of the page at https://grc.com/x/ne.dll?bh0bkyd2 if you want to learn more about this sort of thing, and you might also want to get the help of a more "technically-minded" friend to install and set up something like ZoneAlarm, if it's still hard to grasp! While I do recommend ZoneAlarm, it's not something that Actrix can officially support.

Happy surfing!
- Jeremy Fairbrass

iCab 2.1

iCab 2.1 for the MacIntosh

One of our regular Mac users writes:

This is a really cool browser, which runs faster I think on my connection than Internet Explorer or Netscape.  It is only a 1.3MB download and uses less than 4MB of disk space to run.

You can find a review of iCab 2.1 here, and you can download the program from:

http://www.icab.de/index.html

Of iCab 2.1, Cnet writes:

"If you're using a Mac, choose iCab. We wish we could recommend it to PC users, too, but for once, they've been left out. iCab runs much more slowly than either of the Big Two over a fast connection, but its slower performance is much less noticeable over a modem. Plus, we love all of iCab's customizable features, especially its image filtering, which eliminates banner ads. You'll probably still need Netscape Communicator or Internet Explorer, if only for a few extras, such as the plug-in folder, but overall, iCab is the best of the alternative bunch."

and

"Until now, Germany's most recent contribution to American culture had been Siegfried & Roy. We'll forgive them for that one, now that we've had a chance to try iCab, a svelte, slick browser for the Macintosh. It's a genuinely usable alternative to Internet Explorer and Netscape, but only for those with the patience to configure it to their liking. Still, iCab is small, fast, and effective, especially if you want to ditch the Big Two."

Norrie's Nerd Words

Really? 17 Old Post Office Restructures?

Firstly, congratulations to last month's choccy bar winners who were Seth Zorn, Eric Gordon, Elizabeth Passuello, Jo Langford, Peter North, Lindsay McMillan, Ray Banfield, Maureen McRae, Norman Morrell and Trevor Adair.

In order to win a free Norrie the Nerd chocolate bar, all they had to do was email me and tell me the answer to a simple question: What was always falling down? The answer was to be found at my web site (www.actrix.gen.nz/users/norrie). It was, of course, the roof of the shack I was born in that my father, Norton Theodore Nerd II, built out of old mainframe packing crates. I was staggered at how many people wrote in suggesting it was London Bridge. While London Bridge may well have fallen, I never referred to that in my memoirs. Here's a clue. You have to read my memoirs to get the answer.

This month, the question is, What was the title of my doctoral thesis? If you'd like to win a free Norrie the Nerd chocolate bar, go to my homepage, click the "My Life" link and read my memoirs. When you have the answer, be among the first 10 to email me at norrie@actrix.co.nz. Good Luck!

Me! Bringing It All Back Home
The first Actrix newsletter of this type was published in October 1999, meaning that this September issue is the 12th! Officially, though, I guess, the Actrix newsletter will be a year old next month.

While some have been better and more useful than others, I have enjoyed producing each and every one of them. The aim has always been to regularly provide something for Actrix customers that was genuinely useful, not just Actrix or other advertising in disguise. Primarily, too, I've seen my target audience as those who are relatively new to the Internet. The reasons for that are mainly because I am no advanced expert, but also, it's the newcomers who seem to appreciate whatever new ideas or guidance they can get, rather than long time users, or young Generation Xers with modems for brains.

I am always keen to hear from you, especially if you're new to the Internet. What sorts of things bewilder you? What parts of net use aren't you confident about? What suggestions for helpful content here do you have? Please feel more than free to drop me a line at editor@actrix.co.nz.

Yours,
Rob Zorn
Editor - Actrix Newsletter
editor@actrix.co.nz