ftp.wwiv.com

home *** CD-ROM | disk | FTP | other *** search

/ ftp.wwiv.com / ftp.wwiv.com.zip / ftp.wwiv.com / pub / HATCH / WWIVNEWS.ZIP / 9301_1.NWS < prev next >

Wrap

Text File | 1993-01-23 | 23KB | 445 lines

┌┐┌┐┌┐┌┐┌┐┌┐┌────┐┌┐ ┌┐┌─┐ ┌┐┌────┐┌┐┌┐┌┐┌────┐ ╔═════════════││││││││││││└─┐┌─┘││ │││ └┐│││┌───┘│││││││┌───┘═════════════╗ ║ Volume 3 ││││││││││││ ││ └┼┐┌┼┘│ └┘││└───┐│││││││└───┐ Nov/Dec/Jan ║ ║ Issue 7/8/9 ││││││││││││ ││ ││││ │┌┐ ││┌───┘││││││└───┐│ 1992/1993 ║ ╚═════════════│└┘└┘││└┘└┘│┌─┘└─┐ └┼┼┘ ││└┐ ││└───┐│└┘└┘│┌───┘│═════════════╝ │ └────┘└────┘└────┘ └┘ └┘ └─┘└────┘└────┘└────┘ │ │ Serving WWIV Sysops & Users Across All WWIV Networks │ └──────────────────────────────────────────────────────┘ ┌─────────────────────┐ │This Month's Features│ ┌──────────────────────────┴─────────────────────┴────────────────────────────┐ │ Random Factors.......................................Wayne Bell (1@1) │ │ │ │ Hack Attempts & Common Sense.........................Erik S. Klein (1@2082) │ │ │ │ Inside UEDIT.........................................Tolkien (1@3456) │ │ │ │ PKWARE's Hacked Versions of PKZIP Listing............PKWARE Inc. │ │ │ │ TechnOTES............................................WWIVnews Staff │ │ │ │ Squashing Those Gluttony .GIF's (Part 3).............Spackle (1@19955) │ │ │ │ Filo's Mod of the Month..............................Filo (1@5252) │ │ │ │ WWIVnet-Compatible Network Listing (1/7/93)..........Red Dwarf (1@6264) │ │ │ │ Dateline: @#$*()#!...................................Omega Man (1@5282) │ └─────────────────────────────────────────────────────────────────────────────┘ ───────────────┬─────────────────────────────────────────────┬─────────────── │ Random Factors │ │ Creative Commentary by Wayne Bell (1@1) │ └─────────────────────────────────────────────┘ Lots of creative comments this issue: NET32 ───── As most people know by now, net32 has been released. Even though it may not look like much, it actually has quite a few things fixed/upgraded/added. New net32 features: - Support for WWIV v4.22 (which most people probably don't care about yet) - Deletion of duplicate posts (but not duplicate E-Mail) - Multitasking support (file locking is now fully supported) - E-mail gating (if you are in multiple networks) Fixes: - Sub auto-reqs had a bug in previous versions, where if you received multiple requests (add or drop) for the same sub in the same net packet, some systems would be erroneously dropped from the n*.net file. That is fixed in net32. Problems: - There have been some problems reported with net32, though. These mostly relate to the increased memory usage of net32 (due to v4.22 support). Some of the rumors say this has to do with net compression, so if you're having a problem, try having your connect(s) turn off compression. WWIV v4.22 ────────── As most of you already know, my BBS phone number (Amber, @1) was changed on Thursday, Dec 24, 1992. The new phone number is 310-798-9993. If this is news to you, make a note of this change as the release date for WWIV v4.22 will be Sat, Jan 23rd at 6:00 PM PST. All v4.22 files will be made available for download after that time. The .ZIP files for v4.22 are: WWIV422 .ZIP - 338k - compiled version, no docs. WWIV422S.ZIP - 352k - source version, no docs. 421A-422.ZIP - 234k - upgrade from v4.21a to v4.22 (VERY long) WWA1-422.ZIP - 182k - accessory pack part 1 (docs + ESM) WWA2-422.ZIP - 279k - accessory pack part 2 (WWIVedit 2.5). (Obviously, you don't need all of them.) All files are zipped with pkzip v1.10, and have -AV codes on them, so when you unzip the files, you should see "-AV" after every file, and a note at the bottom saying: Authentic files Verified! # XLD658 WWIV Software Services The 'README.422' file in WWIV422.zip, WWIV422s.zip and 421A-422.zip describes the changes to v4.22 (from v4.21a). v4.22 SIDE NOTES ──────────────── A lot of people have been asking about this one: v4.22 WILL include a no-frills mini-editor for external strings. It will not be very fancy, but it'll do for those who choose not to use another ESM. In response to a query from the WWIVnews Editor, the quoting elements of the code are still not accessible by the internal editor. There are, however, mods out there to enable this feature if you really think it's necessary. Regarding userrec's that are non-standard, such as those modded by GOLDSYS, INIT will only convert stock user lists. If you have a non-standard one, you'll have to update the included convert.c program and run it. Finally, no real progress was made this version regarding the fax detection routines. Apparently, most modems don't really support that kind of operation. REGISTRATION FEES ────────────────── For those of you who haven't registered the source yet, as of Feb 1, 1993 the registration fee for WWIV will increase to $80. This includes having a disk mailed to you (so the increase is $25, from $55 to $80). If you have already registered WWIV, or do register before Feb 1, 1993 (that is, postmarked on or before Jan 31), this will NOT affect you. If you are already registered, you will see no change in source code access, or anything. This change in source registration policy will have no affect on WWIVnet registrations. Also, if you are in the WWIV installment plan, and have made your first installment before Feb 1, 1993, the price increase will not affect you. PKZIP 2.04c & WWIV ────────────────── As some of us sysops have already found out, there are many changes to the new version (v2.04c) of PKZIP/PKUNZIP. Unfortunately, in Phil Katz's attempt to speed-up screen-writes, he bypasses DOS and calls INT 29. This works fine locally, but remote callers SEE NOTHING on their screen when viewing/listing/extracting or adding to a TEMP archive. Bummer! Yes, the PKWARE folks are aware of the problem, and until they release an update fixing this (actually, they said they will add a command-line switch to not allow this DOS by-pass), and "fix" some other problems that have been reported, you might try the following work-around: 1) Run INIT. 2) Select option 6. 3) Add to the end of each ZIP command-line ">NUL" (without the quotes). Remote users will now be able to view the output as before. NOTE: for pkzip 2.04C (or later), you NEED to have "-o" on your extraction commandline, for security reasons. ───────────────┬─────────────────────────────────────────────┬─────────────── │ Hack Attempts & Common Sense │ │ Erik S. Klein (1@2082) │ └─────────────────────────────────────────────┘ [Editor's nOTE: A couple of weeks back, Erik posted a detailed hacking report on the Group 4 discussion sub. While the methods employed may seem rather lame to most experienced sysops and users, the fact that they were successful teaches us all a very valuable lesson about how fragile system security can be when we allow those who are untrained in such procedures to act in our stead.] ────────────────────────────────────────────────────────────────────────────── The following is EXTREMELY IMPORTANT information! It should be read carefully and acted upon. This document is to inform you about a rather obnoxious hacker who has been making SUCCESSFUL attempts at local WWIV boards. The following is his M.O.: First he will call the BBS in question and establish an account - or several if possible. He will perform whatever activities are considered "normal" on that board such as downloading files, playing onliners and such. This is, presumably, to throw the SysOps off the scent later. The phone number, name and other information he gives are, of course, bogus. Next he will somehow get the phone number of the OTHER phone line(s) at the SysOps home. In most cases this is as easy as calling information since most SysOps use their real names and their exchange gives a means of comparison where there are many "John Smiths." He will then call the board to be hacked at a time when he thinks the Sysop is not there and try and page the Sysop for a chat. If the chat is unsuccessful then he will call the voice phone number and tell any FEMALE who answers (our local WWIV SysOps are all males) that she needs to press the F9 key to "unlock" or "fix" the board. This boy is very cool, calm and persuasive. He has talked at least one wife and one daughter into actually PRESSING THE KEY! He only began failing after word got out. (Before our local WWIV community realized what was up he was calling my place VERY often; almost daily. It got so bad for a while that I thought my wife was having an affair!) Once he has Temp SysOp he just does a //edit on CONFIG.DAT to get the SysOp password and does a //UEDIT to get the SysOp's password (for later use). He now has free and ready access to DOS whenever he calls. He can drop down and ZIP up whatever he wants and download it at his leisure. He can then delete or edit any affected logs and be gone without a trace. The one sure thing he gets from this is a COMPLETE USER LIST with PASSWORDS. In San Antonio he HAS used this to log on as others, for what it's worth. On boards where the machine is not dedicated to the BBS the potential for damage is impressive. It is pretty obvious that this guy knows WWIV pretty well. It is also obvious what needs to be done about him. 1) Sysops MUST let their families, friends, roommates, and even their pets know NEVER to press any keys for strangers without consulting you first. It is amazing how few Sysops actually restrict their families use of their boards! 2) A little more security should be placed in the CONFIG.DAT file. Wayne should consider possibly encrypting the Sysop Password(s) in future releases of WWIV. 3) Another San Antonio Sysop recommended that secondary password protection be placed on commands such as //edit and //uedit. This is a REALLY good idea and several mods exist out there for additional Sysop passwords. 4) Sysops should change their passwords often. This is the easiest way to foil hackers who have already used this hack method with success. Some hackers will lay low with their information for quite some time before actually using it to their "advantage", and a frequent password change will usually render their success a moot point. ───────────────────────────────────────────────────────────────────────────── [Editor's nOTE: The bottom line on this particular hacking method is pretty obvious. Hackers using this method are taking advantage of a simple lapse in common sense on the part of the Sysop regarding the use of cohabitants as "co-sysops". Sysops, make sure those sharing your living space are either made aware of all aspects of BBS security and know what to do in an "emergency", or that the BBS is off-limits unless *you, yourself* have instructed them to do something. If the person(s) in question are rather computer-illiterate, the latter option is probably the safest. After all, it's better to have a board that's down temporarily for a small but safe reason than one that's down for a rather big and stupid one.] ───────────────┬─────────────────────────────────────────────┬─────────────── │ Inside UEDIT │ │Guest Creative Commentary by Tolkien (1@3456)│ └─────────────────────────────────────────────┘ UEDIT is a standalone program, a superset of the functions of the built-in uedit function that WWIV possesses. But more than just an editor, it's also a userlist *manager*, with a vast array of capabilities far beyond the internal uedit function. Because of the (irritating) array of userrec structures out there, UEDIT now supports five all in one executable: stock 4.21A userrecs with 32 msg bases or 64 msg bases, both of those with the FROM mod installed (which I highly recommend, since it's a useful thing for UEDIT to search on), and my own userrec structure. If your userrec structure is not one of these, do not despair; all is not lost. Ethereal Cereal released a modification that allows you to put "extra" userrec stuff in a separate file, USER2.LST. I suggest doing this, but leaving the FROM information in USER.LST, so that UEDIT can use this information to search on - and move everything *else* non-standard (if anything) into USER2.LST. You need not specify which userrec structure you use - UEDIT figures this out by itself by reading the size of your userrec structure from CONFIG.DAT. Originally I did have it necessary to specify which structure to use on the command line, but I decided that was too much of a pain, so it's all taken care of for you now. The first thing you notice when you run it is the interface - mouseable, with support for extended EGA/VGA 43- and 50-line video modes; it will use a mouse if you have one installed and a mouse driver resident. If not, no big deal; it works equally well without a mouse, with mnemonic key commands for all functions and help always available at the press of a key. UEDIT adjusts itself automatically to use the extended EGA/VGA modes if you are currently using one. The colors highlight important information. The initial screen you see is what I call browse mode. On this screen are two windows, one containing a scrollable list of the users' handles and user numbers. The other window details some of the more critical information about the user on which the cursor is located. Users with a security level of 100 or greater are shown in one color, users who haven't called in over 90 days (or a number of days you specify yourself) are shown in another color. "Normal" callers are shown in yet another color. It works just as you would expect: the page down key scrolls you down a screenfull of users, page up does the opposite. Home bring you to the #1 account, End brings you to the last account. Deleted callers are shown in red. Hitting the ENTER key brings you into what I call edit mode. Here is where you can edit all of the various fields for that caller, including city, state, and address if your userrec has them included. You can also edit a zillion fields that the internal uedit function of WWIV does not allow: the colors, the macros, logons, posts, time spent on the board, you name it. You move from field to field with TAB or ENTER or if you use a mouse you can just click on the field you wish to edit. The core of the various non-editing functions that UEDIT can perform is contained in the search engine (which, along with all other commands, is available from edit or browse mode, so you can use whichever is most comfortable to you at the time). The search screen allows you to enter a range of security levels, download security levels, days since called, age, sex, status (deleted, normal, inactive or all of the above). You can search by ARs and/or by DARs, and you can use one AR to exclude callers from showing as a match. An example of what the search engine can do is to find all male undeleted callers, age 17-20, with a zipcode containing '631', who last called some time from 30 to 60 days ago, with an AR of 'A', or 'B' and a security level of 30-50. You can also specify realname, handle, street, city/state, and note substrings to search for. While the search engine sounds complicated, it needs to be seen to understand just how easy it is to use. And *finding* the specified callers is just the beginning. Once you have defined a search specification, you can then perform actions on those callers. For instance, you can redefine their colors, or reset their QSCAN pointers, or delete them, or print some information about those callers to a file (detailed or brief information). Or just plain count how many callers match that specification, just for information. Besides these abilities, UEDIT also possesses a few others: a memory-efficient drop to DOS which leaves only a resident 7-10k kernel in memory, the ability to add a specified number of new user accounts (for instance, if you know someone is going to call and you wish to get their account ready), or you can swap the location of two accounts (to move your friend to a lower user number, for instance). You can rewrite WWIV's NAMES.LST file properly with a keypress. There's a one-key command to jump straight to the #1 account from anywhere. There is a command to save a "favorite" search specification (your most-often-used one) to disk, and another command to retrieve a saved search specification from disk, so you needn't retype it constantly. All of this is available when UEDIT is fully loaded. However, you can also perform some command line operations, notably a user purge, for deleting aged accounts automatically as part of your daily event. Of course, you can specify a range of security levels, etc., to narrow down your purge. Some of the actual UEDIT interface colors and settings may also be overridden with command line parameters. A list of the available command line parameters and a brief description is available by running the standard UEDIT /?. When WWIV v4.22 comes out, all of the userrec compatibility problems will be solved, since the userrec struct that will be used for 4.22 is much more modifiable without sacrificing compatibility, and has much more depth as well. UEDIT will, of course, support that userrec fully when it becomes standard. Kudos to Wayne for doing the userrec upgrade. At this point in time, rather than modifying your userrec, you might as well wait for WWIV v4.22's "super userrec". Nigh three years in the making now, UEDIT has changed greatly. I wrote it to do a few useful things originally and, by request mainly, have added capabilities as time has gone on. By the time you read this, the current version will be v2.01. For those of you who have over about 200 users, this is a fairly indispensable utility. Once you've used UEDIT and explored its capabilities, you will wonder how you ever lived without it. Is it free? No way. Hundreds of hours of development time went into writing this program. It's commercial-grade software at this point, albeit for a limited market. The shareware cost is $20, with no upgrade fees ever. Those who registered previous versions (for $15) do not pay the difference, of course. ───────────────────────────────────────────────────────────────────────────── [Editor's nOTE: Tolkien is working on a UEDIT update for the forthcoming WWIV 4.22 release, and a follow-up article detailing any major changes will appear in a future issue of WWIVnews.] ───────────────┬─────────────────────────────────────────────┬─────────────── │ PKWARE's Hacked Versions of PKZIP Listing │ │ Courtesy of PKWare Inc. │ └─────────────────────────────────────────────┘ [Editor's nOTE: WWIVnet's PKZip watchdog, Allen Turner (1@9965), was unable due to personal time constraints to do a follow-up article on his PKWare update from last September. When his schedule permits, a follow-up will appear in a future issue of WWIVnews, hopefully with a brief interview with Phil Katz on just what the hell was *really* going on with 2.04c prior to its release. In the meantime, the following was posted on the PKWare BBS just prior to 2.04c's general release to the public in an effort to help sysops and users identify and eliminate hacked versions of PKZip that have appeared over the past few months.] ───────────────────────────────────────────────────────────────────────────── In a attempt to clarify the situation with fake release versions of PKZIP, we are releasing this list of known hacks. If you have any information as to the original source of any of these hacks, please either leave mail for the sysop on the PKWARE BBS (414-354-8670), or call us at 414-354-8699. Known PKZIP related hacks as of 9/30/92: Name Information ------------------------------------------------------------------- PKZIP120 Early hack of 1.1 PKZIP20B Hack of 1.1 PKZIP_V2.EXE Trojan, will erase hard drives PKZ201.ZIP Hack of 1.93 PKZ201.EXE " PKX201.EXE " PKZ210F.EXE Unknown PKZIPV2 Trojan, will erase hard drives PKUNZIP.COM Unknown PKZIP203.EXE Unknown PUTAV 1.93 Fake putav program (trojan) PKZIP 1.99 Unknown PKZIP 2.02 Unknown PKZIP 2.2 Trojan destroys hard drives PKZ305.EXE Hack of 1.93, fake AV. General guidelines for detecting a hack: The real PKZIP 2 will use a method of compression called "Deflating". There are FOUR methods of Deflating plus a NO compression option: -ex -en -ef -es -e0. PKWARE's AV code is: PKW655. The AV method used by PKZIP 1.10 and 1.93 is different from that used for PKZIP 2. The PKZIP 2 documentation is completely new. All hacks shown above either have no documentation or a slightly modified version of the PKZIP 1.0 docs. PKZIP 2 will be distributed in a self-extracting (EXE) file. PKWARE software would never be distributed as a .ZIP file or any other archive format. PKZIP 2 will be sent to registered users before it is posted by PKWARE. PKZIP 2 will be available on PKWARE BBS as soon as the upgrades have been shipped. PKWARE Inc. Phone numbers and address will be on the real PKZIP 2: PKWARE Inc. 9025 N. Deerwood Dr. Brown Deer, WI 53223 (414)354-8699 (414)354-8559 FAX (414)354-8670 BBS PKWARE BBS offers 14.4K Dual Standard modems (v.32/v.42bis) on all nodes.