| BENTSEN
GROVE RESORT COMPUTER CLUB BULLETIN February 2008 |
|
MEETINGS
MONDAY ROOM 3R BEGINNERS 9:30 AM GENERAL MEETING 10:30 AM |
SPECIAL INTEREST GROUPS: If you would like to meet in a small group to discuss special computer related subjects or form a Special Interest Group lets discuss it. Harold Our bulletin is also available on line by visiting http://www.bgrcc.com/ and clicking on bulletin. You may also search the BGRCC.COM site by entering your search terms at the bottom of the main page. |
NEED SOME HELP Try http://www.bgrcc.com Click on HELP EMERGENCY RESPONSE
Harold Buechly.....581-3180TEAM
John
Abbott..........424-7113
Corinne Higbee.....585-5664 |
| SIG
Special Interest Group. Financial = Corinne Higbee 358-3528 Genealogy = Betty Tesch 566-3003 Linux = John Abbott 424-7113, each Thursday 10:00 AM. |
| UPCOMING
EVENTS: Monday February 4, 11, 18, 25, 2008, 9:30 AM New User Lesson By Corinne Higbee Monday February 4, 2008, 10:30 AM Special guest speaker José Domínguez Monday February 11, 18 & 25, 2008, 10:30 AM General Meeting By Harold Buechly Monday February 11, 2008, 9:00 AM, During Break, After Meeting Equipment Sale By Pat Ingram Monday February 18, 2008, 10:35 AM, Door prize drawing for members By Corinne Higbee Monday February 18, 2008, NOON lunch Pizza SIG at Peter Pipers By Corinne Higbee |
| GENERAL
CALENDAR OF EVENTS THROUGH APRIL 14, 2008 Beginners and General Meeting each Monday. In Addition: Second Monday each month. Used equipment sale by Pat Ingram. Third Monday each month. Door prizes for members and Pizza SIG by Corinne Higbee. If a guest speaker brings door prizes all attendees qualify for a chance to win. Winners must be present to claim door prizes. Annual Membership is $5.00. January 1, through December 31. SIG's, Special Interest Groups meet as announced throughout the winter. |
| Follow up on Johns presentation last Monday By John Abbott Since I covered so much ground so quickly last Monday, here are some help pages that have been prepared by Google for use with their search engine. http://www.google.com/help/basics.html This is a description of the basics on how to create search terms for the best results. http://www.google.com/help/features.html This is a collection of almost 30 specific "types" of searches you can conduct using Google.com Among my favorite search types detailed here is the site search. I know that somewhere on CNN there was an article on one of the candidates actually being from mars. I can simply enter site:CNN.com Martian candidate and it will go to CNN and find the article for me. http://www.google.com/help/refinesearch.html This is a very detailed explanation of how to create a refined search. This is a tool for advanced researchers more than casual inquiries. But it is extremely powerful one you learn to use it. And here are my top ten favorite new features. 10. Get Local Time:
Type in What time is it followed by any city to get the current
time. So this should help make up for the blitzkrieg
that you had to sit through on last Monday. And I will keep reminding you. If you want some personal tutoring on Google or anything Open Source drop by A9 and if the blinds are open so am I. Come on in and sit a spell, have a freshly roasted, ground and brewed cup of coffee, one of dozens of teas or a tall cold glass of freshly brewed lemonade from our own lemon tree. |
| Monday February 4, 2008, 10:35 AM Special guest speaker Jose Dominguez If you saw his presentation last year, I am sure you remember it. He has an all new presentation for us this year covering the roles of the computer in our near future entertainment. Jose has operated a company in McAllen that sells video items worldwide. Many items well under $20.00 as well as a few items in the thousands of dollars. See his site at www.svideo.com. On his site, see the many how to's on several subjects. His presentation will be interesting, educational and humorous. |
|
Bot-Nets by Brian K. Lewis, Ph.D.
bwsail at yahoo.com www.spcug.org Obtained from APCUG with the author's permission for publication by APCUG member groups. Keeping your computer safe while connected to the Internet is becoming more and more difficult. The "attackers" are becoming more sophisticated and are sharing more ways to get their software into your computer. Business Week recently ran an article on the major security problems expected in 2008. Unfortunately, most of them arrived long before the new year started. We have been warned for years that it was possible to recruit unprotected computers into networks that could be controlled by an external source. This recruitment network problem has gotten much worse over the past few years. It is estimated that 7% of the computers connected to the Internet have been infected with a Botnet program. So what is a "Botnet"? A robot or "bot" software program allows a computer to be remotely controlled without the knowledge of the computer's owner. When you have a number of "bot" controlled computers it is referred to as a "botnet". All of the computers in the botnet carry out commands issued by the network controller. Just one example of what can be done with a botnet is the sending of spam. The controller can easily have 100,000 computers in its network. So the botmaster will contract to send out one million e-mail messages. The network can then send ten messages from each of the compromised computers. With the constant connection to the Internet using cable or DSL the computer owner will have no idea that his/her computer has been the source for ten spam messages. Now you might say that the idea that someone can control 100,000 computers in a botnet is ridiculous. However, as of October 2007 a major Internet security service had the IP addresses of over 12 million computers that were infected with bot software. There is also a newer threat called the Storm Worm botnet that has infected millions of computers just this year. In addition to its computer recruiting ability, it has built-in defenses that are preventing security services from analyzing it. In an E-Week article it was noted that ".. Storm worm is sending DDoS attacks to not only the researchers looking into it but to anybody on their subnet, within 5 seconds of (their) initiating efforts to fight it or examine it". A DDoS attack is a "distributed denial of service" which can bring down a computer system or network by overwhelming it with messages. A very large volume of messages are sent by the botnet in a very short period of time. It is estimated that the Storm net controls over one million computers. This would make it the most powerful supercomputer in the world, exceeding the computing power of all previous computers. People frequently wonder why anyone would want to produce viruses, worms and other kinds of Internet attacks. Years ago it was primarily because "they could do it". Today, it has become a real source of financial gain. Let's take a look at one financial resource created by controllers of botnets. On many web pages you find ads of various types that are sponsored by Google. When these ads are clicked, the advertiser pays Google who, in turn, pays the owner of a web page, usually 80% of the fee. So the botmaster sets up a web page and contracts with Google to display ads. Then, using the botnet, sends commands to the computers in its net to click on the ads. This results in payments to the botmaster. So even with a small botnet of say 5-10,000 computers, the botmaster can easily obtain $15,000-$20,000 per month in fraudulent payments. When you consider that the known botnets all have more than 100,000 compromised systems, you get a better idea of the scale of the fraud involved. This type of click fraud has been estimated to make up 5-20% of the payments made by search companies. Another use of large botnets is extortion. The botmaster can send an e-mail to a corporation warning that a DDoS will take place at a specific time unless a payment is made. As I mentioned earlier, spam e-mail contracts are also a source of revenue for botmasters. As these networks proliferate, the sale of the IP addresses of robotically controlled computers is also favored as an income source. So far it would appear that the only persons affected by botnets would be corporations. However, if your computer is infected, everything you do can be reported to the botmaster. Bots can incorporate "keylogger" software. That will record keystrokes, especially any related to passwords, user names or other desirable information. Another function of bot software is screen capture. It can record an entire screen and transmit the data to the botmaster. A compromised computer can also be used as a base for finding other unprotected computers to be recruited into the net. Another consider-ation is that the largest number of computers are those in the hands of private individuals. So you may be a major part of the problem if your computer is infected by a bot. Once a computer has been compromised, the bot software is usually designed to hide and protect itself. For example it will search for and disable any other malware located on the computer or its associated network. It may also hide itself by means of a rootkit. It may also block updates of any anti-virus or anti-spyware software. It may even fake the process so the user believes that an update has taken place. One of the most common modifications involves changes to the Windows host file or by changing the location of the host file and altering the registry. There are also some traps on the Internet that can lead a user to download bot (Trojan) software without realizing it. Phishing e-mail can lead to web pages that have automatic download links for bot software. Web pages can be hijacked and links added to lead the viewer to web sites that contain "free" software links that are actually hidden bot programs. Bot programs are incorporating "social engineering" functions which serve to entice users to unknowingly download malware. People are the weakest link in the security chain. E-mail, web pages, instant messaging, social contact web sites are all used by bot malware as a means of collecting information and linking to compromised computers. Many times the actions of a computer user are governed by visual clues. An attacker may take advantage of this by providing false visual clues on a web page or a pop-up. If the dialog box or pop-up is intrusive the user may click inappropriately just to get rid of the intruder. This can lead to the download of a bot. So how do you know if you've been infected? The easiest way to tell is related to how you have been protecting your computer from infection. Do you have all of the following? a. hardware firewall. b. software firewall that checks both incoming and outgoing messages. c. anti-virus software that is updated at least daily. d. anti-spyware software that you either run weekly or that runs in RAM constantly. e. keep your Windows software patches up to date. If you don't use any of these safety mechanisms, then your machine is almost 100% guaranteed to be compromised. Even if you have taken all of these precautions, you can still be infected. However, the most effective mechanism for dealing with bots is to prevent their getting into your computer. So you have to keep the software up to date and you have to use it. Ideally, your firewall hardware/software combination should keep you invisible on the Internet. Bot programs are constantly searching for unprotected computers with open ports. You may not be aware that your computer has over 64,000 port that can be used for communication. The most common usage are the ports in the lower range, under 1,024. However, some bots use high end ports (>60,000) for transmission of commands. One place you can check your computers port and its invisibility on the Internet is www.GRC.com. The Gibson Research site provides a free port scan and much good information on interpreting the findings as well as how to protect your system. Ideally the anti-virus and anti-spyware software would be able to find and remove any bot software that made its way onto your computer. However, this software needs to know the "signature" of the malware in order to identify it. So the producers of the malware are always a step ahead of the good guys. The security services have to find and disassemble the new malware before they can devise the protection against it. So it is up to the user to keep the security software as current as possible to reduce the chances of infection. Like it or not, security on the Internet is a never ending battle. Dr. Lewis is a former university and medical school professor of physiology. He has been working with personal computers for over thirty years, developing software and assembling systems. This article has been provided to APCUG by the author solely for publication by APCUG member groups. All other uses require the permission of the author (see e-mail address above). |
|
Let’s
Clean “Start-Up”
By Bob Elgines, Editor, Colorado River Computer Club, AZRCC Editor www.crccaz.com/ elginesz(at)rraz.net Obtained from APCUG with the author's permission for publication by APCUG member groups Does your computer boot-up or run slow? Maybe there are too many programs running in the back ground. Let us do the following check first. Hold your CTRL & ALT buttons and press the DELETE button. Click on the PERFORMANCE tab, is your CPU Usage running more than 10% or is your Physical Memory being in total use? Go to START then RUN, type in “msconfig” which stands for Microsoft System Configuration. In Windows VISTA you can find RUN in the ACCESSORY folder under PROGRAMS. The System Configuration Utility windows will come up. First go to the upper right tab labeled STARTUP, here you will see the list of items that load during startup. Of course some you want, some you don’t. In the first column labeled STARTUP ITEM gives a very rough idea to what it is referenced too, but the second column labeled COMMAND, is much more useful. Too read it better, widen the column out by holding your mouse symbol over the vertical line located before the next column label. A double arrow will appear, then hold down left mouse button and move it to the right. This information tells you where it is located and in some cases which program is using it. Uncheck those in question, you can put them back in later if you need too. Do not uncheck you Antivirus or Spyware programs. Next go to the tab on top labeled SERVICES, this show all of the programs running now. You do not what to uncheck those labeled Microsoft under the MANUFACTURER column, so to start off, lets put a check mark in the box below labeled “Hide all Microsoft Services”. Now while you are reviewing the other programs running in the background note the forth column labeled STATUS. If it says STOPPED, then don’t worry about it. We just want to stop the strange ones that are RUNNING. You can uncheck those that you are not familiar with, here again you may bring them back in later. After un-checking all those items under tabs STARTUP & SERVICES, then click on APPLY and CLOSE. The System Configuration Utility will now ask you to RESTART (or Boot) your computer. After restarting a window will come up stating System Configuration Utility has been changed, be sure to put a check mark in the bottom left (labeled “Don’t show this message or launch …..”) before clicking OK. If you improved your operation of your computer, you can put back in the items one at a time until you find the program that was slowing you down. |
|
Look
Ma No Hands
By Bruce Jacobs, Phoenix PCUG newsletter editor www.phoenixpcug.org editor(at)pcug.org Obtained from APCUG with the author's permission for publication by APCUG member groups. This article was not typed. I dictated it using the speech recognition feature in Windows Vista Ultimate. I have been using this feature on and off for certain applications for a while and it has its good points and its bad points. The intent of the software is to allow the user to speak words into the computer and for the computer to recognize those words, understand that some of them are commands, and also understand that some of them are input to programs. In other words, when I say the words “please save me”, the computer must decide whether to add the words to the document I am editing as if I had typed them, or add the word “please” to the document, and then bring up the save dialog box to save the document with the name “me”. The program that is attempting to do this has two major hurdles to conquer. It has to recognize the spoken words correctly. This is helped by the training exercises. But it has its limitations. It must also understand "in context" which of those words are commands and which of those words are to be part of my document. As time goes on, you learn to pause before speaking a command. So in the above example of “please save me”, I would say the words altogether relatively quickly in order to enter them in my document. If I wanted to add the word "please" to my document then save the document, I would speak the word "please", then pause for a few seconds, then save the word " save." This would bring up the save dialog box and I could continue as if it was a command. As far as the good points are concerned: If I'm working off printed list or when I know for sure what I want to say clearly, it can be a much faster way of inputting text than for me to type it. Some of that is due to my typing speed being somewhat slow. I am a faster typist then most hunt and peck folks, but I would never be able to keep a job as a secretary. It is also much better at spelling than I am. If I don't know what I'm going to say in advance the program does not facilitate me speaking what I want to say and then recomposing it later. Some of this may be my fault. I find that I can type up an article by hand and maintain enough control so that in the end I have something coherent. When I just speak out what I want it does not always make sense. I spend way too much time revising it. One of the disadvantages is that you need to spend a little bit of time training the voice recognition system. The system works best when you are running a very simple application such as WordPad or Notepad. It can even be used to some extent in Microsoft Word. However when using an application such as PowerPoint, the program spends so much time trying to figure out what possible commands you might be wanting to perform and not enough time actually realizing that you are trying to enter words. Another problem is homonyms. These are words that sound the same but they have different meanings in English except for the possibility of some contextual clues. There is no way for the speech recognition software to know whether I want "2", "two", "to", or "too." During setup the program asks you if they can look at the contents of documents on your hard drive to help you determine what word you used most often and in what context. This does help it guess which homonym you want. The final problem I wish to discuss is the editing features. Whenever I create a text document I will want to fix mistakes. There are some commands in the software that will help fix mistakes, but they are limited and clumsy. Some of them will even (in theory) help prevent mistakes by the voice recognition software in future. All that being said, I find that editing documents using the voice recognition software is very frustrating. I always resort to using the arrow keys and the mouse to navigate through the document. Vista speech recognition is a helpful tool when transcribing printed text or when words have been spoken into a tape recorder. However for initial composition of documents or editing I do not find it useful. I do not believe that I could ever learn to use it as a complete 100% substitute for the keyboard and mouse. I would not consider it a replacement if I was disabled. This article has been provided to APCUG by the author solely for publication by APCUG member groups. All other uses require the permission of the author (see e-mail address above). |
| Submit
Your article; deadline for next bulletin is the 3rd week
Tuesday
noon each month. Only what you write may be published. We cannot
publish other
peoples work
without written permission. Share your computer experiences with other members. We need articles to publish in the BGRCC Bulletin each month. Submit here |
| UPDATE YOUR MEMBERSHIP INFORMATION Change your e-mail address, unsubscribe to this bulletin, etc. Submit here |