From dbatech at wolfwares.com Mon Sep 1 02:21:43 2003 From: dbatech at wolfwares.com (Drew Wutka) Date: Mon, 1 Sep 2003 02:21:43 -0500 Subject: [dba-Tech] Security measures In-Reply-To: <00ba01c36c13$be6def40$410cd018@W2k> Message-ID: I think I got this late, due to recent power failures, my mail server has been off and on a bit, so messages have been delayed a bit. Here's my perspective, I am going to break it into work and home. Work: At work, we have a network of about 150 to 200 computers. We have a T1 (and backup T1), which is connected through a router that has firewall capabilities. That is our firewall. It's fast and efficient, though I have never touched it, other then to turn it off/on. My co-worker has spent a lot of time and effort in understanding and programing that thing, so I stay clear. That is our internet protection, against hacker access. As far as viruses go, we use three TrendMicro products. ScanMail, ServerProtect and OfficeScan. We started with ScanMail. Back when the ILOVEYOU Virus was floating around, our current network admin/exchange admin was tasked with getting some sort of virus protection for our Exchange server. He failed to do so, and a few months after the virus was talking about on CNN, we were hit with a variation of that virus. It tore the heck out of our mail systems. At the time I was relatively new to the company, but I new far more about Exchange then the admin, simply because I was very comfortable around MS software, and I knew quite a bit about databases. In fact, the Exchange Admin didn't have a freakin clue about how to handle the virus situation. I took over (and thus 'became' the Exchange Admin). I did a search on the net for Exchange anti-virus packages. What I was specifically looking for was something that not only scanned emails as mail came in and out, but also one that would scan individual mailboxes. ScanMail fit the bill. I was able to download a demo package, that would run for 30 days. It did a superb job of taking care of our virus. For the next few months, we watched for virus alerts. Everytime a virus was announced, we found it on Trend's site immediately. The other big guys, like MacAffee and Norton were a toss up, so we felt that we made a good (lucky) decision with Trend Micro. Since we have used ScanMail, we have only had ONE virus get through (literally one, one copy). It was a virus that came through the MIME media file attachment, which forces Media player to play. As soon as we knew about that virus, we ran an immediate update on ScanMail, and it updated the engine to catch that type of attachment too. Now, to make ScanMail effective, we do not allow ANY attachment through that can be run immediately. ScanMail is then extremly effective. Since any file extension that can be immediately run is blocked, and Scanmail catches everything in it's pattern (and it goes several layers deep into Zip files (you can set it, the default is 5 layers), we are virtually immune to email viruses. It catches email coming in, going out, and internal email. Highly effective. It is also pretty light weight. I have never noticed extereme server usage by ScanMail. In fact, after the initial setup, and a few tweaks, I RARELY go into ScanMail's control panel, because it just keeps chugging. I found the outgoing scan to be pretty important, since we don't want an infected user sending viruses out of the company either. (With that ILOVEYOU virus, we contacted as many people as we could, that we sent them a virus.) A few months after that we had another virus issue. It was a Word Doc virus. An HR person had brought their girlfriend's resume in on a floppy, and that resume contained a virus. Thus, every word document he opened was infected, and it began to spread pretty quick. So again we looked to Trend. ServerProtect was their server based enterprise package. We installed a Trail version, and it immediately handled our Word virus issue. It allows for manual scans, auto scans, and I/O scans. An I/O scan reads everything written and read from/to a server. It is amazingly lite weight. Once installed to our File Servers, we noticed NO difference in file retrieval speeds. It's an enterprise package, so we actually installed it to one server, and then we told it what servers we wanted protected, and it installed itself on those machines. Those machines can then be collectively managed from one point. Only issue we have ever had with ServerProtect is that we have an NT4 machine which is a Dec Alpha, and ServerProtect is no longer supported on Dec Alpha. (So we mapped it's drives to one of the other servers, and we have those mapped drives scanned nightly. Not as protective as I/O, but it works...). The last peice of virus protection wasn't prompted by a virus. I fought tooth and nail to get it, because our biggest vulnerability after ScanMail and ServerProtect was our individual machines. We finally bought OfficeScan close to a year ago. OfficeScan is Trend's enterprise level desktop protection. It's pretty slick too. It can be file based, or web based, we chose to go the web based method. With this method, clients can be installed and updated from the web. It can also 'remotely' install on NT machines. The Admin web page allows for controlling remote machines (scanning, updating, installing, etc.), and it also offers reporting on a network wide basis. Last week we were hit by WORM_MSBLAST.D. What we discovered was that OfficeScan clients weren't updating, their patterns were the original ones that were installed. I figured out and fixed that problem on Thursday. I just had to map a virtual drive on the webserver, because the clients were looking for a URL that didn't exist. If we would have found and fixed that issue earlier, we would have had no problems with that virus. OfficeScan also password protects the client machines, so clients cannot stop or uninstall it without the Admin password. One last thing, ScanMail can also be purchased as a version that has eManager. (We should have bought the original that way, but didn't). eManager is a Spam handler, and it works well as far as spam goes. I highly recommend Trend products, because we have had little to no problem with them (other then this recent issue, which was mostly our fault for not verifying updates). They are priced fine, and they do have a maintenance price, on a yearly basis. It's reasonable, and should be the same or less then the other big packages. Another item of note, is that before we began using Trend products, we had MacAffee installed on our clients. It was atrocious. Patterns were a pain to update, and more importantly, MacAffee interfered with legitimate computer stuff more then it protected from viruses. With Trend's products, we have had no such difficulties, other then an odd ActiveX issue for a yellow pages package on our Intranet. (Which we have resolved....within a few hours of knowing about the issue). Hope this helps. Drew -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Steven W. Erbach Sent: Tuesday, August 26, 2003 3:50 PM To: dba-Tech at databaseadvisors.com Subject: [dba-Tech] Security measures Dear Group, Computer security grabbed the headlines over the last two weeks. I've been steadily adding to a Favorites list of security-related web sites, but my own understanding of the issues in computer and Internet security is limited to what I read and what I've done on the PCs in my home office. I have two main questions: 1) What resources do you turn to for security information -- books, magazines, web sites, etc.? 2) What things have you done on your own PCs to battle the forces of darkness? Software (anti-virus, password encryption, firewalls) or hardware (routers, proxy servers, firewalls, etc.). 2a) What was it about these products that recommended themselves to you? Thank you for your input in advance. I've found myself answering questions about security that I'm not too sure about. That's why I'm asking you here. Regards, Steve Erbach Scientific Marketing Neenah, WI If architects built buildings the way programmers built applications, the first woodpecker to come along would cause the end of civilization. _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From my.lists at verizon.net Wed Sep 3 16:39:48 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Wed, 03 Sep 2003 14:39:48 -0700 Subject: [dba-Tech] VBA overrun? Message-ID: <3F565FA4.9050305@verizon.net> Just caught this on my alerts from MS... seems silly to think that a hacker would use an overrun in vba through a word or such doc, when they could just program the exploit in VBA by calling API routines to harm your pc.... - ---------------------------------------------------------------------- Title: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution (822715) Date: 03 September 2003 Microsoft encourages customers to review the Security Bulletins at: http://www.microsoft.com/technet/security/bulletin/MS03-037.asp -- -Francisco IE <----- Is that even a browser? From my.lists at verizon.net Wed Sep 3 17:14:35 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Wed, 03 Sep 2003 15:14:35 -0700 Subject: [dba-Tech] Re: [AccessD] FW: Microsoft Security Bulletin MS03-037: Flaw in Execution(822715) In-Reply-To: References: Message-ID: <3F5667CB.6030300@verizon.net> Question... it's a buffer overrun, exploited when a piece of malicious code is executed from an MS document such as word, access, excell or Visio... the question is, since all these formats support VBA, wouldn't the hacker, attacker, cracker or script kiddie instead just exploit the machine by accessing the standard API's? I mean it's not like he gets elevated rights by running in the buffer overrun, he runs in the user's context.... -- -Francisco Firebird the browser that blows the competition away. Can you feel the fire? Arthur Fuller wrote: > Just in case anyone missed this: > > -----Original Message----- > From: Microsoft > [mailto:0_51915_61265BE7-D473-3A42-A79A-179EB7E29A6B_CA at Newsletters.Micr > osoft.com] > Sent: Wednesday, September 03, 2003 1:21 PM > To: afuller at etsys.com > Subject: Microsoft Security Bulletin MS03-037: Flaw in Visual Basic for > Applications Could Allow Arbitrary Code Execution(822715) > > > -----BEGIN PGP SIGNED MESSAGE----- > > - ---------------------------------------------------------------------- > Title: Flaw in Visual Basic for Applications Could Allow > Arbitrary Code Execution (822715) > Date: 03 September 2003 > > Affected Software: > Microsoft Visual Basic for Applications SDK 5.0 > Microsoft Visual Basic for Applications SDK 6.0 > Microsoft Visual Basic for Applications SDK 6.2 > Microsoft Visual Basic for Applications SDK 6.3 > > Products which include the affected software: > Microsoft Access 97 > Microsoft Access 2000 > Microsoft Access 2002 > Microsoft Excel 97 > Microsoft Excel 2000 > Microsoft Excel 2002 > Microsoft PowerPoint 97 > Microsoft PowerPoint 2000 > Microsoft PowerPoint 2002 > Microsoft Project 2000 > Microsoft Project 2002 > Microsoft Publisher 2002 > Microsoft Visio 2000 > Microsoft Visio 2002 > Microsoft Word 97 > Microsoft Word 98(J) > Microsoft Word 2000 > Microsoft Word 2002 > Microsoft Works Suite 2001 > Microsoft Works Suite 2002 > Microsoft Works Suite 2003 > Microsoft Business Solutions Great Plains 7.5 > Microsoft Business Solutions Dynamics 6.0 > Microsoft Business Solutions Dynamics 7.0 > Microsoft Business Solutions eEnterprise 6.0 > Microsoft Business Solutions eEnterprise 7.0 > Microsoft Business Solutions Solomon 4.5 > Microsoft Business Solutions Solomon 5.0 > Microsoft Business Solutions Solomon 5.5 > > Impact: Run code of attackers choice > Max Risk: Critical > Bulletin: MS03-037 > > Microsoft encourages customers to review the Security Bulletins > at: > http://www.microsoft.com/technet/security/bulletin/MS03-037.asp > http://www.microsoft.com/security/security_bulletins/ms03-037.asp > - ---------------------------------------------------------------------- > > Issue: > ====== > Microsoft VBA is a development technology for developing client > desktop packaged applications and integrating them with existing > data and systems. Microsoft VBA is based on the Microsoft Visual > Basic development system. Microsoft Office products include VBA > and make use of VBA to perform certain functions. VBA can also be > used to build customized applications based around an existing > host application. > > A flaw exists in the way VBA checks document properties passed to > it when a document is opened by the host application. A buffer > overrun exists which if exploited successfully could allow an > attacker to execute code of their choice in the context of the > logged on user. > > In order for an attack to be successful, a user would have to > open a specially crafted document sent to them by an attacker. > This document could be any type of document that supports VBA, > such as a Word document, Excel spreadsheet, PowerPoint > presentation. In the case where Microsoft Word is being used as > the HTML e-mail editor for Microsoft Outlook, this document could > be an e-mail, however the user would need to reply to, or forward > the mail message in order for the vulnerability to be exploited. > > Mitigating Factors: > ==================== > - -The user must open a document sent to them by an attacker in > order for this vulnerability to be exploited. > - -When Microsoft Word is being used as the HTML e-mail editor in > Outlook, a user would need to reply to or forward a malicious e- > mail document sent to them in order for this vulnerability to be > exploited. > - -An attacker's code could only run with the same rights as the > logged on user. The specific privileges the attacker could gain > through this vulnerability would therefore depend on the > privileges granted to the user. Any limitations on a user's > account, such as those applied through Group Policies, would also > limit the actions of any arbitrary code executed by this > vulnerability. > > Risk Rating: > ============ > - Critical > > Patch Availability: > =================== > - A patch is available to fix this vulnerability. Please read > the Security Bulletins at > http://www.microsoft.com/technet/security/bulletin/ms03-037.asp > http://www.microsoft.com/security/security_bulletins/ms03-037.asp > for information on obtaining this patch. > > Acknowledgment: > =============== > - eEye Digital Security, http://www.eeye.com > > - --------------------------------------------------------------------- > > THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS > PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT > DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING > THE > WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR > PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS > BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, > INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL > DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN > ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT > ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL > OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. > > -----BEGIN PGP SIGNATURE----- > Version: PGP 7.1 > > iQEVAwUBP1Y7no0ZSRQxA/UrAQFW9Af/R8I0BzShSIs6JIz+tl/BKj6inGbX0Sde > HIJ0dwziLnxQZpcRCow2HPGFM1yQjIXuu7PGtjBrPYfn5pmSKmJvvNk0ZDKKyQmL > 9t+/Bs+aGsdllF4BeAiFGYTnRgxEUlMFM9/GJbKaOFUBGhfRLHtv4IEUqb7tqFG4 > byoa7h3mOTijlbuE8SKHF6rbGGOAyhAbK4h8f8+tqjQ4PllNo9wSJLcTCg7HkdVv > Vp2VkUPAXiRLBKZUkdpa1OgZ7g7znze1yC4g8/n5WVinknW8uHH0krRNQDvEQmU1 > rb5N1+OTosd2JqTW/WXs1PE5XRYYd36ULcOO9f8TQpKp6kQNxKRC3A== > =SCfU > -----END PGP SIGNATURE----- > > ******************************************************************* > > You have received this e-mail bulletin because of your subscription to the > Microsoft Product Security Notification Service. For more information on > this service, please visit > http://www.microsoft.com/technet/security/notify.asp. > > To verify the digital signature on this bulletin, please download our PGP > key at http://www.microsoft.com/technet/security/notify.asp. > > To unsubscribe from the Microsoft Security Notification Service, please > visit the Microsoft Profile Center at > http://register.microsoft.com/regsys/pic.asp > > If you do not wish to use Microsoft Passport, you can unsubscribe from the > Microsoft Security Notification Service via email as described below: > Reply to this message with the word UNSUBSCRIBE in the Subject line. > > For security-related information about Microsoft products, please visit the > Microsoft Security Advisor web site at http://www.microsoft.com/security. > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > From my.lists at verizon.net Wed Sep 3 17:14:35 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Wed, 03 Sep 2003 15:14:35 -0700 Subject: [dba-Tech] Re: [AccessD] FW: Microsoft Security Bulletin MS03-037: Flaw in Execution(822715) In-Reply-To: References: Message-ID: <3F5667CB.6030300@verizon.net> Question... it's a buffer overrun, exploited when a piece of malicious code is executed from an MS document such as word, access, excell or Visio... the question is, since all these formats support VBA, wouldn't the hacker, attacker, cracker or script kiddie instead just exploit the machine by accessing the standard API's? I mean it's not like he gets elevated rights by running in the buffer overrun, he runs in the user's context.... -- -Francisco Firebird the browser that blows the competition away. Can you feel the fire? Arthur Fuller wrote: > Just in case anyone missed this: > > -----Original Message----- > From: Microsoft > [mailto:0_51915_61265BE7-D473-3A42-A79A-179EB7E29A6B_CA at Newsletters.Micr > osoft.com] > Sent: Wednesday, September 03, 2003 1:21 PM > To: afuller at etsys.com > Subject: Microsoft Security Bulletin MS03-037: Flaw in Visual Basic for > Applications Could Allow Arbitrary Code Execution(822715) > > > -----BEGIN PGP SIGNED MESSAGE----- > > - ---------------------------------------------------------------------- > Title: Flaw in Visual Basic for Applications Could Allow > Arbitrary Code Execution (822715) > Date: 03 September 2003 > > Affected Software: > Microsoft Visual Basic for Applications SDK 5.0 > Microsoft Visual Basic for Applications SDK 6.0 > Microsoft Visual Basic for Applications SDK 6.2 > Microsoft Visual Basic for Applications SDK 6.3 > > Products which include the affected software: > Microsoft Access 97 > Microsoft Access 2000 > Microsoft Access 2002 > Microsoft Excel 97 > Microsoft Excel 2000 > Microsoft Excel 2002 > Microsoft PowerPoint 97 > Microsoft PowerPoint 2000 > Microsoft PowerPoint 2002 > Microsoft Project 2000 > Microsoft Project 2002 > Microsoft Publisher 2002 > Microsoft Visio 2000 > Microsoft Visio 2002 > Microsoft Word 97 > Microsoft Word 98(J) > Microsoft Word 2000 > Microsoft Word 2002 > Microsoft Works Suite 2001 > Microsoft Works Suite 2002 > Microsoft Works Suite 2003 > Microsoft Business Solutions Great Plains 7.5 > Microsoft Business Solutions Dynamics 6.0 > Microsoft Business Solutions Dynamics 7.0 > Microsoft Business Solutions eEnterprise 6.0 > Microsoft Business Solutions eEnterprise 7.0 > Microsoft Business Solutions Solomon 4.5 > Microsoft Business Solutions Solomon 5.0 > Microsoft Business Solutions Solomon 5.5 > > Impact: Run code of attackers choice > Max Risk: Critical > Bulletin: MS03-037 > > Microsoft encourages customers to review the Security Bulletins > at: > http://www.microsoft.com/technet/security/bulletin/MS03-037.asp > http://www.microsoft.com/security/security_bulletins/ms03-037.asp > - ---------------------------------------------------------------------- > > Issue: > ====== > Microsoft VBA is a development technology for developing client > desktop packaged applications and integrating them with existing > data and systems. Microsoft VBA is based on the Microsoft Visual > Basic development system. Microsoft Office products include VBA > and make use of VBA to perform certain functions. VBA can also be > used to build customized applications based around an existing > host application. > > A flaw exists in the way VBA checks document properties passed to > it when a document is opened by the host application. A buffer > overrun exists which if exploited successfully could allow an > attacker to execute code of their choice in the context of the > logged on user. > > In order for an attack to be successful, a user would have to > open a specially crafted document sent to them by an attacker. > This document could be any type of document that supports VBA, > such as a Word document, Excel spreadsheet, PowerPoint > presentation. In the case where Microsoft Word is being used as > the HTML e-mail editor for Microsoft Outlook, this document could > be an e-mail, however the user would need to reply to, or forward > the mail message in order for the vulnerability to be exploited. > > Mitigating Factors: > ==================== > - -The user must open a document sent to them by an attacker in > order for this vulnerability to be exploited. > - -When Microsoft Word is being used as the HTML e-mail editor in > Outlook, a user would need to reply to or forward a malicious e- > mail document sent to them in order for this vulnerability to be > exploited. > - -An attacker's code could only run with the same rights as the > logged on user. The specific privileges the attacker could gain > through this vulnerability would therefore depend on the > privileges granted to the user. Any limitations on a user's > account, such as those applied through Group Policies, would also > limit the actions of any arbitrary code executed by this > vulnerability. > > Risk Rating: > ============ > - Critical > > Patch Availability: > =================== > - A patch is available to fix this vulnerability. Please read > the Security Bulletins at > http://www.microsoft.com/technet/security/bulletin/ms03-037.asp > http://www.microsoft.com/security/security_bulletins/ms03-037.asp > for information on obtaining this patch. > > Acknowledgment: > =============== > - eEye Digital Security, http://www.eeye.com > > - --------------------------------------------------------------------- > > THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS > PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT > DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING > THE > WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR > PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS > BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, > INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL > DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN > ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT > ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL > OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY. > > -----BEGIN PGP SIGNATURE----- > Version: PGP 7.1 > > iQEVAwUBP1Y7no0ZSRQxA/UrAQFW9Af/R8I0BzShSIs6JIz+tl/BKj6inGbX0Sde > HIJ0dwziLnxQZpcRCow2HPGFM1yQjIXuu7PGtjBrPYfn5pmSKmJvvNk0ZDKKyQmL > 9t+/Bs+aGsdllF4BeAiFGYTnRgxEUlMFM9/GJbKaOFUBGhfRLHtv4IEUqb7tqFG4 > byoa7h3mOTijlbuE8SKHF6rbGGOAyhAbK4h8f8+tqjQ4PllNo9wSJLcTCg7HkdVv > Vp2VkUPAXiRLBKZUkdpa1OgZ7g7znze1yC4g8/n5WVinknW8uHH0krRNQDvEQmU1 > rb5N1+OTosd2JqTW/WXs1PE5XRYYd36ULcOO9f8TQpKp6kQNxKRC3A== > =SCfU > -----END PGP SIGNATURE----- > > ******************************************************************* > > You have received this e-mail bulletin because of your subscription to the > Microsoft Product Security Notification Service. For more information on > this service, please visit > http://www.microsoft.com/technet/security/notify.asp. > > To verify the digital signature on this bulletin, please download our PGP > key at http://www.microsoft.com/technet/security/notify.asp. > > To unsubscribe from the Microsoft Security Notification Service, please > visit the Microsoft Profile Center at > http://register.microsoft.com/regsys/pic.asp > > If you do not wish to use Microsoft Passport, you can unsubscribe from the > Microsoft Security Notification Service via email as described below: > Reply to this message with the word UNSUBSCRIBE in the Subject line. > > For security-related information about Microsoft products, please visit the > Microsoft Security Advisor web site at http://www.microsoft.com/security. > --- > Incoming mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com From mike.tope at dsl.pipex.com Wed Sep 3 17:50:43 2003 From: mike.tope at dsl.pipex.com (Mike Tope) Date: Wed, 3 Sep 2003 23:50:43 +0100 Subject: [dba-Tech] VBA overrun? References: <3F565FA4.9050305@verizon.net> Message-ID: <001e01c3726d$d58d12e0$0207a8c0@TopEnergy> FYI Applying the VBA patch on A97 on W98 can cause you to need Aclicn97.exe from Q191224 / Q141373 Title : ACC: "There is no license" Error Starting Microsoft Access. Regards Mike Tope ----- Original Message ----- From: "Francisco H Tapia" To: "Discussion of Hardware and Software issues" Sent: 03 September 2003 22:39 Subject: [dba-Tech] VBA overrun? > Just caught this on my alerts from MS... seems silly to think that a > hacker would use an overrun in vba through a word or such doc, when they > could just program the exploit in VBA by calling API routines to harm > your pc.... > > - ---------------------------------------------------------------------- > Title: Flaw in Visual Basic for Applications Could Allow > Arbitrary Code Execution (822715) > Date: 03 September 2003 > > Microsoft encourages customers to review the Security Bulletins > at: > http://www.microsoft.com/technet/security/bulletin/MS03-037.asp > > -- > -Francisco > IE <----- Is that even a browser? > From my.lists at verizon.net Wed Sep 3 18:40:59 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Wed, 03 Sep 2003 16:40:59 -0700 Subject: [dba-Tech] VBA overrun? In-Reply-To: <001e01c3726d$d58d12e0$0207a8c0@TopEnergy> References: <3F565FA4.9050305@verizon.net> <001e01c3726d$d58d12e0$0207a8c0@TopEnergy> Message-ID: <3F567C0B.2070800@verizon.net> Mike Tope wrote: > FYI > Applying the VBA patch on A97 on W98 can cause you to need Aclicn97.exe from > Q191224 / Q141373 > Title : ACC: "There is no license" Error Starting Microsoft Access. > > Regards > Mike Tope Great... so now it can't be a managed roll out :), like through a script. I wonder too... instead of loading the patch for A97 etc, etc, etc.. why not just apply the VBA patch or does it need to be patched on both sides? -- -Francisco You've got leaders who fake it. From andy at minstersystems.co.uk Thu Sep 4 14:43:16 2003 From: andy at minstersystems.co.uk (Andy Lacey) Date: Thu, 4 Sep 2003 20:43:16 +0100 Subject: [dba-Tech] Cameras etc In-Reply-To: <3F567C0B.2070800@verizon.net> Message-ID: <006601c3731c$cd42ee20$b274d0d5@minster33c3r25> Hi folks My brother in New Zealand has suggested that they and we buy cameras, microphones etc for our PC's so that my nephews and nieces can speak to us and their grandparents in the UK. My questions are along the lines of: - what would we need? - is the techonology good? - do others amongst you do this and how successful is it in practice? - how much does it cost? - any equipment recommendations? that sort of thing. You get the picture I'm sure. Andy Lacey http://www.minstersystems.co.uk From my.lists at verizon.net Thu Sep 4 15:19:34 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Thu, 04 Sep 2003 13:19:34 -0700 Subject: [dba-Tech] Cameras etc In-Reply-To: <006601c3731c$cd42ee20$b274d0d5@minster33c3r25> References: <006601c3731c$cd42ee20$b274d0d5@minster33c3r25> Message-ID: <3F579E56.2090705@verizon.net> Andy Lacey wrote: > Hi folks > My brother in New Zealand has suggested that they and we buy cameras, > microphones etc for our PC's so that my nephews and nieces can speak to > us and their grandparents in the UK. My questions are along the lines > of: > - what would we need? > - is the techonology good? > - do others amongst you do this and how successful is it in practice? > - how much does it cost? > - any equipment recommendations? > > that sort of thing. You get the picture I'm sure. using just a standard mic/headset I've done voice conferencing to save money on long distance calls. the respose time over DSL (768/128) is awesome, I can be connected to the office via ultraVNC and suffer almost no visible drag. I have however not tried the camera portion, I suppose the cost for that will be whatever you make it... you can look around for deals on digital pc cameras that connect to either firewire or USB tho the refresh on them is not as well compressed I would imagine. -- -Francisco more memory generally improves responsiveness From carbonnb at sympatico.ca Thu Sep 4 18:28:16 2003 From: carbonnb at sympatico.ca (Bryan Carbonnell) Date: Thu, 04 Sep 2003 19:28:16 -0400 Subject: [dba-Tech] Cameras etc In-Reply-To: <006601c3731c$cd42ee20$b274d0d5@minster33c3r25> References: <3F567C0B.2070800@verizon.net> Message-ID: <3F579250.27742.15800C1@localhost> On 4 Sep 2003 at 20:43, Andy Lacey wrote: > Hi folks > My brother in New Zealand has suggested that they and we buy cameras, > microphones etc for our PC's so that my nephews and nieces can speak > to us and their grandparents in the UK. My questions are along the > lines of: - what would we need? - is the techonology good? - do others > amongst you do this and how successful is it in practice? - how much > does it cost? - any equipment recommendations? > > that sort of thing. You get the picture I'm sure. I can't say too much other than a neighbour of mine talks to her relatives in Croatia from Toronto, Ontario, Canada with a regular old sound card and mic. I *think* they also use a Logitec Webcam as well. They use Yahoo IM to start a chat session and then,like MSM, start a voice connection. It works for them even using a dialup 'net connection. -- Bryan Carbonnell - carbonnb at sympatico.ca If you can't be a good example, then you'll just have to be a horrible warning. From kathryn at bassett.net Fri Sep 5 00:38:38 2003 From: kathryn at bassett.net (Kathryn Bassett) Date: Thu, 4 Sep 2003 22:38:38 -0700 Subject: [dba-Tech] Time for new computer In-Reply-To: Message-ID: Drew said: > I could toss a lot of details at you, but personally I recommend talking to > someone that builds machines for a living. > I STRONGLY recommend this approach to buying a new machine. Robert is very > adept at matching the clients needs to a finished product. Their machines > are custom built (and cost the same or less (very rarely more) then your > typical boxed machines (though some of the prebuilt Dell ads have beaten his > prices), which means that you won't have to make trade off's. You get > exactly what you want, and need. I have a company here that I deal with, also with great results. My question was more on *you* guys experience on what is needed/not needed. So that I had some ideas already at hand when I discussed with them. But in any case, it's moot now, because I decided to go sorta cheap for a computer for Dave, and hold off and get the server later. What I'm ending up with is: AMD Duron 1.3ghz Amptron DDR Motherboard Onboard Video/Sound USB 2.0 DVD-Rom, 512 MD DDR, Lan (don't need writing since I can do that on mine) 40gb hard drive 3.5 of course Win2000 (I want it same as mine so I don't have to remember differences in OS) $599 Also got 15" LCD monitor for $280 I also got some LinkSys stuff http://www.linksys.com/products/product.asp?grid=33&scid=35&prid=508 plus http://www.linksys.com/products/product.asp?grid=33&scid=36&prid=526 for the new computer http://www.linksys.com/products/product.asp?grid=33&scid=36&prid=525 for my notebook (it dawned on me that there might be a hot spot where I stay in Salt Lake) and for when I can figure out a spot to put the laser that I have: http://www.linksys.com/products/product.asp?grid=33&scid=37&prid=440 -- Kathryn Rhinehart Bassett (Pasadena CA) "Genealogy is my bag" "GH is my soap" kathryn at bassett.net http://bassett.net From serbach at new.rr.com Fri Sep 5 07:00:54 2003 From: serbach at new.rr.com (Steven W. Erbach) Date: Fri, 5 Sep 2003 07:00:54 -0500 Subject: [dba-Tech] Time for new computer References: Message-ID: <001a01c373a6$1a295e70$2e02d018@W2k> Kathryn, FWIW, when you want to put together a server, you might check out www.tomshardwareguide.com Very good reviews and advice. Regards, Steve Erbach Scientific Marketing Neenah, WI If architects built buildings the way programmers built applications, the first woodpecker to come along would cause the end of civilization. From andy at minstersystems.co.uk Fri Sep 5 12:25:47 2003 From: andy at minstersystems.co.uk (Andy Lacey) Date: Fri, 5 Sep 2003 18:25:47 +0100 Subject: [dba-Tech] Cameras etc In-Reply-To: <3F579250.27742.15800C1@localhost> Message-ID: <000001c373d2$cb03dbe0$b274d0d5@minster33c3r25> Thanks Bryan and Francisco for the feedback. Anyone else have any experience of this? andy > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Bryan Carbonnell > Sent: 05 September 2003 00:28 > To: Discussion of Hardware and Software issues > Subject: Re: [dba-Tech] Cameras etc > > > On 4 Sep 2003 at 20:43, Andy Lacey wrote: > > > Hi folks > > My brother in New Zealand has suggested that they and we > buy cameras, > > microphones etc for our PC's so that my nephews and nieces > can speak > > to us and their grandparents in the UK. My questions are along the > > lines of: - what would we need? - is the techonology good? > - do others > > amongst you do this and how successful is it in practice? - > how much > > does it cost? - any equipment recommendations? > > > > that sort of thing. You get the picture I'm sure. > > I can't say too much other than a neighbour of mine talks to her > relatives in Croatia from Toronto, Ontario, Canada with a regular old > sound card and mic. I *think* they also use a Logitec Webcam as well. > > They use Yahoo IM to start a chat session and then,like MSM, start a > voice connection. > > It works for them even using a dialup 'net connection. > > -- > Bryan Carbonnell - carbonnb at sympatico.ca > If you can't be a good example, then you'll just have to be a > horrible warning. > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > Website: http://www.databaseadvisors.com > > From Lembit.Soobik at t-online.de Fri Sep 5 12:58:20 2003 From: Lembit.Soobik at t-online.de (Lembit Soobik) Date: Fri, 5 Sep 2003 19:58:20 +0200 Subject: [dba-Tech] Cameras etc References: <000001c373d2$cb03dbe0$b274d0d5@minster33c3r25> Message-ID: <022301c373d7$4ed6d1d0$0200a8c0@S856> Andy, not really experience, but I had tried the video thing with AIM and Logitech, just as receiving end. for some unknown reason it would not work, but I got the window in which the life video would be, and that was so small - like a stamp - that I thought it doesnt make sense to spend any more minute for trying that. Lembit Soobik ----- Original Message ----- From: "Andy Lacey" To: "'Discussion of Hardware and Software issues'" Sent: Friday, September 05, 2003 7:25 PM Subject: RE: [dba-Tech] Cameras etc > Thanks Bryan and Francisco for the feedback. Anyone else have any > experience of this? > > andy > > > -----Original Message----- > > From: dba-tech-bounces at databaseadvisors.com > > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > > Bryan Carbonnell > > Sent: 05 September 2003 00:28 > > To: Discussion of Hardware and Software issues > > Subject: Re: [dba-Tech] Cameras etc > > > > > > On 4 Sep 2003 at 20:43, Andy Lacey wrote: > > > > > Hi folks > > > My brother in New Zealand has suggested that they and we > > buy cameras, > > > microphones etc for our PC's so that my nephews and nieces > > can speak > > > to us and their grandparents in the UK. My questions are along the > > > lines of: - what would we need? - is the techonology good? > > - do others > > > amongst you do this and how successful is it in practice? - > > how much > > > does it cost? - any equipment recommendations? > > > > > > that sort of thing. You get the picture I'm sure. > > > > I can't say too much other than a neighbour of mine talks to her > > relatives in Croatia from Toronto, Ontario, Canada with a regular old > > sound card and mic. I *think* they also use a Logitec Webcam as well. > > > > They use Yahoo IM to start a chat session and then,like MSM, start a > > voice connection. > > > > It works for them even using a dialup 'net connection. > > > > -- > > Bryan Carbonnell - carbonnb at sympatico.ca > > If you can't be a good example, then you'll just have to be a > > horrible warning. > > > > > > _______________________________________________ > > dba-Tech mailing list > > dba-Tech at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > > > Website: http://www.databaseadvisors.com > > > > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From EdTesiny at oasas.state.ny.us Fri Sep 5 13:22:17 2003 From: EdTesiny at oasas.state.ny.us (Tesiny, Ed) Date: Fri, 5 Sep 2003 14:22:17 -0400 Subject: [dba-Tech] Cameras etc Message-ID: Hi Andy, At work our IT folks were playing around with a desktop video/audio setup about 1 1/2 years ago. I believe it was a monitor mounted Pictel camera. It required a dedicated ISDN telephone line to get decent refresh rate and it still was choppy and the image was kinda small. They pretty much gave up on that for a top of the line PicTel teleconferencing system that required 6 dedicated ISDN lines but now we're talking big $$, the phone lines are expensive and they would prefer we don't use it. I sure technology has other options now with DSL/cable. There's always the digital camera or digital camcorder. I just started looking at digital cameras, something neat about not having to use film/developing and all that. Some of the digital cameras also have a movie option where I believe you can record some motion, roughly 80 seconds on the 16 Mb card that comes with the camera but you can probably get a lot more if you spring for the 256 Mb card about $150. Panasonic is running a special this month, their $299 camera with a Leica lens comes with a free 128 Mb card, I'm leaning in that direction. Sorry, can't be of more help. Ed Tesiny EdTesiny at oasas.state.ny.us -----Original Message----- From: Andy Lacey [mailto:andy at minstersystems.co.uk] Sent: Friday, September 05, 2003 1:26 PM To: 'Discussion of Hardware and Software issues' Subject: RE: [dba-Tech] Cameras etc Thanks Bryan and Francisco for the feedback. Anyone else have any experience of this? andy From andy at minstersystems.co.uk Fri Sep 5 14:24:33 2003 From: andy at minstersystems.co.uk (Andy Lacey) Date: Fri, 5 Sep 2003 20:24:33 +0100 Subject: [dba-Tech] Cameras etc In-Reply-To: Message-ID: <000c01c373e3$55fcff00$b274d0d5@minster33c3r25> Thanka Ed and Lembit. Doesn't sound too promising. I thought it might be one of these things that sounds great in theory....and it looks like that's right. Perhaps I should suggest my brother saves his money. Andy > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Tesiny, Ed > Sent: 05 September 2003 19:22 > To: Discussion of Hardware and Software issues > Subject: RE: [dba-Tech] Cameras etc > > > Hi Andy, > At work our IT folks were playing around with a desktop > video/audio setup about 1 1/2 years ago. I believe it was a > monitor mounted Pictel camera. It required a dedicated ISDN > telephone line to get decent refresh rate and it still was > choppy and the image was kinda small. They pretty much gave > up on that for a top of the line PicTel teleconferencing > system that required 6 dedicated ISDN lines but now we're > talking big $$, the phone lines are expensive and they would > prefer we don't use it. I sure technology has other options > now with DSL/cable. There's always the digital camera or > digital camcorder. I just started looking at digital > cameras, something neat about not having to use > film/developing and all that. Some of the digital cameras > also have a movie option where I believe you can record some > motion, roughly 80 seconds on the 16 Mb card that comes with > the camera but you can probably get a lot more if you spring > for the 256 Mb card about $150. Panasonic is running a > special this month, their $299 camera with a Leica lens comes > with a free 128 Mb card, I'm leaning in that direction. > Sorry, can't be of more help. > > Ed Tesiny > EdTesiny at oasas.state.ny.us > > > -----Original Message----- > From: Andy Lacey [mailto:andy at minstersystems.co.uk] > Sent: Friday, September 05, 2003 1:26 PM > To: 'Discussion of Hardware and Software issues' > Subject: RE: [dba-Tech] Cameras etc > > > Thanks Bryan and Francisco for the feedback. Anyone else have > any experience of this? > > andy > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > Website: http://www.databaseadvisors.com > > From garykjos at hotmail.com Fri Sep 5 14:38:17 2003 From: garykjos at hotmail.com (Gary Kjos) Date: Fri, 05 Sep 2003 14:38:17 -0500 Subject: [dba-Tech] Cameras etc Message-ID: Hi Andy, Have you checked out sites like http://webcam.com/ They have a HOW TO GET STARTED page there. http://webcam.com/toolkit/default.asp?section=homewebcamsPc Gary Kjos garykjos at hotmail.com >From: "Andy Lacey" >Reply-To: Discussion of Hardware and Software >issues >To: "'Discussion of Hardware and Software >issues'" >Subject: RE: [dba-Tech] Cameras etc >Date: Fri, 5 Sep 2003 20:24:33 +0100 > >Thanka Ed and Lembit. Doesn't sound too promising. I thought it might be >one of these things that sounds great in theory....and it looks like >that's right. Perhaps I should suggest my brother saves his money. > >Andy > > > -----Original Message----- > > From: dba-tech-bounces at databaseadvisors.com > > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Tesiny, Ed > > Sent: 05 September 2003 19:22 > > To: Discussion of Hardware and Software issues > > Subject: RE: [dba-Tech] Cameras etc > > > > > > Hi Andy, > > At work our IT folks were playing around with a desktop > > video/audio setup about 1 1/2 years ago. I believe it was a > > monitor mounted Pictel camera. It required a dedicated ISDN > > telephone line to get decent refresh rate and it still was > > choppy and the image was kinda small. They pretty much gave > > up on that for a top of the line PicTel teleconferencing > > system that required 6 dedicated ISDN lines but now we're > > talking big $$, the phone lines are expensive and they would > > prefer we don't use it. I sure technology has other options > > now with DSL/cable. There's always the digital camera or > > digital camcorder. I just started looking at digital > > cameras, something neat about not having to use > > film/developing and all that. Some of the digital cameras > > also have a movie option where I believe you can record some > > motion, roughly 80 seconds on the 16 Mb card that comes with > > the camera but you can probably get a lot more if you spring > > for the 256 Mb card about $150. Panasonic is running a > > special this month, their $299 camera with a Leica lens comes > > with a free 128 Mb card, I'm leaning in that direction. > > Sorry, can't be of more help. > > > > Ed Tesiny > > EdTesiny at oasas.state.ny.us > > > > > > -----Original Message----- > > From: Andy Lacey [mailto:andy at minstersystems.co.uk] > > Sent: Friday, September 05, 2003 1:26 PM > > To: 'Discussion of Hardware and Software issues' > > Subject: RE: [dba-Tech] Cameras etc > > > > > > Thanks Bryan and Francisco for the feedback. Anyone else have > > any experience of this? > > > > andy > > > > _______________________________________________ > > dba-Tech mailing list > > dba-Tech at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > > > Website: http://www.databaseadvisors.com > > > > > > >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com _________________________________________________________________ Use custom emotions -- try MSN Messenger 6.0! http://www.msnmessenger-download.com/tracking/reach_emoticon From DBCfour at aol.com Fri Sep 5 14:50:41 2003 From: DBCfour at aol.com (DBCfour at aol.com) Date: Fri, 5 Sep 2003 15:50:41 EDT Subject: [dba-Tech] Cameras etc Message-ID: <33.3d87cd26.2c8a4311@aol.com> Logitech is easiest to set up and use. The image is fairly small, but plenty good enough for distant relatives to at least see and hear in real time. NetMeeting works as well, but for ease of use and little or no investment, Logitech webcams and the IM Video companion have worked for me. Donna In a message dated 9/4/2003 3:43:51 PM Eastern Standard Time, andy at minstersystems.co.uk writes: > Hi folks > My brother in New Zealand has suggested that they and we buy cameras, > microphones etc for our PC's so that my nephews and nieces can speak to > us and their grandparents in the UK. My questions are along the lines > of: > - what would we need? > - is the techonology good? > - do others amongst you do this and how successful is it in practice? > - how much does it cost? > - any equipment recommendations? > > that sort of thing. You get the picture I'm sure. > > Andy Lacey > http://www.minstersystems.co.uk -------------- next part -------------- An HTML attachment was scrubbed... URL: From dbatech at wolfwares.com Fri Sep 5 18:02:19 2003 From: dbatech at wolfwares.com (Drew Wutka) Date: Fri, 5 Sep 2003 18:02:19 -0500 Subject: [dba-Tech] Time for new computer References: Message-ID: <018401c37401$c2488df0$1500a8c0@marlow.com> Sorry, I said that because I know what I like with computers, so an opinion from me is going to be pretty biased! Where as someone like the person I recommended deals with all sorts of tech variations, so he (and people like him) would be able to give an unbiased opinion on the matter. Drew ----- Original Message ----- From: "Kathryn Bassett" To: "Discussion of Hardware and Software issues" Sent: Friday, September 05, 2003 12:38 AM Subject: RE: [dba-Tech] Time for new computer > Drew said: > > I could toss a lot of details at you, but personally I recommend talking to > > someone that builds machines for a living. > > > I STRONGLY recommend this approach to buying a new machine. Robert is very > > adept at matching the clients needs to a finished product. Their machines > > are custom built (and cost the same or less (very rarely more) then your > > typical boxed machines (though some of the prebuilt Dell ads have beaten his > > prices), which means that you won't have to make trade off's. You get > > exactly what you want, and need. > > I have a company here that I deal with, also with great results. My question was more on *you* guys experience on what is needed/not needed. So that I had some ideas already at hand when I discussed with them. But in any case, it's moot now, because I decided to go sorta cheap for a computer for Dave, and hold off and get the server later. > > What I'm ending up with is: > AMD Duron 1.3ghz > Amptron DDR Motherboard > Onboard Video/Sound > USB 2.0 > DVD-Rom, 512 MD DDR, Lan (don't need writing since I can do that on mine) > 40gb hard drive > 3.5 of course > Win2000 (I want it same as mine so I don't have to remember differences in OS) > $599 > Also got 15" LCD monitor for $280 > > I also got some LinkSys stuff > http://www.linksys.com/products/product.asp?grid=33&scid=35&prid=508 > plus > http://www.linksys.com/products/product.asp?grid=33&scid=36&prid=526 for the new computer > http://www.linksys.com/products/product.asp?grid=33&scid=36&prid=525 for my notebook (it dawned on me that there might be a hot spot where I stay in Salt Lake) > and for when I can figure out a spot to put the laser that I have: > http://www.linksys.com/products/product.asp?grid=33&scid=37&prid=440 > > -- > Kathryn Rhinehart Bassett (Pasadena CA) > "Genealogy is my bag" "GH is my soap" > kathryn at bassett.net > http://bassett.net > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From andy at minstersystems.co.uk Sat Sep 6 06:05:17 2003 From: andy at minstersystems.co.uk (Andy Lacey) Date: Sat, 6 Sep 2003 12:05:17 +0100 Subject: [dba-Tech] Cameras etc In-Reply-To: <33.3d87cd26.2c8a4311@aol.com> Message-ID: <005401c37466$c17348b0$b274d0d5@minster33c3r25> Thanks Donna and Gary Donna, I looked on Amazon and found the Logitech QuickCam Pro 4000 . Gets great reviews. Is this what you meant? Does the IM Video companion come budled with it? Andy -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of DBCfour at aol.com Sent: 05 September 2003 20:51 To: dba-tech at databaseadvisors.com Subject: Re: [dba-Tech] Cameras etc Logitech is easiest to set up and use. The image is fairly small, but plenty good enough for distant relatives to at least see and hear in real time. NetMeeting works as well, but for ease of use and little or no investment, Logitech webcams and the IM Video companion have worked for me. Donna In a message dated 9/4/2003 3:43:51 PM Eastern Standard Time, andy at minstersystems.co.uk writes: Hi folks My brother in New Zealand has suggested that they and we buy cameras, microphones etc for our PC's so that my nephews and nieces can speak to us and their grandparents in the UK. My questions are along the lines of: - what would we need? - is the techonology good? - do others amongst you do this and how successful is it in practice? - how much does it cost? - any equipment recommendations? that sort of thing. You get the picture I'm sure. Andy Lacey http://www.minstersystems.co.uk -------------- next part -------------- An HTML attachment was scrubbed... URL: From DBCfour at aol.com Sat Sep 6 06:49:14 2003 From: DBCfour at aol.com (DBCfour at aol.com) Date: Sat, 6 Sep 2003 07:49:14 EDT Subject: [dba-Tech] Cameras etc Message-ID: Yes, and for those w/out it...it's a quickie d/l. When you send an "invitation" to someone via an IM, it sends a link to enable them to view your video. The image window is smaller than in NetMeeting, but it's so quick and easy it's worth it to some. Donna In a message dated 9/6/2003 7:07:16 AM Eastern Daylight Time, andy at minstersystems.co.uk writes: > Thanks Donna and Gary > > Donna, I looked on Amazon and found the Logitech QuickCam Pro 4000 . Gets > great reviews. Is this what you meant? Does the IM Video companion come budled > with it? > > Andy > -------------- next part -------------- An HTML attachment was scrubbed... URL: From andy at minstersystems.co.uk Sat Sep 6 09:53:48 2003 From: andy at minstersystems.co.uk (Andy Lacey) Date: Sat, 6 Sep 2003 15:53:48 +0100 Subject: [dba-Tech] Recent MS Security Updates In-Reply-To: Message-ID: <007101c37486$ae0fb310$b274d0d5@minster33c3r25> You'll no doubt have had the latest round of MS security bulletins last week. Well has anyone tried to apply MS03-035 and 036 to an Office 97 installation? Despite my best efforts the links for these 2 patches for Office 97 lead nowhere except to a "contact MS" dead-end. I have clients with Office 97 and can't believe I'm the only one. Has anyone found a route to the necessary downloads? Andy Lacey http://www.minstersystems.co.uk -------------- next part -------------- An HTML attachment was scrubbed... URL: From gustav at cactus.dk Sat Sep 6 10:24:29 2003 From: gustav at cactus.dk (Gustav Brock) Date: Sat, 6 Sep 2003 17:24:29 +0200 Subject: [dba-Tech] Recent MS Security Updates In-Reply-To: <007101c37486$ae0fb310$b274d0d5@minster33c3r25> References: <007101c37486$ae0fb310$b274d0d5@minster33c3r25> Message-ID: <12233734257.20030906172429@cactus.dk> Hi Andy > You'll no doubt have had the latest round of MS security bulletins last > week. Well has anyone tried to apply MS03-035 and 036 to an Office 97 > installation? Despite my best efforts the links for these 2 patches for > Office 97 lead nowhere except to a "contact MS" dead-end. I have clients > with Office 97 and can't believe I'm the only one. Has anyone found a > route to the necessary downloads? > Andy Lacey > http://www.minstersystems.co.uk I think you have hit same dead end as have Woody in paragraph 8 ... /gustav cc: AccessD list. ---- -------------- next part -------------- An embedded message was scrubbed... From: Woody's OFFICE Watch Subject: WOW #8.35 - New Office security patches explained Date: Thu, 04 Sep 2003 12:47:14 -0400 Size: 20053 URL: From gustav at cactus.dk Sat Sep 6 10:24:29 2003 From: gustav at cactus.dk (Gustav Brock) Date: Sat, 6 Sep 2003 17:24:29 +0200 Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates In-Reply-To: <007101c37486$ae0fb310$b274d0d5@minster33c3r25> References: <007101c37486$ae0fb310$b274d0d5@minster33c3r25> Message-ID: <12233734257.20030906172429@cactus.dk> Hi Andy > You'll no doubt have had the latest round of MS security bulletins last > week. Well has anyone tried to apply MS03-035 and 036 to an Office 97 > installation? Despite my best efforts the links for these 2 patches for > Office 97 lead nowhere except to a "contact MS" dead-end. I have clients > with Office 97 and can't believe I'm the only one. Has anyone found a > route to the necessary downloads? > Andy Lacey > http://www.minstersystems.co.uk I think you have hit same dead end as have Woody in paragraph 8 ... /gustav cc: AccessD list. ---- -------------- next part -------------- An embedded message was scrubbed... From: Woody's OFFICE Watch Subject: WOW #8.35 - New Office security patches explained Date: Thu, 04 Sep 2003 12:47:14 -0400 Size: 20053 URL: -------------- next part -------------- _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com From andy at minstersystems.co.uk Sat Sep 6 10:32:52 2003 From: andy at minstersystems.co.uk (Andy Lacey) Date: Sat, 6 Sep 2003 16:32:52 +0100 Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates In-Reply-To: <12233734257.20030906172429@cactus.dk> Message-ID: <009001c3748c$234a4820$b274d0d5@minster33c3r25> Hi Gustav I don't subscribe to Woody's Watch now. Does he have any insights on this? If you see a resolution can you let me know? Andy > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Gustav Brock > Sent: 06 September 2003 16:24 > To: Discussion of Hardware and Software issues > Cc: accessd at databaseadvisors.com > Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > Hi Andy > > > You'll no doubt have had the latest round of MS security bulletins > > last week. Well has anyone tried to apply MS03-035 and 036 to an > > Office 97 installation? Despite my best efforts the links > for these 2 > > patches for Office 97 lead nowhere except to a "contact MS" > dead-end. > > I have clients with Office 97 and can't believe I'm the > only one. Has > > anyone found a route to the necessary downloads? > > > Andy Lacey > > http://www.minstersystems.co.uk > > I think you have hit same dead end as have Woody in paragraph 8 ... > > /gustav > > cc: AccessD list. > > ---- > From gustav at cactus.dk Sat Sep 6 10:42:08 2003 From: gustav at cactus.dk (Gustav Brock) Date: Sat, 6 Sep 2003 17:42:08 +0200 Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates In-Reply-To: <12233734257.20030906172429@cactus.dk> References: <007101c37486$ae0fb310$b274d0d5@minster33c3r25> <12233734257.20030906172429@cactus.dk> Message-ID: <6534793049.20030906174208@cactus.dk> Oops, some cannot see the attachment. I can highly recommend this newsletter. /gustav > I think you have hit same dead end as have Woody in paragraph 8 ... --==>> WOW -- WOODY's OFFICE WATCH <<==-- Microsoft Office advice and news from Woody Leonhard 4 September 2003 Vol 8 No 35 Within the past 12 hours, Microsoft released four Security Bulletins for Office products. This is our "rapid response" WOW to the flurry of activity. There are good points, bad points, at least one gotcha, and a host of unanswered questions, but the bottom line is that I recommend you install all the patches, immediately. Please pass this edition of WOW along to your friends, family, co-workers - even that weird guy in the cubicle across from you. It's important. It's complicated, too, as you'll soon see. Anyone can join WOW, it's free and your email address is private. Hop to http://woodyswatch.com/wow/ or send a blank email to wow at woodyswatch.com 1. What Happened 2. MS03-035 / 824936 / 824934 3. MS03-036 / 824993 / 824938 4. MS03-037 / 822035 / 822036 5. MS03-038 / 826292 / 826293 6. If You Have Office XP 7. If You Have Office 2000 8. If You Have Office 97 and/or Visio 2000 9. The Good Point: One Kudos for Microsoft 10. Keep WOW Alive and Free 1. WHAT HAPPENED Microsoft has just released four security patches: three rated "Important" and one "Critical". I recommend that you install them all right away, but read the specific instructions below first. No matter which version of Office or which Office products you use (including Access), you need to patch your PC. You also need to patch your PC if you have FrontPage 2000 or 2002, Project 2000 or 2002, Publisher 2002, Visio 2000 or 2002, Works 2001, 2002, or 2003, or several of the "MS Business Solutions" products. VBA is a big part of this round of security fixes, and many, many applications run VBA. Folks who own any of the 300 products listed at http://msdn.microsoft.com/vba/companies/company.asp (including AutoCAD, CorelDRAW, WordPerfect, Peachtree, and many more) will undoubtedly be receiving instructions to patch their systems, too. It would be a good idea to wait until the manufacturer contacts you, or to keep an eye on the manufacturer's Web site. The patching instructions for each product may vary a bit. Good luck. In the headings below, I've identified each patch by security bulletin number (MS03-???), and also by the Knowledge Base article number which is used to identify and track the patch. Many of the references you'll see in the press relate to bulletin numbers. But when you go to install a patch, all you'll see is the KB article number. Worse, there's also a Knowledge Base article with a completely different number that gives technical details on the hole and the fix. I listed those KB article numbers at the bottom of each security hole's description. It's a real mess. I hope this kinda cuts through some of the obfuscation. 2. MS03-035 / 824936 / 824934 MS03-035: "Flaw in Microsoft Word Could Enable Macros to Run Automatically" Patch for Word 2000: http://woodyswatch.com/kb?824936 Patch for Word 2002 (Office XP): http://woodyswatch.com/kb?824934 The problem described in MS03-035 affects Word 97, 2000, and 2002 (the version of Word in Office XP). It also affects Works 2001, 2002 and 2003 because they all contain vulnerable versions of Word. At this point, I don't know if it affects Word 2003, but based on the way they handled the other patches (see below), I'll bet Microsoft built the fix into Office 2003 before it released the gold code. There are very few details online about this security hole, although it sounds like the "flipped macro bit" hole that I discussed more than two years ago in WOW 6.30 (http://www.woodyswatch.com/office/archtemplate.asp?v6-n30 ). In that earlier exploit, Steven McLeod discovered a way to flip a single bit in a Word document, and have Word bypass macro screening. It led to the first patch of Word 2002. According to MS's Web page, the particular problem in MS03-035 was discovered by Jim Bassett. Jim reports, "I just stumbled on the security hole by accident. A co-worker (non-developer) made a Word template in an unusual way. I noticed that new documents created from this template behaved strangely. I investigated and discovered that when you create a template in a particular manner, derived documents always get past macro security. It happened on all versions of Word including 2003 Beta." Jim reports that he first notified Microsoft in May, so it took four months for this patch to appear. http://www.microsoft.com/technet/security/bulletin/MS03-035.asp http://woodyswatch.com/kb?827653 3. MS03-036 / 824993 / 824938 MS03-036: Buffer Overrun in WordPerfect Converter Could Allow Code Execution Patch for Office 2000: http://woodyswatch.com/kb?824993 Patch for Office XP: http://woodyswatch.com/kb?824938 This is a gaping security hole in the program that Word uses to open WordPerfect-formatted documents. Because Internet Explorer cranks up Word whenever it tries to open a .doc, IE "inherits" the security hole from Word. (A bit ironic, actually, when you think about how many times Outlook has "inherited" security holes from IE and its HTML rendering engine.) It's a traditional buffer overflow problem: the WordPerfect converter doesn't check to make sure that data coming in fits inside the allocated area. As a result, a craftily concocted WordPerfect document can blow away the converter, take over, and start running any program the attacker likes. Microsoft lists the vulnerable programs as Office 97, 2000, and XP, FrontPage 2000 and 2002, Publisher 2000 and 2002, and Works 2001, 2002, and 2003. According to Microsoft, all of those programs automatically install the faulty converter (although I don't understand how the converter would be invoked if Word isn't installed - oh well). No official word on whether it affects Office 2003, but when you install Build 5604 of Office 2003 (the final Office 2003 Build is 5612), you get the same "good" Word Converter file mention in the Knowledge Base articles. Thus, it's highly likely that Microsoft caught the problem and fixed it before Office 2003 went gold. eEye Digital Security - the folks who have uncovered more than a dozen security holes in Internet Explorer - caught this one, too. They report that it's taken Microsoft four months to plug the hole. http://www.microsoft.com/technet/security/bulletin/MS03-036.asp http://woodyswatch.com/kb?827103 http://www.eeye.com/html/Research/Advisories/AD20030903-1.html 4. MS03-037 / 822035 / 822036 MS03-037: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution Patch for Office 2000: http://woodyswatch.com/kb?822035 Patch for Office XP: http://woodyswatch.com/kb?822036 This is the biggie. It's rated "critical" because you can get infected by simply replying to or forwarding an infected email message - assuming you use Word as your Email editor. Don't get me started. There's a buffer overflow problem with the VBA Editor (er, the "Visual Basic Design Time Environment Library"). Yeah, you read that right. Here's how it works. Say you open a .doc file with Word. One early part of the process of opening a file involves Word plucking off a bit of the file and handing it to the VBA Editor (actually, handing it to the Visual Basic Design Time Environment Library, VBE.DLL). In effect, to a first approximation, Word asks the VBA Editor if VBA needs to be loaded in order to take care of the file. And Word asks VBE.DLL before it officially "opens" the file. That's when the problem occurs. If Word is tricked into plucking off too much data (which is remarkably easy to do), VBE.DLL gulps down the whole gob of data, chokes, and starts running the data that's passed to it, as if it were a program. If a bad guy jimmies a Word document so the plucked off part is too long, and sticks a malicious program at the point where VBE.DLL chokes and starts running the data as if it were a program, you have a classic buffer overflow attack. A lot of people are confused because they think their macro scanning anti-virus software should handle this sort of problem. In short, it can't (at least, not in the way you usually think of virus checkers working). Why? This initial plucking and feeding to VBE.DLL occurs long before Word even scans the document for macros, much less invokes the security levels you've set, or calls your anti-virus package. That's why WordMail can get clobbered. If you try to reply to or forward a message, WordMail plucks a string off the message and hands it to VBE.DLL, asking VBA if it needs to be loaded. If the string's too long, VBE.DLL can start running whatever program the bad guy stuck at the end of the string. Your anti-virus software will never even see the message. It's a helluva bad problem. As far as I can tell, anything and everything that uses Visual Basic for Applications is vulnerable. As mentioned earlier, that would include all of the 300-plus products made by companies that paid to have VBA included with their software. No doubt Corel and AutoCAD and a couple hundred other vendors are a bit, uh, peeved at this point. Remarkably, Microsoft does NOT list Outlook in the MS03-037 Security Bulletin lineup of afflicted products. That must be an oversight. Outlook certainly does use VBA. I bet MS fixes the KB article within minutes of reading this. Although there's no mention of Office 2003 in the Security Bulletin or KB articles, when you install Office 2003 Build 5604 (RTM is Build 5612), you get the "good" updated VBE6.DLL discussed in KB articles 822035 and 822036. Apparently MS fixed this hole before Office 2003 was released to manufacturing. eEye caught this one, too. It took Microsoft four months to patch this hole. http://www.microsoft.com/technet/security/bulletin/MS03-037.asp http://woodyswatch.com/kb?822715 http://www.eeye.com/html/Research/Advisories/AD20030903-2.html 5. MS03-038 / 826292 / 826293 MS03-038 - Unchecked Buffer in Microsoft Access Snapshot Viewer May Permit Code Execution Patch for Access 2000: http://woodyswatch.com/kb?826292 Patch for Access 2002 (Office XP): http://woodyswatch.com/kb?826293 This is another buffer overflow bug. (Somebody remind me. Didn't Microsoft perform a month-long security lockdown and code review, specifically aimed at buffer overflows and other common security holes, about a year ago? Hundreds of millions of dollars, if memory serves. Hmmmmm...) The Access Snapshot Viewer is a program that lets you look at a "snapshot" of an Access database. No, I've never used it, either. This particular security hole is susceptible to the same "kill bit" problem that the old Office Web Components bug encountered. I talked about the kill bit cat-and-mouse game in WOW 7.40, http://www.woodyswatch.com/OFFICE/archtemplate.asp?v7-n40 . Basically, even if you download and apply the fix, it's still possible for a really persistent cretin to undo your patch, remotely, operating from a Web site you visit. As far as I know, there aren't any good solutions to kill bit problems. You just have to wait for the next Internet Explorer patch, and apply it. And pray. Microsoft credits Oliver Lavery with finding this hole. I've written to Oliver, and will let you know if he wants to add anything. http://www.microsoft.com/technet/security/bulletin/MS03-038.asp http://woodyswatch.com/kb?827104 6. IF YOU HAVE OFFICE XP I hate to do it, but I'm going to recommend that you go to the Office Update site, http://www.office.microsoft.com/ProductUpdates/default.aspx , and apply whatever patches Microsoft may have for you. Why? Because there's working "exploit" code already posted on the Web for MS03-036 and MS03-037. It won't be long before somebody with a black hat figures out a way to use it. I've installed the patches on my own Office XP machines, and nothing has fallen over yet. I've combed the newsgroups and haven't heard any wailing or gnashing of teeth - although many folks are skeptical of Office Update. (No, you *can't* get these patches from Windows Update. You have to use Office Update.) If you want to download individual files, heaven help ya!, the Administrative Update page with links to all the Office XP update files is at http://www.microsoft.com/office/ork/xp/journ/oxpupdte.htm . You can also try following the instructions in the KB articles I noted at the end of the discussion for each security hole. 7. IF YOU HAVE OFFICE 2000 See the above recommendation for Office XP. The only good way I can figure to get all of the right patches (and there's a bunch of them, especially if you have FrontPage or Publisher) is via Office Update. Office 2000 (and 97) Administrative Updates (which is Microsoft speak for "downloadable patches") are listed at http://www.microsoft.com/office/ork/xp/journ/o2kupdte.htm 8. IF YOU HAVE OFFICE 97 AND/OR VISIO 2000 Sez Microsoft: "A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem." Of course, Microsoft doesn't provide you with enough information to determine whether or not a specific PC is experiencing the MS03-035 problem, in particular, but it appears to me as if all Office 97 computers are vulnerable to all four threats. Worse, if you wait until the 'specific problem' appears it means you probably have been attacked in some way. Here's "Trustworthy Computing" in action - Microsoft is recommending you do nothing until something bad happens. And people wonder why I don't take Microsoft a face value. For MS03-035: Start at http://woodyswatch.com/kb?827647 and follow the instructions to beg Microsoft for the patch. For MS03-036: Start at http://woodyswatch.com/kb?827656 and beg. For MS03-037: Start at http://woodyswatch.com/kb?822150 and download and apply the generic VBA update. For MS03-038: You need to download the new Access Snapshot Viewer at http://www.microsoft.com/accessdev/articles/snapshot.htm?&gssnb=1 WOODY's EMAIL ESSENTIALS - our new, free, newsletter, all about email. WEE will give you news and tips on Outlook Express - yes, finally a place for all those OE users to call home. There'll also be advice on email etiquette, spam prevention, email services and scams. Just click on this link to join using the same email address as this issue of WOW http://woodyswatch.com/email/subscribe.asp?cactus at cactus.dk Or send a blank email to wee at woodyswatch.com 9. THE GOOD POINT: ONE KUDOS FOR MICROSOFT Somebody in Redmond decided, once again, that Office 97 applications will be patched, even if Office 97 is, at least theoretically, orphaned. That's the right decision to make, and I want to thank the person or people who made it. It'd sure be nice if we didn't have to beg to get the updates. But at least they're available. Hopefully some sanity will prevail and the patches will be made available without going cap in hand to Microsoft. Well, maybe not sanity so much as self-preservation as waves of unhappy Office 97 / Visio 2000 user call Microsoft support. So far, the patches look stable. Let's all keep our fingers crossed. 10. KEEP WOW ALIVE AND FREE If you like the no-nonsense style you see in this newsletter - the straight scoop, whether Microsoft likes it or not, dished out in a way that won't put you to sleep - get one of my books! "Windows XP All-In-One Desk Reference For Dummies", Hungry Minds http://www.woodyswatch.com/l.asp?0764515489 "Special Edition Using Microsoft Office XP" with Ed Bott, Que http://www.woodyswatch.com/l.asp?0789725134 "Special Edition Using Microsoft Office 2000" with Ed Bott, Que http://www.woodyswatch.com/l.asp?0789718421 "Woody Leonhard Teaches Office 2000", Que http://www.woodyswatch.com/l.asp?0789718715 From gustav at cactus.dk Sat Sep 6 10:42:08 2003 From: gustav at cactus.dk (Gustav Brock) Date: Sat, 6 Sep 2003 17:42:08 +0200 Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates In-Reply-To: <12233734257.20030906172429@cactus.dk> References: <007101c37486$ae0fb310$b274d0d5@minster33c3r25> <12233734257.20030906172429@cactus.dk> Message-ID: <6534793049.20030906174208@cactus.dk> Oops, some cannot see the attachment. I can highly recommend this newsletter. /gustav > I think you have hit same dead end as have Woody in paragraph 8 ... --==>> WOW -- WOODY's OFFICE WATCH <<==-- Microsoft Office advice and news from Woody Leonhard 4 September 2003 Vol 8 No 35 Within the past 12 hours, Microsoft released four Security Bulletins for Office products. This is our "rapid response" WOW to the flurry of activity. There are good points, bad points, at least one gotcha, and a host of unanswered questions, but the bottom line is that I recommend you install all the patches, immediately. Please pass this edition of WOW along to your friends, family, co-workers - even that weird guy in the cubicle across from you. It's important. It's complicated, too, as you'll soon see. Anyone can join WOW, it's free and your email address is private. Hop to http://woodyswatch.com/wow/ or send a blank email to wow at woodyswatch.com 1. What Happened 2. MS03-035 / 824936 / 824934 3. MS03-036 / 824993 / 824938 4. MS03-037 / 822035 / 822036 5. MS03-038 / 826292 / 826293 6. If You Have Office XP 7. If You Have Office 2000 8. If You Have Office 97 and/or Visio 2000 9. The Good Point: One Kudos for Microsoft 10. Keep WOW Alive and Free 1. WHAT HAPPENED Microsoft has just released four security patches: three rated "Important" and one "Critical". I recommend that you install them all right away, but read the specific instructions below first. No matter which version of Office or which Office products you use (including Access), you need to patch your PC. You also need to patch your PC if you have FrontPage 2000 or 2002, Project 2000 or 2002, Publisher 2002, Visio 2000 or 2002, Works 2001, 2002, or 2003, or several of the "MS Business Solutions" products. VBA is a big part of this round of security fixes, and many, many applications run VBA. Folks who own any of the 300 products listed at http://msdn.microsoft.com/vba/companies/company.asp (including AutoCAD, CorelDRAW, WordPerfect, Peachtree, and many more) will undoubtedly be receiving instructions to patch their systems, too. It would be a good idea to wait until the manufacturer contacts you, or to keep an eye on the manufacturer's Web site. The patching instructions for each product may vary a bit. Good luck. In the headings below, I've identified each patch by security bulletin number (MS03-???), and also by the Knowledge Base article number which is used to identify and track the patch. Many of the references you'll see in the press relate to bulletin numbers. But when you go to install a patch, all you'll see is the KB article number. Worse, there's also a Knowledge Base article with a completely different number that gives technical details on the hole and the fix. I listed those KB article numbers at the bottom of each security hole's description. It's a real mess. I hope this kinda cuts through some of the obfuscation. 2. MS03-035 / 824936 / 824934 MS03-035: "Flaw in Microsoft Word Could Enable Macros to Run Automatically" Patch for Word 2000: http://woodyswatch.com/kb?824936 Patch for Word 2002 (Office XP): http://woodyswatch.com/kb?824934 The problem described in MS03-035 affects Word 97, 2000, and 2002 (the version of Word in Office XP). It also affects Works 2001, 2002 and 2003 because they all contain vulnerable versions of Word. At this point, I don't know if it affects Word 2003, but based on the way they handled the other patches (see below), I'll bet Microsoft built the fix into Office 2003 before it released the gold code. There are very few details online about this security hole, although it sounds like the "flipped macro bit" hole that I discussed more than two years ago in WOW 6.30 (http://www.woodyswatch.com/office/archtemplate.asp?v6-n30 ). In that earlier exploit, Steven McLeod discovered a way to flip a single bit in a Word document, and have Word bypass macro screening. It led to the first patch of Word 2002. According to MS's Web page, the particular problem in MS03-035 was discovered by Jim Bassett. Jim reports, "I just stumbled on the security hole by accident. A co-worker (non-developer) made a Word template in an unusual way. I noticed that new documents created from this template behaved strangely. I investigated and discovered that when you create a template in a particular manner, derived documents always get past macro security. It happened on all versions of Word including 2003 Beta." Jim reports that he first notified Microsoft in May, so it took four months for this patch to appear. http://www.microsoft.com/technet/security/bulletin/MS03-035.asp http://woodyswatch.com/kb?827653 3. MS03-036 / 824993 / 824938 MS03-036: Buffer Overrun in WordPerfect Converter Could Allow Code Execution Patch for Office 2000: http://woodyswatch.com/kb?824993 Patch for Office XP: http://woodyswatch.com/kb?824938 This is a gaping security hole in the program that Word uses to open WordPerfect-formatted documents. Because Internet Explorer cranks up Word whenever it tries to open a .doc, IE "inherits" the security hole from Word. (A bit ironic, actually, when you think about how many times Outlook has "inherited" security holes from IE and its HTML rendering engine.) It's a traditional buffer overflow problem: the WordPerfect converter doesn't check to make sure that data coming in fits inside the allocated area. As a result, a craftily concocted WordPerfect document can blow away the converter, take over, and start running any program the attacker likes. Microsoft lists the vulnerable programs as Office 97, 2000, and XP, FrontPage 2000 and 2002, Publisher 2000 and 2002, and Works 2001, 2002, and 2003. According to Microsoft, all of those programs automatically install the faulty converter (although I don't understand how the converter would be invoked if Word isn't installed - oh well). No official word on whether it affects Office 2003, but when you install Build 5604 of Office 2003 (the final Office 2003 Build is 5612), you get the same "good" Word Converter file mention in the Knowledge Base articles. Thus, it's highly likely that Microsoft caught the problem and fixed it before Office 2003 went gold. eEye Digital Security - the folks who have uncovered more than a dozen security holes in Internet Explorer - caught this one, too. They report that it's taken Microsoft four months to plug the hole. http://www.microsoft.com/technet/security/bulletin/MS03-036.asp http://woodyswatch.com/kb?827103 http://www.eeye.com/html/Research/Advisories/AD20030903-1.html 4. MS03-037 / 822035 / 822036 MS03-037: Flaw in Visual Basic for Applications Could Allow Arbitrary Code Execution Patch for Office 2000: http://woodyswatch.com/kb?822035 Patch for Office XP: http://woodyswatch.com/kb?822036 This is the biggie. It's rated "critical" because you can get infected by simply replying to or forwarding an infected email message - assuming you use Word as your Email editor. Don't get me started. There's a buffer overflow problem with the VBA Editor (er, the "Visual Basic Design Time Environment Library"). Yeah, you read that right. Here's how it works. Say you open a .doc file with Word. One early part of the process of opening a file involves Word plucking off a bit of the file and handing it to the VBA Editor (actually, handing it to the Visual Basic Design Time Environment Library, VBE.DLL). In effect, to a first approximation, Word asks the VBA Editor if VBA needs to be loaded in order to take care of the file. And Word asks VBE.DLL before it officially "opens" the file. That's when the problem occurs. If Word is tricked into plucking off too much data (which is remarkably easy to do), VBE.DLL gulps down the whole gob of data, chokes, and starts running the data that's passed to it, as if it were a program. If a bad guy jimmies a Word document so the plucked off part is too long, and sticks a malicious program at the point where VBE.DLL chokes and starts running the data as if it were a program, you have a classic buffer overflow attack. A lot of people are confused because they think their macro scanning anti-virus software should handle this sort of problem. In short, it can't (at least, not in the way you usually think of virus checkers working). Why? This initial plucking and feeding to VBE.DLL occurs long before Word even scans the document for macros, much less invokes the security levels you've set, or calls your anti-virus package. That's why WordMail can get clobbered. If you try to reply to or forward a message, WordMail plucks a string off the message and hands it to VBE.DLL, asking VBA if it needs to be loaded. If the string's too long, VBE.DLL can start running whatever program the bad guy stuck at the end of the string. Your anti-virus software will never even see the message. It's a helluva bad problem. As far as I can tell, anything and everything that uses Visual Basic for Applications is vulnerable. As mentioned earlier, that would include all of the 300-plus products made by companies that paid to have VBA included with their software. No doubt Corel and AutoCAD and a couple hundred other vendors are a bit, uh, peeved at this point. Remarkably, Microsoft does NOT list Outlook in the MS03-037 Security Bulletin lineup of afflicted products. That must be an oversight. Outlook certainly does use VBA. I bet MS fixes the KB article within minutes of reading this. Although there's no mention of Office 2003 in the Security Bulletin or KB articles, when you install Office 2003 Build 5604 (RTM is Build 5612), you get the "good" updated VBE6.DLL discussed in KB articles 822035 and 822036. Apparently MS fixed this hole before Office 2003 was released to manufacturing. eEye caught this one, too. It took Microsoft four months to patch this hole. http://www.microsoft.com/technet/security/bulletin/MS03-037.asp http://woodyswatch.com/kb?822715 http://www.eeye.com/html/Research/Advisories/AD20030903-2.html 5. MS03-038 / 826292 / 826293 MS03-038 - Unchecked Buffer in Microsoft Access Snapshot Viewer May Permit Code Execution Patch for Access 2000: http://woodyswatch.com/kb?826292 Patch for Access 2002 (Office XP): http://woodyswatch.com/kb?826293 This is another buffer overflow bug. (Somebody remind me. Didn't Microsoft perform a month-long security lockdown and code review, specifically aimed at buffer overflows and other common security holes, about a year ago? Hundreds of millions of dollars, if memory serves. Hmmmmm...) The Access Snapshot Viewer is a program that lets you look at a "snapshot" of an Access database. No, I've never used it, either. This particular security hole is susceptible to the same "kill bit" problem that the old Office Web Components bug encountered. I talked about the kill bit cat-and-mouse game in WOW 7.40, http://www.woodyswatch.com/OFFICE/archtemplate.asp?v7-n40 . Basically, even if you download and apply the fix, it's still possible for a really persistent cretin to undo your patch, remotely, operating from a Web site you visit. As far as I know, there aren't any good solutions to kill bit problems. You just have to wait for the next Internet Explorer patch, and apply it. And pray. Microsoft credits Oliver Lavery with finding this hole. I've written to Oliver, and will let you know if he wants to add anything. http://www.microsoft.com/technet/security/bulletin/MS03-038.asp http://woodyswatch.com/kb?827104 6. IF YOU HAVE OFFICE XP I hate to do it, but I'm going to recommend that you go to the Office Update site, http://www.office.microsoft.com/ProductUpdates/default.aspx , and apply whatever patches Microsoft may have for you. Why? Because there's working "exploit" code already posted on the Web for MS03-036 and MS03-037. It won't be long before somebody with a black hat figures out a way to use it. I've installed the patches on my own Office XP machines, and nothing has fallen over yet. I've combed the newsgroups and haven't heard any wailing or gnashing of teeth - although many folks are skeptical of Office Update. (No, you *can't* get these patches from Windows Update. You have to use Office Update.) If you want to download individual files, heaven help ya!, the Administrative Update page with links to all the Office XP update files is at http://www.microsoft.com/office/ork/xp/journ/oxpupdte.htm . You can also try following the instructions in the KB articles I noted at the end of the discussion for each security hole. 7. IF YOU HAVE OFFICE 2000 See the above recommendation for Office XP. The only good way I can figure to get all of the right patches (and there's a bunch of them, especially if you have FrontPage or Publisher) is via Office Update. Office 2000 (and 97) Administrative Updates (which is Microsoft speak for "downloadable patches") are listed at http://www.microsoft.com/office/ork/xp/journ/o2kupdte.htm 8. IF YOU HAVE OFFICE 97 AND/OR VISIO 2000 Sez Microsoft: "A supported fix is now available from Microsoft, but it is only intended to correct the problem that is described in this article. Apply it only to computers that are experiencing this specific problem." Of course, Microsoft doesn't provide you with enough information to determine whether or not a specific PC is experiencing the MS03-035 problem, in particular, but it appears to me as if all Office 97 computers are vulnerable to all four threats. Worse, if you wait until the 'specific problem' appears it means you probably have been attacked in some way. Here's "Trustworthy Computing" in action - Microsoft is recommending you do nothing until something bad happens. And people wonder why I don't take Microsoft a face value. For MS03-035: Start at http://woodyswatch.com/kb?827647 and follow the instructions to beg Microsoft for the patch. For MS03-036: Start at http://woodyswatch.com/kb?827656 and beg. For MS03-037: Start at http://woodyswatch.com/kb?822150 and download and apply the generic VBA update. For MS03-038: You need to download the new Access Snapshot Viewer at http://www.microsoft.com/accessdev/articles/snapshot.htm?&gssnb=1 WOODY's EMAIL ESSENTIALS - our new, free, newsletter, all about email. WEE will give you news and tips on Outlook Express - yes, finally a place for all those OE users to call home. There'll also be advice on email etiquette, spam prevention, email services and scams. Just click on this link to join using the same email address as this issue of WOW http://woodyswatch.com/email/subscribe.asp?cactus at cactus.dk Or send a blank email to wee at woodyswatch.com 9. THE GOOD POINT: ONE KUDOS FOR MICROSOFT Somebody in Redmond decided, once again, that Office 97 applications will be patched, even if Office 97 is, at least theoretically, orphaned. That's the right decision to make, and I want to thank the person or people who made it. It'd sure be nice if we didn't have to beg to get the updates. But at least they're available. Hopefully some sanity will prevail and the patches will be made available without going cap in hand to Microsoft. Well, maybe not sanity so much as self-preservation as waves of unhappy Office 97 / Visio 2000 user call Microsoft support. So far, the patches look stable. Let's all keep our fingers crossed. 10. KEEP WOW ALIVE AND FREE If you like the no-nonsense style you see in this newsletter - the straight scoop, whether Microsoft likes it or not, dished out in a way that won't put you to sleep - get one of my books! "Windows XP All-In-One Desk Reference For Dummies", Hungry Minds http://www.woodyswatch.com/l.asp?0764515489 "Special Edition Using Microsoft Office XP" with Ed Bott, Que http://www.woodyswatch.com/l.asp?0789725134 "Special Edition Using Microsoft Office 2000" with Ed Bott, Que http://www.woodyswatch.com/l.asp?0789718421 "Woody Leonhard Teaches Office 2000", Que http://www.woodyswatch.com/l.asp?0789718715 _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com From andy at minstersystems.co.uk Sun Sep 7 07:07:04 2003 From: andy at minstersystems.co.uk (Andy Lacey) Date: Sun, 7 Sep 2003 13:07:04 +0100 Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates In-Reply-To: <6534793049.20030906174208@cactus.dk> Message-ID: <00ca01c37538$90c8e850$b274d0d5@minster33c3r25> Thanks Gustav I obviously have to beg MS for the patch. What a PITA! Why the hell can't they make it downloadable like the others? Andy > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Gustav Brock > Sent: 06 September 2003 16:42 > To: Discussion of Hardware and Software issues > Cc: accessd at databaseadvisors.com > Subject: Re: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > Oops, some cannot see the attachment. > > I can highly recommend this newsletter. > > /gustav > > > > I think you have hit same dead end as have Woody in paragraph 8 ... > > > > --==>> WOW -- WOODY's OFFICE WATCH <<==-- > Microsoft Office advice and news from Woody Leonhard > 4 September 2003 Vol 8 No 35 > > > Within the past 12 hours, Microsoft released four Security > Bulletins for Office products. This is our "rapid response" > WOW to the flurry of activity. There are good points, bad > points, at least one gotcha, and a host of unanswered > questions, but the bottom line is that I recommend you > install all the patches, immediately. > > Please pass this edition of WOW along to your friends, > family, co-workers - even that weird guy in the cubicle > across from you. It's important. It's complicated, too, as > you'll soon see. > > Anyone can join WOW, it's free and your email address is > private. Hop to http://woodyswatch.com/wow/ or send a blank > email to wow at woodyswatch.com > > > 1. What Happened > 2. MS03-035 / 824936 / 824934 > 3. MS03-036 / 824993 / 824938 > 4. MS03-037 / 822035 / 822036 > 5. MS03-038 / 826292 / 826293 > 6. If You Have Office XP > 7. If You Have Office 2000 > 8. If You Have Office 97 and/or Visio 2000 > 9. The Good Point: One Kudos for Microsoft > 10. Keep WOW Alive and Free > > > 1. WHAT HAPPENED > Microsoft has just released four security patches: three > rated "Important" and one "Critical". I recommend that you > install them all right away, but read the specific > instructions below first. > > No matter which version of Office or which Office products > you use (including Access), you need to patch your PC. You > also need to patch your PC if you have FrontPage 2000 or > 2002, Project 2000 or 2002, Publisher 2002, Visio 2000 or > 2002, Works 2001, 2002, or 2003, or several of the "MS > Business Solutions" products. > > VBA is a big part of this round of security fixes, and many, > many applications run VBA. Folks who own any of the 300 > products listed at http://msdn.microsoft.com/vba/companies/company.asp > (including AutoCAD, CorelDRAW, WordPerfect, Peachtree, and > many more) will undoubtedly be receiving instructions to > patch their systems, too. It would be a good idea to wait > until the manufacturer contacts you, or to keep an eye on the > manufacturer's Web site. The patching instructions for each > product may vary a bit. Good luck. > > > In the headings below, I've identified each patch by security > bulletin number (MS03-???), and also by the Knowledge Base > article number which is used to identify and track the patch. > Many of the references you'll see in the press relate to > bulletin numbers. But when you go to install a patch, all > you'll see is the KB article number. Worse, there's also a > Knowledge Base article with a completely different number > that gives technical details on the hole and the fix. I > listed those KB article numbers at the bottom of each > security hole's description. It's a real mess. I hope this > kinda cuts through some of the obfuscation. > > > 2. MS03-035 / 824936 / 824934 > MS03-035: "Flaw in Microsoft Word Could Enable Macros to Run > Automatically" > > Patch for Word 2000: http://woodyswatch.com/kb?824936 > Patch for Word 2002 (Office XP): http://woodyswatch.com/kb?824934 > > The problem described in MS03-035 affects Word 97, 2000, and > 2002 (the version of Word in Office XP). It also affects > Works 2001, 2002 and 2003 because they all contain vulnerable > versions of Word. > > At this point, I don't know if it affects Word 2003, but > based on the way they handled the other patches (see below), > I'll bet Microsoft built the fix into Office 2003 before it > released the gold code. > > There are very few details online about this security hole, > although it sounds like the "flipped macro bit" hole that I > discussed more than two years ago in WOW 6.30 > (http://www.woodyswatch.com/office/archtemplate.asp?v6-n30 ). > In that earlier exploit, Steven McLeod discovered a way to > flip a single bit in a Word document, and have Word bypass > macro screening. It led to the first patch of Word 2002. > > According to MS's Web page, the particular problem in > MS03-035 was discovered by Jim Bassett. Jim reports, "I just > stumbled on the security hole by accident. A co-worker > (non-developer) made a Word template in an unusual way. I > noticed that new documents created from this template behaved > strangely. I investigated and discovered that when you create > a template in a particular manner, derived documents always > get past macro security. It happened on all versions of Word > including 2003 Beta." > > Jim reports that he first notified Microsoft in May, so it > took four months for this patch to appear. > > http://www.microsoft.com/technet/security/bulletin/MS03-035.asp > http://woodyswatch.com/kb?827653 > > > 3. MS03-036 / 824993 / 824938 > MS03-036: Buffer Overrun in WordPerfect Converter Could Allow > Code Execution > > Patch for Office 2000: http://woodyswatch.com/kb?824993 > Patch for Office XP: http://woodyswatch.com/kb?824938 > > This is a gaping security hole in the program that Word uses > to open WordPerfect-formatted documents. Because Internet > Explorer cranks up Word whenever it tries to open a .doc, IE > "inherits" the security hole from Word. (A bit ironic, > actually, when you think about how many times Outlook has > "inherited" security holes from IE and its HTML rendering engine.) > > It's a traditional buffer overflow problem: the WordPerfect > converter doesn't check to make sure that data coming in fits > inside the allocated area. As a result, a craftily concocted > WordPerfect document can blow away the converter, take over, > and start running any program the attacker likes. > > Microsoft lists the vulnerable programs as Office 97, 2000, > and XP, FrontPage 2000 and 2002, Publisher 2000 and 2002, and > Works 2001, 2002, and 2003. According to Microsoft, all of > those programs automatically install the faulty converter > (although I don't understand how the converter would be > invoked if Word isn't installed - oh well). > > No official word on whether it affects Office 2003, but when > you install Build 5604 of Office 2003 (the final Office 2003 > Build is 5612), you get the same "good" Word Converter file > mention in the Knowledge Base articles. Thus, it's highly > likely that Microsoft caught the problem and fixed it before > Office 2003 went gold. > > eEye Digital Security - the folks who have uncovered more > than a dozen security holes in Internet Explorer - caught > this one, too. They report that it's taken Microsoft four > months to plug the hole. > > http://www.microsoft.com/technet/security/bulletin/MS03-036.asp > http://woodyswatch.com/kb?827103 > http://www.eeye.com/html/Research/Advisories/AD20030903-1.html > > > 4. MS03-037 / 822035 / 822036 > MS03-037: Flaw in Visual Basic for Applications Could Allow > Arbitrary Code Execution > > Patch for Office 2000: http://woodyswatch.com/kb?822035 > Patch for Office XP: http://woodyswatch.com/kb?822036 > > This is the biggie. It's rated "critical" because you can get > infected by simply replying to or forwarding an infected > email message - assuming you use Word as your Email editor. > > Don't get me started. > > There's a buffer overflow problem with the VBA Editor (er, > the "Visual Basic Design Time Environment Library"). Yeah, > you read that right. > > Here's how it works. Say you open a .doc file with Word. One > early part of the process of opening a file involves Word > plucking off a bit of the file and handing it to the VBA > Editor (actually, handing it to the Visual Basic Design Time > Environment Library, VBE.DLL). In effect, to a first > approximation, Word asks the VBA Editor if VBA needs to be > loaded in order to take care of the file. And Word asks > VBE.DLL before it officially "opens" the file. > > That's when the problem occurs. If Word is tricked into > plucking off too much data (which is remarkably easy to do), > VBE.DLL gulps down the whole gob of data, chokes, and starts > running the data that's passed to it, as if it were a > program. If a bad guy jimmies a Word document so the plucked > off part is too long, and sticks a malicious program at the > point where VBE.DLL chokes and starts running the data as if > it were a program, you have a classic buffer overflow attack. > > A lot of people are confused because they think their macro > scanning anti-virus software should handle this sort of > problem. In short, it can't (at least, not in the way you > usually think of virus checkers working). Why? This initial > plucking and feeding to VBE.DLL occurs long before Word even > scans the document for macros, much less invokes the security > levels you've set, or calls your anti-virus package. > > That's why WordMail can get clobbered. If you try to reply to > or forward a message, WordMail plucks a string off the > message and hands it to VBE.DLL, asking VBA if it needs to be > loaded. If the string's too long, VBE.DLL can start running > whatever program the bad guy stuck at the end of the string. > Your anti-virus software will never even see the message. > > It's a helluva bad problem. > > As far as I can tell, anything and everything that uses > Visual Basic for Applications is vulnerable. As mentioned > earlier, that would include all of the 300-plus products made > by companies that paid to have VBA included with their > software. No doubt Corel and AutoCAD and a couple hundred > other vendors are a bit, uh, peeved at this point. > > Remarkably, Microsoft does NOT list Outlook in the MS03-037 > Security Bulletin lineup of afflicted products. That must be > an oversight. Outlook certainly does use VBA. I bet MS fixes > the KB article within minutes of reading this. > > Although there's no mention of Office 2003 in the Security > Bulletin or KB articles, when you install Office 2003 Build > 5604 (RTM is Build 5612), you get the "good" updated VBE6.DLL > discussed in KB articles 822035 and 822036. Apparently MS > fixed this hole before Office 2003 was released to manufacturing. > > eEye caught this one, too. It took Microsoft four months to > patch this hole. > > http://www.microsoft.com/technet/security/bulletin/MS03-037.asp > http://woodyswatch.com/kb?822715 > http://www.eeye.com/html/Research/Advisories/AD20030903-2.html > > > 5. MS03-038 / 826292 / 826293 > MS03-038 - Unchecked Buffer in Microsoft Access Snapshot > Viewer May Permit Code Execution > > Patch for Access 2000: http://woodyswatch.com/kb?826292 > Patch for Access 2002 (Office XP): http://woodyswatch.com/kb?826293 > > This is another buffer overflow bug. (Somebody remind me. > Didn't Microsoft perform a month-long security lockdown and > code review, specifically aimed at buffer overflows and other > common security holes, about a year ago? Hundreds of millions > of dollars, if memory serves. Hmmmmm...) > > The Access Snapshot Viewer is a program that lets you look at > a "snapshot" of an Access database. No, I've never used it, either. > > This particular security hole is susceptible to the same > "kill bit" problem that the old Office Web Components bug > encountered. I talked about the kill bit cat-and-mouse game > in WOW 7.40, > http://www.woodyswatch.com/OFFICE/archtemplate.asp?v7-n40 . > Basically, even if you download and apply the fix, it's still > possible for a really persistent cretin to undo your patch, > remotely, operating from a Web site you visit. As far as I > know, there aren't any good solutions to kill bit problems. > You just have to wait for the next Internet Explorer patch, > and apply it. > > And pray. > > Microsoft credits Oliver Lavery with finding this hole. I've > written to Oliver, and will let you know if he wants to add anything. > > http://www.microsoft.com/technet/security/bulletin/MS03-038.asp > http://woodyswatch.com/kb?827104 > > > 6. IF YOU HAVE OFFICE XP > I hate to do it, but I'm going to recommend that you go to > the Office Update site, > http://www.office.microsoft.com/ProductUpdates/default.aspx , > and apply whatever patches Microsoft may have for you. > > Why? Because there's working "exploit" code already posted on > the Web for MS03-036 and MS03-037. It won't be long before > somebody with a black hat figures out a way to use it. > > I've installed the patches on my own Office XP machines, and > nothing has fallen over yet. I've combed the newsgroups and > haven't heard any wailing or gnashing of teeth - although > many folks are skeptical of Office Update. (No, you *can't* > get these patches from Windows Update. You have to use Office Update.) > > If you want to download individual files, heaven help ya!, > the Administrative Update page with links to all the Office > XP update files is at > http://www.microsoft.com/office/ork/xp/journ/oxpupdte.htm . > You can also try following the instructions in the KB > articles I noted at the end of the discussion for each security hole. > > > 7. IF YOU HAVE OFFICE 2000 > See the above recommendation for Office XP. The only good way > I can figure to get all of the right patches (and there's a > bunch of them, especially if you have FrontPage or Publisher) > is via Office Update. > > Office 2000 (and 97) Administrative Updates (which is > Microsoft speak for "downloadable > patches") are listed at > http://www.microsoft.com/office/ork/xp/journ/o2kupdte.htm > > > 8. IF YOU HAVE OFFICE 97 AND/OR VISIO 2000 > Sez Microsoft: "A supported fix is now available from > Microsoft, but it is only intended to correct the problem > that is described in this article. Apply it only to computers > that are experiencing this specific problem." > > Of course, Microsoft doesn't provide you with enough > information to determine whether or not a specific PC is > experiencing the MS03-035 problem, in particular, but it > appears to me as if all Office 97 computers are vulnerable to > all four threats. > > Worse, if you wait until the 'specific problem' appears it > means you probably have been attacked in some way. > > Here's "Trustworthy Computing" in action - Microsoft is > recommending you do nothing until something bad happens. And > people wonder why I don't take Microsoft a face value. > > For MS03-035: Start at http://woodyswatch.com/kb?827647 and > follow the instructions to beg Microsoft for the patch. > > For MS03-036: Start at http://woodyswatch.com/kb?827656 and beg. > > For MS03-037: Start at http://woodyswatch.com/kb?822150 and > download and apply the generic VBA update. > > For MS03-038: You need to download the new Access Snapshot > Viewer at > http://www.microsoft.com/accessdev/articles/snapshot.htm?&gssnb=1 > > > WOODY's EMAIL ESSENTIALS - our new, free, newsletter, all > about email. WEE will give you news and tips on Outlook > Express - yes, finally a place for all those OE users to call > home. There'll also be advice on email etiquette, spam > prevention, email services and scams. Just click on this > link to join using the same email address as this issue of > WOW http://woodyswatch.com/email/subscribe.asp?cactus at cactus.dk > Or send a blank email to wee at woodyswatch.com > > > 9. THE GOOD POINT: ONE KUDOS FOR MICROSOFT > Somebody in Redmond decided, once again, that Office 97 > applications will be patched, even if Office 97 is, at least > theoretically, orphaned. > > That's the right decision to make, and I want to thank the > person or people who made it. > > It'd sure be nice if we didn't have to beg to get the > updates. But at least they're available. > > Hopefully some sanity will prevail and the patches will be > made available without going cap in hand to Microsoft. Well, > maybe not sanity so much as self-preservation as waves of > unhappy Office 97 / Visio 2000 user call Microsoft support. > > So far, the patches look stable. Let's all keep our fingers crossed. > > > 10. KEEP WOW ALIVE AND FREE > If you like the no-nonsense style you see in this newsletter > - the straight scoop, whether Microsoft likes it or not, > dished out in a way that won't put you to sleep - get one of my books! > > "Windows XP All-In-One Desk Reference For Dummies", Hungry Minds > http://www.woodyswatch.com/l.asp?0764515489 > > "Special Edition Using Microsoft Office XP" with Ed Bott, Que > http://www.woodyswatch.com/l.asp?0789725134 > > "Special Edition Using Microsoft Office 2000" with Ed Bott, Que > http://www.woodyswatch.com/l.asp?0789718421 > > "Woody Leonhard Teaches Office 2000", Que > http://www.woodyswatch.com/l.asp?0789718715 > > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > Website: http://www.databaseadvisors.com > > From Erwin.Craps at ithelps.be Sun Sep 7 10:15:32 2003 From: Erwin.Craps at ithelps.be (Erwin Craps) Date: Sun, 7 Sep 2003 17:15:32 +0200 Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates Message-ID: Because it has not been regression tested... Erwin Erwin Craps Zaakvoerder www.ithelps.be/jonathan This E-mail is confidential, may be legally privileged, and is for the intended recipient only. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and E-mail confirmation to the sender. IT Helps - I.T. Help Center *** Box Office Belgium & Luxembourg www.ithelps.be * www.boxoffice.be * www.stadleuven.be IT Helps bvba* ** Mercatorpad 3 ** 3000 Leuven IT Helps * Phone: +32 16 296 404 * Fax: +32 16 296 405 E-mail: Info at ithelps.be Box Office ** Fax: +32 16 296 406 ** Box Office E-mail: Staff at boxoffice.be -----Oorspronkelijk bericht----- Van: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] Namens Andy Lacey Verzonden: zondag 7 september 2003 14:07 Aan: 'Discussion of Hardware and Software issues' Onderwerp: RE: [AccessD] Re: [dba-Tech] Recent MS Security Updates Thanks Gustav I obviously have to beg MS for the patch. What a PITA! Why the hell can't they make it downloadable like the others? Andy > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Gustav Brock > Sent: 06 September 2003 16:42 > To: Discussion of Hardware and Software issues > Cc: accessd at databaseadvisors.com > Subject: Re: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > Oops, some cannot see the attachment. > > I can highly recommend this newsletter. > > /gustav > > > > I think you have hit same dead end as have Woody in paragraph 8 ... > > > > --==>> WOW -- WOODY's OFFICE WATCH <<==-- > Microsoft Office advice and news from Woody Leonhard > 4 September 2003 Vol 8 No 35 > > > Within the past 12 hours, Microsoft released four Security > Bulletins for Office products. This is our "rapid response" > WOW to the flurry of activity. There are good points, bad > points, at least one gotcha, and a host of unanswered > questions, but the bottom line is that I recommend you > install all the patches, immediately. > > Please pass this edition of WOW along to your friends, > family, co-workers - even that weird guy in the cubicle > across from you. It's important. It's complicated, too, as > you'll soon see. > > Anyone can join WOW, it's free and your email address is > private. Hop to http://woodyswatch.com/wow/ or send a blank > email to wow at woodyswatch.com > > > 1. What Happened > 2. MS03-035 / 824936 / 824934 > 3. MS03-036 / 824993 / 824938 > 4. MS03-037 / 822035 / 822036 > 5. MS03-038 / 826292 / 826293 > 6. If You Have Office XP > 7. If You Have Office 2000 > 8. If You Have Office 97 and/or Visio 2000 > 9. The Good Point: One Kudos for Microsoft > 10. Keep WOW Alive and Free > > > 1. WHAT HAPPENED > Microsoft has just released four security patches: three > rated "Important" and one "Critical". I recommend that you > install them all right away, but read the specific > instructions below first. > > No matter which version of Office or which Office products > you use (including Access), you need to patch your PC. You > also need to patch your PC if you have FrontPage 2000 or > 2002, Project 2000 or 2002, Publisher 2002, Visio 2000 or > 2002, Works 2001, 2002, or 2003, or several of the "MS > Business Solutions" products. > > VBA is a big part of this round of security fixes, and many, > many applications run VBA. Folks who own any of the 300 > products listed at http://msdn.microsoft.com/vba/companies/company.asp > (including AutoCAD, CorelDRAW, WordPerfect, Peachtree, and > many more) will undoubtedly be receiving instructions to > patch their systems, too. It would be a good idea to wait > until the manufacturer contacts you, or to keep an eye on the > manufacturer's Web site. The patching instructions for each > product may vary a bit. Good luck. > > > In the headings below, I've identified each patch by security > bulletin number (MS03-???), and also by the Knowledge Base > article number which is used to identify and track the patch. > Many of the references you'll see in the press relate to > bulletin numbers. But when you go to install a patch, all > you'll see is the KB article number. Worse, there's also a > Knowledge Base article with a completely different number > that gives technical details on the hole and the fix. I > listed those KB article numbers at the bottom of each > security hole's description. It's a real mess. I hope this > kinda cuts through some of the obfuscation. > > > 2. MS03-035 / 824936 / 824934 > MS03-035: "Flaw in Microsoft Word Could Enable Macros to Run > Automatically" > > Patch for Word 2000: http://woodyswatch.com/kb?824936 > Patch for Word 2002 (Office XP): http://woodyswatch.com/kb?824934 > > The problem described in MS03-035 affects Word 97, 2000, and > 2002 (the version of Word in Office XP). It also affects > Works 2001, 2002 and 2003 because they all contain vulnerable > versions of Word. > > At this point, I don't know if it affects Word 2003, but > based on the way they handled the other patches (see below), > I'll bet Microsoft built the fix into Office 2003 before it > released the gold code. > > There are very few details online about this security hole, > although it sounds like the "flipped macro bit" hole that I > discussed more than two years ago in WOW 6.30 > (http://www.woodyswatch.com/office/archtemplate.asp?v6-n30 ). > In that earlier exploit, Steven McLeod discovered a way to > flip a single bit in a Word document, and have Word bypass > macro screening. It led to the first patch of Word 2002. > > According to MS's Web page, the particular problem in > MS03-035 was discovered by Jim Bassett. Jim reports, "I just > stumbled on the security hole by accident. A co-worker > (non-developer) made a Word template in an unusual way. I > noticed that new documents created from this template behaved > strangely. I investigated and discovered that when you create > a template in a particular manner, derived documents always > get past macro security. It happened on all versions of Word > including 2003 Beta." > > Jim reports that he first notified Microsoft in May, so it > took four months for this patch to appear. > > http://www.microsoft.com/technet/security/bulletin/MS03-035.asp > http://woodyswatch.com/kb?827653 > > > 3. MS03-036 / 824993 / 824938 > MS03-036: Buffer Overrun in WordPerfect Converter Could Allow > Code Execution > > Patch for Office 2000: http://woodyswatch.com/kb?824993 > Patch for Office XP: http://woodyswatch.com/kb?824938 > > This is a gaping security hole in the program that Word uses > to open WordPerfect-formatted documents. Because Internet > Explorer cranks up Word whenever it tries to open a .doc, IE > "inherits" the security hole from Word. (A bit ironic, > actually, when you think about how many times Outlook has > "inherited" security holes from IE and its HTML rendering engine.) > > It's a traditional buffer overflow problem: the WordPerfect > converter doesn't check to make sure that data coming in fits > inside the allocated area. As a result, a craftily concocted > WordPerfect document can blow away the converter, take over, > and start running any program the attacker likes. > > Microsoft lists the vulnerable programs as Office 97, 2000, > and XP, FrontPage 2000 and 2002, Publisher 2000 and 2002, and > Works 2001, 2002, and 2003. According to Microsoft, all of > those programs automatically install the faulty converter > (although I don't understand how the converter would be > invoked if Word isn't installed - oh well). > > No official word on whether it affects Office 2003, but when > you install Build 5604 of Office 2003 (the final Office 2003 > Build is 5612), you get the same "good" Word Converter file > mention in the Knowledge Base articles. Thus, it's highly > likely that Microsoft caught the problem and fixed it before > Office 2003 went gold. > > eEye Digital Security - the folks who have uncovered more > than a dozen security holes in Internet Explorer - caught > this one, too. They report that it's taken Microsoft four > months to plug the hole. > > http://www.microsoft.com/technet/security/bulletin/MS03-036.asp > http://woodyswatch.com/kb?827103 > http://www.eeye.com/html/Research/Advisories/AD20030903-1.html > > > 4. MS03-037 / 822035 / 822036 > MS03-037: Flaw in Visual Basic for Applications Could Allow > Arbitrary Code Execution > > Patch for Office 2000: http://woodyswatch.com/kb?822035 > Patch for Office XP: http://woodyswatch.com/kb?822036 > > This is the biggie. It's rated "critical" because you can get > infected by simply replying to or forwarding an infected > email message - assuming you use Word as your Email editor. > > Don't get me started. > > There's a buffer overflow problem with the VBA Editor (er, > the "Visual Basic Design Time Environment Library"). Yeah, > you read that right. > > Here's how it works. Say you open a .doc file with Word. One > early part of the process of opening a file involves Word > plucking off a bit of the file and handing it to the VBA > Editor (actually, handing it to the Visual Basic Design Time > Environment Library, VBE.DLL). In effect, to a first > approximation, Word asks the VBA Editor if VBA needs to be > loaded in order to take care of the file. And Word asks > VBE.DLL before it officially "opens" the file. > > That's when the problem occurs. If Word is tricked into > plucking off too much data (which is remarkably easy to do), > VBE.DLL gulps down the whole gob of data, chokes, and starts > running the data that's passed to it, as if it were a > program. If a bad guy jimmies a Word document so the plucked > off part is too long, and sticks a malicious program at the > point where VBE.DLL chokes and starts running the data as if > it were a program, you have a classic buffer overflow attack. > > A lot of people are confused because they think their macro > scanning anti-virus software should handle this sort of > problem. In short, it can't (at least, not in the way you > usually think of virus checkers working). Why? This initial > plucking and feeding to VBE.DLL occurs long before Word even > scans the document for macros, much less invokes the security > levels you've set, or calls your anti-virus package. > > That's why WordMail can get clobbered. If you try to reply to > or forward a message, WordMail plucks a string off the > message and hands it to VBE.DLL, asking VBA if it needs to be > loaded. If the string's too long, VBE.DLL can start running > whatever program the bad guy stuck at the end of the string. > Your anti-virus software will never even see the message. > > It's a helluva bad problem. > > As far as I can tell, anything and everything that uses > Visual Basic for Applications is vulnerable. As mentioned > earlier, that would include all of the 300-plus products made > by companies that paid to have VBA included with their > software. No doubt Corel and AutoCAD and a couple hundred > other vendors are a bit, uh, peeved at this point. > > Remarkably, Microsoft does NOT list Outlook in the MS03-037 > Security Bulletin lineup of afflicted products. That must be > an oversight. Outlook certainly does use VBA. I bet MS fixes > the KB article within minutes of reading this. > > Although there's no mention of Office 2003 in the Security > Bulletin or KB articles, when you install Office 2003 Build > 5604 (RTM is Build 5612), you get the "good" updated VBE6.DLL > discussed in KB articles 822035 and 822036. Apparently MS > fixed this hole before Office 2003 was released to manufacturing. > > eEye caught this one, too. It took Microsoft four months to > patch this hole. > > http://www.microsoft.com/technet/security/bulletin/MS03-037.asp > http://woodyswatch.com/kb?822715 > http://www.eeye.com/html/Research/Advisories/AD20030903-2.html > > > 5. MS03-038 / 826292 / 826293 > MS03-038 - Unchecked Buffer in Microsoft Access Snapshot > Viewer May Permit Code Execution > > Patch for Access 2000: http://woodyswatch.com/kb?826292 > Patch for Access 2002 (Office XP): http://woodyswatch.com/kb?826293 > > This is another buffer overflow bug. (Somebody remind me. > Didn't Microsoft perform a month-long security lockdown and > code review, specifically aimed at buffer overflows and other > common security holes, about a year ago? Hundreds of millions > of dollars, if memory serves. Hmmmmm...) > > The Access Snapshot Viewer is a program that lets you look at > a "snapshot" of an Access database. No, I've never used it, either. > > This particular security hole is susceptible to the same > "kill bit" problem that the old Office Web Components bug > encountered. I talked about the kill bit cat-and-mouse game > in WOW 7.40, > http://www.woodyswatch.com/OFFICE/archtemplate.asp?v7-n40 . > Basically, even if you download and apply the fix, it's still > possible for a really persistent cretin to undo your patch, > remotely, operating from a Web site you visit. As far as I > know, there aren't any good solutions to kill bit problems. > You just have to wait for the next Internet Explorer patch, > and apply it. > > And pray. > > Microsoft credits Oliver Lavery with finding this hole. I've > written to Oliver, and will let you know if he wants to add anything. > > http://www.microsoft.com/technet/security/bulletin/MS03-038.asp > http://woodyswatch.com/kb?827104 > > > 6. IF YOU HAVE OFFICE XP > I hate to do it, but I'm going to recommend that you go to > the Office Update site, > http://www.office.microsoft.com/ProductUpdates/default.aspx , > and apply whatever patches Microsoft may have for you. > > Why? Because there's working "exploit" code already posted on > the Web for MS03-036 and MS03-037. It won't be long before > somebody with a black hat figures out a way to use it. > > I've installed the patches on my own Office XP machines, and > nothing has fallen over yet. I've combed the newsgroups and > haven't heard any wailing or gnashing of teeth - although > many folks are skeptical of Office Update. (No, you *can't* > get these patches from Windows Update. You have to use Office Update.) > > If you want to download individual files, heaven help ya!, > the Administrative Update page with links to all the Office > XP update files is at > http://www.microsoft.com/office/ork/xp/journ/oxpupdte.htm . > You can also try following the instructions in the KB > articles I noted at the end of the discussion for each security hole. > > > 7. IF YOU HAVE OFFICE 2000 > See the above recommendation for Office XP. The only good way > I can figure to get all of the right patches (and there's a > bunch of them, especially if you have FrontPage or Publisher) > is via Office Update. > > Office 2000 (and 97) Administrative Updates (which is > Microsoft speak for "downloadable > patches") are listed at > http://www.microsoft.com/office/ork/xp/journ/o2kupdte.htm > > > 8. IF YOU HAVE OFFICE 97 AND/OR VISIO 2000 > Sez Microsoft: "A supported fix is now available from > Microsoft, but it is only intended to correct the problem > that is described in this article. Apply it only to computers > that are experiencing this specific problem." > > Of course, Microsoft doesn't provide you with enough > information to determine whether or not a specific PC is > experiencing the MS03-035 problem, in particular, but it > appears to me as if all Office 97 computers are vulnerable to > all four threats. > > Worse, if you wait until the 'specific problem' appears it > means you probably have been attacked in some way. > > Here's "Trustworthy Computing" in action - Microsoft is > recommending you do nothing until something bad happens. And > people wonder why I don't take Microsoft a face value. > > For MS03-035: Start at http://woodyswatch.com/kb?827647 and > follow the instructions to beg Microsoft for the patch. > > For MS03-036: Start at http://woodyswatch.com/kb?827656 and beg. > > For MS03-037: Start at http://woodyswatch.com/kb?822150 and > download and apply the generic VBA update. > > For MS03-038: You need to download the new Access Snapshot > Viewer at > http://www.microsoft.com/accessdev/articles/snapshot.htm?&gssnb=1 > > > WOODY's EMAIL ESSENTIALS - our new, free, newsletter, all > about email. WEE will give you news and tips on Outlook > Express - yes, finally a place for all those OE users to call > home. There'll also be advice on email etiquette, spam > prevention, email services and scams. Just click on this > link to join using the same email address as this issue of > WOW http://woodyswatch.com/email/subscribe.asp?cactus at cactus.dk > Or send a blank email to wee at woodyswatch.com > > > 9. THE GOOD POINT: ONE KUDOS FOR MICROSOFT > Somebody in Redmond decided, once again, that Office 97 > applications will be patched, even if Office 97 is, at least > theoretically, orphaned. > > That's the right decision to make, and I want to thank the > person or people who made it. > > It'd sure be nice if we didn't have to beg to get the > updates. But at least they're available. > > Hopefully some sanity will prevail and the patches will be > made available without going cap in hand to Microsoft. Well, > maybe not sanity so much as self-preservation as waves of > unhappy Office 97 / Visio 2000 user call Microsoft support. > > So far, the patches look stable. Let's all keep our fingers crossed. > > > 10. KEEP WOW ALIVE AND FREE > If you like the no-nonsense style you see in this newsletter > - the straight scoop, whether Microsoft likes it or not, > dished out in a way that won't put you to sleep - get one of my books! > > "Windows XP All-In-One Desk Reference For Dummies", Hungry Minds > http://www.woodyswatch.com/l.asp?0764515489 > > "Special Edition Using Microsoft Office XP" with Ed Bott, Que > http://www.woodyswatch.com/l.asp?0789725134 > > "Special Edition Using Microsoft Office 2000" with Ed Bott, Que > http://www.woodyswatch.com/l.asp?0789718421 > > "Woody Leonhard Teaches Office 2000", Que > http://www.woodyswatch.com/l.asp?0789718715 > > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > Website: http://www.databaseadvisors.com > > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From andy at minstersystems.co.uk Sun Sep 7 11:30:30 2003 From: andy at minstersystems.co.uk (Andy Lacey) Date: Sun, 7 Sep 2003 17:30:30 +0100 Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates In-Reply-To: Message-ID: <00d201c3755d$5a8d16b0$b274d0d5@minster33c3r25> That's heartening :-( Andy > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Erwin Craps > Sent: 07 September 2003 16:16 > To: Discussion of Hardware and Software issues > Subject: RE: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > Because it has not been regression tested... > Erwin > > > > Erwin Craps > > Zaakvoerder > > www.ithelps.be/jonathan > > > > This E-mail is confidential, may be legally privileged, and > is for the intended recipient only. Access, disclosure, > copying, distribution, or reliance on any of it by anyone > else is prohibited and may be a criminal offence. Please > delete if obtained in error and E-mail confirmation to the sender. > > IT Helps - I.T. Help Center *** Box Office Belgium & Luxembourg > > www.ithelps.be * www.boxoffice.be * www.stadleuven.be > > IT Helps bvba* ** Mercatorpad 3 ** 3000 Leuven > > IT Helps * Phone: +32 16 296 404 * Fax: +32 16 296 405 > E-mail: Info at ithelps.be > > Box Office ** Fax: +32 16 296 406 ** Box Office E-mail: > Staff at boxoffice.be > > > > -----Oorspronkelijk bericht----- > Van: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] Namens Andy Lacey > Verzonden: zondag 7 september 2003 14:07 > Aan: 'Discussion of Hardware and Software issues' > Onderwerp: RE: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > Thanks Gustav > I obviously have to beg MS for the patch. What a PITA! Why > the hell can't they make it downloadable like the others? > > Andy > > > -----Original Message----- > > From: dba-tech-bounces at databaseadvisors.com > > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > > Gustav Brock > > Sent: 06 September 2003 16:42 > > To: Discussion of Hardware and Software issues > > Cc: accessd at databaseadvisors.com > > Subject: Re: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > > > > Oops, some cannot see the attachment. > > > > I can highly recommend this newsletter. > > > > /gustav > > > > > > > I think you have hit same dead end as have Woody in > paragraph 8 ... > > > > > > > > --==>> WOW -- WOODY's OFFICE WATCH <<==-- > > Microsoft Office advice and news from Woody Leonhard > > 4 September 2003 Vol 8 No 35 > > > > > > Within the past 12 hours, Microsoft released four Security > Bulletins > > for Office products. This is our "rapid response" WOW to > the flurry of > > activity. There are good points, bad points, at least one > gotcha, and > > a host of unanswered questions, but the bottom line is that I > > recommend you install all the patches, immediately. > > > > Please pass this edition of WOW along to your friends, family, > > co-workers - even that weird guy in the cubicle across from > you. It's > > important. It's complicated, too, as you'll soon see. > > > > Anyone can join WOW, it's free and your email address is > private. Hop > > to http://woodyswatch.com/wow/ or send a blank email to > > wow at woodyswatch.com > > > > > > 1. What Happened > > 2. MS03-035 / 824936 / 824934 > > 3. MS03-036 / 824993 / 824938 > > 4. MS03-037 / 822035 / 822036 > > 5. MS03-038 / 826292 / 826293 > > 6. If You Have Office XP > > 7. If You Have Office 2000 > > 8. If You Have Office 97 and/or Visio 2000 > > 9. The Good Point: One Kudos for Microsoft > > 10. Keep WOW Alive and Free > > > > > > 1. WHAT HAPPENED > > Microsoft has just released four security patches: three rated > > "Important" and one "Critical". I recommend that you > install them all > > right away, but read the specific instructions below first. > > > > No matter which version of Office or which Office products you use > > (including Access), you need to patch your PC. You also > need to patch > > your PC if you have FrontPage 2000 or 2002, Project 2000 or 2002, > > Publisher 2002, Visio 2000 or 2002, Works 2001, 2002, or 2003, or > > several of the "MS Business Solutions" products. > > > > VBA is a big part of this round of security fixes, and many, many > > applications run VBA. Folks who own any of the 300 products > listed at > > http://msdn.microsoft.com/vba/companies/company.asp > > (including AutoCAD, CorelDRAW, WordPerfect, Peachtree, and > > many more) will undoubtedly be receiving instructions to > > patch their systems, too. It would be a good idea to wait > > until the manufacturer contacts you, or to keep an eye on the > > manufacturer's Web site. The patching instructions for each > > product may vary a bit. Good luck. > > > > > > In the headings below, I've identified each patch by > security bulletin > > number (MS03-???), and also by the Knowledge Base article > number which > > is used to identify and track the patch. Many of the > references you'll > > see in the press relate to bulletin numbers. But when you go to > > install a patch, all you'll see is the KB article number. Worse, > > there's also a Knowledge Base article with a completely different > > number that gives technical details on the hole and the fix. I > > listed those KB article numbers at the bottom of each > > security hole's description. It's a real mess. I hope this > > kinda cuts through some of the obfuscation. > > > > > > 2. MS03-035 / 824936 / 824934 > > MS03-035: "Flaw in Microsoft Word Could Enable Macros to Run > > Automatically" > > > > Patch for Word 2000: http://woodyswatch.com/kb?824936 > > Patch for Word 2002 (Office XP): http://woodyswatch.com/kb?824934 > > > > The problem described in MS03-035 affects Word 97, 2000, and > > 2002 (the version of Word in Office XP). It also affects > > Works 2001, 2002 and 2003 because they all contain vulnerable > > versions of Word. > > > > At this point, I don't know if it affects Word 2003, but > > based on the way they handled the other patches (see below), > > I'll bet Microsoft built the fix into Office 2003 before it > > released the gold code. > > > > There are very few details online about this security hole, > > although it sounds like the "flipped macro bit" hole that I > > discussed more than two years ago in WOW 6.30 > > (http://www.woodyswatch.com/office/archtemplate.asp?v6-n30 ). > > In that earlier exploit, Steven McLeod discovered a way to > > flip a single bit in a Word document, and have Word bypass > > macro screening. It led to the first patch of Word 2002. > > > > According to MS's Web page, the particular problem in > > MS03-035 was discovered by Jim Bassett. Jim reports, "I just > > stumbled on the security hole by accident. A co-worker > > (non-developer) made a Word template in an unusual way. I > > noticed that new documents created from this template behaved > > strangely. I investigated and discovered that when you create > > a template in a particular manner, derived documents always > > get past macro security. It happened on all versions of Word > > including 2003 Beta." > > > > Jim reports that he first notified Microsoft in May, so it > > took four months for this patch to appear. > > > > http://www.microsoft.com/technet/security/bulletin/MS03-035.asp > > http://woodyswatch.com/kb?827653 > > > > > > 3. MS03-036 / 824993 / 824938 > > MS03-036: Buffer Overrun in WordPerfect Converter Could Allow > > Code Execution > > > > Patch for Office 2000: http://woodyswatch.com/kb?824993 > > Patch for Office XP: http://woodyswatch.com/kb?824938 > > > > This is a gaping security hole in the program that Word uses > > to open WordPerfect-formatted documents. Because Internet > > Explorer cranks up Word whenever it tries to open a .doc, IE > > "inherits" the security hole from Word. (A bit ironic, > > actually, when you think about how many times Outlook has > > "inherited" security holes from IE and its HTML rendering engine.) > > > > It's a traditional buffer overflow problem: the WordPerfect > > converter doesn't check to make sure that data coming in fits > > inside the allocated area. As a result, a craftily concocted > > WordPerfect document can blow away the converter, take over, > > and start running any program the attacker likes. > > > > Microsoft lists the vulnerable programs as Office 97, 2000, > > and XP, FrontPage 2000 and 2002, Publisher 2000 and 2002, and > > Works 2001, 2002, and 2003. According to Microsoft, all of > > those programs automatically install the faulty converter > > (although I don't understand how the converter would be > > invoked if Word isn't installed - oh well). > > > > No official word on whether it affects Office 2003, but when > > you install Build 5604 of Office 2003 (the final Office 2003 > > Build is 5612), you get the same "good" Word Converter file > > mention in the Knowledge Base articles. Thus, it's highly > > likely that Microsoft caught the problem and fixed it before > > Office 2003 went gold. > > > > eEye Digital Security - the folks who have uncovered more > > than a dozen security holes in Internet Explorer - caught > > this one, too. They report that it's taken Microsoft four > > months to plug the hole. > > > > http://www.microsoft.com/technet/security/bulletin/MS03-036.asp > > http://woodyswatch.com/kb?827103 > > http://www.eeye.com/html/Research/Advisories/AD20030903-1.html > > > > > > 4. MS03-037 / 822035 / 822036 > > MS03-037: Flaw in Visual Basic for Applications Could Allow > > Arbitrary Code Execution > > > > Patch for Office 2000: http://woodyswatch.com/kb?822035 > > Patch for Office XP: http://woodyswatch.com/kb?822036 > > > > This is the biggie. It's rated "critical" because you can get > > infected by simply replying to or forwarding an infected > > email message - assuming you use Word as your Email editor. > > > > Don't get me started. > > > > There's a buffer overflow problem with the VBA Editor (er, > > the "Visual Basic Design Time Environment Library"). Yeah, > > you read that right. > > > > Here's how it works. Say you open a .doc file with Word. One > > early part of the process of opening a file involves Word > > plucking off a bit of the file and handing it to the VBA > > Editor (actually, handing it to the Visual Basic Design Time > > Environment Library, VBE.DLL). In effect, to a first > > approximation, Word asks the VBA Editor if VBA needs to be > > loaded in order to take care of the file. And Word asks > > VBE.DLL before it officially "opens" the file. > > > > That's when the problem occurs. If Word is tricked into > > plucking off too much data (which is remarkably easy to do), > > VBE.DLL gulps down the whole gob of data, chokes, and starts > > running the data that's passed to it, as if it were a > > program. If a bad guy jimmies a Word document so the plucked > > off part is too long, and sticks a malicious program at the > > point where VBE.DLL chokes and starts running the data as if > > it were a program, you have a classic buffer overflow attack. > > > > A lot of people are confused because they think their macro > > scanning anti-virus software should handle this sort of > > problem. In short, it can't (at least, not in the way you > > usually think of virus checkers working). Why? This initial > > plucking and feeding to VBE.DLL occurs long before Word even > > scans the document for macros, much less invokes the security > > levels you've set, or calls your anti-virus package. > > > > That's why WordMail can get clobbered. If you try to reply to > > or forward a message, WordMail plucks a string off the > > message and hands it to VBE.DLL, asking VBA if it needs to be > > loaded. If the string's too long, VBE.DLL can start running > > whatever program the bad guy stuck at the end of the string. > > Your anti-virus software will never even see the message. > > > > It's a helluva bad problem. > > > > As far as I can tell, anything and everything that uses > > Visual Basic for Applications is vulnerable. As mentioned > > earlier, that would include all of the 300-plus products made > > by companies that paid to have VBA included with their > > software. No doubt Corel and AutoCAD and a couple hundred > > other vendors are a bit, uh, peeved at this point. > > > > Remarkably, Microsoft does NOT list Outlook in the MS03-037 > > Security Bulletin lineup of afflicted products. That must be > > an oversight. Outlook certainly does use VBA. I bet MS fixes > > the KB article within minutes of reading this. > > > > Although there's no mention of Office 2003 in the Security > > Bulletin or KB articles, when you install Office 2003 Build > > 5604 (RTM is Build 5612), you get the "good" updated VBE6.DLL > > discussed in KB articles 822035 and 822036. Apparently MS > > fixed this hole before Office 2003 was released to manufacturing. > > > > eEye caught this one, too. It took Microsoft four months to > > patch this hole. > > > > http://www.microsoft.com/technet/security/bulletin/MS03-037.asp > > http://woodyswatch.com/kb?822715 > > http://www.eeye.com/html/Research/Advisories/AD20030903-2.html > > > > > > 5. MS03-038 / 826292 / 826293 > > MS03-038 - Unchecked Buffer in Microsoft Access Snapshot > > Viewer May Permit Code Execution > > > > Patch for Access 2000: http://woodyswatch.com/kb?826292 > > Patch for Access 2002 (Office XP): http://woodyswatch.com/kb?826293 > > > > This is another buffer overflow bug. (Somebody remind me. > > Didn't Microsoft perform a month-long security lockdown and > > code review, specifically aimed at buffer overflows and other > > common security holes, about a year ago? Hundreds of millions > > of dollars, if memory serves. Hmmmmm...) > > > > The Access Snapshot Viewer is a program that lets you look at > > a "snapshot" of an Access database. No, I've never used it, either. > > > > This particular security hole is susceptible to the same > > "kill bit" problem that the old Office Web Components bug > > encountered. I talked about the kill bit cat-and-mouse game > > in WOW 7.40, > > http://www.woodyswatch.com/OFFICE/archtemplate.asp?v7-n40 . > > Basically, even if you download and apply the fix, it's still > > possible for a really persistent cretin to undo your patch, > > remotely, operating from a Web site you visit. As far as I > > know, there aren't any good solutions to kill bit problems. > > You just have to wait for the next Internet Explorer patch, > > and apply it. > > > > And pray. > > > > Microsoft credits Oliver Lavery with finding this hole. I've > > written to Oliver, and will let you know if he wants to add > anything. > > > > http://www.microsoft.com/technet/security/bulletin/MS03-038.asp > > http://woodyswatch.com/kb?827104 > > > > > > 6. IF YOU HAVE OFFICE XP > > I hate to do it, but I'm going to recommend that you go to > > the Office Update site, > > http://www.office.microsoft.com/ProductUpdates/default.aspx , > > and apply whatever patches Microsoft may have for you. > > > > Why? Because there's working "exploit" code already posted on > > the Web for MS03-036 and MS03-037. It won't be long before > > somebody with a black hat figures out a way to use it. > > > > I've installed the patches on my own Office XP machines, and > > nothing has fallen over yet. I've combed the newsgroups and > > haven't heard any wailing or gnashing of teeth - although > > many folks are skeptical of Office Update. (No, you *can't* > > get these patches from Windows Update. You have to use > Office Update.) > > > > If you want to download individual files, heaven help ya!, > > the Administrative Update page with links to all the Office > > XP update files is at > > http://www.microsoft.com/office/ork/xp/journ/oxpupdte.htm . > > You can also try following the instructions in the KB > > articles I noted at the end of the discussion for each > security hole. > > > > > > 7. IF YOU HAVE OFFICE 2000 > > See the above recommendation for Office XP. The only good way > > I can figure to get all of the right patches (and there's a > > bunch of them, especially if you have FrontPage or Publisher) > > is via Office Update. > > > > Office 2000 (and 97) Administrative Updates (which is > > Microsoft speak for "downloadable > > patches") are listed at > > http://www.microsoft.com/office/ork/xp/journ/o2kupdte.htm > > > > > > 8. IF YOU HAVE OFFICE 97 AND/OR VISIO 2000 > > Sez Microsoft: "A supported fix is now available from > > Microsoft, but it is only intended to correct the problem > > that is described in this article. Apply it only to computers > > that are experiencing this specific problem." > > > > Of course, Microsoft doesn't provide you with enough > > information to determine whether or not a specific PC is > > experiencing the MS03-035 problem, in particular, but it > > appears to me as if all Office 97 computers are vulnerable to > > all four threats. > > > > Worse, if you wait until the 'specific problem' appears it > > means you probably have been attacked in some way. > > > > Here's "Trustworthy Computing" in action - Microsoft is > > recommending you do nothing until something bad happens. And > > people wonder why I don't take Microsoft a face value. > > > > For MS03-035: Start at http://woodyswatch.com/kb?827647 and > > follow the instructions to beg Microsoft for the patch. > > > > For MS03-036: Start at http://woodyswatch.com/kb?827656 and beg. > > > > For MS03-037: Start at http://woodyswatch.com/kb?822150 and > > download and apply the generic VBA update. > > > > For MS03-038: You need to download the new Access Snapshot > > Viewer at > > http://www.microsoft.com/accessdev/articles/snapshot.htm?&gssnb=1 > > > > > > WOODY's EMAIL ESSENTIALS - our new, free, newsletter, all > > about email. WEE will give you news and tips on Outlook > > Express - yes, finally a place for all those OE users to call > > home. There'll also be advice on email etiquette, spam > > prevention, email services and scams. Just click on this > > link to join using the same email address as this issue of > > WOW http://woodyswatch.com/email/subscribe.asp?cactus at cactus.dk > > Or send a blank email to wee at woodyswatch.com > > > > > > 9. THE GOOD POINT: ONE KUDOS FOR MICROSOFT > > Somebody in Redmond decided, once again, that Office 97 > > applications will be patched, even if Office 97 is, at least > > theoretically, orphaned. > > > > That's the right decision to make, and I want to thank the > > person or people who made it. > > > > It'd sure be nice if we didn't have to beg to get the > > updates. But at least they're available. > > > > Hopefully some sanity will prevail and the patches will be > > made available without going cap in hand to Microsoft. Well, > > maybe not sanity so much as self-preservation as waves of > > unhappy Office 97 / Visio 2000 user call Microsoft support. > > > > So far, the patches look stable. Let's all keep our fingers crossed. > > > > > > 10. KEEP WOW ALIVE AND FREE > > If you like the no-nonsense style you see in this newsletter > > - the straight scoop, whether Microsoft likes it or not, > > dished out in a way that won't put you to sleep - get one > of my books! > > > > "Windows XP All-In-One Desk Reference For Dummies", Hungry Minds > > http://www.woodyswatch.com/l.asp?0764515489 > > > > "Special Edition Using Microsoft Office XP" with Ed Bott, Que > > http://www.woodyswatch.com/l.asp?0789725134 > > > > "Special Edition Using Microsoft Office 2000" with Ed Bott, Que > > http://www.woodyswatch.com/l.asp?0789718421 > > > > "Woody Leonhard Teaches Office 2000", Que > > http://www.woodyswatch.com/l.asp?0789718715 > > > > > > > > > > _______________________________________________ > > dba-Tech mailing list > > dba-Tech at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > > > Website: http://www.databaseadvisors.com > > > > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From Erwin.Craps at ithelps.be Mon Sep 8 00:39:46 2003 From: Erwin.Craps at ithelps.be (Erwin Craps) Date: Mon, 8 Sep 2003 07:39:46 +0200 Subject: [AccessD] Re: [dba-Tech] Recent MS Security Updates Message-ID: I know, I know And I find my self calling more and more to get these fixes out of necessetay... About a year ago I ignored those fixes. Erwin Craps Zaakvoerder www.ithelps.be/jonathan This E-mail is confidential, may be legally privileged, and is for the intended recipient only. Access, disclosure, copying, distribution, or reliance on any of it by anyone else is prohibited and may be a criminal offence. Please delete if obtained in error and E-mail confirmation to the sender. IT Helps - I.T. Help Center *** Box Office Belgium & Luxembourg www.ithelps.be * www.boxoffice.be * www.stadleuven.be IT Helps bvba* ** Mercatorpad 3 ** 3000 Leuven IT Helps * Phone: +32 16 296 404 * Fax: +32 16 296 405 E-mail: Info at ithelps.be Box Office ** Fax: +32 16 296 406 ** Box Office E-mail: Staff at boxoffice.be -----Oorspronkelijk bericht----- Van: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] Namens Andy Lacey Verzonden: zondag 7 september 2003 18:31 Aan: 'Discussion of Hardware and Software issues' Onderwerp: RE: [AccessD] Re: [dba-Tech] Recent MS Security Updates That's heartening :-( Andy > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Erwin Craps > Sent: 07 September 2003 16:16 > To: Discussion of Hardware and Software issues > Subject: RE: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > Because it has not been regression tested... > Erwin > > > > Erwin Craps > > Zaakvoerder > > www.ithelps.be/jonathan > > > > This E-mail is confidential, may be legally privileged, and > is for the intended recipient only. Access, disclosure, > copying, distribution, or reliance on any of it by anyone > else is prohibited and may be a criminal offence. Please > delete if obtained in error and E-mail confirmation to the sender. > > IT Helps - I.T. Help Center *** Box Office Belgium & Luxembourg > > www.ithelps.be * www.boxoffice.be * www.stadleuven.be > > IT Helps bvba* ** Mercatorpad 3 ** 3000 Leuven > > IT Helps * Phone: +32 16 296 404 * Fax: +32 16 296 405 > E-mail: Info at ithelps.be > > Box Office ** Fax: +32 16 296 406 ** Box Office E-mail: > Staff at boxoffice.be > > > > -----Oorspronkelijk bericht----- > Van: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] Namens Andy Lacey > Verzonden: zondag 7 september 2003 14:07 > Aan: 'Discussion of Hardware and Software issues' > Onderwerp: RE: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > Thanks Gustav > I obviously have to beg MS for the patch. What a PITA! Why > the hell can't they make it downloadable like the others? > > Andy > > > -----Original Message----- > > From: dba-tech-bounces at databaseadvisors.com > > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Gustav > > Brock > > Sent: 06 September 2003 16:42 > > To: Discussion of Hardware and Software issues > > Cc: accessd at databaseadvisors.com > > Subject: Re: [AccessD] Re: [dba-Tech] Recent MS Security Updates > > > > > > Oops, some cannot see the attachment. > > > > I can highly recommend this newsletter. > > > > /gustav > > > > > > > I think you have hit same dead end as have Woody in > paragraph 8 ... > > > > > > > > --==>> WOW -- WOODY's OFFICE WATCH <<==-- > > Microsoft Office advice and news from Woody Leonhard > > 4 September 2003 Vol 8 No 35 > > > > > > Within the past 12 hours, Microsoft released four Security > Bulletins > > for Office products. This is our "rapid response" WOW to > the flurry of > > activity. There are good points, bad points, at least one > gotcha, and > > a host of unanswered questions, but the bottom line is that I > > recommend you install all the patches, immediately. > > > > Please pass this edition of WOW along to your friends, family, > > co-workers - even that weird guy in the cubicle across from > you. It's > > important. It's complicated, too, as you'll soon see. > > > > Anyone can join WOW, it's free and your email address is > private. Hop > > to http://woodyswatch.com/wow/ or send a blank email to > > wow at woodyswatch.com > > > > > > 1. What Happened > > 2. MS03-035 / 824936 / 824934 > > 3. MS03-036 / 824993 / 824938 > > 4. MS03-037 / 822035 / 822036 > > 5. MS03-038 / 826292 / 826293 > > 6. If You Have Office XP > > 7. If You Have Office 2000 > > 8. If You Have Office 97 and/or Visio 2000 > > 9. The Good Point: One Kudos for Microsoft > > 10. Keep WOW Alive and Free > > > > > > 1. WHAT HAPPENED > > Microsoft has just released four security patches: three rated > > "Important" and one "Critical". I recommend that you > install them all > > right away, but read the specific instructions below first. > > > > No matter which version of Office or which Office products you use > > (including Access), you need to patch your PC. You also > need to patch > > your PC if you have FrontPage 2000 or 2002, Project 2000 or 2002, > > Publisher 2002, Visio 2000 or 2002, Works 2001, 2002, or 2003, or > > several of the "MS Business Solutions" products. > > > > VBA is a big part of this round of security fixes, and many, many > > applications run VBA. Folks who own any of the 300 products > listed at > > http://msdn.microsoft.com/vba/companies/company.asp > > (including AutoCAD, CorelDRAW, WordPerfect, Peachtree, and many > > more) will undoubtedly be receiving instructions to patch their > > systems, too. It would be a good idea to wait until the manufacturer > > contacts you, or to keep an eye on the manufacturer's Web site. The > > patching instructions for each product may vary a bit. Good luck. > > > > > > In the headings below, I've identified each patch by > security bulletin > > number (MS03-???), and also by the Knowledge Base article > number which > > is used to identify and track the patch. Many of the > references you'll > > see in the press relate to bulletin numbers. But when you go to > > install a patch, all you'll see is the KB article number. Worse, > > there's also a Knowledge Base article with a completely different > > number that gives technical details on the hole and the fix. I > > listed those KB article numbers at the bottom of each > > security hole's description. It's a real mess. I hope this > > kinda cuts through some of the obfuscation. > > > > > > 2. MS03-035 / 824936 / 824934 > > MS03-035: "Flaw in Microsoft Word Could Enable Macros to Run > > Automatically" > > > > Patch for Word 2000: http://woodyswatch.com/kb?824936 > > Patch for Word 2002 (Office XP): http://woodyswatch.com/kb?824934 > > > > The problem described in MS03-035 affects Word 97, 2000, and 2002 > > (the version of Word in Office XP). It also affects Works 2001, 2002 > > and 2003 because they all contain vulnerable versions of Word. > > > > At this point, I don't know if it affects Word 2003, but based on > > the way they handled the other patches (see below), I'll bet > > Microsoft built the fix into Office 2003 before it released the gold > > code. > > > > There are very few details online about this security hole, although > > it sounds like the "flipped macro bit" hole that I discussed more > > than two years ago in WOW 6.30 > > (http://www.woodyswatch.com/office/archtemplate.asp?v6-n30 ). In > > that earlier exploit, Steven McLeod discovered a way to flip a > > single bit in a Word document, and have Word bypass macro screening. > > It led to the first patch of Word 2002. > > > > According to MS's Web page, the particular problem in MS03-035 was > > discovered by Jim Bassett. Jim reports, "I just stumbled on the > > security hole by accident. A co-worker > > (non-developer) made a Word template in an unusual way. I > > noticed that new documents created from this template behaved > > strangely. I investigated and discovered that when you create > > a template in a particular manner, derived documents always > > get past macro security. It happened on all versions of Word > > including 2003 Beta." > > > > Jim reports that he first notified Microsoft in May, so it took four > > months for this patch to appear. > > > > http://www.microsoft.com/technet/security/bulletin/MS03-035.asp > > http://woodyswatch.com/kb?827653 > > > > > > 3. MS03-036 / 824993 / 824938 > > MS03-036: Buffer Overrun in WordPerfect Converter Could Allow Code > > Execution > > > > Patch for Office 2000: http://woodyswatch.com/kb?824993 Patch for > > Office XP: http://woodyswatch.com/kb?824938 > > > > This is a gaping security hole in the program that Word uses to open > > WordPerfect-formatted documents. Because Internet Explorer cranks up > > Word whenever it tries to open a .doc, IE "inherits" the security > > hole from Word. (A bit ironic, actually, when you think about how > > many times Outlook has "inherited" security holes from IE and its > > HTML rendering engine.) > > > > It's a traditional buffer overflow problem: the WordPerfect > > converter doesn't check to make sure that data coming in fits inside > > the allocated area. As a result, a craftily concocted WordPerfect > > document can blow away the converter, take over, and start running > > any program the attacker likes. > > > > Microsoft lists the vulnerable programs as Office 97, 2000, and XP, > > FrontPage 2000 and 2002, Publisher 2000 and 2002, and Works 2001, > > 2002, and 2003. According to Microsoft, all of those programs > > automatically install the faulty converter (although I don't > > understand how the converter would be invoked if Word isn't > > installed - oh well). > > > > No official word on whether it affects Office 2003, but when you > > install Build 5604 of Office 2003 (the final Office 2003 Build is > > 5612), you get the same "good" Word Converter file mention in the > > Knowledge Base articles. Thus, it's highly likely that Microsoft > > caught the problem and fixed it before Office 2003 went gold. > > > > eEye Digital Security - the folks who have uncovered more than a > > dozen security holes in Internet Explorer - caught this one, too. > > They report that it's taken Microsoft four months to plug the hole. > > > > http://www.microsoft.com/technet/security/bulletin/MS03-036.asp > > http://woodyswatch.com/kb?827103 > > http://www.eeye.com/html/Research/Advisories/AD20030903-1.html > > > > > > 4. MS03-037 / 822035 / 822036 > > MS03-037: Flaw in Visual Basic for Applications Could Allow > > Arbitrary Code Execution > > > > Patch for Office 2000: http://woodyswatch.com/kb?822035 Patch for > > Office XP: http://woodyswatch.com/kb?822036 > > > > This is the biggie. It's rated "critical" because you can get > > infected by simply replying to or forwarding an infected email > > message - assuming you use Word as your Email editor. > > > > Don't get me started. > > > > There's a buffer overflow problem with the VBA Editor (er, the > > "Visual Basic Design Time Environment Library"). Yeah, you read that > > right. > > > > Here's how it works. Say you open a .doc file with Word. One early > > part of the process of opening a file involves Word plucking off a > > bit of the file and handing it to the VBA Editor (actually, handing > > it to the Visual Basic Design Time Environment Library, VBE.DLL). In > > effect, to a first approximation, Word asks the VBA Editor if VBA > > needs to be loaded in order to take care of the file. And Word asks > > VBE.DLL before it officially "opens" the file. > > > > That's when the problem occurs. If Word is tricked into plucking off > > too much data (which is remarkably easy to do), VBE.DLL gulps down > > the whole gob of data, chokes, and starts running the data that's > > passed to it, as if it were a program. If a bad guy jimmies a Word > > document so the plucked off part is too long, and sticks a malicious > > program at the point where VBE.DLL chokes and starts running the > > data as if it were a program, you have a classic buffer overflow > > attack. > > > > A lot of people are confused because they think their macro scanning > > anti-virus software should handle this sort of problem. In short, it > > can't (at least, not in the way you usually think of virus checkers > > working). Why? This initial plucking and feeding to VBE.DLL occurs > > long before Word even scans the document for macros, much less > > invokes the security levels you've set, or calls your anti-virus > > package. > > > > That's why WordMail can get clobbered. If you try to reply to or > > forward a message, WordMail plucks a string off the message and > > hands it to VBE.DLL, asking VBA if it needs to be loaded. If the > > string's too long, VBE.DLL can start running whatever program the > > bad guy stuck at the end of the string. Your anti-virus software > > will never even see the message. > > > > It's a helluva bad problem. > > > > As far as I can tell, anything and everything that uses Visual Basic > > for Applications is vulnerable. As mentioned earlier, that would > > include all of the 300-plus products made by companies that paid to > > have VBA included with their software. No doubt Corel and AutoCAD > > and a couple hundred other vendors are a bit, uh, peeved at this > > point. > > > > Remarkably, Microsoft does NOT list Outlook in the MS03-037 Security > > Bulletin lineup of afflicted products. That must be an oversight. > > Outlook certainly does use VBA. I bet MS fixes the KB article within > > minutes of reading this. > > > > Although there's no mention of Office 2003 in the Security Bulletin > > or KB articles, when you install Office 2003 Build 5604 (RTM is > > Build 5612), you get the "good" updated VBE6.DLL discussed in KB > > articles 822035 and 822036. Apparently MS fixed this hole before > > Office 2003 was released to manufacturing. > > > > eEye caught this one, too. It took Microsoft four months to patch > > this hole. > > > > http://www.microsoft.com/technet/security/bulletin/MS03-037.asp > > http://woodyswatch.com/kb?822715 > > http://www.eeye.com/html/Research/Advisories/AD20030903-2.html > > > > > > 5. MS03-038 / 826292 / 826293 > > MS03-038 - Unchecked Buffer in Microsoft Access Snapshot Viewer May > > Permit Code Execution > > > > Patch for Access 2000: http://woodyswatch.com/kb?826292 Patch for > > Access 2002 (Office XP): http://woodyswatch.com/kb?826293 > > > > This is another buffer overflow bug. (Somebody remind me. Didn't > > Microsoft perform a month-long security lockdown and code review, > > specifically aimed at buffer overflows and other common security > > holes, about a year ago? Hundreds of millions of dollars, if memory > > serves. Hmmmmm...) > > > > The Access Snapshot Viewer is a program that lets you look at a > > "snapshot" of an Access database. No, I've never used it, either. > > > > This particular security hole is susceptible to the same "kill bit" > > problem that the old Office Web Components bug encountered. I talked > > about the kill bit cat-and-mouse game in WOW 7.40, > > http://www.woodyswatch.com/OFFICE/archtemplate.asp?v7-n40 . > > Basically, even if you download and apply the fix, it's still > > possible for a really persistent cretin to undo your patch, > > remotely, operating from a Web site you visit. As far as I > > know, there aren't any good solutions to kill bit problems. > > You just have to wait for the next Internet Explorer patch, > > and apply it. > > > > And pray. > > > > Microsoft credits Oliver Lavery with finding this hole. I've written > > to Oliver, and will let you know if he wants to add > anything. > > > > http://www.microsoft.com/technet/security/bulletin/MS03-038.asp > > http://woodyswatch.com/kb?827104 > > > > > > 6. IF YOU HAVE OFFICE XP > > I hate to do it, but I'm going to recommend that you go to the > > Office Update site, > > http://www.office.microsoft.com/ProductUpdates/default.aspx , and > > apply whatever patches Microsoft may have for you. > > > > Why? Because there's working "exploit" code already posted on the > > Web for MS03-036 and MS03-037. It won't be long before somebody with > > a black hat figures out a way to use it. > > > > I've installed the patches on my own Office XP machines, and nothing > > has fallen over yet. I've combed the newsgroups and haven't heard > > any wailing or gnashing of teeth - although many folks are skeptical > > of Office Update. (No, you *can't* get these patches from Windows > > Update. You have to use > Office Update.) > > > > If you want to download individual files, heaven help ya!, the > > Administrative Update page with links to all the Office XP update > > files is at > > http://www.microsoft.com/office/ork/xp/journ/oxpupdte.htm . You can > > also try following the instructions in the KB articles I noted at > > the end of the discussion for each > security hole. > > > > > > 7. IF YOU HAVE OFFICE 2000 > > See the above recommendation for Office XP. The only good way I can > > figure to get all of the right patches (and there's a bunch of them, > > especially if you have FrontPage or Publisher) is via Office Update. > > > > Office 2000 (and 97) Administrative Updates (which is Microsoft > > speak for "downloadable > > patches") are listed at > > http://www.microsoft.com/office/ork/xp/journ/o2kupdte.htm > > > > > > 8. IF YOU HAVE OFFICE 97 AND/OR VISIO 2000 > > Sez Microsoft: "A supported fix is now available from Microsoft, but > > it is only intended to correct the problem that is described in this > > article. Apply it only to computers that are experiencing this > > specific problem." > > > > Of course, Microsoft doesn't provide you with enough information to > > determine whether or not a specific PC is experiencing the MS03-035 > > problem, in particular, but it appears to me as if all Office 97 > > computers are vulnerable to all four threats. > > > > Worse, if you wait until the 'specific problem' appears it means you > > probably have been attacked in some way. > > > > Here's "Trustworthy Computing" in action - Microsoft is recommending > > you do nothing until something bad happens. And people wonder why I > > don't take Microsoft a face value. > > > > For MS03-035: Start at http://woodyswatch.com/kb?827647 and follow > > the instructions to beg Microsoft for the patch. > > > > For MS03-036: Start at http://woodyswatch.com/kb?827656 and beg. > > > > For MS03-037: Start at http://woodyswatch.com/kb?822150 and download > > and apply the generic VBA update. > > > > For MS03-038: You need to download the new Access Snapshot Viewer at > > http://www.microsoft.com/accessdev/articles/snapshot.htm?&gssnb=1 > > > > > > WOODY's EMAIL ESSENTIALS - our new, free, newsletter, all > > about email. WEE will give you news and tips on Outlook > > Express - yes, finally a place for all those OE users to call > > home. There'll also be advice on email etiquette, spam > > prevention, email services and scams. Just click on this > > link to join using the same email address as this issue of > > WOW http://woodyswatch.com/email/subscribe.asp?cactus at cactus.dk > > Or send a blank email to wee at woodyswatch.com > > > > > > 9. THE GOOD POINT: ONE KUDOS FOR MICROSOFT > > Somebody in Redmond decided, once again, that Office 97 > > applications will be patched, even if Office 97 is, at least > > theoretically, orphaned. > > > > That's the right decision to make, and I want to thank the > > person or people who made it. > > > > It'd sure be nice if we didn't have to beg to get the > > updates. But at least they're available. > > > > Hopefully some sanity will prevail and the patches will be > > made available without going cap in hand to Microsoft. Well, > > maybe not sanity so much as self-preservation as waves of > > unhappy Office 97 / Visio 2000 user call Microsoft support. > > > > So far, the patches look stable. Let's all keep our fingers crossed. > > > > > > 10. KEEP WOW ALIVE AND FREE > > If you like the no-nonsense style you see in this newsletter > > - the straight scoop, whether Microsoft likes it or not, > > dished out in a way that won't put you to sleep - get one > of my books! > > > > "Windows XP All-In-One Desk Reference For Dummies", Hungry Minds > > http://www.woodyswatch.com/l.asp?0764515489 > > > > "Special Edition Using Microsoft Office XP" with Ed Bott, Que > > http://www.woodyswatch.com/l.asp?0789725134 > > > > "Special Edition Using Microsoft Office 2000" with Ed Bott, Que > > http://www.woodyswatch.com/l.asp?0789718421 > > > > "Woody Leonhard Teaches Office 2000", Que > > http://www.woodyswatch.com/l.asp?0789718715 > > > > > > > > > > _______________________________________________ > > dba-Tech mailing list > > dba-Tech at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > > > Website: http://www.databaseadvisors.com > > > > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From shamil at SMSConsulting.spb.ru Mon Sep 8 12:34:15 2003 From: shamil at SMSConsulting.spb.ru (Shamil Salakhetdinov) Date: Mon, 8 Sep 2003 21:34:15 +0400 Subject: [dba-Tech] I don't know what I don't know from where is sending messages using my e-mail address... Message-ID: <004001c3762f$bc654600$b501010a@PARIS> Hi All, Have you ever seen a message returned to your mailbox, having your e-mail address in From field, which you didn't send? (see example in P.S.) This doesn't seem to be a virus running on my PC - my PC is scanned periodically using NAV with latest updates. And the recipients e-mail addresses of such messages aren't written in my address book, and even MS Outlook Express version I use is different! What is this? A virus NAV missing while scanning my PC? Or...? Could you please advice? This looks very much like SOBIG virus but I don't have it on my PC! So much confused, TIA for any info, Shamil P.S. Strange messages header: Return-path: Received: from conversion-daemon.mailgw2.cityu.edu.hk by mailgw2.cityu.edu.hk (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> (original mail from shamil at smsconsulting.spb.ru); Tue, 9 Sep 2003 01:11:56 +0800 (CST) Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) by mailgw2.cityu.edu.hk (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) Date: Tue, 09 Sep 2003 01:28:39 +0800 From: shamil at smsconsulting.spb.ru Subject: Thank you! To: college.office at cityu.edu.hk Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> MIME-version: 1.0 X-Mailer: Microsoft Outlook Express 6.00.2600.0000 Content-type: multipart/mixed; boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal X-MailScanner: Found to be clean This is a multipart message in MIME format --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT See the attached file for details --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) Content-type: text/plain; Name=UnsafeFile.txt Content-transfer-encoding: 7BIT Content-disposition: inline Content-description: Unsafe file movie0045.pif is removed! ********* UNSAFE FILE REMOVED! ********* The system has removed the following unsafe file from this mail: * Name of the file being removed: movie0045.pif Postmaster (Mail Administrator), City University of Hong Kong Email: postmaster at cityu.edu.hk (Reference number: 20030909_011156_13779) ******************************************** -- e-mail: shamil at smsconsulting.spb.ru http://smsconsulting.spb.ru/shamil_s From jcolby at colbyconsulting.com Mon Sep 8 12:42:36 2003 From: jcolby at colbyconsulting.com (John Colby) Date: Mon, 8 Sep 2003 13:42:36 -0400 Subject: [dba-Tech] I don't know what I don't know from where is sending messages usingmy e-mail address... In-Reply-To: <004001c3762f$bc654600$b501010a@PARIS> Message-ID: It could be spam where they are spoofing the from address. Or it could be a virus where they are spoofing the from. In either case, you can delete it. John W. Colby www.colbyconsulting.com -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Shamil Salakhetdinov Sent: Monday, September 08, 2003 1:34 PM To: dba - Tech Subject: [dba-Tech] I don't know what I don't know from where is sending messages usingmy e-mail address... Hi All, Have you ever seen a message returned to your mailbox, having your e-mail address in From field, which you didn't send? (see example in P.S.) This doesn't seem to be a virus running on my PC - my PC is scanned periodically using NAV with latest updates. And the recipients e-mail addresses of such messages aren't written in my address book, and even MS Outlook Express version I use is different! What is this? A virus NAV missing while scanning my PC? Or...? Could you please advice? This looks very much like SOBIG virus but I don't have it on my PC! So much confused, TIA for any info, Shamil P.S. Strange messages header: Return-path: Received: from conversion-daemon.mailgw2.cityu.edu.hk by mailgw2.cityu.edu.hk (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> (original mail from shamil at smsconsulting.spb.ru); Tue, 9 Sep 2003 01:11:56 +0800 (CST) Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) by mailgw2.cityu.edu.hk (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) Date: Tue, 09 Sep 2003 01:28:39 +0800 From: shamil at smsconsulting.spb.ru Subject: Thank you! To: college.office at cityu.edu.hk Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> MIME-version: 1.0 X-Mailer: Microsoft Outlook Express 6.00.2600.0000 Content-type: multipart/mixed; boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" Importance: Normal X-Priority: 3 (Normal) X-MSMail-priority: Normal X-MailScanner: Found to be clean This is a multipart message in MIME format --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT See the attached file for details --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) Content-type: text/plain; Name=UnsafeFile.txt Content-transfer-encoding: 7BIT Content-disposition: inline Content-description: Unsafe file movie0045.pif is removed! ********* UNSAFE FILE REMOVED! ********* The system has removed the following unsafe file from this mail: * Name of the file being removed: movie0045.pif Postmaster (Mail Administrator), City University of Hong Kong Email: postmaster at cityu.edu.hk (Reference number: 20030909_011156_13779) ******************************************** -- e-mail: shamil at smsconsulting.spb.ru http://smsconsulting.spb.ru/shamil_s _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From garykjos at hotmail.com Mon Sep 8 12:55:26 2003 From: garykjos at hotmail.com (Gary Kjos) Date: Mon, 08 Sep 2003 12:55:26 -0500 Subject: [dba-Tech] I don't know what I don't know from where is sending messages usingmy e-mail address... Message-ID: Hi Shamil. Sobig virus uses E-Mail Spoofing - info belos is from the Symantec AV site info on it.... ----------- http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f at mm.html ----------- Email spoofing W32.Sobig.F at mm uses a technique known as "spoofing," by which the worm randomly selects an address it finds on an infected computer. The worm uses this address as the "From" address when it performs its mass-mailing routine. Numerous cases have been reported in which users of uninfected computers received complaints that they sent an infected message to another individual. For example, Linda Anderson is using a computer infected with W32.Sobig.F at mm. Linda is neither using an antivirus program nor has the current virus definitions. When W32.Sobig.F at mm performs its email routine, it finds the email address of Harold Logan. The worm inserts Harold's email address into the "From" portion of an infected message, which it then sends to Janet Bishop. Then, Janet contacts Harold and complains that he sent her an infected message; however, when Harold scans his computer, Norton AntiVirus does not find anything, because his computer is not infected. -------- So Shamil, someone who has you on their contact list is infected and is sending the message pretending to be you..... Gary Kjos garykjos at hotmail.com >From: "Shamil Salakhetdinov" >Reply-To: Discussion of Hardware and Software >issues >To: "dba - Tech" >Subject: [dba-Tech] I don't know what I don't know from where is sending >messages usingmy e-mail address... >Date: Mon, 8 Sep 2003 21:34:15 +0400 > >Hi All, > >Have you ever seen a message returned to your mailbox, having your e-mail >address in From field, which you didn't send? (see example in P.S.) >This doesn't seem to be a virus running on my PC - my PC is scanned >periodically using NAV with latest updates. >And the recipients e-mail addresses of such messages aren't written in my >address book, and even MS Outlook Express version I use is different! > >What is this? A virus NAV missing while scanning my PC? Or...? Could you >please advice? > >This looks very much like SOBIG virus but I don't have it on my PC! > >So much confused, >TIA for any info, >Shamil > >P.S. Strange messages header: > >Return-path: >Received: from conversion-daemon.mailgw2.cityu.edu.hk by >mailgw2.cityu.edu.hk > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> > (original mail from shamil at smsconsulting.spb.ru); Tue, > 9 Sep 2003 01:11:56 +0800 (CST) >Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) > by mailgw2.cityu.edu.hk > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for > college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) >Date: Tue, 09 Sep 2003 01:28:39 +0800 >From: shamil at smsconsulting.spb.ru >Subject: Thank you! >To: college.office at cityu.edu.hk >Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> >MIME-version: 1.0 >X-Mailer: Microsoft Outlook Express 6.00.2600.0000 >Content-type: multipart/mixed; >boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" >Importance: Normal >X-Priority: 3 (Normal) >X-MSMail-priority: Normal >X-MailScanner: Found to be clean > >This is a multipart message in MIME format > >--Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) >Content-type: text/plain; charset=iso-8859-1 >Content-transfer-encoding: 7BIT > >See the attached file for details > >--Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) >Content-type: text/plain; Name=UnsafeFile.txt >Content-transfer-encoding: 7BIT >Content-disposition: inline >Content-description: Unsafe file movie0045.pif is removed! > >********* UNSAFE FILE REMOVED! ********* > >The system has removed the following unsafe file from this mail: > >* Name of the file being removed: movie0045.pif > >Postmaster (Mail Administrator), >City University of Hong Kong >Email: postmaster at cityu.edu.hk > >(Reference number: 20030909_011156_13779) >******************************************** > > >-- >e-mail: shamil at smsconsulting.spb.ru >http://smsconsulting.spb.ru/shamil_s > >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com _________________________________________________________________ Fast, faster, fastest: Upgrade to Cable or DSL today! https://broadband.msn.com From DBCfour at aol.com Mon Sep 8 12:57:11 2003 From: DBCfour at aol.com (DBCfour at aol.com) Date: Mon, 8 Sep 2003 13:57:11 EDT Subject: [dba-Tech] I don't know what I don't know from where is sending messages... Message-ID: <6b.1892243f.2c8e1cf7@aol.com> Hi Shamil, Someone that has you in their address book has the virus. It's spoofing your address, and the ISP on the receiving end is just sending a notification to whoever shows up in the "from" tag. Delete them...People have been getting them for weeks now. You're lucky if you're just seeing your first. :-) Donna In a message dated 9/8/2003 1:37:47 PM Eastern Standard Time, shamil at SMSConsulting.spb.ru writes: > Hi All, > > Have you ever seen a message returned to your mailbox, having your e-mail > address in From field, which you didn't send? (see example in P.S.) > This doesn't seem to be a virus running on my PC - my PC is scanned > periodically using NAV with latest updates. > And the recipients e-mail addresses of such messages aren't written in my > address book, and even MS Outlook Express version I use is different! > > What is this? A virus NAV missing while scanning my PC? Or...? Could you > please advice? > > This looks very much like SOBIG virus but I don't have it on my PC! > > So much confused, > TIA for any info, > Shamil > > P.S. Strange messages header: -------------- next part -------------- An HTML attachment was scrubbed... URL: From shamil at SMSConsulting.spb.ru Mon Sep 8 13:02:00 2003 From: shamil at SMSConsulting.spb.ru (Shamil Salakhetdinov) Date: Mon, 8 Sep 2003 22:02:00 +0400 Subject: [dba-Tech] I don't know what I don't know from where is sendingmessages usingmy e-mail address... References: Message-ID: <000f01c37633$4ed77aa0$b501010a@PARIS> > virus where they are spoofing the from Yes, John, this looks like a virus running somewhere but not on my PC and spoofing my e-mail addresses - have you seen something like that manipulating/spoofing your e-mail addresses? - is that a common problem everywhere? - I started to get such messages only several days ago... Shamil ----- Original Message ----- From: "John Colby" To: "Discussion of Hardware and Software issues" Sent: Monday, September 08, 2003 9:42 PM Subject: RE: [dba-Tech] I don't know what I don't know from where is sendingmessages usingmy e-mail address... > It could be spam where they are spoofing the from address. Or it could be a > virus where they are spoofing the from. In either case, you can delete it. > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Shamil > Salakhetdinov > Sent: Monday, September 08, 2003 1:34 PM > To: dba - Tech > Subject: [dba-Tech] I don't know what I don't know from where is sending > messages usingmy e-mail address... > > > Hi All, > > Have you ever seen a message returned to your mailbox, having your e-mail > address in From field, which you didn't send? (see example in P.S.) > This doesn't seem to be a virus running on my PC - my PC is scanned > periodically using NAV with latest updates. > And the recipients e-mail addresses of such messages aren't written in my > address book, and even MS Outlook Express version I use is different! > > What is this? A virus NAV missing while scanning my PC? Or...? Could you > please advice? > > This looks very much like SOBIG virus but I don't have it on my PC! > > So much confused, > TIA for any info, > Shamil > > P.S. Strange messages header: > > Return-path: > Received: from conversion-daemon.mailgw2.cityu.edu.hk by > mailgw2.cityu.edu.hk > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> > (original mail from shamil at smsconsulting.spb.ru); Tue, > 9 Sep 2003 01:11:56 +0800 (CST) > Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) > by mailgw2.cityu.edu.hk > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for > college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) > Date: Tue, 09 Sep 2003 01:28:39 +0800 > From: shamil at smsconsulting.spb.ru > Subject: Thank you! > To: college.office at cityu.edu.hk > Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> > MIME-version: 1.0 > X-Mailer: Microsoft Outlook Express 6.00.2600.0000 > Content-type: multipart/mixed; > boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" > Importance: Normal > X-Priority: 3 (Normal) > X-MSMail-priority: Normal > X-MailScanner: Found to be clean > > This is a multipart message in MIME format > > --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > Content-type: text/plain; charset=iso-8859-1 > Content-transfer-encoding: 7BIT > > See the attached file for details > > --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > Content-type: text/plain; Name=UnsafeFile.txt > Content-transfer-encoding: 7BIT > Content-disposition: inline > Content-description: Unsafe file movie0045.pif is removed! > > ********* UNSAFE FILE REMOVED! ********* > > The system has removed the following unsafe file from this mail: > > * Name of the file being removed: movie0045.pif > > Postmaster (Mail Administrator), > City University of Hong Kong > Email: postmaster at cityu.edu.hk > > (Reference number: 20030909_011156_13779) > ******************************************** > > > -- > e-mail: shamil at smsconsulting.spb.ru > http://smsconsulting.spb.ru/shamil_s > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com From jcolby at colbyconsulting.com Mon Sep 8 13:08:07 2003 From: jcolby at colbyconsulting.com (John Colby) Date: Mon, 8 Sep 2003 14:08:07 -0400 Subject: [dba-Tech] I don't know what I don't know from where issendingmessages usingmy e-mail address... In-Reply-To: <000f01c37633$4ed77aa0$b501010a@PARIS> Message-ID: I have seen it occasionally. Since I use NAV which finds infected emails looking tike this it is usually (on my machine) spam. I don't worry about them, just delete them. John W. Colby www.colbyconsulting.com -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Shamil Salakhetdinov Sent: Monday, September 08, 2003 2:02 PM To: Discussion of Hardware and Software issues Subject: Re: [dba-Tech] I don't know what I don't know from where issendingmessages usingmy e-mail address... > virus where they are spoofing the from Yes, John, this looks like a virus running somewhere but not on my PC and spoofing my e-mail addresses - have you seen something like that manipulating/spoofing your e-mail addresses? - is that a common problem everywhere? - I started to get such messages only several days ago... Shamil ----- Original Message ----- From: "John Colby" To: "Discussion of Hardware and Software issues" Sent: Monday, September 08, 2003 9:42 PM Subject: RE: [dba-Tech] I don't know what I don't know from where is sendingmessages usingmy e-mail address... > It could be spam where they are spoofing the from address. Or it could be a > virus where they are spoofing the from. In either case, you can delete it. > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Shamil > Salakhetdinov > Sent: Monday, September 08, 2003 1:34 PM > To: dba - Tech > Subject: [dba-Tech] I don't know what I don't know from where is sending > messages usingmy e-mail address... > > > Hi All, > > Have you ever seen a message returned to your mailbox, having your e-mail > address in From field, which you didn't send? (see example in P.S.) > This doesn't seem to be a virus running on my PC - my PC is scanned > periodically using NAV with latest updates. > And the recipients e-mail addresses of such messages aren't written in my > address book, and even MS Outlook Express version I use is different! > > What is this? A virus NAV missing while scanning my PC? Or...? Could you > please advice? > > This looks very much like SOBIG virus but I don't have it on my PC! > > So much confused, > TIA for any info, > Shamil > > P.S. Strange messages header: > > Return-path: > Received: from conversion-daemon.mailgw2.cityu.edu.hk by > mailgw2.cityu.edu.hk > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> > (original mail from shamil at smsconsulting.spb.ru); Tue, > 9 Sep 2003 01:11:56 +0800 (CST) > Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) > by mailgw2.cityu.edu.hk > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for > college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) > Date: Tue, 09 Sep 2003 01:28:39 +0800 > From: shamil at smsconsulting.spb.ru > Subject: Thank you! > To: college.office at cityu.edu.hk > Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> > MIME-version: 1.0 > X-Mailer: Microsoft Outlook Express 6.00.2600.0000 > Content-type: multipart/mixed; > boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" > Importance: Normal > X-Priority: 3 (Normal) > X-MSMail-priority: Normal > X-MailScanner: Found to be clean > > This is a multipart message in MIME format > > --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > Content-type: text/plain; charset=iso-8859-1 > Content-transfer-encoding: 7BIT > > See the attached file for details > > --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > Content-type: text/plain; Name=UnsafeFile.txt > Content-transfer-encoding: 7BIT > Content-disposition: inline > Content-description: Unsafe file movie0045.pif is removed! > > ********* UNSAFE FILE REMOVED! ********* > > The system has removed the following unsafe file from this mail: > > * Name of the file being removed: movie0045.pif > > Postmaster (Mail Administrator), > City University of Hong Kong > Email: postmaster at cityu.edu.hk > > (Reference number: 20030909_011156_13779) > ******************************************** > > > -- > e-mail: shamil at smsconsulting.spb.ru > http://smsconsulting.spb.ru/shamil_s > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From shamil at SMSConsulting.spb.ru Mon Sep 8 13:09:59 2003 From: shamil at SMSConsulting.spb.ru (Shamil Salakhetdinov) Date: Mon, 8 Sep 2003 22:09:59 +0400 Subject: [dba-Tech] I don't know what I don't know from where is sendingmessages usingmy e-mail address... References: Message-ID: <002d01c37634$6d0ea880$b501010a@PARIS> Thanks Gary and all the others who anwered my message! All is clear now - this SoBig virus writer is a real devil... Shamil ----- Original Message ----- From: "Gary Kjos" To: Sent: Monday, September 08, 2003 9:55 PM Subject: Re: [dba-Tech] I don't know what I don't know from where is sendingmessages usingmy e-mail address... > Hi Shamil. > > Sobig virus uses E-Mail Spoofing - info belos is from the Symantec AV site > info on it.... > ----------- > http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f at mm.html > ----------- > Email spoofing > W32.Sobig.F at mm uses a technique known as "spoofing," by which the worm > randomly selects an address it finds on an infected computer. The worm uses > this address as the "From" address when it performs its mass-mailing > routine. Numerous cases have been reported in which users of uninfected > computers received complaints that they sent an infected message to another > individual. > > For example, Linda Anderson is using a computer infected with > W32.Sobig.F at mm. Linda is neither using an antivirus program nor has the > current virus definitions. When W32.Sobig.F at mm performs its email routine, > it finds the email address of Harold Logan. The worm inserts Harold's email > address into the "From" portion of an infected message, which it then sends > to Janet Bishop. Then, Janet contacts Harold and complains that he sent her > an infected message; however, when Harold scans his computer, Norton > AntiVirus does not find anything, because his computer is not infected. > > -------- > > So Shamil, someone who has you on their contact list is infected and is > sending the message pretending to be you..... > > Gary Kjos > garykjos at hotmail.com > > > > > > >From: "Shamil Salakhetdinov" > >Reply-To: Discussion of Hardware and Software > >issues > >To: "dba - Tech" > >Subject: [dba-Tech] I don't know what I don't know from where is sending > >messages usingmy e-mail address... > >Date: Mon, 8 Sep 2003 21:34:15 +0400 > > > >Hi All, > > > >Have you ever seen a message returned to your mailbox, having your e-mail > >address in From field, which you didn't send? (see example in P.S.) > >This doesn't seem to be a virus running on my PC - my PC is scanned > >periodically using NAV with latest updates. > >And the recipients e-mail addresses of such messages aren't written in my > >address book, and even MS Outlook Express version I use is different! > > > >What is this? A virus NAV missing while scanning my PC? Or...? Could you > >please advice? > > > >This looks very much like SOBIG virus but I don't have it on my PC! > > > >So much confused, > >TIA for any info, > >Shamil > > > >P.S. Strange messages header: > > > >Return-path: > >Received: from conversion-daemon.mailgw2.cityu.edu.hk by > >mailgw2.cityu.edu.hk > > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > > id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> > > (original mail from shamil at smsconsulting.spb.ru); Tue, > > 9 Sep 2003 01:11:56 +0800 (CST) > >Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) > > by mailgw2.cityu.edu.hk > > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > > with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for > > college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) > >Date: Tue, 09 Sep 2003 01:28:39 +0800 > >From: shamil at smsconsulting.spb.ru > >Subject: Thank you! > >To: college.office at cityu.edu.hk > >Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> > >MIME-version: 1.0 > >X-Mailer: Microsoft Outlook Express 6.00.2600.0000 > >Content-type: multipart/mixed; > >boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" > >Importance: Normal > >X-Priority: 3 (Normal) > >X-MSMail-priority: Normal > >X-MailScanner: Found to be clean > > > >This is a multipart message in MIME format > > > >--Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > >Content-type: text/plain; charset=iso-8859-1 > >Content-transfer-encoding: 7BIT > > > >See the attached file for details > > > >--Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > >Content-type: text/plain; Name=UnsafeFile.txt > >Content-transfer-encoding: 7BIT > >Content-disposition: inline > >Content-description: Unsafe file movie0045.pif is removed! > > > >********* UNSAFE FILE REMOVED! ********* > > > >The system has removed the following unsafe file from this mail: > > > >* Name of the file being removed: movie0045.pif > > > >Postmaster (Mail Administrator), > >City University of Hong Kong > >Email: postmaster at cityu.edu.hk > > > >(Reference number: 20030909_011156_13779) > >******************************************** > > > > > >-- > >e-mail: shamil at smsconsulting.spb.ru > >http://smsconsulting.spb.ru/shamil_s > > > >_______________________________________________ > >dba-Tech mailing list > >dba-Tech at databaseadvisors.com > >http://databaseadvisors.com/mailman/listinfo/dba-tech > >Website: http://www.databaseadvisors.com > > _________________________________________________________________ > Fast, faster, fastest: Upgrade to Cable or DSL today! > https://broadband.msn.com > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com From dbatech at wolfwares.com Mon Sep 8 13:14:08 2003 From: dbatech at wolfwares.com (Drew Wutka) Date: Mon, 8 Sep 2003 13:14:08 -0500 Subject: [dba-Tech] I don't know what I don't know from where issendingmessages usingmy e-mail address... References: <000f01c37633$4ed77aa0$b501010a@PARIS> Message-ID: <001c01c37634$ff283d30$1500a8c0@marlow.com> Very common with the MSBlast and SoBig viruses, because they use their own SMTP server. The To and From fields for the email are completely random, so it can very easy seem like 'you' are sending out an email. However, if you look at the header of the email, that will tell you who is actually sending them (and it usually isn't the same domain as the person in the To box, though that can happen sometimes). The problem is, many people have the 'Alert sender of virus' option turned on, on their systems. So when their virus protection software finds a virus, it sends an email back to the 'sender' that they just sent a virus out. However, the virus software just goes off of the From field (which is extremely easy to spoof), not where the email actually originated. That is how you got that email (I was getting a few a day last week. Drew ----- Original Message ----- From: "Shamil Salakhetdinov" To: "Discussion of Hardware and Software issues" Sent: Monday, September 08, 2003 1:02 PM Subject: Re: [dba-Tech] I don't know what I don't know from where issendingmessages usingmy e-mail address... > > virus where they are spoofing the from > Yes, John, this looks like a virus running somewhere but not on my PC and > spoofing my e-mail addresses - have you seen something like that > manipulating/spoofing your e-mail addresses? - is that a common problem > everywhere? - I started to get such messages only several days ago... > > Shamil > > ----- Original Message ----- > From: "John Colby" > To: "Discussion of Hardware and Software issues" > > Sent: Monday, September 08, 2003 9:42 PM > Subject: RE: [dba-Tech] I don't know what I don't know from where is > sendingmessages usingmy e-mail address... > > > > It could be spam where they are spoofing the from address. Or it could be > a > > virus where they are spoofing the from. In either case, you can delete > it. > > > > John W. Colby > > www.colbyconsulting.com > > > > -----Original Message----- > > From: dba-tech-bounces at databaseadvisors.com > > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Shamil > > Salakhetdinov > > Sent: Monday, September 08, 2003 1:34 PM > > To: dba - Tech > > Subject: [dba-Tech] I don't know what I don't know from where is sending > > messages usingmy e-mail address... > > > > > > Hi All, > > > > Have you ever seen a message returned to your mailbox, having your e-mail > > address in From field, which you didn't send? (see example in P.S.) > > This doesn't seem to be a virus running on my PC - my PC is scanned > > periodically using NAV with latest updates. > > And the recipients e-mail addresses of such messages aren't written in my > > address book, and even MS Outlook Express version I use is different! > > > > What is this? A virus NAV missing while scanning my PC? Or...? Could you > > please advice? > > > > This looks very much like SOBIG virus but I don't have it on my PC! > > > > So much confused, > > TIA for any info, > > Shamil > > > > P.S. Strange messages header: > > > > Return-path: > > Received: from conversion-daemon.mailgw2.cityu.edu.hk by > > mailgw2.cityu.edu.hk > > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > > id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> > > (original mail from shamil at smsconsulting.spb.ru); Tue, > > 9 Sep 2003 01:11:56 +0800 (CST) > > Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) > > by mailgw2.cityu.edu.hk > > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > > with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for > > college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) > > Date: Tue, 09 Sep 2003 01:28:39 +0800 > > From: shamil at smsconsulting.spb.ru > > Subject: Thank you! > > To: college.office at cityu.edu.hk > > Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> > > MIME-version: 1.0 > > X-Mailer: Microsoft Outlook Express 6.00.2600.0000 > > Content-type: multipart/mixed; > > boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" > > Importance: Normal > > X-Priority: 3 (Normal) > > X-MSMail-priority: Normal > > X-MailScanner: Found to be clean > > > > This is a multipart message in MIME format > > > > --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > > Content-type: text/plain; charset=iso-8859-1 > > Content-transfer-encoding: 7BIT > > > > See the attached file for details > > > > --Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > > Content-type: text/plain; Name=UnsafeFile.txt > > Content-transfer-encoding: 7BIT > > Content-disposition: inline > > Content-description: Unsafe file movie0045.pif is removed! > > > > ********* UNSAFE FILE REMOVED! ********* > > > > The system has removed the following unsafe file from this mail: > > > > * Name of the file being removed: movie0045.pif > > > > Postmaster (Mail Administrator), > > City University of Hong Kong > > Email: postmaster at cityu.edu.hk > > > > (Reference number: 20030909_011156_13779) > > ******************************************** > > > > > > -- > > e-mail: shamil at smsconsulting.spb.ru > > http://smsconsulting.spb.ru/shamil_s > > > > _______________________________________________ > > dba-Tech mailing list > > dba-Tech at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/dba-tech > > Website: http://www.databaseadvisors.com > > > > > > > > _______________________________________________ > > dba-Tech mailing list > > dba-Tech at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/dba-tech > > Website: http://www.databaseadvisors.com > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From carbonnb at sympatico.ca Mon Sep 8 13:20:56 2003 From: carbonnb at sympatico.ca (Bryan Carbonnell) Date: Mon, 08 Sep 2003 14:20:56 -0400 Subject: [dba-Tech] I don't know what I don't know from where is sending messages using my e-mail address... In-Reply-To: <004001c3762f$bc654600$b501010a@PARIS> Message-ID: <3F5C9048.26916.E8BDF6@localhost> On 8 Sep 2003 at 21:34, Shamil Salakhetdinov wrote: > Have you ever seen a message returned to your mailbox, having your > e-mail address in From field, which you didn't send? (see example in > P.S.) This doesn't seem to be a virus running on my PC - my PC is > scanned periodically using NAV with latest updates. And the recipients > e-mail addresses of such messages aren't written in my address book, > and even MS Outlook Express version I use is different! > > What is this? A virus NAV missing while scanning my PC? Or...? Could > you please advice? > > This looks very much like SOBIG virus but I don't have it on my PC! As others have said, SoBig and MSBlaster both spoof e-mail addresses. But it's not just those two. There are a whole host of other virii that spoof all the addresses. --- Bryan Carbonnell - carbonnb at sympatico.ca Age is a very high price to pay for maturity. From Erwin.Craps at ithelps.be Mon Sep 8 15:43:21 2003 From: Erwin.Craps at ithelps.be (Erwin Craps) Date: Mon, 8 Sep 2003 22:43:21 +0200 Subject: [dba-Tech] I don't know what I don't know from where issendingmessages usingmy e-mail address... Message-ID: Not only Sobig. All recent/new virusses are using that technique. -----Oorspronkelijk bericht----- Van: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] Namens Shamil Salakhetdinov Verzonden: maandag 8 september 2003 20:10 Aan: Discussion of Hardware and Software issues Onderwerp: Re: [dba-Tech] I don't know what I don't know from where issendingmessages usingmy e-mail address... Thanks Gary and all the others who anwered my message! All is clear now - this SoBig virus writer is a real devil... Shamil ----- Original Message ----- From: "Gary Kjos" To: Sent: Monday, September 08, 2003 9:55 PM Subject: Re: [dba-Tech] I don't know what I don't know from where is sendingmessages usingmy e-mail address... > Hi Shamil. > > Sobig virus uses E-Mail Spoofing - info belos is from the Symantec AV > site info on it.... > ----------- > http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f at mm.h tml > ----------- > Email spoofing > W32.Sobig.F at mm uses a technique known as "spoofing," by which the worm > randomly selects an address it finds on an infected computer. The worm uses > this address as the "From" address when it performs its mass-mailing > routine. Numerous cases have been reported in which users of > uninfected computers received complaints that they sent an infected > message to another > individual. > > For example, Linda Anderson is using a computer infected with > W32.Sobig.F at mm. Linda is neither using an antivirus program nor has > the current virus definitions. When W32.Sobig.F at mm performs its email > routine, it finds the email address of Harold Logan. The worm inserts > Harold's email > address into the "From" portion of an infected message, which it then sends > to Janet Bishop. Then, Janet contacts Harold and complains that he > sent her > an infected message; however, when Harold scans his computer, Norton > AntiVirus does not find anything, because his computer is not > infected. > > -------- > > So Shamil, someone who has you on their contact list is infected and > is sending the message pretending to be you..... > > Gary Kjos > garykjos at hotmail.com > > > > > > >From: "Shamil Salakhetdinov" > >Reply-To: Discussion of Hardware and Software > >issues > >To: "dba - Tech" > >Subject: [dba-Tech] I don't know what I don't know from where is > >sending messages usingmy e-mail address... > >Date: Mon, 8 Sep 2003 21:34:15 +0400 > > > >Hi All, > > > >Have you ever seen a message returned to your mailbox, having your > >e-mail address in From field, which you didn't send? (see example in > >P.S.) This doesn't seem to be a virus running on my PC - my PC is > >scanned periodically using NAV with latest updates. And the > >recipients e-mail addresses of such messages aren't written in my > >address book, and even MS Outlook Express version I use is different! > > > >What is this? A virus NAV missing while scanning my PC? Or...? Could > >you please advice? > > > >This looks very much like SOBIG virus but I don't have it on my PC! > > > >So much confused, > >TIA for any info, > >Shamil > > > >P.S. Strange messages header: > > > >Return-path: > >Received: from conversion-daemon.mailgw2.cityu.edu.hk by > >mailgw2.cityu.edu.hk > > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > > id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> > > (original mail from shamil at smsconsulting.spb.ru); Tue, > > 9 Sep 2003 01:11:56 +0800 (CST) > >Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) > > by mailgw2.cityu.edu.hk > > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > > with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for > > college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) > >Date: Tue, 09 Sep 2003 01:28:39 +0800 > >From: shamil at smsconsulting.spb.ru > >Subject: Thank you! > >To: college.office at cityu.edu.hk > >Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> > >MIME-version: 1.0 > >X-Mailer: Microsoft Outlook Express 6.00.2600.0000 > >Content-type: multipart/mixed; > >boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" > >Importance: Normal > >X-Priority: 3 (Normal) > >X-MSMail-priority: Normal > >X-MailScanner: Found to be clean > > > >This is a multipart message in MIME format > > > >--Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > >Content-type: text/plain; charset=iso-8859-1 > >Content-transfer-encoding: 7BIT > > > >See the attached file for details > > > >--Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > >Content-type: text/plain; Name=UnsafeFile.txt > >Content-transfer-encoding: 7BIT > >Content-disposition: inline > >Content-description: Unsafe file movie0045.pif is removed! > > > >********* UNSAFE FILE REMOVED! ********* > > > >The system has removed the following unsafe file from this mail: > > > >* Name of the file being removed: movie0045.pif > > > >Postmaster (Mail Administrator), > >City University of Hong Kong > >Email: postmaster at cityu.edu.hk > > > >(Reference number: 20030909_011156_13779) > >******************************************** > > > > > >-- > >e-mail: shamil at smsconsulting.spb.ru > >http://smsconsulting.spb.ru/shamil_s > > > >_______________________________________________ > >dba-Tech mailing list > >dba-Tech at databaseadvisors.com > >http://databaseadvisors.com/mailman/listinfo/dba-tech > >Website: http://www.databaseadvisors.com > > _________________________________________________________________ > Fast, faster, fastest: Upgrade to Cable or DSL today! > https://broadband.msn.com > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From tortise at paradise.net.nz Sun Sep 14 06:43:02 2003 From: tortise at paradise.net.nz (Tortise@Paradise) Date: Sun, 14 Sep 2003 23:43:02 +1200 Subject: [dba-Tech] I don't know what I don't know from whereissendingmessages usingmy e-mail address... References: Message-ID: <01c001c37ab5$5b23adc0$0900a8c0@P1200n> The problem is that e-mail addresses are probably being blacklisted as spam sources, when in reality they are not. The viral payload is probably causing blacklisting of innocent addresses. (I presume) What to do though? I expect I've been blacklisted from the number I received, undeservedly. I haven't looked though. Kind regards, David Hingston _________________________________________________________________________ Engines2Go - Now THAT's a Search Engine! Automated major search engine manager Makes searching quicker and easier - Have you tried it? http://www.engines2go.com/ http://www.cheqsoft.com/ The home of Clipboard Express, MP3 Detective, TimesOwn and Break Reminder. ----- Original Message ----- From: "Erwin Craps" To: "Discussion of Hardware and Software issues" Sent: Tuesday, September 09, 2003 8:43 AM Subject: RE: [dba-Tech] I don't know what I don't know from whereissendingmessages usingmy e-mail address... Not only Sobig. All recent/new virusses are using that technique. -----Oorspronkelijk bericht----- Van: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] Namens Shamil Salakhetdinov Verzonden: maandag 8 september 2003 20:10 Aan: Discussion of Hardware and Software issues Onderwerp: Re: [dba-Tech] I don't know what I don't know from where issendingmessages usingmy e-mail address... Thanks Gary and all the others who anwered my message! All is clear now - this SoBig virus writer is a real devil... Shamil ----- Original Message ----- From: "Gary Kjos" To: Sent: Monday, September 08, 2003 9:55 PM Subject: Re: [dba-Tech] I don't know what I don't know from where is sendingmessages usingmy e-mail address... > Hi Shamil. > > Sobig virus uses E-Mail Spoofing - info belos is from the Symantec AV > site info on it.... > ----------- > http://securityresponse.symantec.com/avcenter/venc/data/w32.sobig.f at mm.h tml > ----------- > Email spoofing > W32.Sobig.F at mm uses a technique known as "spoofing," by which the worm > randomly selects an address it finds on an infected computer. The worm uses > this address as the "From" address when it performs its mass-mailing > routine. Numerous cases have been reported in which users of > uninfected computers received complaints that they sent an infected > message to another > individual. > > For example, Linda Anderson is using a computer infected with > W32.Sobig.F at mm. Linda is neither using an antivirus program nor has > the current virus definitions. When W32.Sobig.F at mm performs its email > routine, it finds the email address of Harold Logan. The worm inserts > Harold's email > address into the "From" portion of an infected message, which it then sends > to Janet Bishop. Then, Janet contacts Harold and complains that he > sent her > an infected message; however, when Harold scans his computer, Norton > AntiVirus does not find anything, because his computer is not > infected. > > -------- > > So Shamil, someone who has you on their contact list is infected and > is sending the message pretending to be you..... > > Gary Kjos > garykjos at hotmail.com > > > > > > >From: "Shamil Salakhetdinov" > >Reply-To: Discussion of Hardware and Software > >issues > >To: "dba - Tech" > >Subject: [dba-Tech] I don't know what I don't know from where is > >sending messages usingmy e-mail address... > >Date: Mon, 8 Sep 2003 21:34:15 +0400 > > > >Hi All, > > > >Have you ever seen a message returned to your mailbox, having your > >e-mail address in From field, which you didn't send? (see example in > >P.S.) This doesn't seem to be a virus running on my PC - my PC is > >scanned periodically using NAV with latest updates. And the > >recipients e-mail addresses of such messages aren't written in my > >address book, and even MS Outlook Express version I use is different! > > > >What is this? A virus NAV missing while scanning my PC? Or...? Could > >you please advice? > > > >This looks very much like SOBIG virus but I don't have it on my PC! > > > >So much confused, > >TIA for any info, > >Shamil > > > >P.S. Strange messages header: > > > >Return-path: > >Received: from conversion-daemon.mailgw2.cityu.edu.hk by > >mailgw2.cityu.edu.hk > > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > > id <0HKW00601M6XOB at mailgw2.cityu.edu.hk> > > (original mail from shamil at smsconsulting.spb.ru); Tue, > > 9 Sep 2003 01:11:56 +0800 (CST) > >Received: from USER-VJCG7U5W26 (171-043.onebb.com [202.180.171.43]) > > by mailgw2.cityu.edu.hk > > (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) > > with ESMTP id <0HKW007I6N4417 at mailgw2.cityu.edu.hk> for > > college.office at cityu.edu.hk; Tue, 09 Sep 2003 00:57:47 +0800 (CST) > >Date: Tue, 09 Sep 2003 01:28:39 +0800 > >From: shamil at smsconsulting.spb.ru > >Subject: Thank you! > >To: college.office at cityu.edu.hk > >Message-id: <0HKW007I7N4417 at mailgw2.cityu.edu.hk> > >MIME-version: 1.0 > >X-Mailer: Microsoft Outlook Express 6.00.2600.0000 > >Content-type: multipart/mixed; > >boundary="Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg)" > >Importance: Normal > >X-Priority: 3 (Normal) > >X-MSMail-priority: Normal > >X-MailScanner: Found to be clean > > > >This is a multipart message in MIME format > > > >--Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > >Content-type: text/plain; charset=iso-8859-1 > >Content-transfer-encoding: 7BIT > > > >See the attached file for details > > > >--Boundary_(ID_5Tw3yk+UVcZTNnkh000UIg) > >Content-type: text/plain; Name=UnsafeFile.txt > >Content-transfer-encoding: 7BIT > >Content-disposition: inline > >Content-description: Unsafe file movie0045.pif is removed! > > > >********* UNSAFE FILE REMOVED! ********* > > > >The system has removed the following unsafe file from this mail: > > > >* Name of the file being removed: movie0045.pif > > > >Postmaster (Mail Administrator), > >City University of Hong Kong > >Email: postmaster at cityu.edu.hk > > > >(Reference number: 20030909_011156_13779) > >******************************************** > > > > > >-- > >e-mail: shamil at smsconsulting.spb.ru > >http://smsconsulting.spb.ru/shamil_s > > > >_______________________________________________ > >dba-Tech mailing list > >dba-Tech at databaseadvisors.com > >http://databaseadvisors.com/mailman/listinfo/dba-tech > >Website: http://www.databaseadvisors.com > > _________________________________________________________________ > Fast, faster, fastest: Upgrade to Cable or DSL today! > https://broadband.msn.com > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From john at winhaven.net Tue Sep 16 12:00:14 2003 From: john at winhaven.net (John B.) Date: Tue, 16 Sep 2003 12:00:14 -0500 Subject: [dba-Tech] RE: [AccessD] OT: Today's GIS In-Reply-To: Message-ID: ESRI products can use many RDBMSs with the aid of ArcSDE, Oracle being one of them. They make a big deal out of partnering with Oracle but without SDE you cannot fully utilize Oracle's Inherit Spatial Technology and even then it's problematic. Intergraph on the other hand can fully utilize Oracle Spatial. Any application that recognises the Oracle Spatial type can benefit from the addition of Radius Topology. Basically it's an addition to the relational model that allows the storage, interpretation and retrieval of spatial elements directly in the DB. The main reason this is beneficial is speed and having your data in an open environment. OpenGIS is a concept that has not quite been realized yet because one of the two biggest players in the filed does not want it to be fully open. They are "protecting their customer base through proprietary formats" was a comment the owner once made. I think we all know what that really means. And to their credit they have recently implemented some widely accepted standards such as VBA. Not a big deal in the ESRI world because they have Spatial Data Engine(SDE) that they use as a good between for supported RDBMSs. Essentially does the same thing, you just need to buy it too :o) I'm posting this thread to DBATech too (for futher discussion if needed). :o) > -----Original Message----- > From: accessd-bounces at databaseadvisors.com > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Charlotte > Foust > Sent: Tuesday, September 16, 2003 10:41 AM > To: Access Developers discussion and problem solving > Subject: RE: [AccessD] OT: Today's GIS > > > I thought Oracle was the RDBMS of choice for ESRI. > > Charlotte Foust > > -----Original Message----- > From: John B. [mailto:john at winhaven.net] > Sent: Tuesday, September 16, 2003 5:18 AM > To: Access Developers discussion and problem solving > Subject: RE: [AccessD] OT: Today's GIS > > > :o) > > Yes, when they made the move to Arc8, which basically wants you to use a > RDBMS for data storage rather than the "Info" flat file system used > previously, most of the users rebelled. I would estimate that in > Wisconsin (ArcInfo is the State mandated standard) that no one moved to > using a RDBMS for over a yer and we're probably up to about 20% doing > it. Hard to change almost 20 years of engrained habit. > > The really nice thing is that the ESRI line VBA capable and they are > promoting the use of VBA instead of their own Macro languages. > > BTW for those of you who don't know what GIS is - it's Geographic > Information System. Basically smart maps (and other graphics). Very > powerful environments that allow one to connect intelligent graphics > elements to information attributes that can be entered, edited and > recalled via the graphics (and via queries). These graphic elements > "know" about themselves and where they fit in the world. Queries can be > attribute queries, spatial queries or a combination of both. On this > list we all know attribute queries. A spatial query would be something > Show me all of the residential areas that are adjacent to a water > feature. A combination query would be one that uses the graphics > elements and attribute information that has no graphic element such as > "phone number". One such as Marty described, in laymen's terms: "let me > see all of the residential units that have changed phone service within > the last year". Cool stuff. > > > -----Original Message----- > > From: accessd-bounces at databaseadvisors.com > > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Haslett, > > Andrew > > Sent: Tuesday, September 16, 2003 2:14 AM > > To: 'Access Developers discussion and problem solving' > > Subject: RE: [AccessD] OT: Today's GIS > > > > > > Lets hope ESRI get everything working properly in their latest > > releases. > > ;=) > > > > -----Original Message----- > > From: Jim Lawrence (AccessD) [mailto:accessd at shaw.ca] > > Sent: Tuesday, 16 September 2003 4:07 PM > > To: Access Developers discussion and problem solving > > Subject: RE: [AccessD] Today's GIS (was Info: Free Windows Fortran 77 > > Compiler) > > > > > > There has been some major chances in GIS capabilities over the last > > twenty years. The new state art is ARCInfo. It is a full object > > oriented data and graphic package with an extensive set of tools that > > can link it into virtually any data sources and combine them > > together. It is fully programmable as well. Some pretty heady stuff. > > As you have observed, the GIS packages are much more than just a CAD > > program. > > > > I may eventually start working in GIS, again...one of these days...an > > old friend is now incharge of the local government services and has > > extended an offer. > > > > Still debating. > > > > Jim > > > > -----Original Message----- > > From: accessd-bounces at databaseadvisors.com > > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of > > MartyConnelly > > Sent: Monday, September 15, 2003 7:58 PM > > To: Access Developers discussion and problem solving > > Subject: Re: [AccessD] Today's GIS (was Info: Free Windows Fortran 77 > > Compiler) > > > > > > I took a GIS course, a couple of years back at U Vic to keep my hand > > in. It was all Unix MapSys. I am still surprised how many people > > don't think out of the box with GIS. I once had to find out how many > > people had moved in a year in a municipality surrounded by Ottawa. So > > > I did it with address matching and maps showing the actual moves; took > > > about a month to do. I came up with a figure of 30%. The urban > > planners started berating me about the figure being way too high. > > So I showed them the figures I got from Bell Canada. The number of > new > > residential phone connects in the year was 33% in that municipality. > At > > that time there were no cell phones. > > One phone call to Bell could have given them a ball park figure rather > > than using GIS. > > > > John B. wrote: > > > > >If you haven't worked in GIS for awhile I think you'de be pleasantly > > >surprised how far they've come. > > > > > >I was a GIS Project Manager in the late 90's just as Intergraph > > made a huge > > >switch in philosphy. They adapted Windows NT as their OS of choice > > >and jumped from Unix to NT, Eventually, after they migrated their > > >customer > > base, > > >they got out of the Unix OS(Clipper) business all together, although > > >they > > do > > >support using other OS based DBs via networks. > > > > > >There are basically two main companies involved in GIS now, > > >Intergraph (which is publicly held) and ESRI (which is privately > > >owned). Intergraph > > has > > >a lot of other companies using their technologies to target specfic > > >tasks/audiences. ESRI has a lot of companies writing add-ons or > > supplements > > >to their software. > > > > > >It's an amazing set of technologies! > > > > > > > > > > > >>-----Original Message----- > > >>From: accessd-bounces at databaseadvisors.com > > >>[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of > > >>MartyConnelly > > >>Sent: Sunday, September 14, 2003 10:02 PM > > >>To: Access Developers discussion and problem solving > > >>Subject: Re: [AccessD] Info: Free Windows Fortran 77 Compiler > > >> > > >> > > >>Cadastral from french cadastre meaning to register. Hence a Land > > >>registry system. > > >> > > >>However don't go near the Quebec Land Registry based on old > > >>Seigneurial land titles everything was measured in perches or some > > >>other obscure 17'th century measurement. > > >> > > >> Yup I worked on two GIS cadastral mapping systems linked to land > > >>assessment databases one in Ottawa with a Honeywell 6000 GCOS > > >>mainframe and one PDP 11/70 Intergraph system in Calgary. > > >> > > >>Gustav Brock wrote: > > >> > > >> > > >> > > >>>Hi Jim > > >>> > > >>>Sounds impressive. But cadastral? Even my trusted "American > > >>>Heritage Dictionary" (bought in Olympia 1986 for USD 4.95) had to > > >>>give up on this. Google, however, revealed this page among others: > > >>> > > >>> http://www.co.blm.gov/cadastral/cadhome.htm > > >>> > > >>>Is that what your project was about? > > >>> > > >>>/gustav > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>>>Wow, that dates things...I was pretty decent Fortran programmer > > >>>> > > >>>> > > >>back in the > > >> > > >> > > >>>>late seventies, early eighties...I build a complete cadastral > > >>>>AutoCAD application that translated coordinates from Clarke's 1886 > > >>>> > > >>>> > > >>global positional > > >> > > >> > > >>>>formula spheroid to conic and mecaider map projections, on an > > Intergraph > > >>>>system, running on an old PDP11-70 VAX. I was a lot brighter then > > >>>>and remember little about it except that one period missing in a > > >>>> > > >>>> > > >>the code could > > >> > > >> > > >>>>result in 100 plus pages of errors. I hope they have improved > > the error > > >>>>handling routines. > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>>>Thanks for the heads up Marty and maybe I will take a stroll > > down memory > > >>>>lane. (Even though it is a bit over-grown.) > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>>>Jim > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>>>-----Original Message----- > > >>>>From: accessd-bounces at databaseadvisors.com > > >>>>[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of > > MartyConnelly > > >>>>Sent: Saturday, September 13, 2003 5:09 PM > > >>>>To: Access Developers discussion and problem solving > > >>>>Subject: [AccessD] Info: Free Windows Fortran 77 Compiler > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>> > > >>>>I was looking at the Fortran95.Net compiler on this site when I > > >>>>came across this free for personal use Fortran 77 compiler. a bit > > >>>>dated but... Still useable with some of the good stat-math packs > > >>>>that are floating around on the net. > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>>>http://www.salfordsoftware.co.uk/compilers/ftn77pe/index.shtml > > >>>> > > >>>> > > >>>> > > >>>> > > >>>_______________________________________________ > > >>>AccessD mailing list > > >>>AccessD at databaseadvisors.com > > >>>http://databaseadvisors.com/mailman/listinfo/accessd > > >>>Website: http://www.databaseadvisors.com > > >>> > > >>> > > >>> > > >>> > > >>> > > >>_______________________________________________ > > >>AccessD mailing list > > >>AccessD at databaseadvisors.com > > >>http://databaseadvisors.com/mailman/listinfo/accessd > > >>Website: http://www.databaseadvisors.com > > >> > > >> > > >> > > >> > > > > > > > > >_______________________________________________ > > >AccessD mailing list > > >AccessD at databaseadvisors.com > > >http://databaseadvisors.com/mailman/listinfo/accessd > > >Website: http://www.databaseadvisors.com > > > > > > > > > > > > > > > _______________________________________________ > > AccessD mailing list > > AccessD at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/accessd > > Website: http://www.databaseadvisors.com > > > > _______________________________________________ > > AccessD mailing list > > AccessD at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/accessd > > Website: http://www.databaseadvisors.com > > > > IMPORTANT - PLEASE READ ******************** > > This email and any files transmitted with it are confidential and may > > contain information protected by law from disclosure. If you have > > received this message in error, please notify the sender immediately > > and delete this email from your system. No warranty is given that this > > > email or files, if attached to this email, are free from computer > > viruses or other defects. They are provided on the basis the user > > assumes all responsibility for loss, damage or consequence resulting > > directly or indirectly from their use, whether caused by the > > negligence of the sender or not. > > _______________________________________________ > > AccessD mailing list > > AccessD at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/accessd > > Website: http://www.databaseadvisors.com > > > > > > > _______________________________________________ > AccessD mailing list > AccessD at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/accessd > Website: http://www.databaseadvisors.com > _______________________________________________ > AccessD mailing list > AccessD at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/accessd > Website: http://www.databaseadvisors.com > > From john at winhaven.net Tue Sep 16 12:00:14 2003 From: john at winhaven.net (John B.) Date: Tue, 16 Sep 2003 12:00:14 -0500 Subject: [dba-Tech] RE: [AccessD] OT: Today's GIS In-Reply-To: Message-ID: ESRI products can use many RDBMSs with the aid of ArcSDE, Oracle being one of them. They make a big deal out of partnering with Oracle but without SDE you cannot fully utilize Oracle's Inherit Spatial Technology and even then it's problematic. Intergraph on the other hand can fully utilize Oracle Spatial. Any application that recognises the Oracle Spatial type can benefit from the addition of Radius Topology. Basically it's an addition to the relational model that allows the storage, interpretation and retrieval of spatial elements directly in the DB. The main reason this is beneficial is speed and having your data in an open environment. OpenGIS is a concept that has not quite been realized yet because one of the two biggest players in the filed does not want it to be fully open. They are "protecting their customer base through proprietary formats" was a comment the owner once made. I think we all know what that really means. And to their credit they have recently implemented some widely accepted standards such as VBA. Not a big deal in the ESRI world because they have Spatial Data Engine(SDE) that they use as a good between for supported RDBMSs. Essentially does the same thing, you just need to buy it too :o) I'm posting this thread to DBATech too (for futher discussion if needed). :o) > -----Original Message----- > From: accessd-bounces at databaseadvisors.com > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Charlotte > Foust > Sent: Tuesday, September 16, 2003 10:41 AM > To: Access Developers discussion and problem solving > Subject: RE: [AccessD] OT: Today's GIS > > > I thought Oracle was the RDBMS of choice for ESRI. > > Charlotte Foust > > -----Original Message----- > From: John B. [mailto:john at winhaven.net] > Sent: Tuesday, September 16, 2003 5:18 AM > To: Access Developers discussion and problem solving > Subject: RE: [AccessD] OT: Today's GIS > > > :o) > > Yes, when they made the move to Arc8, which basically wants you to use a > RDBMS for data storage rather than the "Info" flat file system used > previously, most of the users rebelled. I would estimate that in > Wisconsin (ArcInfo is the State mandated standard) that no one moved to > using a RDBMS for over a yer and we're probably up to about 20% doing > it. Hard to change almost 20 years of engrained habit. > > The really nice thing is that the ESRI line VBA capable and they are > promoting the use of VBA instead of their own Macro languages. > > BTW for those of you who don't know what GIS is - it's Geographic > Information System. Basically smart maps (and other graphics). Very > powerful environments that allow one to connect intelligent graphics > elements to information attributes that can be entered, edited and > recalled via the graphics (and via queries). These graphic elements > "know" about themselves and where they fit in the world. Queries can be > attribute queries, spatial queries or a combination of both. On this > list we all know attribute queries. A spatial query would be something > Show me all of the residential areas that are adjacent to a water > feature. A combination query would be one that uses the graphics > elements and attribute information that has no graphic element such as > "phone number". One such as Marty described, in laymen's terms: "let me > see all of the residential units that have changed phone service within > the last year". Cool stuff. > > > -----Original Message----- > > From: accessd-bounces at databaseadvisors.com > > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Haslett, > > Andrew > > Sent: Tuesday, September 16, 2003 2:14 AM > > To: 'Access Developers discussion and problem solving' > > Subject: RE: [AccessD] OT: Today's GIS > > > > > > Lets hope ESRI get everything working properly in their latest > > releases. > > ;=) > > > > -----Original Message----- > > From: Jim Lawrence (AccessD) [mailto:accessd at shaw.ca] > > Sent: Tuesday, 16 September 2003 4:07 PM > > To: Access Developers discussion and problem solving > > Subject: RE: [AccessD] Today's GIS (was Info: Free Windows Fortran 77 > > Compiler) > > > > > > There has been some major chances in GIS capabilities over the last > > twenty years. The new state art is ARCInfo. It is a full object > > oriented data and graphic package with an extensive set of tools that > > can link it into virtually any data sources and combine them > > together. It is fully programmable as well. Some pretty heady stuff. > > As you have observed, the GIS packages are much more than just a CAD > > program. > > > > I may eventually start working in GIS, again...one of these days...an > > old friend is now incharge of the local government services and has > > extended an offer. > > > > Still debating. > > > > Jim > > > > -----Original Message----- > > From: accessd-bounces at databaseadvisors.com > > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of > > MartyConnelly > > Sent: Monday, September 15, 2003 7:58 PM > > To: Access Developers discussion and problem solving > > Subject: Re: [AccessD] Today's GIS (was Info: Free Windows Fortran 77 > > Compiler) > > > > > > I took a GIS course, a couple of years back at U Vic to keep my hand > > in. It was all Unix MapSys. I am still surprised how many people > > don't think out of the box with GIS. I once had to find out how many > > people had moved in a year in a municipality surrounded by Ottawa. So > > > I did it with address matching and maps showing the actual moves; took > > > about a month to do. I came up with a figure of 30%. The urban > > planners started berating me about the figure being way too high. > > So I showed them the figures I got from Bell Canada. The number of > new > > residential phone connects in the year was 33% in that municipality. > At > > that time there were no cell phones. > > One phone call to Bell could have given them a ball park figure rather > > than using GIS. > > > > John B. wrote: > > > > >If you haven't worked in GIS for awhile I think you'de be pleasantly > > >surprised how far they've come. > > > > > >I was a GIS Project Manager in the late 90's just as Intergraph > > made a huge > > >switch in philosphy. They adapted Windows NT as their OS of choice > > >and jumped from Unix to NT, Eventually, after they migrated their > > >customer > > base, > > >they got out of the Unix OS(Clipper) business all together, although > > >they > > do > > >support using other OS based DBs via networks. > > > > > >There are basically two main companies involved in GIS now, > > >Intergraph (which is publicly held) and ESRI (which is privately > > >owned). Intergraph > > has > > >a lot of other companies using their technologies to target specfic > > >tasks/audiences. ESRI has a lot of companies writing add-ons or > > supplements > > >to their software. > > > > > >It's an amazing set of technologies! > > > > > > > > > > > >>-----Original Message----- > > >>From: accessd-bounces at databaseadvisors.com > > >>[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of > > >>MartyConnelly > > >>Sent: Sunday, September 14, 2003 10:02 PM > > >>To: Access Developers discussion and problem solving > > >>Subject: Re: [AccessD] Info: Free Windows Fortran 77 Compiler > > >> > > >> > > >>Cadastral from french cadastre meaning to register. Hence a Land > > >>registry system. > > >> > > >>However don't go near the Quebec Land Registry based on old > > >>Seigneurial land titles everything was measured in perches or some > > >>other obscure 17'th century measurement. > > >> > > >> Yup I worked on two GIS cadastral mapping systems linked to land > > >>assessment databases one in Ottawa with a Honeywell 6000 GCOS > > >>mainframe and one PDP 11/70 Intergraph system in Calgary. > > >> > > >>Gustav Brock wrote: > > >> > > >> > > >> > > >>>Hi Jim > > >>> > > >>>Sounds impressive. But cadastral? Even my trusted "American > > >>>Heritage Dictionary" (bought in Olympia 1986 for USD 4.95) had to > > >>>give up on this. Google, however, revealed this page among others: > > >>> > > >>> http://www.co.blm.gov/cadastral/cadhome.htm > > >>> > > >>>Is that what your project was about? > > >>> > > >>>/gustav > > >>> > > >>> > > >>> > > >>> > > >>> > > >>> > > >>>>Wow, that dates things...I was pretty decent Fortran programmer > > >>>> > > >>>> > > >>back in the > > >> > > >> > > >>>>late seventies, early eighties...I build a complete cadastral > > >>>>AutoCAD application that translated coordinates from Clarke's 1886 > > >>>> > > >>>> > > >>global positional > > >> > > >> > > >>>>formula spheroid to conic and mecaider map projections, on an > > Intergraph > > >>>>system, running on an old PDP11-70 VAX. I was a lot brighter then > > >>>>and remember little about it except that one period missing in a > > >>>> > > >>>> > > >>the code could > > >> > > >> > > >>>>result in 100 plus pages of errors. I hope they have improved > > the error > > >>>>handling routines. > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>>>Thanks for the heads up Marty and maybe I will take a stroll > > down memory > > >>>>lane. (Even though it is a bit over-grown.) > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>>>Jim > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>>>-----Original Message----- > > >>>>From: accessd-bounces at databaseadvisors.com > > >>>>[mailto:accessd-bounces at databaseadvisors.com]On Behalf Of > > MartyConnelly > > >>>>Sent: Saturday, September 13, 2003 5:09 PM > > >>>>To: Access Developers discussion and problem solving > > >>>>Subject: [AccessD] Info: Free Windows Fortran 77 Compiler > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>> > > >>>>I was looking at the Fortran95.Net compiler on this site when I > > >>>>came across this free for personal use Fortran 77 compiler. a bit > > >>>>dated but... Still useable with some of the good stat-math packs > > >>>>that are floating around on the net. > > >>>> > > >>>> > > >>>> > > >>>> > > >>> > > >>> > > >>> > > >>>>http://www.salfordsoftware.co.uk/compilers/ftn77pe/index.shtml > > >>>> > > >>>> > > >>>> > > >>>> > > >>>_______________________________________________ > > >>>AccessD mailing list > > >>>AccessD at databaseadvisors.com > > >>>http://databaseadvisors.com/mailman/listinfo/accessd > > >>>Website: http://www.databaseadvisors.com > > >>> > > >>> > > >>> > > >>> > > >>> > > >>_______________________________________________ > > >>AccessD mailing list > > >>AccessD at databaseadvisors.com > > >>http://databaseadvisors.com/mailman/listinfo/accessd > > >>Website: http://www.databaseadvisors.com > > >> > > >> > > >> > > >> > > > > > > > > >_______________________________________________ > > >AccessD mailing list > > >AccessD at databaseadvisors.com > > >http://databaseadvisors.com/mailman/listinfo/accessd > > >Website: http://www.databaseadvisors.com > > > > > > > > > > > > > > > _______________________________________________ > > AccessD mailing list > > AccessD at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/accessd > > Website: http://www.databaseadvisors.com > > > > _______________________________________________ > > AccessD mailing list > > AccessD at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/accessd > > Website: http://www.databaseadvisors.com > > > > IMPORTANT - PLEASE READ ******************** > > This email and any files transmitted with it are confidential and may > > contain information protected by law from disclosure. If you have > > received this message in error, please notify the sender immediately > > and delete this email from your system. No warranty is given that this > > > email or files, if attached to this email, are free from computer > > viruses or other defects. They are provided on the basis the user > > assumes all responsibility for loss, damage or consequence resulting > > directly or indirectly from their use, whether caused by the > > negligence of the sender or not. > > _______________________________________________ > > AccessD mailing list > > AccessD at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/accessd > > Website: http://www.databaseadvisors.com > > > > > > > _______________________________________________ > AccessD mailing list > AccessD at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/accessd > Website: http://www.databaseadvisors.com > _______________________________________________ > AccessD mailing list > AccessD at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/accessd > Website: http://www.databaseadvisors.com > > _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com From artful at rogers.com Tue Sep 16 15:49:21 2003 From: artful at rogers.com (Arthur Fuller) Date: Tue, 16 Sep 2003 13:49:21 -0700 Subject: [dba-Tech] Outlook: Switching among multiple accounts In-Reply-To: Message-ID: I set up two additional accounts today for very specific job-oriented purposes. now I cannot figure out how to make Outlook go to them. I sent a test message from artful to each and did send/receive, thinking maybe they would come home to me, but they didn't. What I'd like to do is switch identities while in Outlook, from Clark Kent to Superman, and get Superman's mail. I looked in the not-help which performed as expected. How do I do this? TIA, Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 From jcolby at colbyconsulting.com Tue Sep 16 12:52:53 2003 From: jcolby at colbyconsulting.com (John Colby) Date: Tue, 16 Sep 2003 13:52:53 -0400 Subject: [dba-Tech] Outlook: Switching among multiple accounts In-Reply-To: Message-ID: Arthur, I just have my email pull all the email from all the accounts. I then use rules to get the data from the specific people into subfolders. John W. Colby www.colbyconsulting.com -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Arthur Fuller Sent: Tuesday, September 16, 2003 4:49 PM To: Discussion of Hardware and Software issues Subject: [dba-Tech] Outlook: Switching among multiple accounts I set up two additional accounts today for very specific job-oriented purposes. now I cannot figure out how to make Outlook go to them. I sent a test message from artful to each and did send/receive, thinking maybe they would come home to me, but they didn't. What I'd like to do is switch identities while in Outlook, from Clark Kent to Superman, and get Superman's mail. I looked in the not-help which performed as expected. How do I do this? TIA, Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From my.lists at verizon.net Tue Sep 16 13:38:23 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Tue, 16 Sep 2003 11:38:23 -0700 Subject: [dba-Tech] Outlook: Switching among multiple accounts In-Reply-To: References: Message-ID: <3F67589F.7090505@verizon.net> I just use Thunderbird now http://texturizer.net/thunderbird/index.html to get my hotmail.com messages I use hotmail popper www.boolean.ca yes I know it's not MS, but it works soooooooo well :D -- -Francisco Firebird the browser that blows the competition away. Can you feel the fire? John Colby wrote: > Arthur, > > I just have my email pull all the email from all the accounts. I then use > rules to get the data from the specific people into subfolders. > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Arthur Fuller > Sent: Tuesday, September 16, 2003 4:49 PM > To: Discussion of Hardware and Software issues > Subject: [dba-Tech] Outlook: Switching among multiple accounts > > > I set up two additional accounts today for very specific job-oriented > purposes. now I cannot figure out how to make Outlook go to them. I sent a > test message from artful to each and did send/receive, thinking maybe they > would come home to me, but they didn't. What I'd like to do is switch > identities while in Outlook, from Clark Kent to Superman, and get Superman's > mail. I looked in the not-help which performed as expected. > > How do I do this? > > TIA, > Arthur From john at winhaven.net Tue Sep 16 13:45:19 2003 From: john at winhaven.net (John B.) Date: Tue, 16 Sep 2003 13:45:19 -0500 Subject: [dba-Tech] Outlook: Switching among multiple accounts In-Reply-To: Message-ID: Same here. I have multiple accounts and 21 rules as how to handle incoming mail, most of which just move messages to another folder. HTH John B. > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John Colby > Sent: Tuesday, September 16, 2003 12:53 PM > To: Discussion of Hardware and Software issues > Subject: RE: [dba-Tech] Outlook: Switching among multiple accounts > > > Arthur, > > I just have my email pull all the email from all the accounts. I then use > rules to get the data from the specific people into subfolders. > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Arthur Fuller > Sent: Tuesday, September 16, 2003 4:49 PM > To: Discussion of Hardware and Software issues > Subject: [dba-Tech] Outlook: Switching among multiple accounts > > > I set up two additional accounts today for very specific job-oriented > purposes. now I cannot figure out how to make Outlook go to them. I sent a > test message from artful to each and did send/receive, thinking maybe they > would come home to me, but they didn't. What I'd like to do is switch > identities while in Outlook, from Clark Kent to Superman, and get > Superman's > mail. I looked in the not-help which performed as expected. > > How do I do this? > > TIA, > Arthur > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > From dbatech at wolfwares.com Tue Sep 16 15:36:07 2003 From: dbatech at wolfwares.com (Drew Wutka) Date: Tue, 16 Sep 2003 15:36:07 -0500 Subject: [dba-Tech] Outlook: Switching among multiple accounts References: Message-ID: <003401c37c92$36a3f4d0$1500a8c0@marlow.com> I do the same thing, though a few weeks ago I switched from OE to Outlook 2000, and found that O2k has a 'new' rule that let's you set a rule for email from a specific 'account', versus a To/From issue. Like the DBA OT list is one email account for me, but the email comes back 'TO' DBA, not to my account, so instead of having to play with the rules a bit, I can now just set per account. Love it. Drew ----- Original Message ----- From: "John Colby" To: "Discussion of Hardware and Software issues" Sent: Tuesday, September 16, 2003 12:52 PM Subject: RE: [dba-Tech] Outlook: Switching among multiple accounts > Arthur, > > I just have my email pull all the email from all the accounts. I then use > rules to get the data from the specific people into subfolders. > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Arthur Fuller > Sent: Tuesday, September 16, 2003 4:49 PM > To: Discussion of Hardware and Software issues > Subject: [dba-Tech] Outlook: Switching among multiple accounts > > > I set up two additional accounts today for very specific job-oriented > purposes. now I cannot figure out how to make Outlook go to them. I sent a > test message from artful to each and did send/receive, thinking maybe they > would come home to me, but they didn't. What I'd like to do is switch > identities while in Outlook, from Clark Kent to Superman, and get Superman's > mail. I looked in the not-help which performed as expected. > > How do I do this? > > TIA, > Arthur > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > From kathryn at bassett.net Tue Sep 16 18:16:02 2003 From: kathryn at bassett.net (Kathryn Bassett) Date: Tue, 16 Sep 2003 16:16:02 -0700 Subject: [dba-Tech] Outlook rules Message-ID: I'm going nuts! I've made lots of rules for my email, usually based on subject line, but sometimes based on the sender's address. Well, I'm now on a new list and can't for the life of me get the rule to work. If I open the mail, the "from" has this entire bit: notify-return-kathryn=bassett.net at returns.groups.yahoo.com on behalf of PSPImaginarium-II Moderator [PSPImaginarium-II-owner at yahoogroups.com] I've tried making the rule based on the sender's address including PSPImaginarium, PSPImaginarium-II Moderator, PSPImaginarium-II-owner at yahoogroups.com - none works. I've looked at the headers for the 3 messages I've received so far, and they are as follows: Received: from n36.grp.scd.yahoo.com (n36.grp.scd.yahoo.com [66.218.66.104]) by imta09.mta.everyone.net (Postfix) with SMTP id 31B4ABC3A2 for ; Mon, 15 Sep 2003 20:15:45 -0700 (PDT) X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Received: from [66.218.67.137] by n36.grp.scd.yahoo.com with NNFMP; 16 Sep 2003 03:15:44 -0000 Date: 16 Sep 2003 03:15:42 -0000 Message-ID: <1063682142.4655.96635.w18 at yahoogroups.com> From: PSPImaginarium-II Moderator To: kathryn at bassett.net Subject: File - welcome.txt MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com n25.grp.scd.yahoo.com (n25.grp.scd.yahoo.com [66.218.66.81]) by imta12.mta.everyone.net (Postfix) with SMTP id 605F4A587E for ; Mon, 15 Sep 2003 20:15:44 -0700 (PDT) X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Received: from [66.218.67.137] by n25.grp.scd.yahoo.com with NNFMP; 16 Sep 2003 03:15:44 -0000 Date: 16 Sep 2003 03:15:42 -0000 Message-ID: <1063682142.4651.96635.w18 at yahoogroups.com> From: PSPImaginarium-II Moderator To: kathryn at bassett.net Subject: File - Expectations MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Received: from n23.grp.scd.yahoo.com (n23.grp.scd.yahoo.com [66.218.66.79]) by imta02.mta.everyone.net (Postfix) with SMTP id 901E1509BF for ; Mon, 15 Sep 2003 20:15:44 -0700 (PDT) X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Received: from [66.218.67.137] by n23.grp.scd.yahoo.com with NNFMP; 16 Sep 2003 03:15:44 -0000 Date: 16 Sep 2003 03:15:42 -0000 Message-ID: <1063682142.4622.96635.w18 at yahoogroups.com> From: PSPImaginarium-II Moderator To: kathryn at bassett.net Subject: Welcome to PSPImaginarium-II MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Note that all 3 have Message-ID: <1063682142.4655.96635.w18 at yahoogroups.com>, so I tried using that address as the senders address too, but that didn't work either. (To test, I'm trying to "run now" on messages in inbox). I haven't wanted to try the X-eGroups return address because there is nothing there to specify which group it is, and I have several other yahoogroups. Unfortunately, they don't use a [shortcut] name in the subject line, so I can't do it that way. This series of "classes" will be lasting through my trip to SLC and I really need to filter into the Paint Shop Pro folder. Anybody have any ideas? -- Kathryn Rhinehart Bassett (Pasadena CA) "Genealogy is my bag" "GH is my soap" kathryn at bassett.net http://bassett.net From jcolby at colbyconsulting.com Tue Sep 16 18:31:29 2003 From: jcolby at colbyconsulting.com (John Colby) Date: Tue, 16 Sep 2003 19:31:29 -0400 Subject: [dba-Tech] Outlook rules In-Reply-To: Message-ID: Kathryn, One thing I've done is actually save the "from" as a contact in a special contact group. I then say "from" that contact in my book. That seems to work. I have a TON of these for various ezines I get. John W. Colby www.colbyconsulting.com -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Kathryn Bassett Sent: Tuesday, September 16, 2003 7:16 PM To: dba-tech at databaseadvisors.com Subject: [dba-Tech] Outlook rules I'm going nuts! I've made lots of rules for my email, usually based on subject line, but sometimes based on the sender's address. Well, I'm now on a new list and can't for the life of me get the rule to work. If I open the mail, the "from" has this entire bit: notify-return-kathryn=bassett.net at returns.groups.yahoo.com on behalf of PSPImaginarium-II Moderator [PSPImaginarium-II-owner at yahoogroups.com] I've tried making the rule based on the sender's address including PSPImaginarium, PSPImaginarium-II Moderator, PSPImaginarium-II-owner at yahoogroups.com - none works. I've looked at the headers for the 3 messages I've received so far, and they are as follows: Received: from n36.grp.scd.yahoo.com (n36.grp.scd.yahoo.com [66.218.66.104]) by imta09.mta.everyone.net (Postfix) with SMTP id 31B4ABC3A2 for ; Mon, 15 Sep 2003 20:15:45 -0700 (PDT) X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Received: from [66.218.67.137] by n36.grp.scd.yahoo.com with NNFMP; 16 Sep 2003 03:15:44 -0000 Date: 16 Sep 2003 03:15:42 -0000 Message-ID: <1063682142.4655.96635.w18 at yahoogroups.com> From: PSPImaginarium-II Moderator To: kathryn at bassett.net Subject: File - welcome.txt MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com n25.grp.scd.yahoo.com (n25.grp.scd.yahoo.com [66.218.66.81]) by imta12.mta.everyone.net (Postfix) with SMTP id 605F4A587E for ; Mon, 15 Sep 2003 20:15:44 -0700 (PDT) X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Received: from [66.218.67.137] by n25.grp.scd.yahoo.com with NNFMP; 16 Sep 2003 03:15:44 -0000 Date: 16 Sep 2003 03:15:42 -0000 Message-ID: <1063682142.4651.96635.w18 at yahoogroups.com> From: PSPImaginarium-II Moderator To: kathryn at bassett.net Subject: File - Expectations MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Received: from n23.grp.scd.yahoo.com (n23.grp.scd.yahoo.com [66.218.66.79]) by imta02.mta.everyone.net (Postfix) with SMTP id 901E1509BF for ; Mon, 15 Sep 2003 20:15:44 -0700 (PDT) X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Received: from [66.218.67.137] by n23.grp.scd.yahoo.com with NNFMP; 16 Sep 2003 03:15:44 -0000 Date: 16 Sep 2003 03:15:42 -0000 Message-ID: <1063682142.4622.96635.w18 at yahoogroups.com> From: PSPImaginarium-II Moderator To: kathryn at bassett.net Subject: Welcome to PSPImaginarium-II MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com Note that all 3 have Message-ID: <1063682142.4655.96635.w18 at yahoogroups.com>, so I tried using that address as the senders address too, but that didn't work either. (To test, I'm trying to "run now" on messages in inbox). I haven't wanted to try the X-eGroups return address because there is nothing there to specify which group it is, and I have several other yahoogroups. Unfortunately, they don't use a [shortcut] name in the subject line, so I can't do it that way. This series of "classes" will be lasting through my trip to SLC and I really need to filter into the Paint Shop Pro folder. Anybody have any ideas? -- Kathryn Rhinehart Bassett (Pasadena CA) "Genealogy is my bag" "GH is my soap" kathryn at bassett.net http://bassett.net _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From kathryn at bassett.net Tue Sep 16 20:21:43 2003 From: kathryn at bassett.net (Kathryn Bassett) Date: Tue, 16 Sep 2003 18:21:43 -0700 Subject: [dba-Tech] Outlook rules In-Reply-To: Message-ID: Yep, that's one of the things I tried, didn't work. Kathryn > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John Colby > Sent: 16 Sep 2003 4:31:PM > To: Discussion of Hardware and Software issues > Subject: RE: [dba-Tech] Outlook rules > > > Kathryn, > > One thing I've done is actually save the "from" as a contact in a special > contact group. I then say "from" that contact in my book. That seems to > work. I have a TON of these for various ezines I get. > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Kathryn > Bassett > Sent: Tuesday, September 16, 2003 7:16 PM > To: dba-tech at databaseadvisors.com > Subject: [dba-Tech] Outlook rules > > > I'm going nuts! I've made lots of rules for my email, usually based on > subject line, but sometimes based on the sender's address. Well, I'm now on > a new list and can't for the life of me get the rule to work. If I open the > mail, the "from" has this entire bit: > > notify-return-kathryn=bassett.net at returns.groups.yahoo.com on behalf of > PSPImaginarium-II Moderator [PSPImaginarium-II-owner at yahoogroups.com] > > I've tried making the rule based on the sender's address including > PSPImaginarium, PSPImaginarium-II Moderator, > PSPImaginarium-II-owner at yahoogroups.com - none works. I've looked at the > headers for the 3 messages I've received so far, and they are as follows: > > Received: from n36.grp.scd.yahoo.com (n36.grp.scd.yahoo.com [66.218.66.104]) > by imta09.mta.everyone.net (Postfix) with SMTP id 31B4ABC3A2 > for ; Mon, 15 Sep 2003 20:15:45 -0700 (PDT) > X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > Received: from [66.218.67.137] by n36.grp.scd.yahoo.com with NNFMP; 16 Sep > 2003 03:15:44 -0000 > Date: 16 Sep 2003 03:15:42 -0000 > Message-ID: <1063682142.4655.96635.w18 at yahoogroups.com> > From: PSPImaginarium-II Moderator > To: kathryn at bassett.net > Subject: File - welcome.txt > MIME-Version: 1.0 > Content-Type: text/plain > Content-Transfer-Encoding: 7bit > Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > > > n25.grp.scd.yahoo.com (n25.grp.scd.yahoo.com [66.218.66.81]) > by imta12.mta.everyone.net (Postfix) with SMTP id 605F4A587E > for ; Mon, 15 Sep 2003 20:15:44 -0700 (PDT) > X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > Received: from [66.218.67.137] by n25.grp.scd.yahoo.com with NNFMP; 16 Sep > 2003 03:15:44 -0000 > Date: 16 Sep 2003 03:15:42 -0000 > Message-ID: <1063682142.4651.96635.w18 at yahoogroups.com> > From: PSPImaginarium-II Moderator > To: kathryn at bassett.net > Subject: File - Expectations > MIME-Version: 1.0 > Content-Type: text/plain > Content-Transfer-Encoding: 7bit > Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > > > Received: from n23.grp.scd.yahoo.com (n23.grp.scd.yahoo.com [66.218.66.79]) > by imta02.mta.everyone.net (Postfix) with SMTP id 901E1509BF > for ; Mon, 15 Sep 2003 20:15:44 -0700 (PDT) > X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > Received: from [66.218.67.137] by n23.grp.scd.yahoo.com with NNFMP; 16 Sep > 2003 03:15:44 -0000 > Date: 16 Sep 2003 03:15:42 -0000 > Message-ID: <1063682142.4622.96635.w18 at yahoogroups.com> > From: PSPImaginarium-II Moderator > To: kathryn at bassett.net > Subject: Welcome to PSPImaginarium-II > MIME-Version: 1.0 > Content-Type: text/plain > Content-Transfer-Encoding: 7bit > Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > > > Note that all 3 have Message-ID: > <1063682142.4655.96635.w18 at yahoogroups.com>, so I tried using that address > as the senders address too, but that didn't work either. (To test, I'm > trying to "run now" on messages in inbox). I haven't wanted to try the > X-eGroups return address because there is nothing there to specify which > group it is, and I have several other yahoogroups. Unfortunately, they don't > use a [shortcut] name in the subject line, so I can't do it that way. This > series of "classes" will be lasting through my trip to SLC and I really need > to filter into the Paint Shop Pro folder. Anybody have any ideas? > > -- > Kathryn Rhinehart Bassett (Pasadena CA) > "Genealogy is my bag" "GH is my soap" > kathryn at bassett.net > http://bassett.net > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com From kathryn at bassett.net Tue Sep 16 20:22:45 2003 From: kathryn at bassett.net (Kathryn Bassett) Date: Tue, 16 Sep 2003 18:22:45 -0700 Subject: [dba-Tech] Outlook rules In-Reply-To: Message-ID: Yep, that's one of the things I tried, didn't work. Kathryn > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John Colby > Sent: 16 Sep 2003 4:31:PM > To: Discussion of Hardware and Software issues > Subject: RE: [dba-Tech] Outlook rules > > > Kathryn, > > One thing I've done is actually save the "from" as a contact in a special > contact group. I then say "from" that contact in my book. That seems to > work. I have a TON of these for various ezines I get. > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Kathryn > Bassett > Sent: Tuesday, September 16, 2003 7:16 PM > To: dba-tech at databaseadvisors.com > Subject: [dba-Tech] Outlook rules > > > I'm going nuts! I've made lots of rules for my email, usually based on > subject line, but sometimes based on the sender's address. Well, I'm now on > a new list and can't for the life of me get the rule to work. If I open the > mail, the "from" has this entire bit: > > notify-return-kathryn=bassett.net at returns.groups.yahoo.com on behalf of > PSPImaginarium-II Moderator [PSPImaginarium-II-owner at yahoogroups.com] > > I've tried making the rule based on the sender's address including > PSPImaginarium, PSPImaginarium-II Moderator, > PSPImaginarium-II-owner at yahoogroups.com - none works. I've looked at the > headers for the 3 messages I've received so far, and they are as follows: > > Received: from n36.grp.scd.yahoo.com (n36.grp.scd.yahoo.com [66.218.66.104]) > by imta09.mta.everyone.net (Postfix) with SMTP id 31B4ABC3A2 > for ; Mon, 15 Sep 2003 20:15:45 -0700 (PDT) > X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > Received: from [66.218.67.137] by n36.grp.scd.yahoo.com with NNFMP; 16 Sep > 2003 03:15:44 -0000 > Date: 16 Sep 2003 03:15:42 -0000 > Message-ID: <1063682142.4655.96635.w18 at yahoogroups.com> > From: PSPImaginarium-II Moderator > To: kathryn at bassett.net > Subject: File - welcome.txt > MIME-Version: 1.0 > Content-Type: text/plain > Content-Transfer-Encoding: 7bit > Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > > > n25.grp.scd.yahoo.com (n25.grp.scd.yahoo.com [66.218.66.81]) > by imta12.mta.everyone.net (Postfix) with SMTP id 605F4A587E > for ; Mon, 15 Sep 2003 20:15:44 -0700 (PDT) > X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > Received: from [66.218.67.137] by n25.grp.scd.yahoo.com with NNFMP; 16 Sep > 2003 03:15:44 -0000 > Date: 16 Sep 2003 03:15:42 -0000 > Message-ID: <1063682142.4651.96635.w18 at yahoogroups.com> > From: PSPImaginarium-II Moderator > To: kathryn at bassett.net > Subject: File - Expectations > MIME-Version: 1.0 > Content-Type: text/plain > Content-Transfer-Encoding: 7bit > Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > > > Received: from n23.grp.scd.yahoo.com (n23.grp.scd.yahoo.com [66.218.66.79]) > by imta02.mta.everyone.net (Postfix) with SMTP id 901E1509BF > for ; Mon, 15 Sep 2003 20:15:44 -0700 (PDT) > X-eGroups-Return: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > Received: from [66.218.67.137] by n23.grp.scd.yahoo.com with NNFMP; 16 Sep > 2003 03:15:44 -0000 > Date: 16 Sep 2003 03:15:42 -0000 > Message-ID: <1063682142.4622.96635.w18 at yahoogroups.com> > From: PSPImaginarium-II Moderator > To: kathryn at bassett.net > Subject: Welcome to PSPImaginarium-II > MIME-Version: 1.0 > Content-Type: text/plain > Content-Transfer-Encoding: 7bit > Sender: notify-return-kathryn=bassett.net at returns.groups.yahoo.com > > > Note that all 3 have Message-ID: > <1063682142.4655.96635.w18 at yahoogroups.com>, so I tried using that address > as the senders address too, but that didn't work either. (To test, I'm > trying to "run now" on messages in inbox). I haven't wanted to try the > X-eGroups return address because there is nothing there to specify which > group it is, and I have several other yahoogroups. Unfortunately, they don't > use a [shortcut] name in the subject line, so I can't do it that way. This > series of "classes" will be lasting through my trip to SLC and I really need > to filter into the Paint Shop Pro folder. Anybody have any ideas? > > -- > Kathryn Rhinehart Bassett (Pasadena CA) > "Genealogy is my bag" "GH is my soap" > kathryn at bassett.net > http://bassett.net > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com From artful at rogers.com Wed Sep 17 17:54:58 2003 From: artful at rogers.com (Arthur Fuller) Date: Wed, 17 Sep 2003 15:54:58 -0700 Subject: [dba-Tech] Outlook: Switching among multiple accounts In-Reply-To: Message-ID: I managed to figure it out and took exactly that approach. A. -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John Colby Sent: Tuesday, September 16, 2003 10:53 AM To: Discussion of Hardware and Software issues Subject: RE: [dba-Tech] Outlook: Switching among multiple accounts Arthur, I just have my email pull all the email from all the accounts. I then use rules to get the data from the specific people into subfolders. John W. Colby www.colbyconsulting.com -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Arthur Fuller Sent: Tuesday, September 16, 2003 4:49 PM To: Discussion of Hardware and Software issues Subject: [dba-Tech] Outlook: Switching among multiple accounts I set up two additional accounts today for very specific job-oriented purposes. now I cannot figure out how to make Outlook go to them. I sent a test message from artful to each and did send/receive, thinking maybe they would come home to me, but they didn't. What I'd like to do is switch identities while in Outlook, from Clark Kent to Superman, and get Superman's mail. I looked in the not-help which performed as expected. How do I do this? TIA, Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com --- Incoming mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 From tinanfields at torchlake.com Thu Sep 18 08:12:04 2003 From: tinanfields at torchlake.com (Tina Norris Fields) Date: Thu, 18 Sep 2003 09:12:04 -0400 Subject: [dba-Tech] Excel magic - automating chart data range creation Message-ID: <3F69AF24.6010404@torchlake.com> Hi, I have a client who takes voltage readings along pipelines and cables to monitor their health and performance. The data they get back gives them the station reading (feet), the position (GPS), and a voltage reading. The voltage is a sort of "response" voltage triggered by a sending device, which may be "on" or "off" depending on where in the cycle it is, and cycles may be of many different lengths, but should all be factors of 60 (as in seconcds per minute). The first need they had was to separate the readings into their "on" or "off" state. I worked out a user form to request the length of the cycle and whether the cycle started in "on" mode or in "off" mode. This information allowed me to build a lookup table and grab the readings from the combined column and put them in their appropriate columns. The next need was to chart the readings as curves on the same graph, leaving out the zero readings (interpolating the nulls in the curve). The data can come from many thousands of feet of readings. The charts should show readings for 1,000 feet per chart page. I have figured out how to get the total value of station readings and do a an integer division and a modulus division to determine how many pages of charts I need. Here's the part I haven't worked out: How do I code my VB to step through the station readings until it comes to the correct number for establishing the final reading in the range for the first chart? I keep thinking this should be easy, but I'm not getting it. Say, for example, my readings run from 1200 ft to 3700 ft. Clearly, I will need 3 charts. Okay, starting with the cell reading 1200, I need to step down the column until I find the cell reading 2200 approximately. (I've decided to make my 1,000 feet inclusive - so the last reading on chart 1 will be the first reading on chart 2.) Any ideas? Do I need to dynamically create another vertical lookup table? I would appreciate any thoughts on this. Thanks, Tina From artful at rogers.com Thu Sep 18 14:49:08 2003 From: artful at rogers.com (Arthur Fuller) Date: Thu, 18 Sep 2003 12:49:08 -0700 Subject: [dba-Tech] IEscrewup In-Reply-To: <3F69AF24.6010404@torchlake.com> Message-ID: Just to see what it would do, a couple of days ago I played with the IE content control. And now it seems I have forgotten the password -- bizarre, because I always use one of about 4 possibilities. I must have been having a senior moment, because I've tried all 4 and it's none of them. Would I get around this by reinstalling IE? Something tells me that's going to be easy, given MS's penchant for binding it very close to Windows. Ideas, anyone? Meanwhile I'm using Opera for the first time, and it's fast and sort of cool, but I can't find how to enable cookies. I've looked in the help and wandered around the menu, but I can't see it anywhere. Anyone know? TIA, Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 From artful at rogers.com Thu Sep 18 14:49:08 2003 From: artful at rogers.com (Arthur Fuller) Date: Thu, 18 Sep 2003 12:49:08 -0700 Subject: [dba-Tech] Outlook problem In-Reply-To: <3F69AF24.6010404@torchlake.com> Message-ID: I recently upgraded a friend from Outlook Express to Outlook. On first startup, Outlook found the Express data and imported everything perfectly. But there is one really irritating issue. Outlook frequently asks for the account password. It remembers the password because all I have to do is click OK and I'm in. There's a checkbox on the dialog that says "Remember password" or maybe "Save password", and I've clicked it several times, but the dialog keeps coming up again. It just came up about 4 times while he was writing an email message. Very irritating! What's wrong? Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 From kathryn at bassett.net Thu Sep 18 17:22:00 2003 From: kathryn at bassett.net (Kathryn Bassett) Date: Thu, 18 Sep 2003 15:22:00 -0700 Subject: [dba-Tech] Outlook problem In-Reply-To: Message-ID: I've had that happen when the cable is refreshing. I just exit Outlook and open it again. Once in a while, I'll have to reboot to make it quit. The other time it has happened, I've tried going in to the web based mail and can't get in there - like *they* are rebooting or something. I wait a few minutes til I can successfully download the mail, then it asking for the password will stop happening. Happens very rarely, and usually when I've made some sort of change. -- Kathryn Rhinehart Bassett (Pasadena CA) "Genealogy is my bag" "GH is my soap" kathryn at bassett.net http://bassett.net > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Arthur Fuller > Sent: 18 Sep 2003 12:49:PM > To: Discussion of Hardware and Software issues > Subject: [dba-Tech] Outlook problem > > > I recently upgraded a friend from Outlook Express to Outlook. On first > startup, Outlook found the Express data and imported everything perfectly. > But there is one really irritating issue. > > Outlook frequently asks for the account password. It remembers the password > because all I have to do is click OK and I'm in. There's a checkbox on the > dialog that says "Remember password" or maybe "Save password", and I've > clicked it several times, but the dialog keeps coming up again. It just came > up about 4 times while he was writing an email message. Very irritating! > > What's wrong? > > Arthur > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com From gustav at cactus.dk Fri Sep 19 03:59:13 2003 From: gustav at cactus.dk (Gustav Brock) Date: Fri, 19 Sep 2003 10:59:13 +0200 Subject: [dba-Tech] Opera cookies (was: IEscrewup) In-Reply-To: References: Message-ID: <497621328.20030919105913@cactus.dk> Hi Arthur Wouldn't that be Files, Settings, Privacy (next to the bottom of the settings' menu pane)? /gustav > Meanwhile I'm using Opera for the first time, and it's fast and sort of > cool, but I can't find how to enable cookies. I've looked in the help and > wandered around the menu, but I can't see it anywhere. From James at fcidms.com Fri Sep 19 07:52:22 2003 From: James at fcidms.com (James Barash) Date: Fri, 19 Sep 2003 08:52:22 -0400 Subject: [dba-Tech] Outlook problem In-Reply-To: Message-ID: Arthur, Is your friend using Dial-up access for his e-mail? I know Outlook will pop-up the password dialog when it cannot connect to the mail server, either because of connectivity problems or problems on the mail server. You might want to check how often Outlook is configured to check for new mail under Tools->Send/Receive Settings. James Barash -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Arthur Fuller Sent: Thursday, September 18, 2003 3:49 PM To: Discussion of Hardware and Software issues Subject: [dba-Tech] Outlook problem I recently upgraded a friend from Outlook Express to Outlook. On first startup, Outlook found the Express data and imported everything perfectly. But there is one really irritating issue. Outlook frequently asks for the account password. It remembers the password because all I have to do is click OK and I'm in. There's a checkbox on the dialog that says "Remember password" or maybe "Save password", and I've clicked it several times, but the dialog keeps coming up again. It just came up about 4 times while he was writing an email message. Very irritating! What's wrong? Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From Erwin.Craps at ithelps.be Fri Sep 19 08:00:17 2003 From: Erwin.Craps at ithelps.be (Erwin Craps) Date: Fri, 19 Sep 2003 15:00:17 +0200 Subject: [dba-Tech] Outlook problem Message-ID: Is that in a POP3/internet or EXCHANGE Server/local lan environment? -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of James Barash Sent: Friday, September 19, 2003 2:52 PM To: 'Discussion of Hardware and Software issues' Subject: RE: [dba-Tech] Outlook problem Arthur, Is your friend using Dial-up access for his e-mail? I know Outlook will pop-up the password dialog when it cannot connect to the mail server, either because of connectivity problems or problems on the mail server. You might want to check how often Outlook is configured to check for new mail under Tools->Send/Receive Settings. James Barash -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of Arthur Fuller Sent: Thursday, September 18, 2003 3:49 PM To: Discussion of Hardware and Software issues Subject: [dba-Tech] Outlook problem I recently upgraded a friend from Outlook Express to Outlook. On first startup, Outlook found the Express data and imported everything perfectly. But there is one really irritating issue. Outlook frequently asks for the account password. It remembers the password because all I have to do is click OK and I'm in. There's a checkbox on the dialog that says "Remember password" or maybe "Save password", and I've clicked it several times, but the dialog keeps coming up again. It just came up about 4 times while he was writing an email message. Very irritating! What's wrong? Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From my.lists at verizon.net Fri Sep 19 10:29:19 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Fri, 19 Sep 2003 08:29:19 -0700 Subject: [dba-Tech] IEscrewup In-Reply-To: References: Message-ID: <3F6B20CF.109@verizon.net> It's in preferences under a privacy menu or the like.... fwiw, if you're trying Opera, I highly recommend Mozilla Firebird (.61) build...it's lightning quick to load, it loads pages faster than Opera and has better compatibility.. :) this is the official site...so you can try it... http://texturizer.net/firebird/index.html and the latest optimized Builds... http://forums.mozillazine.org/viewtopic.php?t=25504 Arthur Fuller wrote: > Just to see what it would do, a couple of days ago I played with the IE > content control. And now it seems I have forgotten the password -- bizarre, > because I always use one of about 4 possibilities. I must have been having a > senior moment, because I've tried all 4 and it's none of them. > > Would I get around this by reinstalling IE? Something tells me that's going > to be easy, given MS's penchant for binding it very close to Windows. > > Ideas, anyone? > > Meanwhile I'm using Opera for the first time, and it's fast and sort of > cool, but I can't find how to enable cookies. I've looked in the help and > wandered around the menu, but I can't see it anywhere. > > Anyone know? > > TIA, > Arthur > -- -Francisco From my.lists at verizon.net Fri Sep 19 10:42:21 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Fri, 19 Sep 2003 08:42:21 -0700 Subject: [dba-Tech] Outlook problem In-Reply-To: References: Message-ID: <3F6B23DD.2000806@verizon.net> Use a different email client... why you would stab your friend in the back and move him to Outlook from OE is beyond me... amongst the available alternatives include Mozilla ThunderBird Eudora Pegasus (sp?) The Bat! (not free) Arthur Fuller wrote: > I recently upgraded a friend from Outlook Express to Outlook. On first > startup, Outlook found the Express data and imported everything perfectly. > But there is one really irritating issue. > > Outlook frequently asks for the account password. It remembers the password > because all I have to do is click OK and I'm in. There's a checkbox on the > dialog that says "Remember password" or maybe "Save password", and I've > clicked it several times, but the dialog keeps coming up again. It just came > up about 4 times while he was writing an email message. Very irritating! > > What's wrong? -- -Francisco From john at winhaven.net Fri Sep 19 10:39:28 2003 From: john at winhaven.net (John B.) Date: Fri, 19 Sep 2003 10:39:28 -0500 Subject: [dba-Tech] IEscrewup In-Reply-To: <3F6B20CF.109@verizon.net> Message-ID: Francisco, You seem to be pretty up on the open source and free stuff, do you have a free text editor that you can recommend? I really like EditPad and Boxer but they are pretty costly for text editors. John B. > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Francisco H > Tapia > Sent: Friday, September 19, 2003 10:29 AM > To: Discussion of Hardware and Software issues > Subject: Re: [dba-Tech] IEscrewup > > > It's in preferences under a privacy menu or the like.... fwiw, if you're > trying Opera, I highly recommend Mozilla Firebird (.61) build...it's > lightning quick to load, it loads pages faster than Opera and has better > compatibility.. :) > > this is the official site...so you can try it... > http://texturizer.net/firebird/index.html > > and the latest optimized Builds... > http://forums.mozillazine.org/viewtopic.php?t=25504 > > Arthur Fuller wrote: > > Just to see what it would do, a couple of days ago I played with the IE > > content control. And now it seems I have forgotten the password > -- bizarre, > > because I always use one of about 4 possibilities. I must have > been having a > > senior moment, because I've tried all 4 and it's none of them. > > > > Would I get around this by reinstalling IE? Something tells me > that's going > > to be easy, given MS's penchant for binding it very close to Windows. > > > > Ideas, anyone? > > > > Meanwhile I'm using Opera for the first time, and it's fast and sort of > > cool, but I can't find how to enable cookies. I've looked in > the help and > > wandered around the menu, but I can't see it anywhere. > > > > Anyone know? > > > > TIA, > > Arthur > > > > -- > -Francisco > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > From artful at rogers.com Fri Sep 19 19:44:45 2003 From: artful at rogers.com (Arthur Fuller) Date: Fri, 19 Sep 2003 17:44:45 -0700 Subject: [dba-Tech] Guiness World Record Search In-Reply-To: Message-ID: In a discussion today I cited a "fact" that I recalled from an unremembered source, that claimed that the world record for longest time underwater without breathing apparatus (and survival) was 23 minutes. My friend said she could beat that easily. I think both my recollection of the record and her claim are preposterous. I visited the Guiness site and was amazed at how awkward this engine is. I tried a dozen things to find this record, and couldn't come up with the right combination of words. I would like to know 2 records: 1. Longest time anyone has held his breath (and survived, with or without brain damage). 2. Longest time anyone has remained underwater without breathing apparatus (same provisos). Any URLs or search engine clause improvements to suggest? I tried: underwater records longest time underwater (bad choice, it returned submarine voyages etc.) etc. and found nothing. This conversation took place with a woman who claims to be able to remain underwater without apparatus for 15 minutes. I countered with a best estimate of 2 minutes. (In fact, since she's an occasional smoker, my realistic estimate is 1 minute, but she's gorgeous so I flattered her :-) Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 From djkr at msn.com Fri Sep 19 17:56:27 2003 From: djkr at msn.com (DJK(John) Robinson) Date: Fri, 19 Sep 2003 23:56:27 +0100 Subject: [dba-Tech] OT - Guiness World Record Search In-Reply-To: Message-ID: <062f01c37f01$4244b600$db00a8c0@dabsight> It may be that this is one of the records that Guiness has dropped - sensibly, like overeating records - exactly because of the brain damage thing in this case. I have some dim recollection of hearing of South Sea Island pearl divers, or some such, routinely eclipsing my own puny three minutes (long ago). Go on, challenge her! John > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Arthur Fuller > Sent: 20 September 2003 01:45 > To: Discussion of Hardware and Software issues > Cc: Andrew Parnell; Rick Griffin; Peter Brawley > Subject: [dba-Tech] Guiness World Record Search > > > In a discussion today I cited a "fact" that I recalled from > an unremembered source, that claimed that the world record > for longest time underwater without breathing apparatus (and > survival) was 23 minutes. My friend said she could beat that > easily. I think both my recollection of the record and her > claim are preposterous. I visited the Guiness site and was > amazed at how awkward this engine is. I tried a dozen things > to find this record, and couldn't come up with the right > combination of words. > > I would like to know 2 records: > > 1. Longest time anyone has held his breath (and survived, > with or without brain damage). > > 2. Longest time anyone has remained underwater without > breathing apparatus (same provisos). > > Any URLs or search engine clause improvements to suggest? I tried: > > underwater records > longest time underwater (bad choice, it returned submarine > voyages etc.) etc. > > and found nothing. > > This conversation took place with a woman who claims to be > able to remain underwater without apparatus for 15 minutes. I > countered with a best estimate of 2 minutes. (In fact, since > she's an occasional smoker, my realistic estimate is 1 > minute, but she's gorgeous so I flattered her :-) > > Arthur > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > Website: http://www.databaseadvisors.com > From jcolby at colbyconsulting.com Fri Sep 19 18:10:29 2003 From: jcolby at colbyconsulting.com (John Colby) Date: Fri, 19 Sep 2003 19:10:29 -0400 Subject: [dba-Tech] OT - Guiness World Record Search In-Reply-To: <062f01c37f01$4244b600$db00a8c0@dabsight> Message-ID: Arthur, 15 minutes would perhaps be realistic with meditation techniques used to slow down the body's metabolism. I know that yoga people can slow down their breathing but a huge factor by slowing down their heartbeat. I would search under meditation / metabolism. That kind of thing. Without doing that, I'm guessing the longest that a normal well conditioned person can hold their breath is somewhere around 4 minutes. I do know there are contests (in which people occasionally die) to see who can dive the deepest without air packs, the key being being in good shape and ability to hold your breath for long periods of time. However in these cases (AFAIK) the divers are not attempting to slow down their metabolism. http://www.ananova.com/news/story/sm_693561.html for a free dive record story - 160 meters / 3 minutes 35 seconds John W. Colby www.colbyconsulting.com -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of DJK(John) Robinson Sent: Friday, September 19, 2003 6:56 PM To: 'Discussion of Hardware and Software issues' Subject: RE: [dba-Tech] OT - Guiness World Record Search It may be that this is one of the records that Guiness has dropped - sensibly, like overeating records - exactly because of the brain damage thing in this case. I have some dim recollection of hearing of South Sea Island pearl divers, or some such, routinely eclipsing my own puny three minutes (long ago). Go on, challenge her! John > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com] On Behalf Of > Arthur Fuller > Sent: 20 September 2003 01:45 > To: Discussion of Hardware and Software issues > Cc: Andrew Parnell; Rick Griffin; Peter Brawley > Subject: [dba-Tech] Guiness World Record Search > > > In a discussion today I cited a "fact" that I recalled from > an unremembered source, that claimed that the world record > for longest time underwater without breathing apparatus (and > survival) was 23 minutes. My friend said she could beat that > easily. I think both my recollection of the record and her > claim are preposterous. I visited the Guiness site and was > amazed at how awkward this engine is. I tried a dozen things > to find this record, and couldn't come up with the right > combination of words. > > I would like to know 2 records: > > 1. Longest time anyone has held his breath (and survived, > with or without brain damage). > > 2. Longest time anyone has remained underwater without > breathing apparatus (same provisos). > > Any URLs or search engine clause improvements to suggest? I tried: > > underwater records > longest time underwater (bad choice, it returned submarine > voyages etc.) etc. > > and found nothing. > > This conversation took place with a woman who claims to be > able to remain underwater without apparatus for 15 minutes. I > countered with a best estimate of 2 minutes. (In fact, since > she's an occasional smoker, my realistic estimate is 1 > minute, but she's gorgeous so I flattered her :-) > > Arthur > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/d> ba-tech > > Website: http://www.databaseadvisors.com > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com From my.lists at verizon.net Fri Sep 19 18:54:09 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Fri, 19 Sep 2003 16:54:09 -0700 Subject: [dba-Tech] IEscrewup In-Reply-To: References: Message-ID: <3F6B9721.4080502@verizon.net> John, Thanks for that, I've actually gotten more and more tired of the errors that crop up in IE that I switched to Firebird on word of mouth from respected programmers... I also switched to Thunderbird because it's being handled in the same manner and so far I like the similar but different features compared to OE. both products have extremely stable releases, I've tested them on a P4 and Athlon chip (intel/amd-via respectively)... umm so to get back to your question... Text Editor? hmm I'm afraid I don't quite understand... do you mean for editing windows scripts and the like? I used to use a program called Serpent, but that was quite a while ago I liked it cuz it supported color codes to tell keywords appart from variables etc...Our local ASP/VBscript guy may be able to provide a better source for this tho.. .I'll bug him later today... John B. wrote: > Francisco, > You seem to be pretty up on the open source and free stuff, do you have a > free text editor that you can recommend? > I really like EditPad and Boxer but they are pretty costly for text editors. > > John B. > > >>-----Original Message----- >>From: dba-tech-bounces at databaseadvisors.com >>[mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Francisco H >>Tapia >>Sent: Friday, September 19, 2003 10:29 AM >>To: Discussion of Hardware and Software issues >>Subject: Re: [dba-Tech] IEscrewup >> >> >>It's in preferences under a privacy menu or the like.... fwiw, if you're >>trying Opera, I highly recommend Mozilla Firebird (.61) build...it's >>lightning quick to load, it loads pages faster than Opera and has better >>compatibility.. :) >> >>this is the official site...so you can try it... >>http://texturizer.net/firebird/index.html >> >>and the latest optimized Builds... >>http://forums.mozillazine.org/viewtopic.php?t=25504 >> >>Arthur Fuller wrote: >> >>>Just to see what it would do, a couple of days ago I played with the IE >>>content control. And now it seems I have forgotten the password >> >>-- bizarre, >> >>>because I always use one of about 4 possibilities. I must have >> >>been having a >> >>>senior moment, because I've tried all 4 and it's none of them. >>> >>>Would I get around this by reinstalling IE? Something tells me >> >>that's going >> >>>to be easy, given MS's penchant for binding it very close to Windows. >>> >>>Ideas, anyone? >>> >>>Meanwhile I'm using Opera for the first time, and it's fast and sort of >>>cool, but I can't find how to enable cookies. I've looked in >> >>the help and >> >>>wandered around the menu, but I can't see it anywhere. >>> >>>Anyone know? >>> >>>TIA, >>>Arthur >>> >> >>-- >>-Francisco -- -Francisco Faster than a three legged squirrel From stuart at lexacorp.com.pg Fri Sep 19 20:15:48 2003 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sat, 20 Sep 2003 11:15:48 +1000 Subject: [dba-Tech] IEscrewup In-Reply-To: References: <3F6B20CF.109@verizon.net> Message-ID: <3F6C36E4.28973.1BF765@localhost> On 19 Sep 2003 at 10:39, John B. wrote: > Francisco, > You seem to be pretty up on the open source and free stuff, do you have a > free text editor that you can recommend? > I really like EditPad and Boxer but they are pretty costly for text editors. > I like Notetab Lite from http://www.notetab.com/ You will find this and several others listed at http://www.pricelessware.org ("The best of the best in Windows ? Freeware, as determined by the readers of alt.comp.freeware" ) under "TEXT". It's a very good site for all sorts of freeware. -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support. From artful at rogers.com Sat Sep 20 10:14:24 2003 From: artful at rogers.com (Arthur Fuller) Date: Sat, 20 Sep 2003 08:14:24 -0700 Subject: [dba-Tech] Free Text Editor In-Reply-To: Message-ID: My favorite by far is NoteTab (www.notetab.com). There are free and "pro" versions. There are so many features it's amazing, but my favourites are that it can load dozens of files and whatever was open last time you closed the program will re-open next time. -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John B. Sent: Friday, September 19, 2003 8:39 AM To: Discussion of Hardware and Software issues Subject: RE: [dba-Tech] IEscrewup Francisco, You seem to be pretty up on the open source and free stuff, do you have a free text editor that you can recommend? I really like EditPad and Boxer but they are pretty costly for text editors. John B. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 From artful at rogers.com Sat Sep 20 10:14:24 2003 From: artful at rogers.com (Arthur Fuller) Date: Sat, 20 Sep 2003 08:14:24 -0700 Subject: [dba-Tech] IEscrewup and Outlook problem In-Reply-To: <3F6B9721.4080502@verizon.net> Message-ID: I managed to fix my problem with Internet Explorer. As for the Outlook problem of the dialog popping up again and again, turns out it was on the ISP's end not my friend's computer. Thanks for your suggestions, everyone. Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 From carbonnb at sympatico.ca Sat Sep 20 09:23:53 2003 From: carbonnb at sympatico.ca (Bryan Carbonnell) Date: Sat, 20 Sep 2003 10:23:53 -0400 Subject: Text Editors was RE: [dba-Tech] IEscrewup In-Reply-To: References: <3F6B20CF.109@verizon.net> Message-ID: <3F6C2AB9.29040.4C052F@localhost> On 19 Sep 2003 at 10:39, John B. wrote: > You seem to be pretty up on the open source and free stuff, do you > have a free text editor that you can recommend? I really like EditPad > and Boxer but they are pretty costly for text editors. My personal favourite is Programmers Notepad. http://www.pnotepad.org. It offers Syntax Highlighting for quite a few languages. VB, SQL, Perl, PHP, CSS, C/C++, and more. -- Bryan Carbonnell - carbonnb at sympatico.ca Warning: dates on calendar are closer than they appear. From john at winhaven.net Sat Sep 20 11:30:01 2003 From: john at winhaven.net (John B.) Date: Sat, 20 Sep 2003 11:30:01 -0500 Subject: [dba-Tech] Free Text Editor In-Reply-To: Message-ID: OK, Thanks for suggestions all. I think this is a personal preferences kind of program. I like EditPad Pro and Boxer because of the unlimited # and type of file opening capability. They will open almost anything. Also the compare files utility is great for detecting changes between two files. I also like the color syntax, etc. but the cost... Programmer's Notepad does many of those things and I generally liked it but I've have had some issues with it and it seems to be in limbo as far as being updated. So, I'm trying out NoteTab. I couldn't find Serpent. Stuart - thanks for the link to the Freeware site too! John > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Arthur Fuller > Sent: Saturday, September 20, 2003 10:14 AM > To: Discussion of Hardware and Software issues > Subject: [dba-Tech] Free Text Editor > > > My favorite by far is NoteTab (www.notetab.com). There are free and "pro" > versions. There are so many features it's amazing, but my favourites are > that it can load dozens of files and whatever was open last time > you closed > the program will re-open next time. > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John B. > Sent: Friday, September 19, 2003 8:39 AM > To: Discussion of Hardware and Software issues > Subject: RE: [dba-Tech] IEscrewup > > > Francisco, > You seem to be pretty up on the open source and free stuff, do you have a > free text editor that you can recommend? > I really like EditPad and Boxer but they are pretty costly for > text editors. > > John B. > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > From serbach at new.rr.com Sat Sep 20 11:59:42 2003 From: serbach at new.rr.com (Steven W. Erbach) Date: Sat, 20 Sep 2003 11:59:42 -0500 Subject: [dba-Tech] Free Text Editor References: Message-ID: <002601c37f99$2f816980$5d0ed018@W2k> I'll ditto Arthur's regard for NoteTab. I have the Pro version, but the free one is plenty snazzy. One of its best features is the macro library capability. The free version comes with an HTML Tag library and quite a few others. The Pro version has many more: an FTP library, a program launch library, and an emoticon library, to name just a few. The contents of the selected library are displayed to the left of the edit window and one simply double-clicks to insert the HTML tag, for instance, or to launch a program. Regards... `?.??.???`?.??.???`?-> Steve Erbach From artful at rogers.com Sat Sep 20 15:32:55 2003 From: artful at rogers.com (Arthur Fuller) Date: Sat, 20 Sep 2003 13:32:55 -0700 Subject: [dba-Tech] Free Text Editor In-Reply-To: Message-ID: One other thing about NoteTab that I forgot to mention. (It may not be relevant to you.) It can work easily with text files created on Linux or Unix. Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 From stuart at lexacorp.com.pg Sat Sep 20 18:03:52 2003 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sun, 21 Sep 2003 09:03:52 +1000 Subject: [dba-Tech] Free Text Editor In-Reply-To: References: Message-ID: <3F6D6978.26461.11D4B0@localhost> On 20 Sep 2003 at 13:32, Arthur Fuller wrote: > One other thing about NoteTab that I forgot to mention. (It may not be > relevant to you.) It can work easily with text files created on Linux or > Unix. > One of it's capabilites that I use a lot when web browsing is "Use as Pasterboard". Once you create/open a file and select this option, you can minimize Notepad and select/copy pieces off web pages etc. They are automagically appended to the Notepad file. ANother it's it's "column block" editting ability. Very useful for deleting/adding/moving/changing columns in space delimited files. -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support. From Jon.Tydda at alcontrol.co.uk Mon Sep 22 03:44:31 2003 From: Jon.Tydda at alcontrol.co.uk (Jon Tydda) Date: Mon, 22 Sep 2003 09:44:31 +0100 Subject: [dba-Tech] IEscrewup Message-ID: <87C856B802C3D511B69B0002A5CD10EA449A1E@ALCUXB> Star Office used to be free, don't know if it is now... Jon -----Original Message----- From: John B. [mailto:john at winhaven.net] Sent: 19 September 2003 16:39 To: Discussion of Hardware and Software issues Subject: RE: [dba-Tech] IEscrewup Francisco, You seem to be pretty up on the open source and free stuff, do you have a free text editor that you can recommend? I really like EditPad and Boxer but they are pretty costly for text editors. John B. > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Francisco H > Tapia > Sent: Friday, September 19, 2003 10:29 AM > To: Discussion of Hardware and Software issues > Subject: Re: [dba-Tech] IEscrewup > > > It's in preferences under a privacy menu or the like.... fwiw, if you're > trying Opera, I highly recommend Mozilla Firebird (.61) build...it's > lightning quick to load, it loads pages faster than Opera and has better > compatibility.. :) > > this is the official site...so you can try it... > http://texturizer.net/firebird/index.html > > and the latest optimized Builds... > http://forums.mozillazine.org/viewtopic.php?t=25504 > > Arthur Fuller wrote: > > Just to see what it would do, a couple of days ago I played with the IE > > content control. And now it seems I have forgotten the password > -- bizarre, > > because I always use one of about 4 possibilities. I must have > been having a > > senior moment, because I've tried all 4 and it's none of them. > > > > Would I get around this by reinstalling IE? Something tells me > that's going > > to be easy, given MS's penchant for binding it very close to Windows. > > > > Ideas, anyone? > > > > Meanwhile I'm using Opera for the first time, and it's fast and sort of > > cool, but I can't find how to enable cookies. I've looked in > the help and > > wandered around the menu, but I can't see it anywhere. > > > > Anyone know? > > > > TIA, > > Arthur > > > > -- > -Francisco > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > _______________________________________________ dba-Tech mailing list dba-Tech at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/dba-tech Website: http://www.databaseadvisors.com The information in this e-mail is confidential and may also be legally privileged. The contents are intended for recipient only and are subject to the legal notice available on request from : webmaster at alcontrol.co.uk ALcontrol Laboratories is a trading division of ALcontrol UK Limited. Registered Office: Templeborough House, Mill Close, Rotherham, S60 1BZ. Registered in England and Wales No 4057291 -------------- next part -------------- An HTML attachment was scrubbed... URL: From artful at rogers.com Mon Sep 22 09:26:15 2003 From: artful at rogers.com (Arthur Fuller) Date: Mon, 22 Sep 2003 07:26:15 -0700 Subject: [dba-Tech] CmdHere for Windows 2000 In-Reply-To: <87C856B802C3D511B69B0002A5CD10EA449A1E@ALCUXB> Message-ID: RE: [dba-Tech] IEscrewupCan anyone provide an URL to download CmdHere for Win2000? All I can find is the version for XP. TIA, Arthur --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 -------------- next part -------------- An HTML attachment was scrubbed... URL: From shamil at SMSConsulting.spb.ru Mon Sep 22 07:50:28 2003 From: shamil at SMSConsulting.spb.ru (Shamil Salakhetdinov) Date: Mon, 22 Sep 2003 16:50:28 +0400 Subject: [dba-Tech] Kodak EasyShare DX6340 Message-ID: <002201c38108$21cfe4e0$b501010a@PARIS> Hi All, Does anybody here owns/uses Kodak EasyShare DX6340? Looks like a good choice for an amateur photographer and not pricey? TIA for any info, Shamil -- e-mail: shamil at smsconsulting.spb.ru Web: http://smsconsulting.spb.ru/shamil_s From DBCfour at aol.com Mon Sep 22 08:23:36 2003 From: DBCfour at aol.com (DBCfour at aol.com) Date: Mon, 22 Sep 2003 09:23:36 EDT Subject: [dba-Tech] CmdHere for Windows 2000 Message-ID: <125.25c9e3eb.2ca051d8@aol.com> Will this work? This tip was submitted to the SearchWin2000 Tip Exchange by member John Scott. To create a context menu entry for "Command Prompt Here", you need only follow a few simple steps.First, copy the following text into notepad and save as "CmdHere.reg": Windows Registry Editor Version 5.00HKEY_CLASSES_ROOT\Directoryshell\CmdHere @="Command &Prompt Here" HKEY_CLASSES_ROOT\Directoryshell\CmdHere\command @="cmd.exe "%1"Right click on the 'CmdHere.reg' file and choose 'Merge.' You will now have 'Command Prompt Here' as a context menu entry in Explorer when you right click on a folder. If you prefer, you can always use regedit and create the keys and REG_SZ entries yourself. Enjoy! Donna In a message dated 9/22/2003 7:27:59 AM Eastern Standard Time, artful at rogers.com writes: > Can anyone provide an URL to download CmdHere for Win2000? All I can find > is the version for XP. > > TIA, > Arthur > -------------- next part -------------- An HTML attachment was scrubbed... URL: From garykjos at hotmail.com Mon Sep 22 08:41:05 2003 From: garykjos at hotmail.com (Gary Kjos) Date: Mon, 22 Sep 2003 08:41:05 -0500 Subject: [dba-Tech] Kodak EasyShare DX6340 Message-ID: Hi Shamil, I haven't tried the Easyshare 6340, but I have an earlier Kodak digital camera - a DC-260 - and it takes wonderful pictures. I've had it for 5 years and it has stood the test of time pretty well. There are two web sites I use for camera review info; http://www.dpreview.com/ http://www.steves-digicams.com/ The first site I linked has some info on it but not a full review. Didn't see it listed on the second. Gary Kjos garykjos at hotmail.com >From: "Shamil Salakhetdinov" >Reply-To: Discussion of Hardware and Software >issues >To: "dba - Tech" >Subject: [dba-Tech] Kodak EasyShare DX6340 >Date: Mon, 22 Sep 2003 16:50:28 +0400 > >Hi All, > >Does anybody here owns/uses Kodak EasyShare DX6340? >Looks like a good choice for an amateur photographer and not pricey? > >TIA for any info, >Shamil > >-- >e-mail: shamil at smsconsulting.spb.ru >Web: http://smsconsulting.spb.ru/shamil_s >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com _________________________________________________________________ High-speed Internet access as low as $29.95/month (depending on the local service providers in your area). Click here. https://broadband.msn.com From shamil at SMSConsulting.spb.ru Mon Sep 22 09:45:33 2003 From: shamil at SMSConsulting.spb.ru (Shamil Salakhetdinov) Date: Mon, 22 Sep 2003 18:45:33 +0400 Subject: [dba-Tech] Kodak EasyShare DX6340 References: Message-ID: <002001c38118$329af480$b501010a@PARIS> Gary, Thanks for you info on Kodak photocamera you use. In P.S. is the link and the info from the second site,which you referenced: http://www.steves-digicams.com/pr/kodak_02272003_dx6340.html Looks good enough for recommended price of USD329? Shamil P.S. Kodak EasyShare DX6340 Zoom Digital Camera Combines Advanced User Performance, Ease of Use and Value The Kodak EasyShare DX6340 zoom digital camera is designed and priced ideally for photographers who want to capture and share photos while enjoying a full range of advanced creative features. The camera has a professional quality Schneider-Kreuznach Variogon 4X optical zoom lens, which when combined with the large maximum aperture of f2.2 allows the camera to capture exceptionally sharp pictures even in extremely low light. In addition, the camera features an all-new high-speed precision auto-focus system, which allows focus lock in almost complete darkness. The system also provides exceptionally fast focus lock and has a flash range of almost 20 feet - performance rarely seen in cameras at this price level. With the stylish 3.1 megapixel (MP) DX6340 - the smallest 4X optical zoom camera on the market today - consumers can choose between simple point-and-shoot modes or from a host of advanced user modes including aperture and shutter priority. Print quality, up to 11"x14", shows exceptional performance when compared to most competitors in the same product class in internal Kodak benchmark testing. The DX6340 will debut in May at a suggested retail price of $329. The DX6340 produces clear pictures with exceptional color under any lighting condition thanks to Kodak's Color Science algorithms, which are designed to match the vivid colors of traditional photography. Kodak EasyShare DX6340 Zoom Digital Camera Features a.. 3.1 MP resolution (2048x1536 pixels) for great quality prints up to 11" x 14" b.. 4X optical f2.2-13 Schneider-Kreuznach Variogon Zoom lens (3.5X Advanced Digital Zoom available, total 14x Zoom) c.. 1.8" High Resolution Indoor/Outdoor LCD display, easily readable indoor/outdoor, even in direct sunlight d.. Multiple picture-taking modes: Portrait, Automatic, Close-up, Landscape, Sport, Night, Burst, Aperture Priority, Shutter priority e.. High speed, precision low light auto focus system, allows focus lock in almost total darkness. The system utilizes two sensors - a rapid external passive contrast sensor and a highly accurate TTL (through the lens) sensor to precisely define the subject. f.. On-camera "share" button for simple printing, e-mailing and organizing g.. Exceptional color quality under any lighting condition with Kodak color science inside h.. 16MB internal memory and MultiMediaCard/Secure Digital expansion slot for additional picture-taking, storing and sharing i.. Auto picture rotation for viewing on camera, personal computer or TV j.. "Capture always ready" capability lets users snap a picture in any camera function setting (e.g., review mode) k.. Three image-quality levels (3.1MP, 2.1MP, 1.1MP) l.. Flash range: wide - 0.5-5.9m (1.6-19.4ft); tele - 0.75-2.7m (2.5-8.9ft) @ ISO 200 m.. Continuous digital video with sound, limited only by the size of internal memory or memory card n.. Four flash modes: automatic, fill, red-eye and off o.. ISO equivalency auto and selectable (100, 200, 400) p.. Aperture: wide f/2.2-5.6; tele f/4.8-13 q.. Color, sepia, black-and-white modes r.. Storage for 32 e-mail addresses s.. Albuming to organize your pictures when you take them t.. White balance: auto, daylight, tungsten, fluorescent u.. Auto-exposure with matrix metering v.. Shutter speed 4-1/2000 second w.. 10 second self-timer x.. Dedicated delete, review and share buttons y.. Compatible with optional Kodak EasyShare camera dock 6000 and Kodak EasyShare printer dock 6000 Package Contents a.. Kodak EasyShare DX6340 Zoom Digital Camera b.. CRV3 lithium battery or equivalent c.. Video out cable d.. USB cable e.. Wrist strap f.. Kodak EasyShare Software CD g.. Documentation h.. Custom camera insert for optional Kodak EasyShare camera docks (Kodak EasyShare camera dock 6000 and Kodak EasyShare printer dock 6000) ----- Original Message ----- From: "Gary Kjos" To: Sent: Monday, September 22, 2003 5:41 PM Subject: Re: [dba-Tech] Kodak EasyShare DX6340 > Hi Shamil, > > I haven't tried the Easyshare 6340, but I have an earlier Kodak digital > camera - a DC-260 - and it takes wonderful pictures. I've had it for 5 years > and it has stood the test of time pretty well. > > There are two web sites I use for camera review info; > > http://www.dpreview.com/ > > http://www.steves-digicams.com/ > > The first site I linked has some info on it but not a full review. Didn't > see it listed on the second. > > Gary Kjos > garykjos at hotmail.com > > > > > > >From: "Shamil Salakhetdinov" > >Reply-To: Discussion of Hardware and Software > >issues > >To: "dba - Tech" > >Subject: [dba-Tech] Kodak EasyShare DX6340 > >Date: Mon, 22 Sep 2003 16:50:28 +0400 > > > >Hi All, > > > >Does anybody here owns/uses Kodak EasyShare DX6340? > >Looks like a good choice for an amateur photographer and not pricey? > > > >TIA for any info, > >Shamil > > > >-- > >e-mail: shamil at smsconsulting.spb.ru > >Web: http://smsconsulting.spb.ru/shamil_s > >_______________________________________________ > >dba-Tech mailing list > >dba-Tech at databaseadvisors.com > >http://databaseadvisors.com/mailman/listinfo/dba-tech > >Website: http://www.databaseadvisors.com > > _________________________________________________________________ > High-speed Internet access as low as $29.95/month (depending on the local > service providers in your area). Click here. https://broadband.msn.com > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From garykjos at hotmail.com Mon Sep 22 10:01:10 2003 From: garykjos at hotmail.com (Gary Kjos) Date: Mon, 22 Sep 2003 10:01:10 -0500 Subject: [dba-Tech] Kodak EasyShare DX6340 Message-ID: Yes, looks like an outstanding value. The reviews posted by owners of the camera on the dpreview.com site were mostly positive - I did see ONE kind of negative one out of the 12 or so I looked at - it happened to be the FIRST one I looked at though. The others were very complimentary about the camera. 4X Optical zoom is nice too. Gary Kjos garykjos at hotmail.com >From: "Shamil Salakhetdinov" >Reply-To: Discussion of Hardware and Software >issues >To: "Discussion of Hardware and Software >issues" >Subject: Re: [dba-Tech] Kodak EasyShare DX6340 >Date: Mon, 22 Sep 2003 18:45:33 +0400 > >Gary, > >Thanks for you info on Kodak photocamera you use. >In P.S. is the link and the info from the second site,which you referenced: > >http://www.steves-digicams.com/pr/kodak_02272003_dx6340.html > >Looks good enough for recommended price of USD329? > >Shamil > >P.S. > >Kodak EasyShare DX6340 Zoom Digital Camera Combines Advanced User >Performance, Ease of Use and Value >The Kodak EasyShare DX6340 zoom digital camera is designed and priced >ideally for photographers who want to capture and share photos while >enjoying a full range of advanced creative features. The camera has a >professional quality Schneider-Kreuznach Variogon 4X optical zoom lens, >which when combined with the large maximum aperture of f2.2 allows the >camera to capture exceptionally sharp pictures even in extremely low light. >In addition, the camera features an all-new high-speed precision auto-focus >system, which allows focus lock in almost complete darkness. The system >also provides exceptionally fast focus lock and has a flash range of almost >20 feet - performance rarely seen in cameras at this price level. > >With the stylish 3.1 megapixel (MP) DX6340 - the smallest 4X optical zoom >camera on the market today - consumers can choose between simple >point-and-shoot modes or from a host of advanced user modes including >aperture and shutter priority. Print quality, up to 11"x14", shows >exceptional performance when compared to most competitors in the same >product class in internal Kodak benchmark testing. The DX6340 will debut in >May at a suggested retail price of $329. > >The DX6340 produces clear pictures with exceptional color under any >lighting condition thanks to Kodak's Color Science algorithms, which are >designed to match the vivid colors of traditional photography. > >Kodak EasyShare DX6340 Zoom Digital Camera Features > > a.. 3.1 MP resolution (2048x1536 pixels) for great quality prints up to >11" x 14" > b.. 4X optical f2.2-13 Schneider-Kreuznach Variogon Zoom lens (3.5X >Advanced Digital Zoom available, total 14x Zoom) > c.. 1.8" High Resolution Indoor/Outdoor LCD display, easily readable >indoor/outdoor, even in direct sunlight > d.. Multiple picture-taking modes: Portrait, Automatic, Close-up, >Landscape, Sport, Night, Burst, Aperture Priority, Shutter priority > e.. High speed, precision low light auto focus system, allows focus lock >in almost total darkness. The system utilizes two sensors - a rapid >external passive contrast sensor and a highly accurate TTL (through the >lens) sensor to precisely define the subject. > f.. On-camera "share" button for simple printing, e-mailing and >organizing > g.. Exceptional color quality under any lighting condition with Kodak >color science inside > h.. 16MB internal memory and MultiMediaCard/Secure Digital expansion >slot for additional picture-taking, storing and sharing > i.. Auto picture rotation for viewing on camera, personal computer or TV > j.. "Capture always ready" capability lets users snap a picture in any >camera function setting (e.g., review mode) > k.. Three image-quality levels (3.1MP, 2.1MP, 1.1MP) > l.. Flash range: wide - 0.5-5.9m (1.6-19.4ft); tele - 0.75-2.7m >(2.5-8.9ft) @ ISO 200 > m.. Continuous digital video with sound, limited only by the size of >internal memory or memory card > n.. Four flash modes: automatic, fill, red-eye and off > o.. ISO equivalency auto and selectable (100, 200, 400) > p.. Aperture: wide f/2.2-5.6; tele f/4.8-13 > q.. Color, sepia, black-and-white modes > r.. Storage for 32 e-mail addresses > s.. Albuming to organize your pictures when you take them > t.. White balance: auto, daylight, tungsten, fluorescent > u.. Auto-exposure with matrix metering > v.. Shutter speed 4-1/2000 second > w.. 10 second self-timer > x.. Dedicated delete, review and share buttons > y.. Compatible with optional Kodak EasyShare camera dock 6000 and Kodak >EasyShare printer dock 6000 >Package Contents > a.. Kodak EasyShare DX6340 Zoom Digital Camera > b.. CRV3 lithium battery or equivalent > c.. Video out cable > d.. USB cable > e.. Wrist strap > f.. Kodak EasyShare Software CD > g.. Documentation > h.. Custom camera insert for optional Kodak EasyShare camera docks >(Kodak EasyShare camera dock 6000 and Kodak EasyShare printer dock 6000) > >----- Original Message ----- >From: "Gary Kjos" >To: >Sent: Monday, September 22, 2003 5:41 PM >Subject: Re: [dba-Tech] Kodak EasyShare DX6340 > > > > Hi Shamil, > > > > I haven't tried the Easyshare 6340, but I have an earlier Kodak digital > > camera - a DC-260 - and it takes wonderful pictures. I've had it for 5 >years > > and it has stood the test of time pretty well. > > > > There are two web sites I use for camera review info; > > > > http://www.dpreview.com/ > > > > http://www.steves-digicams.com/ > > > > The first site I linked has some info on it but not a full review. >Didn't > > see it listed on the second. > > > > Gary Kjos > > garykjos at hotmail.com > > > > > > > > > > > > >From: "Shamil Salakhetdinov" > > >Reply-To: Discussion of Hardware and Software > > >issues > > >To: "dba - Tech" > > >Subject: [dba-Tech] Kodak EasyShare DX6340 > > >Date: Mon, 22 Sep 2003 16:50:28 +0400 > > > > > >Hi All, > > > > > >Does anybody here owns/uses Kodak EasyShare DX6340? > > >Looks like a good choice for an amateur photographer and not pricey? > > > > > >TIA for any info, > > >Shamil > > > > > >-- > > >e-mail: shamil at smsconsulting.spb.ru > > >Web: http://smsconsulting.spb.ru/shamil_s > > >_______________________________________________ > > >dba-Tech mailing list > > >dba-Tech at databaseadvisors.com > > >http://databaseadvisors.com/mailman/listinfo/dba-tech > > >Website: http://www.databaseadvisors.com > > > > _________________________________________________________________ > > High-speed Internet access as low as $29.95/month (depending on the >local > > service providers in your area). Click here. https://broadband.msn.com > > > > _______________________________________________ > > dba-Tech mailing list > > dba-Tech at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/dba-tech > > Website: http://www.databaseadvisors.com >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com _________________________________________________________________ Frustrated with dial-up? Get high-speed for as low as $29.95/month (depending on the local service providers in your area). https://broadband.msn.com From kathryn at bassett.net Mon Sep 22 14:59:27 2003 From: kathryn at bassett.net (Kathryn Bassett) Date: Mon, 22 Sep 2003 12:59:27 -0700 Subject: [dba-Tech] Trusted sites problem In-Reply-To: Message-ID: Somewhere along the line of various patches, some setting has evidently also been "fixed". Here's the situation (other sites too, not just my bank). https://hb.chaffey.com/cgi-bin/mcw000.cgi?MCWSTART Just *going* there brings up Security Information (title bar) This page contains both secure and nonsecure items. Do you want to display the nonsecure items? Yes, no and More Info. More Info says: Downloading non-secure content from a secure Web site The Web site you are viewing is a secure site. It uses a security protocol such as SSL (Secure Sockets Layer) or PCT (Private Communications Technology) to secure the information you send and receive. When sites use a security protocol, information that you provide, such as your name or credit-card number, is encrypted so that other people can?t read it. However, this Web page also contains items that do not use this secure protocol. Given what you know about this Web site and your computer, you must decide whether to continue working with this site. If you do not feel confident about working with this site, click No. I click yes, and proceed to log in. That triggers the box again. Almost every thing I do on the site triggers it again. I never used to get this! The thing that I tried is Tools > Internet Options (IE6, BTW) then Security Tab. Internet and Local Intranet are both set for default. I've added the above url to the trusted sites. Still get asked that (though I haven't tried re-booting, do I have to?). Shouldn't there be something that asks me to put a checkmark if I don't want to get asked this again on the site? Something else? What am I missing? Why am I getting this dialog all of a sudden. It's driving me nuts! -- Kathryn Rhinehart Bassett (Pasadena CA) "Genealogy is my bag" "GH is my soap" kathryn at bassett.net http://bassett.net From MPorter at acsalaska.com Mon Sep 22 18:26:02 2003 From: MPorter at acsalaska.com (Porter, Mark) Date: Mon, 22 Sep 2003 15:26:02 -0800 Subject: [dba-Tech] Free Text Editor Message-ID: A little late for this discussion, but any discussion about text editors has to include Ultra Edit. It is about $30, but is probably the best $30 I've spent - even considering that there are free ones out there. > -----Original Message----- > From: Arthur Fuller [mailto:artful at rogers.com] > Sent: Saturday, September 20, 2003 7:14 AM > To: Discussion of Hardware and Software issues > Subject: [dba-Tech] Free Text Editor > > > My favorite by far is NoteTab (www.notetab.com). There are > free and "pro" > versions. There are so many features it's amazing, but my > favourites are > that it can load dozens of files and whatever was open last > time you closed > the program will re-open next time. > > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John B. > Sent: Friday, September 19, 2003 8:39 AM > To: Discussion of Hardware and Software issues > Subject: RE: [dba-Tech] IEscrewup > > > Francisco, > You seem to be pretty up on the open source and free stuff, > do you have a > free text editor that you can recommend? > I really like EditPad and Boxer but they are pretty costly > for text editors. > > John B. > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > This transmittal may contain confidential information intended solely for the addressee. If you are not the intended recipient, you are hereby notified that you have received this transmittal in error; any review, dissemination, distribution or copying of this transmittal is strictly prohibited. If you have received this communication in error, please notify us immediately by reply or by telephone (collect at 907-564-1000) and ask to speak with the message sender. In addition, please immediately delete this message and all attachments. Thank you. From john at winhaven.net Mon Sep 22 21:47:29 2003 From: john at winhaven.net (John B.) Date: Mon, 22 Sep 2003 21:47:29 -0500 Subject: [dba-Tech] Free Text Editor In-Reply-To: Message-ID: I've been trying different text editors since the '80s so I guess you're not too late on this! :o) I'll check it out too. Thanks, John > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Porter, Mark > Sent: Monday, September 22, 2003 6:26 PM > To: 'Discussion of Hardware and Software issues' > Subject: RE: [dba-Tech] Free Text Editor > > > A little late for this discussion, but any discussion about text > editors has > to include Ultra Edit. It is about $30, but is probably the best $30 I've > spent - even considering that there are free ones out there. > > > > -----Original Message----- > > From: Arthur Fuller [mailto:artful at rogers.com] > > Sent: Saturday, September 20, 2003 7:14 AM > > To: Discussion of Hardware and Software issues > > Subject: [dba-Tech] Free Text Editor > > > > > > My favorite by far is NoteTab (www.notetab.com). There are > > free and "pro" > > versions. There are so many features it's amazing, but my > > favourites are > > that it can load dozens of files and whatever was open last > > time you closed > > the program will re-open next time. > > > > -----Original Message----- > > From: dba-tech-bounces at databaseadvisors.com > > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John B. > > Sent: Friday, September 19, 2003 8:39 AM > > To: Discussion of Hardware and Software issues > > Subject: RE: [dba-Tech] IEscrewup > > > > > > Francisco, > > You seem to be pretty up on the open source and free stuff, > > do you have a > > free text editor that you can recommend? > > I really like EditPad and Boxer but they are pretty costly > > for text editors. > > > > John B. > > > > --- > > Outgoing mail is certified Virus Free. > > Checked by AVG anti-virus system (http://www.grisoft.com). > > Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 > > > > > > _______________________________________________ > > dba-Tech mailing list > > dba-Tech at databaseadvisors.com > > http://databaseadvisors.com/mailman/listinfo/dba-tech > > Website: http://www.databaseadvisors.com > > > > > This transmittal may contain confidential information intended solely for > the addressee. If you are not the intended recipient, you are hereby > notified that you have received this transmittal in error; any review, > dissemination, distribution or copying of this transmittal is strictly > prohibited. If you have received this communication in error, > please notify > us immediately by reply or by telephone (collect at 907-564-1000) > and ask to > speak with the message sender. In addition, please immediately delete this > message and all attachments. Thank you. > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > From martyconnelly at shaw.ca Tue Sep 23 00:33:24 2003 From: martyconnelly at shaw.ca (MartyConnelly) Date: Mon, 22 Sep 2003 22:33:24 -0700 Subject: [dba-Tech] Free Text Editor References: Message-ID: <3F6FDB24.60201@shaw.ca> Here is a free one that is a bit unusual UniPad. If you need multilingual one. Displays about 52000 Unicode characters instantly without installing extra fonts , On-screen soft keyboard, Over 60 built-in keyboard layouts, Character map for easy selection of any Unicode character, Import / export of over 60 codepages, encodings,Unicode formats UTF-8, UTF-16, UTF-32, UTF-7, also useful for Unicode cut and paste on Win9x systems. http://www.unipad.org John B. wrote: >I've been trying different text editors since the '80s so I guess you're not >too late on this! > :o) > >I'll check it out too. > >Thanks, >John > > > >>-----Original Message----- >>From: dba-tech-bounces at databaseadvisors.com >>[mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Porter, Mark >>Sent: Monday, September 22, 2003 6:26 PM >>To: 'Discussion of Hardware and Software issues' >>Subject: RE: [dba-Tech] Free Text Editor >> >> >>A little late for this discussion, but any discussion about text >>editors has >>to include Ultra Edit. It is about $30, but is probably the best $30 I've >>spent - even considering that there are free ones out there. >> >> >> >> >>>-----Original Message----- >>>From: Arthur Fuller [mailto:artful at rogers.com] >>>Sent: Saturday, September 20, 2003 7:14 AM >>>To: Discussion of Hardware and Software issues >>>Subject: [dba-Tech] Free Text Editor >>> >>> >>>My favorite by far is NoteTab (www.notetab.com). There are >>>free and "pro" >>>versions. There are so many features it's amazing, but my >>>favourites are >>>that it can load dozens of files and whatever was open last >>>time you closed >>>the program will re-open next time. >>> >>>-----Original Message----- >>>From: dba-tech-bounces at databaseadvisors.com >>>[mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of John B. >>>Sent: Friday, September 19, 2003 8:39 AM >>>To: Discussion of Hardware and Software issues >>>Subject: RE: [dba-Tech] IEscrewup >>> >>> >>>Francisco, >>>You seem to be pretty up on the open source and free stuff, >>>do you have a >>>free text editor that you can recommend? >>>I really like EditPad and Boxer but they are pretty costly >>>for text editors. >>> >>>John B. >>> >>>--- >>>Outgoing mail is certified Virus Free. >>>Checked by AVG anti-virus system (http://www.grisoft.com). >>>Version: 6.0.510 / Virus Database: 307 - Release Date: 8/14/2003 >>> >>> >>>_______________________________________________ >>>dba-Tech mailing list >>>dba-Tech at databaseadvisors.com >>>http://databaseadvisors.com/mailman/listinfo/dba-tech >>>Website: http://www.databaseadvisors.com >>> >>> >>> >>This transmittal may contain confidential information intended solely for >>the addressee. If you are not the intended recipient, you are hereby >>notified that you have received this transmittal in error; any review, >>dissemination, distribution or copying of this transmittal is strictly >>prohibited. If you have received this communication in error, >>please notify >>us immediately by reply or by telephone (collect at 907-564-1000) >>and ask to >>speak with the message sender. In addition, please immediately delete this >>message and all attachments. Thank you. >>_______________________________________________ >>dba-Tech mailing list >>dba-Tech at databaseadvisors.com >>http://databaseadvisors.com/mailman/listinfo/dba-tech >>Website: http://www.databaseadvisors.com >> >> >> >> > > >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com > > > From gustav at cactus.dk Tue Sep 23 02:09:57 2003 From: gustav at cactus.dk (Gustav Brock) Date: Tue, 23 Sep 2003 09:09:57 +0200 Subject: [dba-Tech] Free Text Editor In-Reply-To: <3F6FDB24.60201@shaw.ca> References: <3F6FDB24.60201@shaw.ca> Message-ID: <811787460.20030923090957@cactus.dk> Hi Marty Are you working on fast and small projects only: "Editing is time limited and size limited. If you register you will be able to run UniPad in registered mode and this limit will be removed." /gustav > Date: 2003-09-23 07:33 > Here is a free one that is a bit unusual UniPad. If you need > multilingual one. > Displays about 52000 Unicode characters instantly without installing > extra fonts , On-screen soft keyboard, Over 60 built-in keyboard > layouts, Character map for easy selection of any Unicode character, > Import / export of over 60 codepages, encodings,Unicode formats UTF-8, > UTF-16, UTF-32, UTF-7, also useful for Unicode cut and paste on Win9x > systems. > http://www.unipad.org From serbach at new.rr.com Tue Sep 23 06:28:58 2003 From: serbach at new.rr.com (Steven W. Erbach) Date: Tue, 23 Sep 2003 06:28:58 -0500 Subject: [dba-Tech] Trusted sites problem References: Message-ID: <005001c381c5$e56640d0$1b06d018@W2k> Kathryn, I've started seeing those messages, too; most recently on a couple of sites asking for information so that I could register for site content. Not credit information, just name and address; but I couldn't imagine why I saw that message. I've been a good boy and installed critical updates to my Windows 2000 Pro w/s. Regards, Steve Erbach Neenah, WI "The press must learn that misguided use of a computer is no more amazing than drunk driving of an automobile." - Ken Thompson (co-inventor of UNIX), 1984 From kathryn at bassett.net Wed Sep 24 00:14:28 2003 From: kathryn at bassett.net (Kathryn Bassett) Date: Tue, 23 Sep 2003 22:14:28 -0700 Subject: [dba-Tech] Trusted sites problem In-Reply-To: <005001c381c5$e56640d0$1b06d018@W2k> Message-ID: Well, my bank said they recently did some security updates too, and they are aware of the message. They are going to check into it from their end as well. -- Kathryn Rhinehart Bassett (Pasadena CA) "Genealogy is my bag" "GH is my soap" kathryn at bassett.net http://bassett.net > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Steven W. > Erbach > Sent: 23 Sep 2003 4:29:AM > To: Discussion of Hardware and Software issues > Subject: Re: [dba-Tech] Trusted sites problem > > > Kathryn, > > I've started seeing those messages, too; most recently on a couple of sites > asking for information so that I could register for site content. Not credit > information, just name and address; but I couldn't imagine why I saw that > message. > > I've been a good boy and installed critical updates to my Windows 2000 Pro > w/s. > > Regards, > > Steve Erbach > Neenah, WI > > "The press must learn that misguided use of a computer is no more amazing > than drunk driving of an automobile." - Ken Thompson (co-inventor of UNIX), > 1984 > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com From Jon.Tydda at alcontrol.co.uk Wed Sep 24 04:04:37 2003 From: Jon.Tydda at alcontrol.co.uk (Jon Tydda) Date: Wed, 24 Sep 2003 10:04:37 +0100 Subject: [dba-Tech] Bruce Green of Death Message-ID: <87C856B802C3D511B69B0002A5CD10EA449A5A@ALCUXB> > http://www.theregister.co.uk/content/55/32969.html > Bruce Green of Death > By Tim Mullen, SecurityFocus > Posted: 23/09/2003 at 09:34 GMT > Opinion We spend money, increase administration, and take away > functionality. Is it any wonder that security people are so misunderstood, > asks SecurityFocus columnist Tim Mullen. > > A friend of mine from Japan has been in the States about ten years now. > Though her English vocabulary is better than many native speakers I know, > she still has a pretty thick accent; sometimes it is hard to understand > her cadence and structure-- particularly over the phone. > > A while back I gave her a call, and our chit-chat led into a discussion of > the Japanese version of Windows 2000, which allows her to switch back and > forth between languages-- in addition to lots of other cool stuff. We were > talking about how her Thinkpad had dual character sets on the keyboard > when the conversation shifted into problems she was having with some dude > named Bruce Green. > > I had never heard of him before, but let her continue... Apparently, this > guy would show up uninvited, and start messing with her. When she told me > that Bruce Green appeared late one night in the middle of her preparation > of a deliverable and caused her to actually lose something she had been > working on by his interruptions, my male instincts kicked in and I said > "Okay-- I don't know who this Bruce Green is, but you tell him that if he > keeps on messing with you, he'll have to deal with me!" > > "What?" she said in a surprised tone. > > "Bruce Green..." I said; "Who is he?" > > I had to pull the phone away from my ear because of the laughter. The > entire time, she had been saying "Blue Screen." > > I still laugh when I recall the conversation. I'm not making fun of the > way any person or group speaks. In fact, looking back, my misunderstanding > was analogous to the way clients, management, and even our own IT > counterparts deal with us as security people. > We are successful when our bosses wonder what it is we do all day. > Many times, when we go to management and present the need for firewalls, > gateway products, and patch management resources, they just hear, "I need > more money and budget allocation." We go to IT Administration and present > processes, topologies, and security configurations, and they hear, "We're > giving you more work to do and no accompanying pay increase for the > trouble." And we go to our clients and users with policies, best practices > and guidelines, and they hear, "Doing it this way is going to make it > harder to do your everyday job, and you won't really understand why." > > We spend money, increase administration, and take away functionality. > Sometimes, we are even perceived as the bad guys within our own > organizations. We are Bruce Green. > > To make matters worse, when it comes down to it, our success metric is > inactivity. If we really do our jobs, no one notices. There are no hacks, > no breeches, no worm infestations, no e-mail-borne viruses, nothing. > > We are successful when our bosses wonder what it is we do all day. > > Bad Thursdays > The recent slue of worms and viruses should be your redemption whether you > got hit or not. Blaster and its variants, SoBig, and even this lame > Microsoft Advisory "Swen" virus that's going around should give you the > ammo to ensure that Corporate gives you the tools you need to meet what I > think is the biggest challenge we currently face for Microsoft > deployments: Patch Management. > > Over the past several weeks, we've seen many "Bad Thursdays." > > For those of you who have not been paying attention, Microsoft has been > releasing vulnerability announcements on Wednesdays. On Thursday morning > we come in and see just how bad the day -- or the rest of the week in some > cases -- is going to be. My shop is pretty small, but even so, the barrage > of patches has been difficult to deal with: RPC/DCOM. Office/VBA. RPC > Update. > > Just when you get through patching everything, it's time to patch again. > If you don't have an efficient method of analyzing released patches, > determining overall risk, packaging and deploying updates, and auditing > installation, then get one. The task of patch management is only going to > get worse, and at some point, we're going to get hit. > > Whether we choose to use Microsoft solutions like SUS or SMS, or turn to > companies like Shavlik for help, it is time we make our management, our > customers, or whatever group we report to understand that the investment > in Internet technologies does not end at the initial purchase-- we must > have a proactive management system in place to ensure that we can > adequately address the continued maintenance our systems and software > require, just as we do with other assets like copiers and vehicles. > > We're security people-- not salesmen. But it is time we make management > realize that we are not the Bruce Green they think we are, we are the ones > who keep things running in the face of adversity; we keep the fleet on the > road when everyone else is in a pile-up. > > A final note to the CEO's out there-- if it isn't already, security will > become the second most important thing to your company; right there behind > the product that makes you your money. Remember always that Silence is > Golden: if you want things to say quiet, then give us your gold. > > SecurityFocus columnist Timothy M. Mullen is CIO and Chief Software > Architect for AnchorIS.Com, a developer of secure, enterprise-based > accounting software. AnchorIS.Com also provides security consulting > services for a variety of companies, including Microsoft Corporation. > Jon The information in this e-mail is confidential and may also be legally privileged. The contents are intended for recipient only and are subject to the legal notice available on request from : webmaster at alcontrol.co.uk ALcontrol Laboratories is a trading division of ALcontrol UK Limited. Registered Office: Templeborough House, Mill Close, Rotherham, S60 1BZ. Registered in England and Wales No 4057291 -------------- next part -------------- An HTML attachment was scrubbed... URL: From martyconnelly at shaw.ca Wed Sep 24 12:54:29 2003 From: martyconnelly at shaw.ca (MartyConnelly) Date: Wed, 24 Sep 2003 10:54:29 -0700 Subject: [dba-Tech] Free Text Editor References: <3F6FDB24.60201@shaw.ca> <811787460.20030923090957@cactus.dk> Message-ID: <3F71DA55.4030007@shaw.ca> Ooops, I got a copy before they went commercial. It was free for a couple of years. It was handy for cut and paste into UTF-16 xml files on Win9x systems, otherwise the XML BOM was messed up. Gustav Brock wrote: >Hi Marty > >Are you working on fast and small projects only: > > "Editing is time limited and size limited. If you register you will be > able to run UniPad in registered mode and this limit will be > removed." > >/gustav > > > > >>Date: 2003-09-23 07:33 >> >> > > > >>Here is a free one that is a bit unusual UniPad. If you need >>multilingual one. >>Displays about 52000 Unicode characters instantly without installing >>extra fonts , On-screen soft keyboard, Over 60 built-in keyboard >>layouts, Character map for easy selection of any Unicode character, >>Import / export of over 60 codepages, encodings,Unicode formats UTF-8, >>UTF-16, UTF-32, UTF-7, also useful for Unicode cut and paste on Win9x >>systems. >>http://www.unipad.org >> >> > >_______________________________________________ >dba-Tech mailing list >dba-Tech at databaseadvisors.com >http://databaseadvisors.com/mailman/listinfo/dba-tech >Website: http://www.databaseadvisors.com > > > From stuart at lexacorp.com.pg Fri Sep 26 07:32:18 2003 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Fri, 26 Sep 2003 22:32:18 +1000 Subject: [dba-Tech] Reinstall OE In-Reply-To: <87C856B802C3D511B69B0002A5CD10EA449A5A@ALCUXB> Message-ID: <3F74BE72.7492.323093E@localhost> I've got a W2K Pro machine with users on Outlook Express. On starting OE, it says that there is a problem with loading the Address Book. It then displays messages in the preview window, but won't open full messages. Occassionally a window pops up saying that there is a problem with OE and to re-install it. Question - How the h*ll do you re-install OE in W2K without reinstalling the whole OS from scratch? (To compound the problem, it is a dual language version with a couple of Japanese users and I can't get the original CD used to instal this version - damned foreign fishing companies ) Of course, if I had my way, they'd dump OE and convert to Pegasus Mail :-) -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support. From DBCfour at aol.com Fri Sep 26 08:03:12 2003 From: DBCfour at aol.com (DBCfour at aol.com) Date: Fri, 26 Sep 2003 09:03:12 EDT Subject: [dba-Tech] Reinstall OE Message-ID: <126.3162c713.2ca59310@aol.com> OE is part of IE... Try repairing IE. Donna In a message dated 9/26/2003 8:32:07 AM Eastern Standard Time, stuart at lexacorp.com.pg writes: > Question - How the h*ll do you re-install OE in W2K without > reinstalling the whole OS from scratch? > > (To compound the problem, it is a dual language version with a couple > of Japanese users and I can't get the original CD used to instal this > version - damned foreign fishing companies ) > > Of course, if I had my way, they'd dump OE and convert to Pegasus > Mail :-) -------------- next part -------------- An HTML attachment was scrubbed... URL: From john at winhaven.net Fri Sep 26 10:07:58 2003 From: john at winhaven.net (John Bartow) Date: Fri, 26 Sep 2003 10:07:58 -0500 Subject: [dba-Tech] Reinstall OE In-Reply-To: <3F74BE72.7492.323093E@localhost> Message-ID: You might try removing it from the Add/Remove Windows Components section of the Control panel's Add/Remove Programs applet. IE and OE are such a mess that I'm not sure that will do it but it appears that it would. HTH John B. > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Stuart > McLachlan > Sent: Friday, September 26, 2003 7:32 AM > To: Discussion of Hardware and Software issues > Subject: [dba-Tech] Reinstall OE > > > I've got a W2K Pro machine with users on Outlook Express. > > On starting OE, it says that there is a problem with loading the > Address Book. It then displays messages in the preview window, but > won't open full messages. Occassionally a window pops up saying that > there is a problem with OE and to re-install it. > > Question - How the h*ll do you re-install OE in W2K without > reinstalling the whole OS from scratch? > > (To compound the problem, it is a dual language version with a couple > of Japanese users and I can't get the original CD used to instal this > version - damned foreign fishing companies ) > > Of course, if I had my way, they'd dump OE and convert to Pegasus > Mail :-) > > > > > > > > > > -- > Lexacorp Ltd > http://www.lexacorp.com.pg > Information Technology Consultancy, Software Development,System > Support. > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > From my.lists at verizon.net Fri Sep 26 11:17:29 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Fri, 26 Sep 2003 09:17:29 -0700 Subject: [dba-Tech] Re: [] ot: MS Photo editor only understands .tga files In-Reply-To: <825F1757FD951F4187941C8534FA50480F05C3@rcccserver.rcccadmin.org> References: <825F1757FD951F4187941C8534FA50480F05C3@rcccserver.rcccadmin.org> Message-ID: <3F746699.6040309@verizon.net> John & (others) I'm suggesting to move the thread to the dba-tech list just because it's more tech, and (fussing around than not) :) John, You may be right that all that registry cleaning and uninstalling probably caused this error, but life is not w/o hope... most of the time re-installing an application. Seeing you've done that already you can always reset they file type to it's default association, or... even better when trying to open up a .jpg or any other graphic file, 1) hold the shift key and right click, 2) choose Open With... 3) choose photoeditor and make sure you select the checkbox that says to always use this program... and You're done! let us know how that turned out. btw, I wouldn't at all be surprised given John's latest escapades w/ MS software if he didn't just dash it all and move to Linux / MySQL and PHP ;o) Dan Jeffery wrote: > John, > > Did you check file associations? It sounds to me that when you uninstalled your office programs, .jpg and others were probably re-associated with another program (check Internet Explorer) or completely un-associated. What kind of icon does a .jpg give you? > > > BTW - .tga is TrueVision Targa file type - often used because it stores the alpha channel. Here's a lead... > http://www.faqs.org/faqs/graphics/fileformats-faq/part3/section-146.html > > Dan > > > > > -----Original Message----- > From: John Colby [mailto:jcolby at colbyconsulting.com] > Sent: Friday, September 26, 2003 8:13 AM > To: Access Developers discussion and problem solving > Subject: RE: [AccessD] ot: MS Photo editor only understands .tga files > > > rotfl. What would I do if I stopped dicking around with my computer? > S > I ran into the OfficeXP/2K corruption problem again two days ago. I had > uninstalled SP3 for office2K to stop the stupidity of "someone's trying to > send email" messages. That allowed the corruption problem to creep back in. > Soo.... I uninstalled ALL of the office versions. Ran a slew of registry > cleaners (probably the source of THIS problem) and then reinstalled from > Office 97 forward, leaving officeXP off. > > And now photo editor only understands tga files. How weird is that? > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: accessd-bounces at databaseadvisors.com > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Francisco H > Tapia > Sent: Friday, September 26, 2003 2:42 AM > To: Access Developers discussion and problem solving > Subject: Re: [AccessD] ot: MS Photo editor only understands .tga files > > > John Colby wrote: > > >>For some reason photo editor suddenly doesn't understand jpeg, gif etc. > > and > >>what the (*&^%*&$ is a .tga? >> >>Anyone know how to tell photo editor what a jpeg is? >> >>Anyone know of any good free photo printing software? >> > > > John.... What the HECK are you doing over there? by your last rash of > PC problems I'd say you need to "STOP dicking around" with your pc and > pick up a good ol' Windows for Dummies book revised for your version of > windows of course ;o) > > > (is it friday yet?) > -- > -Francisco -- -Francisco From my.lists at verizon.net Fri Sep 26 11:17:29 2003 From: my.lists at verizon.net (Francisco H Tapia) Date: Fri, 26 Sep 2003 09:17:29 -0700 Subject: [dba-Tech] [AccessD] Re: [] ot: MS Photo editor only understands .tga files In-Reply-To: <825F1757FD951F4187941C8534FA50480F05C3@rcccserver.rcccadmin.org> References: <825F1757FD951F4187941C8534FA50480F05C3@rcccserver.rcccadmin.org> Message-ID: <3F746699.6040309@verizon.net> John & (others) I'm suggesting to move the thread to the dba-tech list just because it's more tech, and (fussing around than not) :) John, You may be right that all that registry cleaning and uninstalling probably caused this error, but life is not w/o hope... most of the time re-installing an application. Seeing you've done that already you can always reset they file type to it's default association, or... even better when trying to open up a .jpg or any other graphic file, 1) hold the shift key and right click, 2) choose Open With... 3) choose photoeditor and make sure you select the checkbox that says to always use this program... and You're done! let us know how that turned out. btw, I wouldn't at all be surprised given John's latest escapades w/ MS software if he didn't just dash it all and move to Linux / MySQL and PHP ;o) Dan Jeffery wrote: > John, > > Did you check file associations? It sounds to me that when you uninstalled your office programs, .jpg and others were probably re-associated with another program (check Internet Explorer) or completely un-associated. What kind of icon does a .jpg give you? > > > BTW - .tga is TrueVision Targa file type - often used because it stores the alpha channel. Here's a lead... > http://www.faqs.org/faqs/graphics/fileformats-faq/part3/section-146.html > > Dan > > > > > -----Original Message----- > From: John Colby [mailto:jcolby at colbyconsulting.com] > Sent: Friday, September 26, 2003 8:13 AM > To: Access Developers discussion and problem solving > Subject: RE: [AccessD] ot: MS Photo editor only understands .tga files > > > rotfl. What would I do if I stopped dicking around with my computer? > S > I ran into the OfficeXP/2K corruption problem again two days ago. I had > uninstalled SP3 for office2K to stop the stupidity of "someone's trying to > send email" messages. That allowed the corruption problem to creep back in. > Soo.... I uninstalled ALL of the office versions. Ran a slew of registry > cleaners (probably the source of THIS problem) and then reinstalled from > Office 97 forward, leaving officeXP off. > > And now photo editor only understands tga files. How weird is that? > > John W. Colby > www.colbyconsulting.com > > -----Original Message----- > From: accessd-bounces at databaseadvisors.com > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Francisco H > Tapia > Sent: Friday, September 26, 2003 2:42 AM > To: Access Developers discussion and problem solving > Subject: Re: [AccessD] ot: MS Photo editor only understands .tga files > > > John Colby wrote: > > >>For some reason photo editor suddenly doesn't understand jpeg, gif etc. > > and > >>what the (*&^%*&$ is a .tga? >> >>Anyone know how to tell photo editor what a jpeg is? >> >>Anyone know of any good free photo printing software? >> > > > John.... What the HECK are you doing over there? by your last rash of > PC problems I'd say you need to "STOP dicking around" with your pc and > pick up a good ol' Windows for Dummies book revised for your version of > windows of course ;o) > > > (is it friday yet?) > -- > -Francisco -- -Francisco _______________________________________________ AccessD mailing list AccessD at databaseadvisors.com http://databaseadvisors.com/mailman/listinfo/accessd Website: http://www.databaseadvisors.com From stuart at lexacorp.com.pg Fri Sep 26 14:28:02 2003 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sat, 27 Sep 2003 05:28:02 +1000 Subject: [dba-Tech] Reinstall OE In-Reply-To: References: <3F74BE72.7492.323093E@localhost> Message-ID: <3F751FE2.2067.13451B@localhost> On 26 Sep 2003 at 10:07, John Bartow wrote: > You might try removing it from the Add/Remove Windows Components section of > the Control panel's Add/Remove Programs applet. IE and OE are such a mess > that I'm not sure that will do it but it appears that it would. > The reason I asked is that OE is not in the Windows Components section. I assumed that was normal but I just checked my own W2k machine and it is there. So now the question is - how to I get OE to appear in the Windows Components of the machine in question? -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support. From stuart at lexacorp.com.pg Fri Sep 26 14:28:02 2003 From: stuart at lexacorp.com.pg (Stuart McLachlan) Date: Sat, 27 Sep 2003 05:28:02 +1000 Subject: [dba-Tech] Reinstall OE In-Reply-To: <126.3162c713.2ca59310@aol.com> Message-ID: <3F751FE2.14414.134543@localhost> On 26 Sep 2003 at 9:03, DBCfour at aol.com wrote: > > OE is part of IE... Try repairing IE. > > Donna > So it is! Thanks, I'll try that on Monday (t's 5:00 am Saturday here at the moment) -- Lexacorp Ltd http://www.lexacorp.com.pg Information Technology Consultancy, Software Development,System Support. From john at winhaven.net Fri Sep 26 14:54:09 2003 From: john at winhaven.net (John B.) Date: Fri, 26 Sep 2003 14:54:09 -0500 Subject: [dba-Tech] Reinstall OE In-Reply-To: <3F751FE2.2067.13451B@localhost> Message-ID: Stuart: I didn't see that you mentioned that. Oh well, it is "supposed" to be there. It intially gets installed as a windows componenet and updated whenever you update Internet Explorer - and also there are a few OE patches that update it seperately. I don't know if this will help (as I've only used for the Add/Remove list not the Windows Components list) but you might try viewing the sysoc.inf file to see if it has been marked as hidden. Add and remove optional features of Windows XP In Windows 2000 and Windows XP, for some reason, Microsoft has removed the ability to specify which Windows components you want to install during interactive setup, and when you go into Add/Remove Windows Components in the Control Panel, you still don't have the full list of applications and applets you can add and remove. To expand the list of applications you can remove from Windows XP after installation, navigate to \WINDOWS//inf and open the "sysoc.inf" file. This file will resemble the following: [Version] Signature = "$Windows NT$" DriverVer=06/26/2001,5.1.2505.0 [Components] Display=desk.cpl,DisplayOcSetupProc,,7 Fax=fxsocm.dll,FaxOcmSetupProc,fxsocm.inf,,7 NetOC=netoc.dll,NetOcSetupProc,netoc.inf,,7 ims=imsinsnt.dll,OcEntry,ims.inf,,7 msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7 The entries that include the text hide or HIDE will not show up in Add/Remove Windows Components by default. To fix this, do a global search and replace for ",hide" and change each instance of this to "," (a comma). Then, save the file, relaunch Add/Remove Windows Components and tweak the installed applications to your heart's content. Otherwise if the IE repair doesn't fix it I'm stumped. Best of luck, John B. > -----Original Message----- > From: dba-tech-bounces at databaseadvisors.com > [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Stuart > McLachlan > Sent: Friday, September 26, 2003 2:28 PM > To: Discussion of Hardware and Software issues > Subject: RE: [dba-Tech] Reinstall OE > > > On 26 Sep 2003 at 10:07, John Bartow wrote: > > > You might try removing it from the Add/Remove Windows > Components section of > > the Control panel's Add/Remove Programs applet. IE and OE are > such a mess > > that I'm not sure that will do it but it appears that it would. > > > > The reason I asked is that OE is not in the Windows Components > section. > > I assumed that was normal but I just checked my own W2k machine and > it is there. > > So now the question is - how to I get OE to appear in the Windows > Components of the machine in question? > > > > > -- > Lexacorp Ltd > http://www.lexacorp.com.pg > Information Technology Consultancy, Software Development,System > Support. > > > > _______________________________________________ > dba-Tech mailing list > dba-Tech at databaseadvisors.com > http://databaseadvisors.com/mailman/listinfo/dba-tech > Website: http://www.databaseadvisors.com > > From serbach at new.rr.com Mon Sep 29 19:38:19 2003 From: serbach at new.rr.com (Steven W. Erbach) Date: Mon, 29 Sep 2003 19:38:19 -0500 Subject: [dba-Tech] Windows group Message-ID: <000c01c386eb$2a8e9610$1b06d018@W2k> Dear Group, >From the tips I got here plus some searching on the Microsoft site and in Windows help I found that the NET USER /TIMES command does, indeed, allow the Windows 2000 and Windows XP Home/Professional administrator to set a range of valid login times for the users of a workstation. The user cannot login except during the valid time range. I see that in Windows 2000 there's the NET ACCOUNTS /FORCELOGOFF command. It sets the number of minutes that a logon-time-limited user has got before Windows will log him off the system. I tried it on my Windows 2000 Pro w/s after changing a user's account to limit login times...but no go. The end of the valid login time range came and went with not a peep from Windows. The Help says that the Net Logon service needs to be running for NET ACCOUNTS commands to work; but when I attempted to start the service it failed. The System log said that: "This Windows NT computer is configured as a member of a workgroup, not as a member of a domain. The Netlogon service does not need to run in this configuration." Our workstations are connected in a Novell NetWare LAN. I'm still looking for something like Novell NetWare's time limits for logins...but for Windows, not NetWare. Novell will disconnect the user from the network once the valid time range has been exceeded. Any ideas for a Windows discussion group like this one where I might get my question answered, or do you lot have any additional insights? Regards, Steve Erbach Scientific Marketing Neenah, WI "The press must learn that misguided use of a computer is no more amazing than drunk driving of an automobile." - Ken Thompson (co-inventor of UNIX), 1984 From gustav at cactus.dk Tue Sep 30 01:50:56 2003 From: gustav at cactus.dk (Gustav Brock) Date: Tue, 30 Sep 2003 08:50:56 +0200 Subject: [dba-Tech] Windows group In-Reply-To: <000c01c386eb$2a8e9610$1b06d018@W2k> References: <000c01c386eb$2a8e9610$1b06d018@W2k> Message-ID: <1061667487.20030930085056@cactus.dk> Hi Steven > Our workstations are connected in a Novell NetWare LAN. I'm still looking > for something like Novell NetWare's time limits for logins...but for > Windows, not NetWare. Novell will disconnect the user from the network once > the valid time range has been exceeded. > Any ideas for a Windows discussion group like this one where I might get my > question answered, or do you lot have any additional insights? Well, Novell eDirectory (NDS) is here: http://www.novell.com/products/edirectory and as for the system requirements: http://www.novell.com/products/edirectory/sysreqs.html it runs on NetWare, WinNT, Win2000, Linux, Solaris and AIX - but not on WinXP or Win9x. As a developer you can even get and supply it for free, though somewhat crippled as the user count is limited to 250.000: http://developer.novell.com/edirectory/redistribution/ By the way, the 5-user NetWare Small Business Server package is also available for free through most dealers. We use that with great success for small installations; get a low spec. discounted but brand new HP entry level server, and you are off. /gustav From jim.hale at fleetpride.com Tue Sep 30 12:18:27 2003 From: jim.hale at fleetpride.com (Hale, Jim) Date: Tue, 30 Sep 2003 12:18:27 -0500 Subject: [dba-Tech] Help! blue screen of death says registry corrupted Message-ID: <869379ABF177D4118D3100508B5EF873063951AB@corp-es00> My home computer gives me the blue screen of death informing me that the registry is corrupted. It won't boot in any mode although I get the windows load screen before it blue screens. I am running windows 2000 prof. How can I recover this puppy? Help! Don't ask about backups :-( Jim -------------- next part -------------- An HTML attachment was scrubbed... URL: From john at winhaven.net Tue Sep 30 12:27:17 2003 From: john at winhaven.net (John B.) Date: Tue, 30 Sep 2003 12:27:17 -0500 Subject: [dba-Tech] Help! blue screen of death says registry corrupted In-Reply-To: <869379ABF177D4118D3100508B5EF873063951AB@corp-es00> Message-ID: Help! blue screen of death says registry corruptedThe first thing to try is when you first boot up hold the space bar down - if your hardware is in good order - you should get the windows boot options menu. Its pretty obvious after that. Otherwise you'll need to to more drastic things, let us know how it goes. HTH John B. -----Original Message----- From: dba-tech-bounces at databaseadvisors.com [mailto:dba-tech-bounces at databaseadvisors.com]On Behalf Of Hale, Jim Sent: Tuesday, September 30, 2003 12:18 PM To: Dba-Tech (E-mail) Subject: [dba-Tech] Help! blue screen of death says registry corrupted My home computer gives me the blue screen of death informing me that the registry is corrupted. It won't boot in any mode although I get the windows load screen before it blue screens. I am running windows 2000 prof. How can I recover this puppy? Help! Don't ask about backups :-( Jim -------------- next part -------------- An HTML attachment was scrubbed... URL: From martyconnelly at shaw.ca Tue Sep 30 14:23:36 2003 From: martyconnelly at shaw.ca (MartyConnelly) Date: Tue, 30 Sep 2003 12:23:36 -0700 Subject: [dba-Tech] Long Directory names on a CD-ROM References: <000c01c386eb$2a8e9610$1b06d018@W2k> <1061667487.20030930085056@cactus.dk> Message-ID: <3F79D838.2060409@shaw.ca> I was just wondering if any anyone has had problems storing data to CD-ROM's with long directory and filenames like "c:\documents\academic\texts\journal articles\in progress...[etc etc]..\my new article.doc". I know that Microsoft uses the Joliet format which is the ISO-9660 level-3 with extensions. -------------------------------------------------------------- This has the following limits. On Joliet compliant media, however, the length of a directory identifier shall not exceed 128, to allow for longer directory identifiers. the length of a filename identifier shall not exceed 128 Joliet compliant media shall comply with the remainder of ISO 9660 Section 6.8.2.1, so that for each file recorded, the sum of the following shall not exceed 240: the length of the file identifier; the length of the directory identifiers of all relevant directories; the number of relevant directories. The above lengths shall be expressed as a number of bytes. ----------------------------------------------------------------- The articles on Microsoft does not explicitly explain if this is unicode lengths or not.. or not . Has anyone seen any articles explaining this or its ramifications for CD storage.? Or anyway around this limit for CD storage with Joliet because otherwise the total file names are truncated. I know there is a UDF format based on ISO/IEC 13346 (which is closely related to ECMA-167) but this writes in packets and requires specialized drivers. I have heard of a Mount Rainier format for CD's that maybe incorporated in future MS OSes I have even heard of BlueRay from phillips with error correction and 25 Gb formats but I an stuck with Joliet for archiving at present.