Some SMTP mail servers support forwarding — you can receive mail on one system and (transparently to the sender) forward it to a completely different address on another system. For example, a message sent to max@acme.com could be relayed by the acme.com mail server to sam@whizbang.ca. Though the idea is useful, many servers implement forwarding without authenticating the sender, giving spammers the opening they need. We talk about spam and what you can do about it later in this chapter. The worst thing about raw SMTP is that it accepts only text messages, not binary files. People commonly want to mail arbitrary files, however, and send text that includes fonts, colors, and other formatting. Three approaches to handling this requirement are common: UUE, MIME, and HTML: ✦ User-user encoding (UUE) — It’s possible to recast the binary data stream you want to send differently. For example, you could take every 6 bits (creating numbers in the range from 0 to 63) and remap the resulting numbers onto the printable characters. This expands the data stream, producing 8 bits from every 6, but it results in a new data stream that contains nothing but text characters acceptable to SMTP. This was the original way of sending binary data through SMTP on the Internet — encode the data, mail the text, and decode at the other end. Current-generation electronic mail client programs, such as Windows Messaging, which is included with Windows, support this transformation automatically. ✦ Multipurpose Internet Mail Extensions (MIME) — Internet software like Web browsers actively know what sort of data is stored in differ- ent kinds of files — that EXE files are executables, ZIP files are com- pressed archives, WAV files are sound clips, and so on. The MIME coding standard for electronic mail allows the properties of files to be sent along with the files themselves. Technically, MIME uses the same approach UUE does, expanding a smaller number of bits to a larger number that transforms strictly to printable characters. ✦ Hypertext Markup Language (HTML) — You won’t send binary files this way, but many electronic mail clients let you compose messages as Web pages, and therefore let you format text and include pictures. Not all Internet mail clients know how to automatically decode messages sent using UUE, MIME, or HTML text. If you have one of those, the tip-off will be a bunch of gibberish in the text. Some Internet mail systems limit the maximum size of a mail message you can send. We’ve seen limits as low as 1MB; you’ll undoubtedly encounter others. This isn’t much of a problem for small text messages, but it’s easy to create messages containing coded binary files that are that large. The effects you’ll see if you exceed the maximum size limit are unpredictable — the most benign thing we’ve seen is for the mail server to send back a message saying it won’t deliver the mail. We’ve had messages silently disappear without notice, had the mail server crash at one end or the other, and had our mail client crash. Just keep in mind the most important rule of the Internet: The Internet is not perfectly reliable. 230 Part V ✦ Networks and Communications That doesn’t mean the Internet’s not useful, and it doesn’t mean you can’t depend on it. It means you have to assume that things will go wrong. It means you have to have planned how you will detect when things fail and what to do about it. In the case of large messages, for example, you could send a short text-only message in advance stating the other message is coming, so that if the recipient doesn’t get the large message, they’re likely to let you know. Telnet In the same way that you can connect a terminal program to your modem, you can connect the equivalent program to the Internet and log in to remote com- puters (or at least the ones you have an account on). Many Internet service providers (ISPs) provide remote computer access to Linux or other UNIX servers on that basis. The client program that lets you connect to a remote computer is Telnet. If we log in to our Internet service provider, for example, here’s a typical example of what we get in the Telnet window: login: xxxxx Password: Last login: Wed Jul 2 18:18:12 2003 from xxxxx Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.8-RC (SHELL) #36: Tue Mar 4 01:48:32 MST 2003 Welcome to ArosNet. All access may be logged for auditing and security purposes. See /etc/rotd for more information. ******** IRC Bots and other unattended processes are not allowed on this machine. For the user-friendly menu, type ‘menu’. >> Our ISP runs the FreeBSD version of UNIX (see www.freebsd.org), but this output is typical of what you get logging in to most UNIX computers. Telnet provides a completely character-oriented terminal — the line at the bottom is a command prompt to a UNIX command shell, which is analogous to COM- MAND.COM in Windows 9X or CMD.EXE in Windows 2000 or Windows XP. UNIX has commands comparable to ones in Windows, some of which are shown in Table 15-1. It’s also possible to connect to UNIX computers through a graphical interface called X Window, using what’s called an XTerm. Telnet doesn’t do that — you need more complex software. Telnet ships with Windows — simply run telnet from Start ➪ Run — but Windows does not include an XTerm. Chapter 15 ✦ Internet Services, Antivirus, and Anti-Spam 231 Table 15-1 Comparable UNIX and Windows Commands Windows Command UNIX Command dir ls attrib chmod cd and chdir cd cls clear copy cp del and rmdir rm md and mkdir mkdir more more move mv Newsgroups The Network News Transfer Protocol (NNTP) is the mechanism underneath a worldwide Internet bulletin board covering nearly any subject you can think of — the Usenet newsgroups. For example, if you’re a Quake player, you’ll find no fewer than five relevant newsgroups: alt.games.quake rec.games.computer.quake.announce rec.games.computer.quake.misc rec.games.computer.quake.playing rec.games.computer.quake.servers If you’re interested in barbequed food, you might look at the following: alt.food.barbeque Both moderated and unmoderated newsgroups exist. The protocol arranges to distribute postings worldwide; in many ways the newsgroups are the broadest, fastest medium yet devised for spreading information. (Newsgroups spread viruses in file attachments, too. You should have your machine protected by good antivirus software, and never open attachments you’re unsure of.) You can access the general Internet newsgroups in two ways. If you want to use a program local to your PC, you’ll need a newsreader client. Microsoft’s Outlook Express functions as a newsreader and is included with Windows. UNIX systems include a variety of readers. You’ll also need access to a news server — see your Internet service provider for that. 232 Part V ✦ Networks and Communications Alternatively, you can search, read, and post to the newsgroups through the Internet search engines. Using Google, for instance, go to www.google.com/grphp. You can search many groups directly from that page, or you can use the links on the bottom of the page to find specific newsgroups. Newsreader clients are typi- cally faster and more efficient for reading traffic in a specific newsgroup, so when you find a newsgroup and topic that’s interesting through a search engine, you can then fire up your newsreader and go look in depth. Either way, you need to know two characteristics of newsgroups: ✦ Content — The same widespread, often-uncensored characteristics of newsgroups that make them valuable also make them a conduit for information that might be unacceptable or offensive to some people. You might want to supervise minors’ access to the newsgroups. ✦ Significance and accuracy — Don’t expect all the messages in a newsgroup to be polite, accurate, or even interesting. In most news- groups, the bulk of the messages (and people) are none of those. Reading all the traffic in even a small number of active newsgroups can take hours, and you might not find what you’re looking for when you’re finished. Time One of the annoyances of life is that clocks are usually somewhat wrong. A consequence of that fact is that the clock in your computer is probably wrong. Worse, some motherboards are simply incapable of keeping time accurately. For example, a computer we had for years gained more than a minute a day if we let it. It wasn’t worth pulling out the motherboard and sending it back to the manufacturer to repair it, and Internet software such as we describe here kept the clock on track until we finally retired the old warhorse. Very accurate clocks do exist, and some servers on the Internet are slaved to them. An Internet protocol, the Network Time Protocol (NTP), lets your com- puter get the current time from one of those servers, as do a number of other forms of time servers. Windows XP includes a built-in network time client (see the Internet time tab in the Date and Time control panel applet), as does Linux (use the rdate command). If you’re running earlier versions of Windows, a very convenient program — Socket Watch (see www.locutuscodeware.com/swatch.htm)— automates the process of keeping your computer clock accurate. You can con- figure Socket Watch to start when you boot Windows, and it simply waits for you to connect to the Internet. When you do, Socket Watch reaches out to the time server you specify and updates your clock. Simple, and no effort on your part. You can expect the clock in your computer to remain accurate to within several seconds or less assuming you connect to the Internet periodically. Chapter 15 ✦ Internet Services, Antivirus, and Anti-Spam 233 Instant messaging As useful as electronic mail is, it’s not interactive. You can carry on “conver- sations” in extended time, but it’s not the same as spontaneous conversation. Nor is the telephone always the answer; it’s expensive to carry on extended group discussions at multiple sites using long-distance conference calls. In the same way that Citizen’s Band radio allowed people access to low-cost party lines, computer chat has grown to provide the same capability. There are several Internet versions of chat, including both Internet Relay Chat (IRC) and several proprietary messaging communities. Internet Relay Chat Internet Relay Chat works like this. You connect to an IRC server using IRC client software, such as mIRC (www.mirc.com). When you connect, you choose one or more channels you want to “talk” in. You can search for channels with names containing a string you specify, but it’s somewhat hit-or-miss whether you’ll find the one you want. The last time we looked, the IRC server on our Internet service provider handled over 17,200 channels. Newsgroups covering your interests are sometimes a way to find out about IRC channels, as are sites such as www.irchelp.org/irchelp/chanlist. Closed, private IRC channels exist, but IRC is mostly an open, public system with many people on a channel at once. It’s like a public meeting. Proprietary messaging Several companies, including AOL with ICQ and AOL Instant Messenger, Microsoft with MSN Messenger, and Yahoo! with Yahoo! Messenger, offer more private instant messaging services, ones that make it convenient to carry on conversations with people you know. Although traffic goes through servers, instant messaging appears to you to be between the client on your PC and the one on the other person’s machine. You can have multiple conversations at once, each in its own window. Viruses and Worms and Trojans, Oh My! The Internet, a creation of people, is a perfect mirror for the real world of peo- ple. A seemingly infinite number of people are online, ranging from altruists with the best motives ( www.toysfortots.org) to child pornographers des- tined for their own special part of hell. 234 Part V ✦ Networks and Communications Somewhere between the two are those who would corrupt or break into your computers, attacking your PC for their own amusement or other ends. Their attacks take several forms: ✦ Viruses — Much like their biological namesakes, computer viruses infect parts of your computer, damage what they will, and spread through those infections. ✦ Worms — Worms are similar to viruses, but operate in a more stand- alone manner, taking action on their own to spread to other computers. ✦ Trojans — Trojans, like their Trojan horse namesake, are attackers wrapped in something benign. Trojans typically open up a compro- mised computer to later attack from outside. ✦ Cracks — In addition to attacks through programs sent to your com- puter in the hope you’ll run them, you’ll be subject to direct attack by people looking for specific vulnerabilities in your software that let them take control of your PC. The rise of the Internet, and the corresponding decline in the exchange of flop- pies, has made the Internet the most common vector for attacks on your comput- ers. All these types of attacks will come at you when connected to the Internet. Viruses Viruses can infect your computer several ways, the most popular of which are through infected removable disks (such as floppies), programs, and documents. A virus can infect any removable, bootable disk, even if there are no files on the disk. The infection lies in what’s called the Master Boot Record (MBR), the part of the disk used to start your computer well before the operating system begins running. Reformatting the disk does not necessarily remove the infec- tion, and merely inserting a floppy in an infected machine can spread the infec- tion to the floppy. Antivirus software helps protect your PC from disks you insert while the PC is running, but if you leave an infected floppy in your PC and accidentally boot it when you turn on the computer, the virus can spread before your antivirus software even loads. The best way to protect against booting an infected floppy disk is to change your BIOS settings so your PC won’t boot a floppy in the first place. Figure 15-1 shows the boot sequence controls for a typical BIOS. Your BIOS is likely to be different, so you’ll have to hunt around to find the controls (be careful not to change anything inadvertently). In the BIOS shown, you’d move the high- lighted Diskette Drive line down to below the Internal HDD line by pressing d (other BIOS setups will likely be different, so read the screen for instructions). Alternatively, you could press the spacebar to disable the device from the boot sequence altogether. This change is completely risk-free because if you ever do have to boot from a floppy intentionally, you can just redo the BIOS settings. Chapter 15 ✦ Internet Services, Antivirus, and Anti-Spam 235 Figure 15-1: BIOS boot sequence controls ©2004 Barry Press & Marcia Press The most common path for viruses onto your computer, however, is the Internet. Virtually any file someone sends you — attached to electronic mail, in a chat room, or as a Web site download — could be infected. If you never download files and never open attachments to electronic mail, you’re relatively safe, but that approach gives up some of the most useful functions of the Internet. Instead, we recommend you understand and follow these guidelines: ✦ Don’t open unexpected electronic mail file attachments — A very popular approach for spreading viruses is to exploit the combination of Windows’ support for long file names with embedded blanks and some applications’ limitations on how long displayed file names can be. For example, a program limiting file name display might show a file name as cute puppy.jpg while the real file name is cute puppy.jpg.exe . That latter file name is an executable program, so instead of bringing up a photo like Figure 15-2, you’ll run a program that infects your computer with whatever malicious garbage the virus writer chose, something like deleting all your files or worse. ✦ Run antivirus software — The section “Antivirus and anti-adware software,” later in this chapter, discusses software you can use to help recognize viruses trying to infect your computer and block them. Use that software, and keep it up-to-date. ✦ Block macro viruses in Microsoft Office and other applications — Viruses need not be executable programs; indeed, over half the dif- ferent viruses cataloged by antivirus software developers reside in application data files, exploiting the programming languages built into the applications. Figure 15-3 shows the dialog box to use in Microsoft Word, with the security level set to reject any macros not from sources you know and trust. Be careful whom you trust, too, because both friends and experts make mistakes. 236 Part V ✦ Networks and Communications Figure 15-2: Open the wrong electronic mail attachment, and this isn’t what you’ll see. ©2004 Barry Press & Marcia Press Figure 15-3: Set application macro security to reject unknown macro sources. Although Microsoft Office is the most common target for macro viruses, check every program you use for macro settings and restrict what macros can do without permission if you can. Chapter 15 ✦ Internet Services, Antivirus, and Anti-Spam 237 Worms Worms differ from viruses and Trojans in how they propagate. Although all three favor the Internet for attacks, viruses propagate on contact, worms actively seek to burrow into PCs, and Trojans seek to mimic something innocuous. Perhaps the most common worm attack is to seek out vulnerabilities in applications and the operating system, holes in the software that let the worm execute on the victim machine. We recommend the following to defend against worms: ✦ Actively check for and apply security patches — Every operating system has flaws an attacker can use. Whether you run Microsoft Windows, Linux, or some other operating system, check the operat- ing system manufacturer’s Web site periodically for security patches applicable to your system. Microsoft implements a patch service at windowsupdate.microsoft.com. You’ll usually want all the critical updates and security updates they post; taking the recommended updates and driver updates is entirely optional. Windows 2000 and Windows XP offer an automatic update service that will notify you when there are updates available. Figure 15-4 shows the dialog box you use in Windows XP, which is part of the System control panel applet. Windows 2000 has a separate Automatic Updates control panel applet that looks much the same. Figure 15-4: Automatic Windows updates notify you when updates are available. We’re generally conservative about loading software onto our com- puters, be it from Microsoft or anyone else, but the Windows security updates and critical updates are definitely ones to keep on top of. Both Microsoft and the maintainers of the FreeBSD operating system maintain mailing lists to distribute security notices. Signing up for the 238 Part V ✦ Networks and Communications security mailing list for operating systems you use could give you a few days head start on patching critical vulnerabilities before the more mainstream patch sites have the update, and before the attacks begin. ✦ Run hardware and software firewalls — There’s no good reason for a computer on the Internet to contact your computer without permission, so you should run a firewall to block inbound connection attempts. We prefer hardware firewalls for that job. The best protection against worms and Trojans also limits the programs that can connect to the Internet outbound from your PC; we prefer ZoneAlarm for that protection. Both hardware and software firewalls are covered in Chapter 13. If you have one, don’t forget to secure your wireless LAN, too. ✦ Check if your system is vulnerable — It’s not enough to install patches and firewalls — you have to test them to know if you’ve done the setup properly. The Gibson Research Corporation Web site ( www.grc.com) includes a test for open ports leading to incoming vulnerabilities (see the ShieldsUP! tool) and for outgoing connections (see LeakTest), but there’s no comprehensive test for all the patches you’ll install. ✦ Set up Windows Explorer to always show file extensions — By default, Windows Explorer eliminates the file extension for known file types from its display, so the example we used above of cute puppy. jpg.exe would display in Windows Explorer as cute puppy.jpg. If you turn off the setting to hide file extensions, as in Figure 15-5, you’ll always see the real story (unless your columns are too narrow, in which case you’ll still see an ellipsis). Figure 15-5: Clear the highlighted Windows Explorer setting to force file extension display. Chapter 15 ✦ Internet Services, Antivirus, and Anti-Spam 239 [...]... Quality 8.00 4.00 2 56. 00 32.00 113 Telephone 11.03 5.51 352. 96 23.22 155 22.05 11.03 705 .60 11 .61 310 44.10 22.05 1,411.20 5.80 62 0 CD A 74-minute CD holds around 66 0MB CDs that extend the recordable surface radius can extend that to 700MB and 80 minutes Compression can be used in waveform audio files, so the sizes predicted by Table 16- 1 are upper bounds for audio recorded as MP3 files and accurate for... firewalls, antivirus and anti-adware software, and backups ✦ You can reduce the volume of spam you receive with a combination of good practices and anti-spam software Your ISP should be able to help P Multimedia and Peripherals A R T VI ✦ ✦ ✦ ✦ In This Part Chapter 16 Sound Cards, Speakers, Microphones, and MP3 Players Chapter 17 Digital Cameras, Video Capture, and DVDs Chapter 18 Keyboards and Game Controllers... the Trojans that let people remotely spy on and control your PC Three of the most common are called Back Orifice, SubSeven, and NetBus; let them on your PC, and the remote attacker might as well be sitting at your shoulder watching the screen, typing on the keyboard, and moving the mouse Trojans can arrive in electronic mail or be distributed in newsgroups and other file download sources Here’s how to... Trackballs, and Tablets Chapter 20 Printers, Scanners, and All-in-One Units ✦ ✦ ✦ ✦ Sound Cards, Speakers, Microphones, and MP3 Players T his chapter looks at what sound is and how computers create and reproduce sounds Overall, your PC represents sounds as a sequence of numbers that represent the amplitude of the sound wave at points in time The numbers are sampled at regular, precise intervals, and by... more capable PC hardware, beginning with the Creative Labs SoundBlaster cards, works directly with sampled digital sound Figure 16- 5 shows how sound generation is implemented in most computers Software running on a processor receives a request to make a sound, retrieves the necessary data, and sends commands to the sound card A small processor on the sound card receives the command and data, and coordinates... diplomas, and worse Just so there’s no misunderstanding, it’s all a fraud Only idiots conduct major financial transactions with someone offering no mutual references and who can’t spell well enough to graduate from sixth grade We’re married and not really good candidates for dating singles eBay is too simple to need training to use, we’re partial to the organs we have and want to keep them, and people... selects, and volume controls Software in Windows allows you to set these controls onscreen The Turtle Beach Santa Cruz sound card (see Figure 16- 8) is representative of a PCI board you’d add to a PC to improve on the sound hardware built into the motherboard The Santa Cruz hardware supports six-speaker surround sound; digital sound outputs; EAX, A3D, and DirectSound positional audio (and others); and full-duplex... sound from another Old, slow PCs lacked the computational power, hardware, and software to digitally sample and replay sounds, so they created musical instrument sounds by manipulating attack, decay, sustain, and release with what was called a frequency modulation (FM) synthesizer Figure 16- 4 shows how this works One or more waveform generators, providing the raw pitch and timbre, couple into envelope... pages you publish, and newsgroup messages you post, reviewing them for what information you’re revealing to a potential attacker Think about both attacks on your computers and the potential for identity theft when you review Posting that you’re running Windows 98 Second Edition on your PC is bad enough because it helps a cracker know what attacks to direct at your PC; posting the make and model of your... sound waveforms Those waveforms then pass through filters (to eliminate noise and other effects) and amplifiers (to boost the signal strength) and then show up at the output jacks on the card You connect those jacks to your computer speakers or stereo system, which adds more amplification, lets you control the bass and treble, and hands off to your speakers The speakers translate the electrical signal into . Antivirus, and Anti-Spam 231 Table 15-1 Comparable UNIX and Windows Commands Windows Command UNIX Command dir ls attrib chmod cd and chdir cd cls clear copy cp del and rmdir rm md and mkdir. take every 6 bits (creating numbers in the range from 0 to 63 ) and remap the resulting numbers onto the printable characters. This expands the data stream, producing 8 bits from every 6, but it. know and trust. Be careful whom you trust, too, because both friends and experts make mistakes. 2 36 Part V ✦ Networks and Communications Figure 15-2: Open the wrong electronic mail attachment, and