From:         Patrick Douglas Crispen 
Subject:      Tourbus - 9 Aug 04 - Odds and Ends

TODAY'S TOURBUS TOPIC: HOME COMPUTER SECURITY, PART 2.5

The Internet Tourbus - U.S. Library of Congress ISSN #1094-2239
Copyright © Bob Rankin and Patrick Crispen - All rights reserved
Odds and Ends

Howdy, y'all, and greetings once again from deep behind the orange curtain in beautiful Irvine, California, birthplace of the retro encabulator. [See http://media.ebaumsworld.com/retro.wmv]

TOURBUS is made possible by the kind support of our sponsors. Please take a moment to visit today's sponsors and thank them for keeping our little bus of Internet happiness on the road week after week.

On with the show...

Next week we'll look at how to make sure you actually have the latest patches and that your firewall is keeping the bad guys out. This week I have a few odds and ends to share with you about patch management and firewalls.

Patch Management: New Patches from Microsoft Audience: PC Users

By now you should be well aware of the importance of patch management. [If you don't know what patch management is, check out my previous Tourbus post at http://tinyurl.com/64evp ] Well, our friends at Microsoft have been busy recently, issuing a new service pack for Microsoft Office 2003 as well as three critical updates for Internet Explorer. To get the new Office service pack, hop on over to

http://officeupdate.microsoft.com/

and click on "Check for Updates." Make sure you have your Office 2003 installation CD nearby in case Microsoft needs to "sniff" the disk.

To get the three Internet Explorer patches, all you need to do is either run Windows Update or point your Web browser to

http://v4.windowsupdate.microsoft.com/

and click on "Scan for Updates."

In other words, if you have Windows, you have homework to do.

Patch Management: XP Service Pack 2 Audience: Anyone using Windows XP

In a few days Microsoft will release a MASSIVE patch called "Windows XP Service Pack 2" [or "XP SP2"]. My recommendation? Wait until early September before you get it. That way if there are any unforeseen problems with XP SP2 [and there will be], Microsoft will have time to patch those problems before they affect your computer.

How massive is XP SP2? Oh, try 270 megabytes. That should take you just slightly under TWENTY-TWO HOURS to download over your 28.8 modem. The download times for broadband connections aren't much better: about 80 minutes over a 512 Kb DSL connection or about 30 minutes over a 1.5 Mb cable modem. Fortunately, Microsoft realizes most of us do not possess either the bandwidth of Bill Gates or the patience of Job, so XP SP2 will also be available on CD. You can't order the CD yet--because SP2 hasn't *officially* been released--but eventually you'll be able to order the CD at either

http://tinyurl.com/6g675

or

http://www.microsoft.com/windowsxp/downloads/updates/sp2/cdorder/en_us/defau lt.mspx

Both addresses take you to the same page, and that last address needs to be on one line.

When will XP SP2 be available to you and me to download? Well, according to our friends at Windows & .NET Magazine Network, beta users of SP2 will be able to download the final version of SP2 through Windows Update tomorrow, August 10th. The rest of us will have to wait until next Monday, August 16th, for SP2 to be made available through Windows Update. [Source: http://tinyurl.com/5wl68 ] My guess is that the CD will be available shortly thereafter.

But, as I said earlier, my recommendation is to wait until early September before you get XP SP2. However, if you'd rather download and install XP SP2 as soon as it is available, Microsoft recommends that you let them do it for you. First, make a System Restore point:

http://tinyurl.com/253en

Then, enable Automatic Updates in XP:

http://www.microsoft.com/athome/security/protect/default.aspx

That's it. XP SP2 will be pushed to your computer sometime in the next couple of weeks.

Do you [eventually] *need* XP SP2? YES! Why is XP SP2 so important? Well, it adds some much-needed features to Windows XP including:

  • A significantly improved software firewall.
  • Built-in pop-up blocking in Internet Explorer [YAY!]
  • A download manager in Internet Explorer that lets you block
  • malicious downloads.

  • A "sandbox" for Outlook Express attachments that hopefully will
  • keep email viruses from infecting your computer

  • Better wireless support.
  • And a fluffy nougat center.
  • So, yeah, you need XP SP2. Just not until September. To learn more about XP SP2, check out either

    http://www.microsoft.com/windowsxp/sp2/preinstall.mspx

    or

    http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2chngs.mspx

    The former is written for people like you and me and the latter is written for computer gurus.

    I hope this helps.

    Hackers v. Crackers Audience: Everyone

    A couple people wondered why, in my last two posts, I referred to people who break into computers as "crackers" instead of "hackers." I hope you don't mind the slight detour, but...

    On the first day of the Normandy invasion, the Allied troops used a verbal challenge to determine friend from foe: "Flash Thunder Welcome." If you didn't know the appropriate response, or if you pronounced "welcome" with a v, the 101st Airborne graciously put some extra holes in you. The verbal challenge was a shibboleth, a test to prove that you belonged.

    The computing world's shibboleth is how you define the word "hacker." People who know nothing about computers, especially people in the media, use the word "hacker" a pejorative to describe

    A person who uses his skill with computers to try to gain unauthorized access to computer files or networks

    [Source: Oxford English Dictionary]

    So, most people think hackers are BAD! That's cool, but COMPLETELY wrong. INSIDE the computing world, the term hacker is actually highly complimentary, respectfully used to describe

    A person with an enthusiasm for programming or using computers as an end in itself.

    [Source: Oxford English Dictionary]

    So, inside the computing world, hackers are GOOD! If you call a guru a hacker, she'll thank you. You've complimented her.

    What do people inside the computer world call people who compromise the security of a computer without your permission? Well, besides calling them words and phrases questioning the legitimacy of these criminals' parentage and implying that these criminals have intimate relations with their mothers, most computer gurus call these people "crackers."

    Remember, in the computer world

  • A "hacker" is a brilliant and respected computer programmer or
  • technical expert

  • A "cracker" is someone who tries to break into your computer or
  • files without your knowledge and/or permission.

    And your number one job as a home computer user is to keep the crackers out of your computer.

    Linksys Routers and SPI Audience: Everyone

    In my last post [which you can find online at http://tinyurl.com/6ztha] we talked about both "network address translation" [NAT] and "stateful packet inspection" [SPI], two features found in most consumer hardware routers. NAT is a necessity--it's what protects you from crackers doing port scans--but SPI is a frill.

    The Linksys EtherFast Cable/DSL Router with 4-Port Switch [BEFSR41] used to have SPI, but the folks at Linksys recently disabled it for stability reasons in a firmware upgrade. That's cool. As long as your router has NAT you're safe from most crackers. However, if you really want a Linksys router with both NAT and SPI, check out Linksys' Instant Broadband EtherFast Cable/DSL Firewall Router with 4-Port Switch/VPN Endpoint [BEFSX41] for about $US70.

    My recommendation? Stick with the cheaper BEFSR41. In fact, this weekend my girlfriend took me to a computer store--is she a great girlfriend or WHAT?!--to help her pick out a router for her DSL connection. Guess which router we bought? Yep. The US$50 Linksys BEFSR41. :)

    Apple Firewall Audience: Mac users

    In my instructions on how to enable Apple's Mac OS built-in firewall, I inaccurately mentioned that you should uncheck all of the services you see. I should have said that you should uncheck any service you don't understand or want running all the time. I apologize.

    By default, all of the services in the Mac OS--personal file sharing, Windows file sharing, personal web sharing, remote login, FTP access, remote Apple events and printer sharing--are already unchecked/disabled.

    The Internet Tourbus - U.S. Library of Congress ISSN #1094-2239
    Copyright © Bob Rankin and Patrick Crispen - All rights reserved

    That's it for today. Have a safe and happy week, and we'll talk again soon!

               .~~~.  ))
     (\__/)  .'     )  ))       Patrick Douglas Crispen
     /o o  \/     .~
    {o_,    \    {              crispen@netsquirrel.com
      / ,  , )    \            http://www.netsquirrel.com/ 
      `~  -' \    } ))    AOL Instant Messenger: Squirrel2K
     _(    (   )_.'
    ---..{____}                  Warning: squirrels.
    

    TOURBUS
    HOME PAGE
    LINUX
    TUTORIAL
    TOURBUS
    ARCHIVES
    Odds and Ends, viruses, hoaxes, urban legends, search engines, cookies, cool sites
    TOURBUS Site Search