GuruNews, Volume 8 Number 28, 8-7-08

Kevin-PC Gurus microdome at seidata.com
Thu Aug 7 21:50:37 EDT 2008 

Welcome to GuruNews



Brought to you each week by the PC Gurus, a loose collection of volunteers from around the Kentuckiana region.

 

You can interact with the PC Guru team via our Web site, located at http://www.thepcgurus.com.  On our site you can post your computer questions, comments and rants on the forums, e-mail the PC Guru

team members and chat one on one in our nightly IRC chat beginning around 8:00 PM EDT.  You can also subscribe to our RSS feeds so you can get the latest news and forum updates from the PC Guru Web site directly on your computer.

 

If you're new to the Newsletter you can read back issues at Team member JP Durbin's website at http://www.jpdurbin.net.  There are links to all the old 84 Online issues as well as the new GuruNews missives.

 

The WHAS Crusade for Children provides year round support for needy children throughout the Kentuckiana region.  Visit http://www.whascrusade.org to make donations online.

 

USS Rover's list of streaming computer shows is now available for download in Excel, Open Office and Linux ready formats from http://www.vegassellers.com/ussrover/showlist.html. 

 

To subscribe to this newsletter just drop by www.thepcgurus.com and sign up!

 

Vol. 8, No. 28                 

8-7-08

 

1 Protocol layers and DNS        

2 Hey Dad, how does.? 

3 MS says Vista doesn't suck, DNS flaw is worse than thought, Firefox still rolling, airborne wireless

4 Fresh visit to an old favorite

5 Limiting account power

 

Last week we talked about the socket layer and how your communication to the network originates there.  This generates your message, as in email or IM, or your request for a Web page, which is then passed to the protocol layer.  When this happens it actually goes through a double layer.

 

The protocol is made up of a higher layer, or Transmission Control Protocol, which takes the message and breaks it into chunks called packets.  These packets pass through the lower level, or IP, to the next destination.  This may be a computer on your network or the server at your ISP.

 

So TCP breaks it into chunks and sends through IP, which figures out the address to send the packets to.  Together they are called TCP/IP.  On the far end the receiving computer makes a note of the IP layer address and the TCP layer rebuilds the packets into a whole.

 

As an example, let's say you want to send a component stereo system to a friend.  That's a really large box (Winsock message).  You ask your friend at the local retail PO box store (TCP) to take care of handling it.  He breaks the system down to receiver, CD deck, EQ and speakers and packs it in separate boxes.  He then calls the UPS guy (IP) to come get them.  He figures out the routing, addresses them and sends them on their way.

 

On the far end UPS delivers to the destination, where the component system is rebuilt into a complete stereo.

 

Now there are protocol layers higher than TCP, such as the web (HTTP), file transfer (FTP) and email (POP and SMTP), but in the end they all have to transit through TCP/IP so why confuse things?

 

There are no direct exploits of the protocol layer that I'm aware of at this time, but it may be vulnerable to a direct attack of some sort.  This is where a software firewall comes into play.

 

I've always felt that the firewall offered by a router was enough but of late things have gotten dangerous enough for me to switch gears and say go ahead and get one.  Just don't permanently block anything until you can determine what it actually is.  Most modern firewalls are preconfigured for at least core Windows files but many other critical programs need access so always ask.

 

The same idea can be applied to DNS, which is the next step in the chain.  All messages and requests for access beyond the ISP require the process to be repeated, sometimes many times over.  The Internet is huge and may need to pass the message through multiple servers to the destination, rebuilding and refragmenting it at every stop.

 

The "Yellow Pages" book used for all this traffic is called DNS (Domain Name System), which acts like a phonebook for the addresses for these hops through the system.  Each step has to look up the next address and, once delivered it gets passed along until it arrives at the destination.

 

Once there the process starts all over again, heading back the other way and being rebuilt and broken down at each stop.  This delivers the contents of a website back to your browser, or in the case of a message flags it as sent.

 

This is a bit of a stretch but it works as an analogy.  Let's say the stereo system is actually sent out to be reviewed by multiple people.  After UPS delivers it to the first person they use it for a couple of days, then break it down and send it on to the next in line.  They have the name of the next person but not the address, so they consult the phone book.  Once they have the address, out it goes neatly boxed up in multiples packages.

 

As I said, it's a stretch but you can see where I'm going.  DNS is the most important part of the Internet because it's the repository of all knowledge.  DNS is made up of 13 core servers scattered around the world, with most ISPs and many independent agencies hosting mirrors.

     

These are currently the weak points in the chain that keeps you connected to the Internet.

 

There's a flaw in the DNS protocol that allows a hacker to basically hijack the address of any given website and direct it somewhere else.  This is called DNS poisoning and amounts to someone ripping out a page of the phonebook and replacing it with one listing all bogus numbers.  Most ISPs have patched this problem but some, like AT&T, are dragging their heels (as I mentioned last week).

 

Eventually they will all patch their DNS servers but I would still strongly suggest the Netcraft Toolbar that I mentioned last week.  It's not perfect, as no security precaution is, but it's a start.

 

That's enough for this week; hopefully you could make sense of my ramblings.  As I told an emailer, it's only going to get more complicated.    



Kevin Mefford, Editor

pcguru at microdome.net

 

 



 

Terry Wise

www.ratland.com

 

 

Tech News of the Week  

 

Deserved or not, the Windows Vista operating system from Microsoft gets a bad rap. But the company's recent effort to repair Vista's reputation did not win any rave reviews either (tip o' the hat to team member Carmine for sending me this one):

http://www.nytimes.com/2008/08/04/technology/04vista.html?_r=1&th&emc=th&oref=slogin

Security researcher Dan Kaminsky Wednesday revealed details on the DNS vulnerability he discovered earlier this year, suggesting its potential impact is far more serious than just about anyone realized:

http://www.crn.com/security/209903975

Firefox 3 still has that new browser smell, but that's not stopping the Mozilla Foundation from planning ahead for its next major move:

http://www.pcmag.com/article2/0,1895,2327333,00.asp

Wireless Internet access is about to move out of coffee shops and airport lounges and into airplanes:

http://www.washingtonpost.com/wp-dyn/content/article/2008/08/05/AR2008080501793.html?hpid=sec-tech

Copy us on the good stuff!

 

Matthew Dattilo

thepcgurus at gmail.com 

www.mattstodayinhistory.com

 

 

Download of the Week
 

If you're constantly connected to the Web, your PC is especially vulnerable to hacker attacks. Checkpoint's free ZoneAlarm firewall can give you some protection. It blocks attacks from the outside and guards against dangers that originate within your PC as well, preventing Internet-bound applications from opening ports into your system. ZoneAlarm also makes a digital fingerprint of authorized apps so that Trojan horses can't slip by, masquerading as trusted programs.  For added privacy controls, such as ad blocking and cookie management, consider buying the Pro version (firewall and anti-spyware).  This firewall is easy to use and provides the extra layer of protection with the router firewall that Kevin mentions.  Get the free version here: 

 

http://tinyurl.com/5tfdex.

 

Carlita Lupino

Cards57 at gmail.com

 

 

Email Question of the Week
 

Q:  I know it is best to set up user's with less than administor rights and to log in with one of those especiallly when going on the internet. How do I do that? I have XP home on my home desktop and Windows 2000 Pro on my laptop. Thanks for all you do.

 

A:  Actually, it's pretty easy.  Click Start and go to Control Panel (or Settings/Control Panel, depending on how you have the menu set up) and open User Accounts.  You may have to click Switch to Classic View in the upper left corner of Control Panel in order to find it.

 

Once in User Accounts click Create a new account, name the user and set the account to Limited.  Click the Create Account button and you're done.

 

That's in XP, 2000 may be a little different but my 2K box is otherwise occupied so I can't check.  It'll be similar anyway.

 

Hope that helps and keep us posted...

 

Kevin Mefford

pcguru at microdome.net

 

 

Contact info and legal stuff
 

If you have tech support questions or ideas and/or submissions for our newsletter please submit them by visiting www.thepcgurus.com and click on the "Email the Team" icon. 

  

Copyright 2001-2008 The PC Gurus, all rights reserved.  Publication, rebroadcast or storage is prohibited without prior consent, however you may freely forward this publication to friends as long as A) it is forwarded in its entirety and B) no fee is charged.

 

Information provided in this publication is provided "as is" without warranty of any kind, either expressed or implied.  Although the information provided is known to work on most systems, it may not work on ALL systems.  Make use of any information supplied at your own risk.

 

The PC Gurus are a group of volunteers who provide support for the PC, Mac and Linux users in the Kentuckiana region.

 

To unsubscribe from this newsletter visit http://thepcgurus.com/mailman/listinfo/newsletter_thepcgurus.com or send an email to microdome at seidata.com with the words "unsubscribe newsletter" (without the quotes) at the top of the body of the message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://thepcgurus.com/pipermail/newsletter_thepcgurus.com/attachments/20080807/ac8a31da/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 32965 bytes
Desc: not available
Url : http://thepcgurus.com/pipermail/newsletter_thepcgurus.com/attachments/20080807/ac8a31da/attachment.jpe

More information about the newsletter mailing list