TTG Home Robert Home Daynotes Journal Home Journal for Week of 4 June 2001

photo-rbt.jpg (2942 bytes)Daynotes Journal

Week of 4 June 2001

Latest Update: Friday, 05 July 2002 09:16
 

Search Site [tips]


Visit Barbara's Journal Page

Monday, 4 June 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [HardwareGuys.com Messageboard]

We got back about 6:00 p.m. yesterday. We didn't do much except lie around and read. We did get a chance to set up the scope under dark skies, but alas the clouds moved in big time so we got only half an hour or so of observing in. Barbara should have a trip report up on her page tomorrow or Wednesday morning.

It's back to the grind this morning, with the usual Sunday tasks added in to the mix. I'm running web stats and laundry as I write this, and Barbara is cleaning house. Then it's back to work on the chapter for me. Barbara has an interview with a potential client this afternoon.

I've mentioned the InoculateIT virus scanner in the past. There's a Personal Edition that's free for individual use, but that version is being discontinued as of 7 June. CA will continue to update virus signatures indefinitely, but only for current users. So if you're looking for a free virus scanner, now's the time to grab a copy of InoculateIT. After 7 June, the free Personal Edition is being replaced by an rental app, which is currently priced at $6 per year.

There's been some discussion over on the HWG messageboard about CD-R media. Kodak discs are good, and are probably the only commonly available brand of the brands I'd use. Taiyo Yuden discs are as good as Kodak discs, but are not widely distributed in the US under the Taiyo-Yuden name. Still, they're easy enough to find if you know where to look, and that's exactly what I did.

I needed to order some CD-R discs. I'm down to my last 10 pack of Plextor 16X discs, and completely out of Kodak discs. Being a belt-and-suspenders kind of guy, I was burning a backup CD of Barbara's and my working data set to take with us to Doe Run Lodge last weekend. I already had the most recent tape backup, but I like having something that I can read in just about any computer.

When I started to do the CD-R backup, I fished around and found zero Kodak discs, a couple of Fuji (which aren't great in my opinion) and a half spindle of Smart & Friendly 4X discs, which are some of the worst discs I've ever used. Oh, well. I plopped one in the Plextor. It got about half way through and blew up on a disc write error. Not even BURN-Proof can deal with a physically defective disc. I don't even know why I keep that spindle around. It's the spindle that won't die. I suppose it's on the theory that I might run out of good discs and it's better to have crappy discs than no discs.

So I went off in search of sources for Kodak and/or Taiyo-Yuden discs. I see that Hyper Microsystems has only good stuff on offer (Kodak, Taiyo-Yuden, and TDK), which in my opinion is a very good sign. They don't advertise any of the junk stuff. Their prices seem very good, and http://www.resellerratings.com gives them a very high rating. I've never bought from them, but I think I'll order a spindle of 100 TY discs to see if they're as good as they're supposed to be. They're at http://www.hypermicro.com/store/index.htm

I knew something was up with NECx. I got the following email Friday from my NECx representative, whom I've never met, spoken with, or exchanged email with.

For those that did not realize it by now.... NECX Direct is owned by Gateway, Inc. You may have noticed that the recent advertisements from Gateway say..... "we will meet or beat any published price".

Well..... I want to pass that on to YOU.... our NECX Direct Business customers. Show me a published price (print or from the web) for any product (Item must be in stock and shown on the NECX Direct Website) and I WILL beat the price.... guaranteed. This offer is only good through June 8th and cannot be combined with any other coupon or offers from NECX Direct. If your order is over $399.... you get FREE SHIPPING TOO.

Please call or email me with your requirements or the link with the published price and I will make sure that you are entirely happy with the end result!

It'll be interesting to see if NECx continues to offer good prices and service now that Gateway owns them.

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum

[Top]

Tuesday, 5 June 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [HardwareGuys.com Messageboard]

Yesterday I finished updating Chapter 14, Hard Disk Drives and sent it off to my editor. It's available for download on the Subscribers Page now (212 KB Word 2000 document). If you care to read and comment on it, I'd love to hear what you have to say. There is a link on the subscribers' page that you can click to provide feedback in the Subscribers Only forum on the HardwareGuys.com messageboard. I'm working now on Chapter 15, Video Adapters. That one should be up in the next couple of days.

If you're not a subscriber and want to become one, click here.

Barbara has a brief trip report with pictures up on her page.

 

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum

[Top]

Wednesday, 6 June 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [HardwareGuys.com Messageboard]

Happy birthday to me. I'm 48 years old today or, as I prefer to think of it, 20-28 (with a tip of the hat to Elaine Boosler). One thing about having June 6th for a birthday is that I always know which movies will be on TV on my birthday. I haven't looked at the listings, but I'm sure there'll be an assortment of WWII movies on tonight, many of them about D-Day.

Much discussion on the back-channel mailing list about Steve Gibson's article concerning the DDoS attacks he's been subjected to and Gibson's open letter to Internet hackers, in which he surrenders abjectly and throws himself on their collective mercy. 

A lot of people have criticized Gibson for his harsh comments about Microsoft. At issue is Gibson's statement that pre-Win2K Microsoft operating systems had a broken IP stack. That stack is not RFC-compliant in that it is unable to spoof IP addresses, which Gibson correctly regards as a Good Thing. The stack included with Win2K and XP has had that problem fixed. All of that is true, although many have pointed out that it's easy enough to spoof IP addresses by bypassing the standard IP stack. But that's neither here nor there. What Gibson was pointing out was that the vast majority of broadband-connected PCs out there right now are running IP stacks that can't spoof. With W2K and later, Microsoft has done away with the deficiency, which means that an increasingly large fraction of the unprotected or poorly protected broadband-connected PCs will have an IP stack that can spoof IP addresses. Spoofed IP addresses make it (much) harder to trace the attack back to the originating machine, so in that sense Gibson is right.

Pournelle asks if that means that any reasonably competent person can shut down anyone he chooses. The answer right now is a qualified yes. If you're running IPv4 on the public Internet--which all of us are--you're at risk. If you're a bank or large corporation, you don't depend on the Internet for mission-critical stuff. You run financial transactions and other line-of-business stuff on a private network, which is not connected to the public Internet and is therefore immune from attack.

Ultimately, the answer is to deploy IPv6, which plugs most of the holes. IPv4 was never designed to be secure, but IPv6 was. But in the interim there's quite a lot that everyone should be doing to minimize the risk of such attacks. The fundamental problem is unsecured PCs with always-on connections. Hackers hijack these machines, unbeknownst to their owners, and use them to originate DDoS attacks. Securing your machines is the computing equivalent to building a fence around your swimming pool. Bob Walder--one of the Daynoters and a security specialist--posted quite a good list of precautions that should be implemented on corporate networks, and I'm sure he won't object to me reproducing it here.

1. Don't open e-mail attachments unless you are sure you know where they come from

2. If you must open an attachment you are unsure about, move the message to an isolated PC first - only an air gap will do!

3. Keep your AV software up to date (you ARE running AV software, aren't you.....)

4. Install a firewall at the gateway to your network - but make sure you implement a PROPER security policy. Most people deny plenty on the way in, but let ANYTHING go out. This is stupid. How many protocols and ports do you and your users ACTUALLY use on the Internet? Count them on the fingers of one hand - then implement a policy to make sure that's ALL that is allowed out. Also, do some content filtering here so that you can stop those pesky VBS scripts from ever reaching your PC, and use Network Address Translation (NAT) for outbound traffic to hide the structure of your network.

5. If 4 is not possible, make sure your ISP is offering a similarly useful policy on your behalf. The ISP, of course, cannot filter your outbound traffic as effectively (and will be very reluctant to put any "customer-specific" firewall rules in place anyway), which is why it is our responsibility, primarily, to stop this crap leaving our own systems. ISP's usually do firewall, but the policies they implement are more for their own benefit than their users.

6. For the belt and braces guys, you should deploy an Intrusion Detection System on your local network. Firewalls are OK until someone finds a way around them - then you need IDS to spot what is going on

7. Deploy a File Integrity Assessment product (i.e. TripWire) on your critical machines - then you can quickly spot when programs have been added or changed - usually indicating the introduction of new software (i.e. a Trojan)

8. As a last resort, use something like ZoneAlarm as a "personal firewall". This should always be used by the travelling user or anyone connected to the Internet without the benefit of firewall/IDS/FIA protection, but should not be necessary if you have a good firewall/IDS in place. Do NOT rely on this as your ONLY form of protection on the network, however - it should most definitely be considered a second or third line of defence.

To which Bob Walder responds:

Bob,

You have said that my list applies to corporate networks. Actually, I intended it as a list for EVERYONE. Admittedly it is over the top for home users, but Pournelle asked what he needed to do to try and prevent this stuff - and that is it! At the end of the day, we are ALL going to have to take corporate-sized measures, and those machines that pose most risk from DDOS attacks are always-on home users, not corporate users, 'cos they are the least security conscious.

By dismissing the list as something that applies only to corporate users on your site, I think you are lessening whatever value it might have - many of your home users might skip straight over it thinking "not for me then". Although most will not go to these extremes, it might provide at least SOME food for thought.

Regards,

Bob

IDS/FIA on a home network? That seems a bit unrealistic, unless there are inexpensive products I don't know about.

Actually, I first wrote my entry saying that "everyone should take these measures", but when I hit the part about IDS/FIA I decided to change it to corporate. But I'll post your comment and publish it immediately.

I certainly didn't mean to dismiss Bob's list in any respect. And, looking at things, Mr. Walder is right. All of this needs to be done, but obviously little or none of it will be done by most users. But that doesn't mean you shouldn't do it. Let other people's machines be zombie-ized. That's their problem. Well, actually, it's everyone's problem, but all you can do is protect yourself.

I'm sure many will be curious about what I use, so I'll say that I'm running Norton Internet Security 3.0, which incorporates anti-virus, personal firewall, and other security functions. As my regular readers know, I've never been a big fan of having a virus scanner running all the time, but I've allowed Norton to do this just to see if things are better than they used to be. I've been running it for a couple of weeks now, without any evident problems. Be aware that the footprint is huge. NIS takes lots of memory and lots of CPU ticks, particularly if you've configured it (as I have) to be much less permissive than the defaults. Still, memory is cheap and I don't have any shortage of CPU ticks.

Bob and I have a further exchange of mail:

BlackICE Defender is an IDS (NOT a firewall, as many people seem to insist) at $39, TripWire is free (on Linux). LANguard also produces a free FIA product, though I have not looked at it yet. If home users use a scaled-down version of my suggestions it will help - they do not have to spend thousands on corporate-grade products

Thanks. I was aware that Black Ice was an IDS, but from Gibson's reports it doesn't seem to work very well. I think I remember him mentioning that it simply dies for no apparent reason, leaving you wide open without notice.

And, of course, you're right that any protection is better than no protection.

So, at any rate, listen to what Bob has to say. He's an expert.

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum

[Top]

Thursday, 7 June 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [HardwareGuys.com Messageboard]

There's a picture of my birthday balloon over on Barbara's page. As Maxwell Smart would say, that's the second biggest balloon I've ever seen.

A thunderstorm moved in last night just as Barbara and I were sitting down to dinner. As we ate, there came a blinding flash and a monstrous boom, with no separation. We both jumped literally six inches off our seats. Barbara thought lightning had hit literally in our back yard. I think it was maybe on the block behind us. I didn't think much more about it until Barbara picked up her phone shortly afterward and told me that it was dead. When I checked my phone, it was dead too.

I went downstairs and found the phone controller with no lights on. That's happened before, so I went into the downstairs kitchen to reset one of the GFCIs, which is on the circuit used by the phone controller. That GFCI always pops during a bad thunderstorm when surges come on the power lines. I waited for the system to reset, which it appeared to do normally. When I went back upstairs, I found that Barbara's and my mother's extensions were working normally, but mine was not. To make a long story short, the first station port (to which my extension connects) is dead. That's particularly bad news, because the phone controller is programmed via the first station port, which meant I couldn't change any of the programming to redirect calls to a different port.

Then I tried calling port 14, which is the automated attendant port. Ring-no-answer. Hmmm. I figured maybe the PC that hosts the AA was hosed, so I checked it. It appeared to be running normally. So I called out on line 1 and in on line 2, which the AA should have picked up. I got Ring-no-answer on Port 14 again. So we have no automated attendant. Because all incoming calls are set to ring only on Port 14, that meant we'd never hear an incoming call.

So I went downstairs and re-cross-connected some stuff to put CO1 directly on the cable leading to Barbara's extension, and CO2 directly on the cable leading to my mother's extension. That means that Barbara's phone will ring for incoming calls on CO1 and my mom's will ring on CO2. No automated attendant. No transfers. No intercom, etc. 

I need to call my insurance agent this morning and find out if I'm covered and what hoops I'll need to go through to collect. I also need to check some of the other PCs around here. My Roadrunner box appears to be fine, as do my own main and secondary systems, Barbara's main system, and the file server. As to others, I think they're okay, but I have some checking to do. My guess is that the spike came in on CO1. None of the PCs is directly connected to a phone line, so they may all be okay. I hope.

There's a very serious backup bug in Windows 2000, which is a flaw in Windows 2000 itself and so applies to any backup program. An AD backup fails to restore properly about 50% of the time. For more details and information about the fix, see Mat Lemmings' page

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum

[Top]

Friday, 8 June 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [HardwareGuys.com Messageboard]

Hmmm. I called my insurance agent yesterday morning first thing. The lady I spoke with said that State Farm's claims people would call me directly. So far, nothing. The good news is that it appears that our phone system was the only thing damaged. The bad news is that we're now operating without an automated attendant, which means we'll have to get used to getting annoyance calls again. We only got one of those yesterday. My mother got a call from someone who'd dialed the wrong number. I suppose after years of running an automated attendant we're on everyone's "don't bother calling list". Or so I can hope.

Pournelle called last night and was surprised when Barbara answered the phone directly. She told him what had happened. When I picked up, he asked if we hadn't had CO line surge protection in place. I told him we had. Multiple layers, in fact. First, the carbon and/or gas tube suppressors that the phone company installs at the demarc. Those are intended to protect people, not electronic equipment, but even so they should dissipate the majority of the current. Second, perimeter protectors made by Panamax. Those sit about four feet inside the house from the demarc, attached to a joist in the basement, and grounded to the copper cold water pipe. Third, another stack of Panamax protectors at the equipment backboard, which are grounded to the electrical system ground. But the lightning zapped my phone system for all of that.

I talked yesterday afternoon to Ray, the guy who lives behind us. He brought up the lightning strike himself. I asked him where he thought it had hit, expecting him to say that it had been across the street from him somewhere. But he said he thought it had hit in his back yard, which adjoins our back yard. So perhaps Barbara was right after all. She thought it hit in our back yard. But I didn't see any smoking, blackened trees or anything. Wherever it hit, it was too damned close.

Duke and Marsha Johnson are coming over for dinner tonight. They're both members of the Forsyth Astronomical Society. Duke works at SciWorks, which hosts our meetings, and Marcia is the manager of the B. Dalton bookstore at the mall.

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum

[Top]

Saturday, 9 June 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [HardwareGuys.com Messageboard]

Duke and Marsha are Interesting people. Duke is a program manager with SciWorks, which used to be called the Nature Science Center. Marsha manages a bookstore. We had takeout Chinese and talked until after midnight. They're a nice young couple, in their early 30's. Nearly all our friends are younger than we are now. 

Malcolm particularly liked Marsha, and spent a great deal of time in her lap. We explained to them that Malcolm is growly-challenged, and that the threat display is not aimed at people but at Duncan. I illustrated by putting my face up to Malcolm while he was snarling and getting my face licked through the fangs. Marsha is obviously not easily intimidated, because as Malcolm snuggled in her lap, she continued to pet him even as he growled and showed his fangs.

Is it just me, or have others noticed that on-line computer magazine sites seem to be cutting way back? I visit PC Magazine on-line periodically, not because anything they have to say is particularly worth reading, but just because it's a habit that originated in the days before the Internet, when I used to call up their BBS and download PC Mag utilities. Dvorak is about 99% blather and 1% useful information, but I still check his on-line column from time to time. Dvorak used to run a new column once a week. Lately, it's been running more like every three weeks. If you can call it a column. It seems like half the time he posts a half dozen lame pictures with a sentence or two of comment and calls that a column. Obviously, PC Magazine is cutting way back on the resources they devote to their on-line presence.

Same thing with InfoWorld. I have their columnists' home page bookmarked, and it looks to me as though they stopped updating it three weeks or so ago. The same columns have been there for quite a while. Not that I care much. Like PC Magazine, InfoWorld no longer has any columnists that are worth reading regularly. I dropped my subscriptions to both PC Magazine and InfoWorld, although InfoWorld continues to arrive in my mailbox every week. Nowadays, I just pitch it without looking at it. It's just not worth my time any more.

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum

[Top]

Sunday, 10 June 2001

[Last Week] [Monday] [Tuesday] [Wednesday] [Thursday] [Friday] [Saturday] [Sunday] [Next Week]
[Daynotes Journal Messageboard]  [HardwareGuys.com Messageboard]

Mars last night.

The professional weather-liars all said we could expect clearing skies, with little to no cloud cover by 9:00. So I called a few members of the Forsyth Astronomical Society to let them know we were headed up to Bullington and to invite them along. Marsrise wasn't until about 21:00 local, and the end of astronomical twilight wasn't until about 22:30, so we weren't in any hurry to get up there. We left Winston-Salem under relatively clear skies, but the closer we got to Pilot Mountain, the more clouds were visible. We finally arrived at Bullington at about 8:30 to find the cloud cover was about 5/10 and getting worse.

Bonnie Richardson, Jeff Poplin, and David Morgan were already there and setting up. Bonnie is, like us, a relative novice observer. Jeff and David are very experienced, so while we waited for dark and for Mars to rise from the muck I queried them about DSCs (digital setting circles). Although a lot of experienced observers consider using DSCs to be "cheating", I'm beginning to think they're indispensable for us. Using DSCs is an alternative to finding objects the old-fashioned way, by learning the sky and star-hopping. The problem is that star hopping presumes that you can see a reasonable number of stars. That's all well and good if you're at a dark-sky site, but if you're in our back yard, which most nights has a limiting magnitude of about 2.5 due to light pollution, there just aren't enough stars visible to star hop.

DSCs solve that problem. A DSC comprises a hand controller and two optical encoders mounted on the telescope such that moving the scope in altitude or azimuth sends a signal to the hand controller. You start by initializing the DSC by finding a "guidepost" star. Something bright like Spica. Once you have the first guidepost star centered in your field of view, you tell the hand controller that you're pointed at that particular star. Then you slew the scope over to another bright star and repeat the process. With known stars at two positions, the DSC "knows" how it's oriented. If you then want to locate a dim object at an unknown position, you enter that object into the hand controller, which then tells you which directions to move the scope in altitude and azimuth. When both read-outs reach zero, the object is in your field of view. It turns any scope into a kind of manual go-to scope.

Jeff and David both seemed to think that DSCs were worthwhile, although both also mentioned that one shouldn't use them a crutch. From my point of view, having DSCs would make it possible to do some serious observing from our backyard, and would also serve as an aid to learning the night sky. And if we end up getting a second scope, I can simply buy encoders and a mounting kit for it and use the same hand controller on multiple scopes. So now I'm researching DSCs, which is actually easier than I thought it would be. There are only two actual brands of DSC. One of them isn't sold directly to the public, but is relabeled by Orion, Celestron, Meade, JMI, etc. The second is called Sky Commander, and is sold both direct and in relabeled from by a few other resellers. So it comes down to evaluating only two types of DSC. At this point I'm leaning toward the Sky Commander for various reasons.

At any rate, as we talked the clouds continued to move in. So much for the weather-liars. We did have a good view of the southern horizon, and kept hoping that the clouds in that direction would clear. We were all watching for Mars to climb out of the muck, but Barbara was the first to spot it. About 22:00, Barbara shouted "What's that over there?" Sure enough, there Mars was, about 10 degrees above the horizon, bright, red, and flitting in and out of the clouds. At first, Bonnie thought it was an aircraft, but Jeff got his binoculars on it and verified that Barbara had found Mars. That last may seem strange to anyone who's not actually done this. If it seems stupid that someone could see Mars and think it might be an aircraft light, well all I can say is that you haven't ever tried to identify something low on the horizon in haze and clouds in an area where aircraft are common.

The visual magnitude of Mars is about -2.3, but it was low enough and coming through enough haze even at the clearest moments that it looked to be perhaps magnitude 0 or 1 at its brightest. But we were definitely seeing the ruddy disk and there were even some surface features marginally visible. At that point, we had our 10" Dob and Bonnie's 8" SCT pointed at it. Both were showing enough detail to be exciting, but at the same time the seeing was disappointingly bad. If we'd had a clear night we'd have been able to resolve some serious detail, I think.

At first we were observing at about 80X, but the seeing improved enough that I decided to put some serious power on it. I bumped it up to 140X, hoping to be able to see a bit more detail. The view pretty much turned to mush, although there were periods of a few seconds when things would clear up. During one longer clearing period, I bumped the power up to 280X, but just as I did so the seeing suddenly turned terrible again. From that point, things went downhill fast. The clouds had moved in, and Mars spent most of its time hiding behind the clouds. It'd pop out every now and then for a few seconds or a couple of minutes, only to disappear again behind the clouds.

We'd decided earlier to stick around late last night. We hadn't left home until late, and before we left we'd gotten my mom settled in for the evening, taken the dogs on their constitutional, and so on. Barbara was game for sticking around until 0100 or 0200. And we would have, had the seeing been at all reasonable. But the clouds seemed to be getting worse, not better. About midnight, Bonnie announced that she was packing it in. We decided that made sense, so we did the same. But Mars will be around for a while, so we'll have other opportunities. We may head up to Bullington again during the week, and will almost certainly be up there next weekend, weather permitting.

Click here to read or post responses to this week's journal entries

Click here to read or post responses to the Linux Chronicles Forum

[Top]

 

Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004 by Robert Bruce Thompson. All Rights Reserved.