Digital Choke Daynotes
|
Digital Choke Daynotes |
|---|
| Daynotes | a daily journal of our activity |
 |
| Digital Choke | an action that is sometimes needed for your computer; also a short techno-story available here. |
| "Daynotes" are popularized by a Internet Web site called the "Daynotes Gang" (http://www.daynotes.com or http://www.daynotes.org), a collection of the daily technical and personal observations from the famous and others. That group started on September 29, 1999, and has grown to an interesting collection of individuals. Readers are invited and encouraged to visit those sites for other interesting daily journals. You can send your comments to us by clicking on any mailbox icon. | Reports |
A pleasant day today, spent with family. Nice dinner, went over to the park with the grandkids, met with some friends.
Busy day tomorrow: will be cleaning up after the Nachi worm, perhaps a post mortem of the attack and our response. Sneak out a bit early to go to the state fair with the family. Perhaps no post tomorrow: it will depend on when we get home.
"There is nothing to see here." -- Zork I
As you might suspect, we got home from the fair a bit late last night, so no post. But we had a good time there. The whole family except Jason was there, grandkids and all. They liked the rabbit room the best. We enjoyed the hypnotist show, which are always quite funny. And I had some corn dogs, but was too full for funnel cake.
At work, we're still doing some cleanup from our Nachi worm infection. There are still about 40 infected computers hiding out there. We used a nice free tool from Foundstone (all the links here will open a new window so you won't get lost on your way back here), a security software company that has some good software and some free tools. Superscan is a great scanner of the network, finding out all sorts of information about computers. And they have a RPC vulnerability scanner that works quite fast and across multiple IP address ranges. Their tools are well-built, and are good additions to a security dweeb's toolkit. Recommended.
Much has been made about the vulnerabilities in Windows. Lots of people complain about it; Linux people brag about not being affected. Lots of arguments on both sides, but I found this comment on the TechRepublic site. I found it to be an interesting opinion.
Sobig.F has its own SMTP engine, so it does not just affect Microsoft Outlook. It is a self contained executable that does not take advantage of any security vulnerabilities in Microsoft Windows or Outlook. The executable only runs on Windows because it was written and compiled to only run on Windows, not because of a security flaw in Windows.
Microsoft has been making progress at improving its security, but you won't see any of those improvements until people start buying the new software instead of using Windows 95 for 8 to 10 years. No one should expect 8 year old software to remain secure, and even brand new software won't remain secure for even a year without some effort on the user's part. That's true whether you're talking OpenBSD, Linux or Windows.
Windows 2000 was programmed and released about the same time as Red Hat Linux 6.x / 7.0, and we all know how secure that is if you don't do squat to secure it. If all those home users were running Linux right now, you'd have the exact same security problems. Dumping Microsoft won't help.
Windows is a very complex program, and it is a big target for virus writers. There are a lot of Linux security holes, just wander over to SecurityFocus to take a look at their bug database. I get a weekly vulnerability newsletter from the SANS organization (good newsletters, by the way, subscribe here), and there are usually more Linux-based bugs on the list that Windows.
Now I don't believe Windows is perfect. And I think that Microsoft can do a better job in getting updates installed on customer machines. I think that Windows Update is a good start for single users, and their free Software Update Server is good for business networks. Educating the user is going to be important in the fight against viruses and worms. And "the mantra" is important.
Comments? Hit the mailbox icon; your comments can be totally anonymous.
Here's some reader mail, from our old friend (and grammar checker) Brian C.:
Yes, I know which Rawhide you meant. Although I don't recall ever watching it, I do know that it had Clint Eastwood as one of the actors, although I'm currently drawing a blank on the character name.
Clint's character was named "Rowdy Yates", according to "The Fifties Web". A whole page of stuff about "Rawhide", including the lyrics to the theme song. And did you know that, according to that site:
Did you know that Sheb Wooley, who played Pete Nolan, is also known as a country and western singer? Or that he brought you the tune, Purple People Eater?
See, the important things you learn here. Now, excuse me while I wander around that web site.
Let's dip into the old mailbag and let Brian C help out with today's post (Brian is adjusting to blended trifocals, so be nice to him). He sent along an amusing list of how computers work in the movies:
1. Word processors never display a cursor.
2. You never have to use the spacebar when typing long sentences.
3. Movie character never make typing mistakes.
4. All monitors display inch-high letters.
5. High-tech computers, such as those used by NASA, the CIA, or some such governmental institution, will have easy to understand graphical interfaces. Those that don't, have incredibly powerful text-based command shells that can correctly understand and execute commands typed in plain english.
6. Corollary: You can gain access to any information you want by simply typing "ACCESS ALL OF THE SECRET FILES" on any keyboard.
7. Likewise, you can infect a computer with a destructive virus by simply typing "UPLOAD VIRUS" (see "Fortress"
8. All computers are connected. You can access the information on the villain's desktop computer, even if it's turned off.
9. Powerful computers beep whenever you press a key or whenever the screen changes.
10. Some computers also slow down the output on the screen so that it doesn't go faster than you can read. The *really* advanced ones also emulate the sound of a dot-matrix printer.
11. All computer panels have thousands of volts and flash pots just underneath the surface.
12. Malfunctions are indicated by a bright flash, a puff of smoke, a shower of sparks, and an explosion that forces you backwards.
13. People typing away on a computer will turn it off without saving the data.
14. A hacker can get into the most sensitive computer in the world before intermission and guess the secret password in two tries.
15. Any PERMISSION DENIED has an OVERRIDE function (see "Demolition Man" and countless others).
16. Complex calculations and loading of huge amounts of data will be accomplished in under three seconds.
17. Movie modems usually appear to transmit data at the speed of two gigabytes per second.
18. When the power plant/missile site/whatever overheats, all the control panels will explode, as will the entire building.
19. If you display a file on the screen and someone deletes the file, it also disappears from the screen (e.g. Clear and Present Danger).
20. If a disk has got encrypted files, you are automatically asked for a password when you try to access it.
21. No matter what kind of computer disk it is, it'll be readable by any system you put it into.
22. All application software is usable by all computer platforms.
23. The more high-tech the equipment, the more buttons it has (Aliens). However, everyone must have been highly trained, because the buttons aren't labeled.
24. Most computers, no matter how small, have reality-defying, three-dimensional, active animation, photo-realistic graphics capability.
25. Laptops, for some strange reason, always seem to have amazing real-time video phone capabilities and the performance of a CRAY Supercomputer.
26. Whenever a character looks at a VDU, the image is so bright that it projects itself onto his/her face (see "Alien" "2001"
27. Searches on the internet will always return what you are looking for no matter how vague your keywords are. (See "Mission Impossible" Tom Cruise searches with keywords like "file" and "computer" and 3 results are returned.)
That's the way my computer works. How about yours?
Have you noticed that the Google news bar now has options that include a pop-up blocker? I like the Google bar; it lets you quickly enter search terms. And the news page usually has some interesting viewpoints of the same subject. But the pop-up blocker works quite nicely. Head on over to the Google site, and download the full toolbar. Then go into the Options screen to enable the pop-up blocker. (You can temporarily enable a pop-up window by holding down the Shift key when you click on a link. Oops! See note below!)
And, on a more serious note, there's a potentially dangerous new virus out there. It is intended to format your C drive, although it doesn't work because of an (intended?) bug in the viral code. It arrives via email, so the standard warnings apply. Here's what I sent off to Jerry Pournelle's site:
The "VBS/Flipe" virus/trojan is a harbinger of more dangerous ones that are inevitable.
This virus will attempt to format your C and A drives, although the McAfee folks say that it won't succeed because of a bug in the viral code. But it is probably the first of similar ones (as I have mentioned before), and someone is bound to get it right.
Info here [opens a new window]:
The viral will display a message (with a misspelling and bad grammar) about Windows XP service patch 2. And then it will try to format your C drive.
A reminder to your readers (who should already know) that Microsoft never-ever-never sends patches or updates via email. Anyone who does should be flogged (after you delete the message).
("Never Open Program Attachments in Email", repeat three times...)
The "mantra" applies, of course.
An interesting day. Still doing some cleanup of Nachi worm, and responding to user's questions about all the messages they are getting due to the SoBig virus. The big event was our first post-mortem meeting on our Nachi eradication experience. We had a technical representative from each of the major departments. We discussed the current status, eradication efforts in each department, and then launched into a "plus/minus" discussion. That's where you talk about (without pointing fingers) about the good and bad things that happened during the incident. The intent is to improve the process by building on successes, and improve processes by determining what didn't work so well. It's a useful exercise. This has been the first major business-wide incident that we have experienced, and it will prove to be an educational experience for the technical staff as well as the executive staff.
After work, the whole family met at Mel's Restaurant for dinner, to celebrate Stacy's 19th birthday (which is tomorrow). With two wriggly grandkids it is not the most relaxing dinner, but the food was good. Then we went off to Sam's Club to get a few supplies for her party with friends on Friday. While there, we saw a good deal on a TV for our bedroom, so grabbed that. Then back home for a bit of homework, and relaxing in front of the tube.
Tomorrow's Friday. I want to get started on the basic installation of Windows 2003 Server on three new servers that will be part of the new mail system. That whole thing needs to get into production, so that project can be finished. And then there is the upcoming three-day weekend. A bit of relaxing and puttering is probably in order, along with some more family stuff before Stacy leaves for school on Monday. It's been enjoyable to have her here, although she's been spending time with her friends also.
"There is nothing to see here." -- Zork I
Well, Friday at work was a lot quieter than last Friday. Nachi is just about gone, with a few holdouts, but not causing a big problem. I had some time to get the new mail servers moved into a new rack. Didn't have time to start working on them. As Jerry Pournelle sometimes says, "the day was consumed by locusts". That's when you are busy all day, but it's not clear what was accomplished.
Friday night was Stacy's birthday party with her friends. They had a good time visiting and munching while Pam and I stayed upstairs and watched the tube. (The television, of course.) She has a good and responsible bunch of friends, and they all had a good time.
This morning, Pam went off to the hairdresser, and I did a bit of cleaning up around the house. Then the three of us went off to Apple Hill. That's a place about 30 miles up into the Sierra's just past Placerville ("Old Hangtown" during the 1800's). There are a group of apple farmers up there that get together and market anything related to apples. There are craft booths, and anything that has apples as an ingredient. And at one place, homemade fudge (I got the "Rocky Road" one). It was a nice day for a drive.
On the way home, we stopped at the factory stores in Folsom (another town with a lot of Old West history, but now a mostly residential community) so that Stacy could get some white shoes for her nursing classes. Then a stop at the local grocery store for supplies, and finally home.
For dinner, Stacy made some homemade tortillas, which we used for burritos. They were quite good. We spent the rest of the evening just relaxing, watching the tube. A really exciting life. But we like it.
Update at 11:10pm: Brian C tells me that you hold down the Ctrl key to let a pop-up window open when you are using Google's pop-up blocker. Thanks!
|
Copyright (c) 2000-2003
Two Bridges Group,
All Rights Reserved |
|
Digital Choke Daynotes  |
|---|
|
|
