MARCH 2002 - Vol 18 - Issue 03

Newsletter - Internet Edition

I was very saddened to receive an email on Feb. 11,2002 with the news that Mark Meidel had suffered a massive stroke and that his prognosis for recovery was very poor. When I learned of Mark's passing the following day, I was deeply upset. My distress was from both the pain of losing Mark as a personal friend and from the knowledge that EPCUG had just lost one of the major pillars of the organization with his sudden passing.

It was my privilege to serve with Mark on the EPCUG board for over six years. Mark was a person who was uncomfortable being up front speaking, but he was one of the movers and shakers in the back of the room. Here is a simple illustration.

In the course of the computer recycling program, EPCUG had many old computer cases that we needed to dispose of in a proper method. Mark would load up his car, seemingly past the point of maximum capacity, and haul the scrap away. Sounds like a minor thing, right? I have made some rough calculations and I figure that Mark handled well over 600 lbs. (over a quarter ton) of scrap metal alone. Then there were the old motherboards, monitors, and other items that he willingly hauled away for EPCUG.

Mark was also one of the workhorses of EPCUG. To Mark's family I relayed the following memory of Mark. "Everyone knows the train engineer, and everyone knows the conductor, but who knows the fireman? The fireman is the person who shovels all the coal to keep the train moving." When there was work to be done, Mark was the "Go To Guy" who would move heaven and earth to be there to get his assigned or volunteered-for job done.

Mark did not like the limelight, and he let me know more than once that he did not want to come to the front of the room to give reports. Mark wanted to stay in the back, doing something. Being up in front during the meetings, I was able to watch as Mark set up more chairs if they were needed, or gave up his own if there were no more chairs available. Mark would be one of the first to arrive at every meeting to help set up and be one of the last to leave after everything was cleaned up.

Mark Meidel has been a member of EPCUG longer than I, has been active in leadership longer than I, and has worked more hours than I have. Mark was one of those people who was a shaker and a mover, but in a different way. His humor could break up the tensest board meetings into laughter. With a straight face he could zig anyone, especially Sherry and I when either of us were "going astray". Mark was thoughtful on the hard issues we faced, but was the first to remind us on the board that we were all volunteers, "and don't get paid for this".

Yet even in passing, Mark kept helping others. All the organs and tissues possible were donated to help others live more productive lives. That is an act of love for our fellow man that has no limit. After I left the funeral home, I checked to see if the organ donor line was signed on my Indiana driver's license.

Mark, I will greatly miss you, as will EPCUG. Mark, you must have been needed in heaven for a special project, why else would you have been taken away so abruptly? As always, you will continue your efforts there with the same dedication, the same humor, and the same "stubborn streak" that you have served with EPCUG and the other organizations where you belonged.

In the last few months, I have been asked the same questions over and over and over again about computer protection. The questions center in two areas. The first is, "How have I been hacked if I/we have (insert brand name here) anti-virus program running?" The second is, "How can I get a virus when I/we have a (insert brand name here) firewall operating?" This shows a basic misunderstanding of computer protection. Let's review the process to secure your system from most common problems that cause data loss.

To start with, computer protection starts at the end user level. All the time, while working on computers, technicians find that the valid password is hitting the enter key; in other words, no password. How prevalent is this? Most computer-savvy technicians, when needing a password, start by hitting the enter key. The second most common password is echoing the user name. With a username of Mary, for example, a technician or hacker would try Mary, MARY, mary, yram, Yram, and YRAM as good starting points.

Failing the echo test, they would try the address and then the phone number. If you think they can not get this information, try going to www.switchboard.com and looking up your name there. With the Internet, in less than 10 seconds a hacker can have all of this information, as well as a map to your house (unless you have an unlisted telephone number). With a little more digging, they would try your birth date, and those of your spouse and your children.

If they physically have your computer, by removing the hard drive and installing it into their machine, they can read the data directly. looking up your name there. With the Internet, in less than 10 seconds a hacker can have all of this information, as well as a map to your house (unless you have an unlisted telephone number). With a little more digging, they would try your birth date, and those of your spouse and your children. If they physically have your computer, by removing the hard drive and installing it into their machine, they can read the data directly.

You need to set your password as something that is not readily available to the outside world. It is best to use alphanumeric combinations. A format like 112355 for a date is no better than 11-23-55, as this will be tried by a hacker. A password like fd112355ILU is much better. The fd stands for first date, followed by the date, followed by capitals ILU for I Love yoU. A bit mushy, but hard for a hacker to hone in on. It is also longer than 9 characters, the average password length.

A completely random mix of alphanumeric is even better. A password with this mix would look like M3KFoB!(68lB&%. But how do you remember it? My 3 Kids First one Born (shift 1) (shift 9) 68 last Born (shift7) (shift 5) is the break down formula.

As for the data, if you are using Windows NT, Windows 2000 Pro, or Windows XP, you can encrypt files so only you, a designated recovery agent, or a system administrator can recover them. This, used in conjunction with file level passwords, can effectively stop anyone from stealing your data. Just make sure to make the administrator password secure. The password for the administrator should be different and, if anything, more complex than the personal passwords!

OK, so I have my local machine locked down. Now what? Now we add the anti-virus program. Anti-virus software is to prevent a virus program from damaging my computer. It is not designed to keep hackers out; it is only a protection from viruses, Trojan horses, and other types of harmful programs, period. Some viruses, like the Exploit.exe and Nimda, are designed to open your system up to hackers so that at a later date, they can enter your system from the hidden backdoor it creates.

No anti-virus program is worth a plugged nickel if the definition files are not up to date. Most anti-virus software manufacturers have a utility to update the virus definitions on-line, either manually or in conjunction with a scheduler program to do it automatically at a specified time and/or day of the week. With over 100,000 known viruses today and more every day, you need to do this regularly. Personally, I do mine every two days on all my operating systems.

A hacker will often plant a virus to cover their tracks, so that you do not know you have been hacked. You do not know that the hacker has stolen your bank account records, your financial records, and anything else that may be of value to them. They will delete the files from your system, then plant a virus. The virus will be blamed for doing the damage. With a good anti-virus program, you prevent the planted virus from destroying the remaining records. You also will know what records have been deleted, so you can recover them from your last backup.

What backup? you ask. The backup of your critical data, that you are making at least once every week to protect your system. With the cost of CD-RW drives, tape drives, and zip drives today, there is no excuse for not making backups of your critical data. If you keep all your financial records only on your computer, it should be backed up every time you make changes, and then the back up media should be removed from the system. That extra 2-5 minutes can save you days of data re-entry if any disaster happens.

OK, I have solid password protection of my operating system, my critical and personal records are encrypted, my anti-virus is in place, and I have my backups, now what? If you are doing on-demand dial-up networking to the Internet, you are done. By on-demand, the meaning is you force a connection to the Internet that then disconnects when you are done. But if you have an automatic reconnection, a permanent connection via leased telephone lines, DSL, or a T1 line, then you need a firewall. Why?

On-demand dial-up has your ISP assigning you a "one time" TCP/IP address when you log in and pass your authentication. You receive this address randomly from the ISP's pool of IP addresses when you connect. You get to keep the connection when your username and password have been authenticated.

To test this, the next time you connect, if you are using Windows 95 or 98, reduce your browser to an icon, then at the run prompt, type winipcfg/all and you will see your current IP address settings. Disconnect, wait a minute or two, then connect again and check the IP address, and you will see that your address has changed. For those using Windows ME, 2000 Pro, or XP, go to the command prompt by going to start, program, accessories, then command prompt, then type ipconfig/all, and it does the same function.

With a "permanent" connection, you have a fixed or static IP address. You are now a fixed target for hackers, instead of a moving target. But how can a hacker find you? Do you ever do Webcam on the Internet? Ever do Netchat, Netmeeting, or any direct connection between computers on the Internet? If you do, then someone else has your IP address. There are also programs that actively search for "open" IP addresses.

This is where a firewall comes in. When you access the Internet, you have a full spectrum of connections called ports. Not to get too technical, but there is a port address for everything, including HTTP, FTP, WWW, Email, VPN (virtual private networks), and thousands more; each has a specific port that must be open to communicate. A firewall closes all the ports you don't use. If you do not use VPN, for example, why leave that port open where a hacker can enter? That is the first role of a firewall, to stop sneak attacks through unguarded open gates or back doors.

The second role of the firewall is to be the gatekeeper of the gates that are left open. When a hacker tries to access your system, if you have proper security on your system for remote access, they will be challenged for a username and password for authentication. This is just like when you first log-on to the basic system. Usually the remote user or hackers are given three tries to give a proper response before the security system throws them out. The firewall senses this rejection and then stops, or rejects any request from that IP address for a set period of time. This period can be from 5 minutes to forever!

The third role of a firewall is to protect your computer from mobbing, breaching, or overwhelming attacks. Frustrated hackers use this as the last form of attack to breach the firewall, often by using the dreaded "ping of death". This type of attack, usually launched from multiple sites, is designed to overwhelm the bandwidth of your system and allow the hacker to slip through while the firewall is busy dealing with the pings unchallenged.

A firewall, many with stealth technology, will after a fixed number of pings, stop responding to ping requests. Your IP address effectively disappears from in front of the hacker/attacker. This is more effective than chopping off the total Internet connection. This is sometimes called "raising the shields" and it blocks all traffic. (Who says computer geeks did not watch Star Trek when they were younger?)

Some firewalls have a fourth role, to track down who is attacking the system. With this technology, the IP address can be tracked backwards to the point of origin. This is how the young hacker who attacked CNN about a year ago was caught. The firewall tracked the IP address back to his computers from the IP addresses from the DSL routers. The young hacker did not have DSL himself, but several of his friends did, and he used the IP addresses they had given him when they were doing Webcams between them.

To review, the firewall is perimeter defense to repel hackers. The anti-virus is the medical team to stop and heal the damage that viruses or Trojan horse programs cause. The backup is the archive stored in a safe place like an underground vault to be used to rebuild the damage after the attack. Finally, your username password is the linchpin of your system security success in preventing successful hacker attacks. Everything builds on each other, and if any one part is missing or poorly prepared, you are open to attack from hackers, viruses, and data loss. With a little time and some forethought, you can protect your system from most hackers, failures, and from data loss from young children in your own home.

About the author: Mr. Slough (jonslough@tln.net) has been a computer user and programmer since 1975. He has used on-line data transmission since 1976 starting with early computer on-line time-sharing. Since building his first computer in 1981 he has provided technical service, hardware support, and programming services on a personal and professional basis in the northern Indiana area. He is a past president of the Elkhart PC Users Group where he has been a regular contributor to the monthly newsletter since 1996.

Bridging the digital divide is something many pundits have written about. The gap between those who have access to a computer and those who do not is what the digital divide is all about. EPCUG's computer recycling SIG spent Saturday, March 2 trying to narrow that gap just a little.

The recycling SIG was founded on the premise that many individuals and organizations are throwing out computers that, while somewhat outdated, are still functional and able to serve a purpose. A byproduct of the computer recycling effort is we are able to donate those computers to people who might otherwise be unable to obtain one.

The project tackled on March 2 came about when Bill Roberts, an EPCUG director at-large, passed along to our Board of Directors a request from Dean Frick, of the Hope Rescue Mission. Located in downtown South Bend, the Hope provides services to homeless people. In addition to giving clients a place to stay, the Hope also seeks to address any substance abuse problems they may have and provide them with skills they need to get a job. The intent is to get these people to clean up their lives, and get them jobs so they can get off the streets.

As EPCUG's public relations director, I subsequently met with Frick and learned of the project Frick was seeking for us to take on. Some years ago, the Hope had purchased a number of eMachines personal computers. If you do not know what an eMachine is, they are low-cost computers that aim at the sub-$1,000 market. The eMachines purchased by the Hope suffered from a malady shared by many of the early versions of these computers. Nearly all of them had their power supplies go bad. So, the Hope had six personal computers with 366 MHz. Intel Celeron processors that no longer work.

Frick, the Hope's information systems and human resources manager, after mulling his options, decided the best course would be to pull the guts out of the existing eMachines cases and transplant the hardware into new cases with 300-watt power supplies. While it may seem simpler and easier to replace the failed power supplies, replacing the case and the power supply, it turns out, costs less money. Frick sought EPCUG's help on this project because he already has many irons in the fire and simply did not have time to rebuild six computers.

As we usually do, the recycling SIG gathered on a Saturday, March 2 in what Bob Brown, EPCUG's president and SIG co-chair, jokingly refers to as "the pit." The seven who gathered on that rainy, snowy morning dove right into the project. When the day was done, we had three eMachines that had been revived from the dead.

In the days that followed, I was able to get two more computers working in my shop. Bob finished the sixth eMachine in his shop. By the time you read this, the eMachines, in their shiny new cases, will have been returned to the Hope.

Frick indicated his intent is to use the computers in classes aimed at teaching computer skills to the Hope's clients. The Hope already has several computer work stations that serve in a computer-assisted learning capacity allowing clients to work toward obtaining their GED. "We're really happy that you were able to take this thing on for us," a grateful Frick said.

My own attitude about the homeless issue is, if you think about it, many of us who work for a living are not more than a few months away from being homeless if our income were to be cut off. That, in my opinion, means we are not all that different from the homeless. Thus, I was glad to be able to participate in this project. At the same time, perhaps we were able to make that digital divide a little less cavernous. Frick noted he is also seeking to recruit people willing to volunteer their time teaching some of the computer skills classes these eMachines will be used for. If you are interested, you can contact Frick by E-mail at dfrick@hoperescuemission.org or you can call him at (574) 235-4150.

If you read Don Singleton's "Giving vs. Taking" in last month's newsletter, you got the full sermon regarding volunteering help to an organization. Sherry Nisly's plea in her "From the Editor's desk" column brings the same theme closer to home. Many of the tangible rewards of our organization are directly connected to the efforts volunteered by members. In this case, Sherry cited our anemic advertising income is jeopardizing the size and even the existence of the newsletter. Clearly we need help in this area and others as well.

There are probably several reasons that members are reluctant to come forward with help.

1. The area that needs help involves actions that are distasteful to them.

2. They fear that the help required will involve a larger commitment than they are willing or able to make.

3. They fear "getting in over their head" and not being able to "bow out gracefully" if that becomes a reality.

4. The area where help is need is not well enough defined for the potential volunteer to decide if they are able to help or not.

When any of these factors are present, one can be sure that the pleasures of volunteering will not be forthcoming. Some means must be found to relieve or at least offset these anxieties. The most successful "Givers" that we have in place now are those who are sufficiently confident and competent in their field that they feel that their efforts are enjoyable and "no big deal." When that is not the case, the smallest effort can become an ordeal. That is not what we want or need.

There are calls out for more membership involvement with Advertising and Recycling SIG administration. If advertising can be increased, we can maintain and increase the scope of our fine newsletter. If not, we must seek alternate forms of funding for that purpose. Improvements should be made to the Recycling SIG, but it is completely functional and should be a source of pride. EPCUG is an organization of volunteers and its future effectiveness will be determined by its members' participation.

Many people in Tulsa have Cable Modems from Cox, and currently they have an email address which ends "@home.com", for example my true email address is "donsingleton@home.com". But that will not last for much longer (http://investor.cnet.com/investor/news/newsitem/0-9900-1028-8055607-0.html?tag=ltnc).

One alternative is to go to http://mail.yahoo.com/ and signup for a Yahoo email address. They actually support three forms: Free Edition, Custom Edition, and Business Edition.

The free edition should be enough for most people. You will have an email address like donsingleton@yahoo.com. If you actually have your own domain name, the second form might make sense, but if so I would not recommend that you pay Yahoo $35 a year to register your domain name, but rather I would recommend you go to some registrar like http://inexpensivedomains .com (the one I use) and register a domain name for $15 a year. I am not absolutely certain, because I cannot be sure without actually doing it, but if one already has their domain name registered (through InexpensiveDomains), then it appears Yahoo just charges $10/year for Personal Email services (5 email addresses), and as long as you authorize Yahoo to send you a few spam messages you can have them automatically forward email messages to your ISP provided email address or you can have them provide you with POP3/SMPT access so that you can have your email program automatically get and send email through Yahoo Mail (http://help.yahoo.com/help/us/mail/pop/index.html).

This is not your only alternative. If you use InexpensiveDomains to register your domain name, then for $14.95 per year they will provide Domain name and e-mail forwarding (http://inexpensivedomains .com/webhost/forwarding.htm). This means that you can attach your domain name to any website, even some of the free ones which don't support personal domain names, AND you can have your email forwarded to any email address you want.

Either of these could be the way I have don@donsingleton.com as my email address. Actually I use a third alternative. Virtual Ave / Hypermart (http://www.hypermart.net/t/registration/packageinfo) offer a series of webhosting packages, including one for free, as long as you are willing to have a banner ad on your web page. I don't know how much longer they will offer this, because this page (http://www.hypermart.net/t/registration/packages) does not show the free hosting alternative, except as a link at the bottom. But if you can signup for a free website, you can point your domain name to it, and make use of their free email forwarding to send email to your ISP provided email address.

Actually there is one other alternative I can recommend. Webstrike Solutions (http://webstrikesolutions.com/) provides webhosting which just costs $30 for the first year (they say it is free for the first year, but there is a $30 setup cost), and then $84 a year thereafter, and you can attach your own domain name to your account, and they have a free email forwarding service which can forward email from the domain name to your ISP provided email account. I use Webstrike for my Bush Supporter (http://bushsupporter.org) website, and Paula Sanders has three websites hosted by Webstrike.

Regardless of which of these alternatives you use, you will have an account which people can send email to, and it will be forwarded to the account your ISP provides, and then if your ISP changes your email address, or if you change ISPs, then all you have to do is go online and access your Yahoo / InexpensiveDomains / VirtualAve/Hypermart / Webstrike Solutions account and change the address it forwards your email to. The people you email will never know your real email account changed.

Reprinted from the January 2002 issue of the I/O Port Newsletter. Please let Don know if you use his article webmaster@apcug.org will get to him There is no restriction against any non-profit group using the article as long as it is kept in context, with proper credit given to the author. This article is brought to you by the Editorial Committee of the Association of Personal Computer User Groups (APCUG), an International organization to which this user group belongs.

If you've never had the joy of delivering something to the needy or underprivileged, take it from me, it is a wonderful experience! You get to see some of the greatest smiles in the world when you can help a church or organization help others. When you can give a window to the world to a shut in. Or a gift of possibilities to a family that is overwhelmed by life. Please continue to help me experience those smiles by donating your old computers to EPCUG.

We upgrade & rebuild Pentium class computers then give them to needy groups and individuals. This prevents these older machines from filling up the landfills or wasting away on a shelf, and gives you the satisfaction of knowing that you have helped someone less fortunate than yourself.

The Elkhart PC Users Group is a 501(c)3 non profit organization which means your donations are tax deductible!