/* ----------------------------------------------- Blogger Template Style Name: Minima Black Designer: Douglas Bowman URL: www.stopdesign.com Date: 26 Feb 2004 ----------------------------------------------- */ CompuDave: October 2004

Monday, October 25, 2004

Phishing

Phishing, in case anyone doesn't know, involves usually sending e-mail that appears to come from legitimate sources asking you to sign into your your account and update something. This could be a bank account, internet account or almost anything else. The trick is the e-mail usually contains a link to the home page but while a real looking page shows up it is actually on the phishers site. They hope you'll fall for it and give them your user id and password.
Here is one I received today supposedly from ebay.

In the next few days we will be introducing a new email option for members who want to get more information about items listed by their favorite sellers. The Favorite Seller Digest will include a sample of the most recent items listed by sellers included in your Favorite Sellers list, and you can select whether to receive the email weekly, bi-weekly or monthly.

When you add a new seller to your Favorite Sellers list, you will have the option to include them in the Favorite Seller Digest email. In addition, you can also add sellers to this email digest by going to the Edit Preferences page from your My eBay Favorite Seller table. The Favorite Seller Digest will be sent by eBay to your email address on file.

To learn more about this new feature, click here. In order to use this you must log in to your ebay account in the next 24 hours.

Regards,
eBay Inc.

Sounds good. Looks real. I knew better but in the interest of having something usefull to write about I checked it out. The first and easiest thing to do is just hover your mouse pointer over the links. See what they look like.
Here is the text of those links.
http://210.222.212.229/www/signin.ebay.com/ws2/eBayISAPI.dll_SignIn.htm

That ip address up front instead of ebay.com is a dead give away. So if you're still a little curiuos take that address (210.222.212.229) and go over to a place with ip whois. I like SamSpade.org
Place the ip number in the ip whois and see what you get.

Server Used: [ whois.krnic.net ]

210.222.212.229 = [  ]

(www.nic.or.kr) Whois
query: 210.222.212.229
ENGLISH
KRNIC is not a ISP but a National Internet Registry similar to APNIC.
The followings are information of the organization that is using the IPv4 address.
IPv4 Address : 210.222.212.224-210.222.212.255
Network Name : KORNET-HOTLINE2003230827
Connect ISP Name : KORNET
Connect Date : 20031201
Registration Date : 20031224
[ Organization Information ]
Organization ID : ORG309684
Org Name : hongseongkineungdaehak
State : CHUNGNAM
Address : hongseongkineungdaehak ho 0001 beonji 0221 hongseongnamjang hongseongkun
Zip Code : 350-803
[ Admin Contact Information]
Name : seongkineungdae hong
Org Name : hongseongkineungdaehak
State : CHUNGNAM
Address : hongseongkineungdaehak ho 0001 beonji 0221 hongseongnamjang hongseongkun
Zip Code : 350-803
Phone : 82-41-630-3621


E-Mail : chungnm1@soback.kornet.net

Some place that might be in Korea with lots of phoney looking name and addresses.


Never, Never, Never follow the links in emails that sound suspious.
If you think the email might be real
all you have to do is got to the home page of the real company and sign in as per usual.

Sunday, October 24, 2004

Firewalls Again

This article says dump Window Firewall

http://windowssecrets.com/041021/#top1

and site numerous reasons. I've mentioned it before
so take heed.

Friday, October 22, 2004

US Falling Behind

I've kept this blog pretty well focused on computing and intend for it to stay that way.
For a moment though I want to point out somthing I totally agree on. It's political but still concerns technology.
It's short, it's non-partisan, it needs to be addressed for the sake of our country.
Read it please.

Intel CEO: Candidates Ignore Debate on
Blunting of U.S. Technological Edge

http://www.technologyreview.com/
articles/04/10/ap_102004.asp


Thursday, October 21, 2004

Nanograss

Well, I'm a true nerd when it comes to science. Of course that's probably why I'm doing the work I do today. Most anything in the fields of science will capture my attention instantly.

Here is something Bell Labs has come up with.

http://www.computerworld.com/news/
2004/story/0,11280,96480,00.html

Truely amazing.

Tuesday, October 19, 2004

Domain Renewal Fraud

One of the businesses I do work for was fooled into sending money to Domain Registry of America. That's really not surprising considering the way they work. See this story from The Register earlier this year.
http://www.theregister.co.uk/2004/01/06/
court_bars_canadian_domain_slammer/

They send out official looking notices that unsuspecting busy people will often pay. Fortunately our current register, GoDaddy, does not allow the transfer to take place unless the contact of record confirms it. DROA charges $40.00 for what GD wants $18.00. Not a lot of money but why should you give these kind of crooks anything.
What turned out suprising simple was a request for a refund. In the story above it mentions how they were charging administrative fees for canceled orders. Apparently that has stopped, but of course they say it will be 30 days before it is issued. That means they have the money for at least 60 days, making money on the float.

Friday, October 15, 2004

Google Desktop Search

Google has a new desktop search

http://desktop.google.com/about.html

Sounds interesting but since I don't use IE, Outlook, or AOL its funtions are lacking for my use.
Also only good for Win XP or Win 2000 SP3 up. Otherwise in the Google tradition I'm sure it's a fine product.

Wednesday, October 13, 2004

RIAA Case Tossed by Supremes

This little story in The Inquirer about the RIAA and their attempts to go after music pirates.

http://theinquirer.net/?article=19048

may contain the funniest analogy I've read in awhile

They called for the RIAA case to be propelled from the court faster than a Bulgarian accordion player with a 20 espresso a day addiction can get through the minute waltz.


Big corporations and lawyers.

Tuesday, October 12, 2004

Firewalls - ZoneAlarm on small LANs

I've mentioned before using a firewall like ZoneAlarm. It really is a good idea. However in some cases there needs to be a little knowledge applied when using it. Yesterday I had a client in a small office call and tell me they couldn't get on to a shared folder on another computer.

I walked them through several steps and couldn't quite get what was up. The other computer showed up under workgroup computers but if you tried to open any of it's resources you couldn't. Now windows doesn't give very good messages on network errors. It just kept reporting the folder was unavailable. Finally I had them go to the computer with the shared folder. "Try to look at workgroup computers" I say. No luck at all, network unavailable. Then she says something about Zone Alarm asking permission. AHA! I knew right off.

Trouble was I've never put ZA on computers in this office. Someone had on this one, and they didn't understand the effects it would have. (I reccomend not allowing individuals in a business office to install software and this is a good reason why. Good intentions - bad results).

First in these small LANs a basic router offers pretty good protection. It will hide your individual computers from the internet under most circumstances. It won't do firewall duties like port blocking unless you configure it to (and maybe not even then or very well). I like ZA because nowdays so many computers become infected with spyware and trojans. Once this happens these basic routers will just let the machine spew out practically anything. With ZA installed you get alerts when unexpected programs start trying to act like servers.

But ZA will also start blocking the NetBios messages (thats the windows networking that lets you see other computers in a peer-peer network by name). Basically the answer is to set up a trusted zone in the firewall to allow all this messaging to go on. Most of these small routers have the DHCP turned on. This assigns addresses to computer on the local side of the router. That's good, it simplifies things. The local address will look something like this : 192.168.1.x where x will be a number between 1-255. This is also good - it is part of a group of addresses that are defined as non-routable, this keeps your local traffic off the internet.

Now here's the trick that lets you use ZA for safety but lets your local area network work.
(you need to know your local network address - the following is an example but very common on small router based LANs)
1. Bring up the ZA panel by double-clicking the ZA box in the system tray.
2. Go to Firewall on the left column and Zones on the upper tabs
3. Go to add and choose IP Range
4. Choose a trusted zone. Enter 192.168.1.0 in the first address and 192.186.1.255 in the second
Enter a description like LAN.
5. Click Apply

Now it will all work right.

Friday, October 01, 2004

One For the Good Guys!!!

Well the good guys win one
Patent Office Rejects Microsoft's FAT Patent
http://www.pubpat.org/Microsoft_517_Rejected.htm

It was a bad attempt on MS's part to try and keep control of more than just desktop computers.
Pubpat.org should be praised for their efforts. Keep up the good work guys!