Bulletin

BENTSEN GROVE COMPUTER CLUB BULLETIN
Week of Feburary 7, 2005

MEETINGS

MONDAY

ROOM 3 & 3R
BEGINNERS
PRESENTATION
9:30 AM

GENERAL
MEETING
10:30 AM

SPECIAL INTEREST GROUPS:
If you would like to meet in a small group to discuss one of the following subjects, contact the following people.

If you would like to lead a SIG, discuss it with Val.

Our bulletin is also available on line by visiting http://www.bgrcc.com/ and clicking on bulletin. You may also select bulletins by its subject

PHOTOGRAPHY
WEB PAGE
INVESTMENT CLUB

Bill Wiese
Harold Buechly
Corinne Higbee

580-3184
581-3180
585-5664

NEED SOME HELP
TRY http://www.bgrcc.com/
Click on HELP - - - - - - - -

EMERGENCY

RESPONSE

TEAM

John Abbott……424-0537
Val Barron…..…..519-2319
Harold Buechly...581-3180
Rich Mencel……583-9621
Claude Westfall 580-4042

UPCOMING EVENTS: Please wear your badge!
Monday February 7^th 2005, 9:30 AM New User LESSON 8, By Corinne Higbee
Click here to get the lesson, print it and bring to class.
Monday February 7^th 2005, 10:30 AM General Meeting By John Abbott

Bentsen Grove Wireless Network By John Abbott

   There seems to be a lot of confusion about the wireless network here at Bentsen Grove Resort. I've been in contact with the regional office as well as the home office for the network and have agreed to help them test the system. Here are the results of today's testing.

1) All of the transmitters are up and on-line. I understand from our office that another transmitter is yet to be installed some time tomorrow afternoon.

2) The signal is very strong <2 watts> and driving around the park in my car with my laptop I could find no dead spots and only a couple of places that didn't report an optimum signal -and they were reported as good.     Sitting in my front room with metal blinds between me and the tower I get a full strength signal.
      The signal is 802.11b   but 802.11g cards are downward compatible if you are using the Athlos / Centrino built into your laptop.

3) To access the network you need to set your wireless network to "infrastructure." If your system doesn't offer that setting then look for "Ad Hoc."    You then need to enter the SSID: thewirelessweb <this is a Linux server and it is case sensative - lower case only. Make sure that you turn off or inhibit "encryption" and/or "security."   These settings have nothing to do with the security of your link but the ability to log onto a network.    If you can set the channel to automatic that would be best - but if you need to display a channel then pick channel 7 <if that fails try channel 11>.

4) Once your wireless system locks onto the signal you should be assigned a TCP/IP address of 192.168,3.150-250    this WILL change each time you log on - don’t try to make it a static address because the DCHP may assign it to somebody who logs on before you and then you won't be allowed on.

5) Open your web browser <which MUST support 128 bit encryption - IE, Mozilla, Firefox and Opera> and open your home page <cannot be blank> and send.   The wireless web will redirect you to their log-on and then sign-up pages. These pages are on an SSL <secure> link and once connected your information is secure.

6) When you fill out the sign-up sheet, you will be offered a "plan" on the upper left of the page <pull down menu>. You may take a 24 hour account $2.50, a full week account $12 or a full month $21
     If you pick the 24 hour you will always be allowed to log on again but you will be directed to a "buy more time" page - which says they recognize you but your account has been expired. You will simply sign up again and pick a longer term.

7) If you have trouble logging onto the wireless aspect, give me a yell. If you have trouble getting past the log on page click on the FAQ link in the blue strip of the header.

An Outline of John’s Presentation of February 7^th 2005 General Meeting By John Abbott

Why an Anti-Virus program isn't enough.

COMPUTER WORMS!

A computer worm is a self-replicating computer program, similar to a computer virus. A virus attaches itself to, and becomes part of, another executable program; however, a worm is self-contained and does not need to be part of another program to propagate itself. They are often designed to exploit the file transmission capabilities found on many computers - primarily FTP and the TCP/IP portals. Programs on a computer "listen" to a specific port for information. For instance port 80 is used by the HTTP engine to fill in the pages on your web browser.

There are literally thousands of ports available on your computer. However a program on your computer must be listening to the port to have any effect. The problem exists because Microsoft needed to make ports available to 3rd party vendors. Your email port 25 is probably the most accessible and that is why it is most frequently used for virus programs. Most Anti-Virus programs now filter the data through email ports. But what about all those other ports? A firewall closes them except for use by programs you specify.

Then why a hardware firewall? Some of the new virus programs are actually a client that turns off the Anti-Virus programs! And then allows access from their sponsor to install mini-servers to do their bidding. Or if you happen to deliberately download a program or picture from a website you may also be downloading a trojan <spy ware>. A well defined firewall will block that type activity to a great extent – but the incurably careless can still give permission to load spy ware when they download things like tool bars for a browser <aha port 80> and from then on the client has an available port to use.

The name 'worm' was taken from The Shockwave Rider, a 1970s science fiction novel by John Brunner. Researchers writing an early paper on experiments in Distributed Computing noted the similarities between their software and the program described by Brunner and adopted the name.

The first implementation of a worm was by two researchers at Xerox PARC in 1978.

http://www.parc.xerox.com/about/history/default.html>

The first worm to attract wide attention, the Morris worm, was written by Robert Tappan Morris, Jr. at the MIT Artificial intelligence Laboratory. It was released on November 2, 1988, and quickly infected a great many computers on the Internet at the time. It propagated through a number of bugs in BSD Unix and its derivatives. Morris himself was convicted under the US Computer Crime and Abuse Act and received 3 year's probation, community service and a fine in excess of $10,000.

In addition to replication, a worm may be designed to do any number of things, such as delete files on a host system or send documents via email. More recent worms may be multi-headed and carry other executables as a payload. However, even in the absence of such a payload, a worm can wreak havoc just with the network traffic generated by its reproduction. Mydoom, for example, caused a noticeable worldwide Internet slowdown at the peak of its spread.

A common payload is for a worm to install a backdoor in the infected computer, as was done by Sobig and Mydoom. These zombie computers are used by spam senders for sending junk email or to cloak their website's address.
<http://seattletimes.nwsource.com/html/businesstechnology/2001859752_spamdoubles18.html>

Spammers are thought to pay for the creation of such worms <http://www.wired.com/news/business/0,1367,60747,00.html>
<http://www.channelnewsasia.com/stories/afp_world/view/68810/1/.html>
and worm writers have been caught selling lists of IP addresses of infected machines. <http://www.heise.de/english/newsticker/news/44879>
Others try to blackmail companies with threatened DDOS attacks. <http://news.bbc.co.uk/1/hi/technology/3513849.stm>

The backdoors can also be exploited by other worms, such as Doomjuice, which spreads using the backdoor opened by Mydoom.

Whether worms can be useful is a common theoretical question in computer science and artificial intelligence. The Nachi family of worms, for example, tried to download then install patches from Microsoft's website to fix various vulnerabilities in the host system (the same vulnerabilities that they exploited). This eventually made the systems affected more secure, but generated considerable network traffic — often more than the worms they were protecting against — rebooted the machine in the course of patching it, and, maybe most importantly, did its work without the explicit consent of the computer's owner or user. As such, most security experts deprecate worms, whatever their payload.

External link
* The Wildlist <http://www.wildlist.org> List of viruses and worms 'in the wild' (i.e. regularly encountered by anti-virus companies)
* Worm parasites <http://www.2-spyware.com/worms-parasites> Listed worm descriptions and removal tools.

________________________________________________________________________

This usage of the term 'worm' should not be confused with WORM (in
capitals), which stands for Write Once, Read Many, a property of some
computer storage media By Sujeesh.

Submit Your article; deadline for next bulletin is Wednesday of each week.
Share your computer experiences with other members. We need articles to publish in the BGRCC Bulletin each month. Simply click here EDITOR AT BGRCC and paste your write-up to submit it.

UPDATE YOUR MEMBERSHIP INFORMATION Change your e-mail address, unsubscribe to this bulletin, etc. Use link below.
UPDATE YOUR MEMBERSHIP