|
Please note: Older issues may contain information that is now out of date. How To Subscribe
and Unsubscribe is at the end of this note. Mailing List Trouble? See http://www.langa.com/help.txt Please recommend the LangaList to a friend! (And maybe win $10,000 !) An easier-to
read formatted HTML version of this newsletter is available on line at The LangaList 2000-08-10 A Free Email
Newsletter from Fred
Langa --------------(
Please Visit This LangaList Sponsor!) ------------
--------------(
the above is an advertisement )--------------
Long-time readers know I'm a
major fan of Sygate ( http://www.sygate.com
), Sybergen's inexpensive and ultra-simple Internet access-sharing
software. I think Sygate is better and easier to set up and use than Win98's
"ICS" (although the latter is free). In Sygate's "Enhanced
Security" mode, your PC sits like a black hole on the net: It's there, but
very hard for hackers to find. I've written about Sygate many times before: see http://search.atomz.com/search/?sp-q=sygate&sp-a=0008002a-sp00000000 After Sygate originally became
established, Sybergen went on to develop more configurable and powerful sharing
solutions with a variety of features--- and on the security side, they produced
a personal firewall product, too. All were commercial, for-a-price products. Then, ZoneLabs' free (and
excellent) ZoneAlarm personal firewall changed the pricing equation ( http://www.zonelabs.com/download_ZA.htm
) . Since the advent of ZoneAlarm, individual users haven't had to pay to add
decent security to their PCs. (See http://search.atomz.com/search/?sp-q=zonealarm&sp-a=0008002a-sp00000000
) Sybergen finally has responded by
making *their* personal firewall free to consumers. In an announcement last
week, Sybergen said: Sybergen Networks...
announced today that it is offering its Sybergen Secure Desktop software free
for personal use. Sybergen Secure Desktop 2.1 is a personal firewall software
that protects a single computer from hackers, Trojan Horse applications, and
other malicious intrusion attempts. Consumers can download the product and
obtain a free registration code at www.sybergen.com
. About Secure Desktop 2.1 Secure Desktop 2.1
offers several security features... --Three
customizable security levels designed to let you use the Internet while
making your PC virtually invisible to hackers. --Monitoring
applications that access the Internet from your PC in order to
protect from Trojan Horse applications. --Security
scheduling features that allow you to block all Internet communications
when the PC is not in use. --Vulnerability
assessment capability through an online service offered by
Sybergen Networks. Sybergen Secure Desktop
is also available for enterprise use. Features of this business-oriented version
include customized security activity reports, central policy administration and
central monitoring. For more information, please visit www.sybergen.com
. Choice is good, and more choice
is better: I'll be checking out the Sybergen firewall and comparing it to my
current favorite, Zonealarm. Because it's free, why not check it out for
yourself, too? [Note: A reasonably
secure proxy or address-translator (like Sygate, ICS, or WinProxy) coupled with
a good personal firewall (like ZoneAlarm or Sybergen Secure Desktop) will go a
long way to making your PC nearly hacker-proof. See the series of articles
at http://content.techweb.com/winmag//columns/explorer/2000/07.htm
for a ton of detail on making your PC secure online.] Click to
email this item to a friend --- (
Your Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------(
the above is an advertisement )--------------
Microsoft says, "The
Microsoft Excel REGISTER.ID Security Update eliminates the vulnerability that
could be exploited using the worksheet tools of Excel 97 to do malicious acts,
such as deleting and overwriting files without the user's input or verification.
This update protects against harmful code that could be executed from a
worksheet by disabling the REGISTER.ID function." If you never, ever share spreadsheets with others, this probably isn't
a issue for you: someone would have to give you an infected spreadsheet in order
for this to cause you harm. But if you ever do (or will) share spreadsheets,
then it's worth grabbing the patch: Get the Excel 97 patch at: Get the Excel 2000 patch at: (Note: But the Excel 2000 update
requires that you've already installed Office 2000 Service Release SR-1 or
SR-1a.) Click to
email this item to a friend Here's another low-probability
security problem that just came to light for Windows 95 and 98 (including
Win98SE): "The Microsoft IPX/SPX
protocol implementation (NWLink) supports the IPX Ping command via the
diagnostic port 0x456. Because of a flaw in the implementation of the protocol
in Windows 95, Windows 98 and Windows 98 Second Edition, NWLink in these systems
will respond to an IPX ping packet even when the source network address has been
purposely modified to a broadcast address. This would give a malicious user an
opportunity to launch an attack by broadcasting a single ping request - each
affected machine that received the ping would respond to it, potentially
resulting in a broadcast storm. In a large network, this could temporarily swamp
the network's bandwidth. In addition, upon seeing its own response, each
affected machine would attempt to process it, triggering a scenario that would
culminate in the machine's failure. A machine that failed due to this
vulnerability could be put back into service by rebooting." Normally, IPX is only used locally; say, on a LAN or intranet, so this is
mostly a vulnerability that could be exploited by, say, a disgruntled worker who
wanted to crash the company's network. A properly-configured PC won't send (or receive) IPX packets over its
Internet connection (which is supposed to use only TCP/IP). However, an
*IM*properly configured system might have IPX enabled (or, more precisely, the
IPX protocol bound to the adapter in use for communicating on the Internet). In
this case, then a vulnerability would exist in certain cases--- such as the
neighborhood loop of a cable modem setup: a hacker on the local loop could
exploit this vulnerability in other systems on the local loop. This isn't exactly the sort of
vulnerability you need to lie away worrying about, but it's worth grabbing the
patch just to be safe: Patch for Win95: Patch for Win98 and 98SE: More Info/FAQ: Click to
email this item to a friend --------------(
Please Visit This LangaList Sponsor!) ------------
--------------(
the above is an advertisement )--------------
I mentioned "Service Pack 1
for Windows 2000" a few issues ago, but apparently it was posted only
briefly on the Microsoft site before it was pulled. Now it's back at http://www.microsoft.com/windows2000/downloads/recommended/SP1/
. It's also available on CD; you can get info at the link above. It includes a pile of upgrades,
patches, and bug fixes--- far too many to list here. If you're using Win2K (any
version), use the link above to see what's involved. And... see the next item (below)
before running the patch! Click to
email this item to a friend Reader Bob Fields has a caution
about Service Pack 1 for Win2K: Hi Fred You might want
to warn your readers to be cautious about installing this sp1 service pack.
After installing I could not open my browser (either netscape 6.0 nor IE 5.01)
Apparently sp1 changed some system settings and had to uninstall it to get back
to normal .Microsoft is aware of the problems and I'm told will have a fix
eventually. But reader Roger M Shady may
already have found at least part of the answer: Fred, I thought that I
would pass this along. Windows 2000 Service Pack-1 that was just released does
not like firewalls including ZoneAlarm. When I installed Sp1, I could not
connect to my ISP via my cable modem. I uninstalled SP1 and things came back to
normalcy. Attached is the reply
that I received for Microsoft Support. Thanks for the
knowledgeable advice and I always look forward to your newsletter..........Roger ******* The following is
an email for an incident from Microsoft Corp., CASE_ID_NUM SRZ000730000XXX Hi Roger, The only problems we are
encountering on the SP1 for W2K is when someone has a third-party
pseudo-firewall installed such as Black Ice, Zone, etc. Remove these
pseudo-firewalls, install SP1, reattempt your Internet connection, and you
should be reconnected. At this point, it is up to you if you want to reinstall
the suspect pseudo-firewall. Thanks Bob and Roger! Click to
email this item to a friend The Recommend-it
site used to give away Palm III organizers as an incentive to use their service;
but then they upped the ante--- way, way up! If you think the
LangaList is a worthwhile read, just use the following link to recommend the
LangaList to a friend. Your friend just may find a new source of useful
information; I just may gain a new subscriber; and you just may win $10,000 or
other prizes from the folks at "Recommend-It." (Full details are
available via this link): http://www.langa.com/recommend.htm#1 Or, win a copy of
"Poor Richard's E-Mail Publishing: Creating Newsletters, Bulletins,
Discussion Groups and Other Powerful Communications Tools." This book has
been described as "An excellent, straightforward manual on email
publishing, banner ads, driving traffic and especially ethics." (Full
details also available via this link): http://www.langa.com/recommend.htm#2 Either way, thank
you, and good luck! Click to
email this item to a friend Do you have a home page or
website? (It doesn't matter what size.) Please click over to http://www.langa.com/code.htm,
and maybe you can join the hundreds and hundreds of LangaList readers who have
"Loaded the Code!" (If you've already "Loaded The Code" and
are wondering if your site will appear here or on the Langa.Com web site, please
see http://www.langa.com/link.txt
) Speaking of which: Here's another
eclectic sample of reader sites--- some professional, some very personal: Click to
email this item to a friend --- (
Your Clicks On Ad Links Help Keep The LangaList Free! ) --- Great
Rates! Advertising
in the LangaList --------------(
the above is an advertisement )--------------
This newsletter is twice-weekly,
but my "Web HotSpots" page is updated fully 365 times a year---a new
site very day, without fail. As such, it's a great mechanism to bring you
brand-new, just-available sites. Often, great new sites will show up in HotSpots
before I can mention them here in the newsletter. Other times, the HotSpots site
proceeds normally in its mission to bring you "Every Day, The Best, Most
Interesting, Most Useful, and Strangest Sites the Web Has To Offer!" For example, during the last
week, the Hotspots page has offered these links: If you're not a regular Hotspots
visitor, you're missing a lot. Check it out (every day!) at http://www.browsertune.com/flanga/hotspots.htm,
and check out past HotSpots in the HotSpots Hall Of Fame at http://www.browsertune.com/flanga/hof.htm Click to
email this item to a friend Continuing in the summer spirit
(at least here on the top half of the planet), here are more "Nerd T-Shirt
Slogans" sent in by reader Micky Plant. (#1-25 appeared in the previous
issue): ... Click to
email this item to a friend --- ( Your
Clicks On Ad Links Help Keep The LangaList Free! ) ---
--------------(
the above is an advertisement )--------------
See you next issue! Best, Please recommend
the LangaList to a friend! (And maybe win $10,000!I) An easier-to read formatted
HTML version is available in the "Current Issue" section of http://www.langa.com.
(The HTML version of each issue normally is available by 9AM EST [UT-5] of the
issue date.) All past LangaList issues are also available at the Langa.Com site. Why are you getting this
newsletter? This is a 100% OPT-IN newsletter: There are only three ways to get
on the list--- signup via direct email request from you, or signup via the
WinMag newsletter page or signup via BrowserTune's email-notification service.
If you're getting this newsletter; your name came to me through one of those
signup channels. At signup, you also received a confirmation email from my list
software---no one is signed up secretly or against their will. SUBSCRIBE (it's free!):
Create and send a new email address it to subscribe-langalist@lyris.dundee.net UNSUBSCRIBE: From the same
address you used to sign up with (it's shown on the first line in the body of
each email issue you receive), create and send a new email address to unsubscribe-langalist@lyris.dundee.net
. CHANGE ADDRESS? LIST
TROUBLE? HAVE QUESTIONS? NEED HELP? See http://www.langa.com/help.txt About
the advertisers: Langa Consulting LLC will never knowingly accept
advertising for a fraudulent product, company or service. However, Langa Consulting LLC makes no implied or explicit warranty, recommendation or endorsement
of or for the products, companies or services mentioned in the ads. Disclaimer:
(Please see full disclaimer here: http://www.langa.com/legal.htm.)
Abbreviated version: The tips and other information given in the newsletter are
researched and are believed to be accurate, but we cannot and do not guarantee
that all the information here will work on all systems, for all users, all the
time. All information herein is offered as-is and without warranty of any kind.
Neither Langa Consulting LLC, nor its employees nor contributors are responsible for
any loss, injury, or damage, direct or consequential, resulting from application
of any information presented here. This newsletter is a free
service of Langa Consulting LLC and is Copyright © 2000 Langa Consulting LLC. All
rights reserved. |
|
|