Tempx.exe TEMPEX.A TROJAN

Another one for the spyware files: I kept getting a host of random spyware filenames like tempx, efbpdny, lxaauuc, etc in the registry and msconfig. Booting to safe mode and running Norton Antivirus, AdAware, Spybot, and HijackThis to remove the spyware didn’t work — the files kept coming back.

Tempx.exe seemed to be a consist filename so I did some Google research with disappointing results. All I found were postings saying that tempx.exe is installed by the TEMPEX.A TROJAN but no one showed how to delete it!

What finally worked was running the free scanners from http://housecall.trendmicro.com.

Boot to safe mode and run the scan for viruses, the cwshredder, and spyware.

That cleared up tempx.exe along with all the other random spyware files.

Nice job from Trendmicro!

Aurora Spyware

Ran into the Aurora popup spyware last week. Very difficult to remove using normal spyware cleanup procedures.

This spyware creates a file called Nail.exe in Windows\System32 and is impossible to delete as it recreates itself almost immediately.

Used this program in Safemode to clear out the Aurora popup. http://www.mypctuneup.com/

Needed to run it twice. After that it looks like Aurora was removed.

Who Runs The Internet?

http://www.acm.org/ubiquity/views/v6i5_simoneli.html

A Concise Guide to the Major Internet Bodies

The bodies responsible for the Internet’s protocols and parameters can be said to steer the Internet in a significant sense. This document, by Alex Simonelis of Dawson College in Montreal, is a summary of those bodies and their most important characteristics.

1. Introduction

Who steers the Internet? “The Internet, a loosely-organized international collaboration of autonomous, interconnected networks, supports host-to-host communication through voluntary adherence to open protocols and procedures defined by Internet Standards.” [1]. While this definition is essentially correct, its emphasis might give the reader the impression that no one is at the helm of the Internet. That conclusion would be wrong. Certain protocols, and the parameters required for their usage, are essential in order to operate on the Internet. A number of bodies have become responsible for those protocol standards and parameters. It can be fairly said that those bodies steer the Internet in a significant sense. This document is a summary of those bodies and their most important characteristics.

The bodies belong to three major nexuses. Links, both formal and informal, exist between the nexuses.

Almost all Internet technological standards are developed and set by the group consisting of the Internet Society (ISOC) and the units operating under the auspices of ISOC: the Internet Architecture Board (IAB), the Internet Engineering Steering Group (IESG), the Internet Engineering Task Force (IETF), the Internet Research Steering Group (IRSG), the Internet Research Task Force (IRTF), and the RFC Editor. It is important to note that, while these units are responsible to ISOC, ISOC allows them a large degree of independence in their technical work.

Internet domain names and IP addresses are the province of the Internet Corporation for Assigned Names and Numbers (ICANN) and its Internet Assigned Numbers Authority (IANA).

World Wide Web standards are developed by the World Wide Web Consortium (W3C).

It should be noted that the direction of the Internet’s physical network structure is not addressed in this document. That structure is essentially determined by a large number of mainly commercial network operators, ranging from small to intercontinental, that build and join their infrastructures in response to market forces, in order to provide them to subscribers on a paid basis. These networks that form the Internet are linked in a topology similar to that of a large, well-developed highway system.

2. ISOC

ORGANIZATION: In 1991, the large growth of the Internet, including its commercial sector, and the Internet community’s need for a formal organization to provide a legal home for the standards bodies of that time (IETF, etc.) led to the formation, under the auspices of the Corporation for National Research Initiatives (CNRI), of the Internet Society. In January 1992, the Internet Society was chartered as a U.S. District of Columbia non-profit corporation.

GOVERNANCE: ISOC is governed by its Board of Trustees.

MEMBERSHIP/COMPOSITION: ISOC welcomes individuals and organizations as members. Individuals in the Internet community have ample opportunity to participate in ISOC and its component bodies.

MISSION/GOALS: ISOC’s mission is “To assure the open development, evolution and use of the Internet for the benefit of all people throughout the world.” [2]. As one of its most important tasks, it “facilitates open development of standards, protocols, administration and the technical infrastructure of the Internet” [2], and so it is the organizational and legal home for most of the groups that are responsible for developing Internet technical standards.

FUNDING: ISOC is funded mainly from organization member fees.

ASSOCIATED BODIES: IAB, IESG, IETF, IRSG, IRTF, RFC Editor.

3. IETF

ORGANIZATION: The Internet Engineering Task Force (IETF) held its first meeting in 1986. It is a loosely self-organized, large, grass roots technical group consisting of network administrators, designers, researchers, vendors, users, etc. In its broader sense, IETF is used to refer to IETF, IAB, IESG, IRSG, IRTF and RFC Editor as a collective.

GOVERNANCE: The IETF is not a formal body, and has no board of directors. It operates as an activity of ISOC and is responsible to it. For its technical work, it is divided into broad units called areas, each led by the Area Director(s) (ADs). ADs are proposed by the nominating committee (the Nomcom) of the IETF, and appointed by the IAB. The areas are divided into more specialized working groups (WGs), each with chair(s). WG chairs serve at the pleasure of the appropriate AD. IETF has a chair who is proposed by the nominating committee of the IETF, and then appointed by the voting members of the IAB, not including the incumbent IETF chair. The IETF chair is also the chair of IESG. WG and AD decisions are subject to appeal to the IESG.

MEMBERSHIP/COMPOSITION: There is no formal membership. Generally, attendance at IETF meetings and subscription to IETF mailing lists is open to all volunteers. Participants are expected to contribute as individuals, rather than as representatives of companies or organizations.

MISSION/GOALS: The IETF concerns itself with the engineering and architecture of the Internet. It is the principal body that develops, tests and implements new Internet technological standards, including protocols. The IETF proposes standards to the IESG.

FUNDING: The IETF, including its small Secretariat, is largely self-funded via IETF meeting attendance fees. A relatively small percentage of IETF’s budget is contributed by ISOC.

ASSOCIATED BODIES: ISOC, IAB, IESG, RFC Editor, ICANN, IANA, W3C.

4. IESG

ORGANIZATION: Formed in 1989, the Internet Engineering Steering Group (IESG) is the management group of the IETF.

GOVERNANCE: The IESG operates as an activity of ISOC and is responsible to it. The IESG is led by the IETF/IESG chair. IESG decisions are subject to appeal to the IAB.

MEMBERSHIP/COMPOSITION: The members are the Area Directors of IETF, the chair of IETF/IESG and a small number of ex-officio and liaison members.

MISSION/GOALS: The IESG vets and approves IETF standards, and generally manages the standards process according to the policies and procedures ratified by the ISOC Trustees. The IESG creates IETF working groups, etc.

FUNDING: The IESG is largely self-funded. ISOC contributes.

ASSOCIATED BODIES: ISOC, IAB, IETF, RFC Editor, IANA.

5. IRTF

ORGANIZATION: Formed in 1989, the Internet Research Task Force (IRTF) is a self-organized research group.

GOVERNANCE: The IRTF is divided into research groups (RGs), each with chair(s). RG chairs may be removed by the IRTF chair, subject to appeal to the IAB. The IAB appoints the chair of the IRTF. The IRTF chair reports to the IAB.

MEMBERSHIP/COMPOSITION: Since RGs are expected to be long-term groups, and to encourage the kind of working relationships such groups may need, membership in RGs may be open or closed, in contrast with IETF WGs, which are always open. Participants are expected to contribute as individuals, rather than as representatives of companies or organizations.

MISSION/GOALS: While the IETF focuses on engineering and standards, the IRTF focuses on research. The IRTF investigates Internet topics that are too uncertain or too advanced to be standardized at the moment. When IRTF produces a specification that is suitable for standardization, it is processed via IETF.

FUNDING: The IRTF is largely self-funded. ISOC contributes.

ASSOCIATED BODIES: ISOC, IAB, IRSG.

6. IRSG

ORGANIZATION: Formed in 1989, the Internet Research Steering Group (IRSG) is the management group of the IRTF.

GOVERNANCE: The IRTF chair leads the IRSG. The IRTF chair reports to the IAB.

MEMBERSHIP/COMPOSITION: The IRSG consists of the chairs of the IRTF research groups, the chair of IRTF, and possibly at-large members from the research community.

MISSION/GOALS: The IRTF chair manages the IRTF in consultation with the IRSG.

FUNDING: The IRSG is largely self-funded. ISOC contributes.

ASSOCIATED BODIES: ISOC, IAB, IRTF.

7. IAB

ORGANIZATION: In June of 1992, the Internet Society chartered the Internet Architecture Board (IAB) as one of its components. The ancestor of the IAB was the Internet Configuration Control Board (ICCB), a technical advisory group formed by Vint Cerf of DARPA in 1979. The ICCB was replaced by the Internet Advisory Board (IAB) in 1984, which became the Internet Activities Board in 1986, which was chartered as the Internet Architecture Board in June, 1992.

GOVERNANCE: ISOC has jurisdiction over the IAB but allows it a large degree of independence in its operations. With respect to technology, the IAB is considered to be a committee of the IETF.

MEMBERSHIP/COMPOSITION: IAB voting members are proposed by the nominating committee of the IETF, and are then appointed by the ISOC Board of Trustees. The IETF chair, who is chair of IESG as well, is also a voting member. The voting members select one of themselves to serve as chair of IAB. Non-voting members, mainly from associated bodies, also exist. Members serve as individuals, and not as representatives of companies or organizations.

MISSION/GOALS: ISOC mandates the IAB to oversee the architecture of the Internet, including its protocols and other standards. IESG decisions may be appealed to the IAB. IAB rulings are final, with the exception that claims that the IAB proceeded unreasonably may be appealed to the ISOC Board of Trustees. The appointment of an organization as RFC Editor is subject to IAB approval. The IAB claims, on behalf of the IETF, to appoint the organization which is to act as IANA (see sections 9 and 10 below). The IAB appoints the IETF Area Directors and the IETF chair on recommendation of the IETF, as well as the IRTF chair. The IAB advises ISOC’s Board, and carries out technical external liaison on behalf of ISOC.

FUNDING: The IAB is largely self-funded. ISOC contributes.

ASSOCIATED BODIES: ISOC, IESG, IETF, IRSG, IRTF, RFC Editor, ICANN, IANA.

8. RFC Editor

ORGANIZATION: The RFC document series was initiated by UCLA’s Steve Crocker in 1969, and maintained originally at the SRI Network Information Center, then at USC ISI. Jon Postel of USC ISI headed the RFC Editor for decades until his passing in 1998. The RFC Editor is currently a small department operated by USC ISI for ISOC.

GOVERNANCE: ISOC appoints an organization as RFC Editor on the recommendation of IAB. The IAB vets the general policy followed by the RFC Editor.

MEMBERSHIP/COMPOSITION: ISOC appointees.

MISSION/GOALS: The RFC Editor is the organization that edits, manages, publishes and maintains the authoritative archive of the Request For Comments (RFC) documents, which are the Internet’s documents of record.

FUNDING: ISOC funds the RFC Editor.

ASSOCIATED BODIES: ISOC, IAB, IESG, IETF, IANA.

9. ICANN

ORGANIZATION: In the late ’90s, the U.S. government was completing implementation of its decision to privatize the Internet. The implementation called for the continued operational stability of the Internet, including its Domain Name System. In 1998, the Internet Corporation for Assigned Names and Numbers (ICANN) was chartered as a California non-profit corporation for this purpose. It can be regarded as a technical coordinating and regulatory body.

GOVERNANCE: ICANN is governed by its Board of Directors. The majority of Directors are selected by ICANN’s nominating committee. A number of others are appointed by ICANN’s supporting organizations. Directors are expected to serve as individuals, not as representatives. The U.S. Department of Commerce gives ICANN authorization to perform the IANA function via a renewable contract which contains a number of reporting requirements. For the more technical aspects of its operations, ICANN and its Board rely on the IETF and the IAB for information and guidance.

MEMBERSHIP/COMPOSITION: ICANN has neither individual nor organizational members in the ordinary sense. Its supporting organizations and advisory committees generally provide a great deal of feedback to the Board on the issues of the day, and ICANN regards them as its constituents. They span the globe and cover a broad range of interests: technical, commercial, governmental, academic and user-oriented. Individuals in the Internet community have some opportunity for participation in ICANN, mainly through its advisory committee structure.

MISSION/GOALS: ICANN’s revised articles of incorporation state that “… the Corporation shall, except as limited by Article 5 hereof, pursue the charitable and public purposes of lessening the burdens of government and promoting the global public interest in the operational stability of the Internet by (i) coordinating the assignment of Internet technical parameters as needed to maintain universal connectivity on the Internet; (ii) performing and overseeing functions related to the coordination of the Internet Protocol (“IP”) address space; (iii) performing and overseeing functions related to the coordination of the Internet domain name system (“DNS”), including the development of policies for determining the circumstances under which new top-level domains are added to the DNS root system; (iv) overseeing operation of the authoritative Internet DNS root server system; and (v) engaging in any other related lawful activity in furtherance of items (i) through (iv).” [3]. The articles further state that ICANN “shall operate for the benefit of the Internet community as a whole, carrying out its activities in conformity with relevant principles of international law and applicable international conventions and local law and, to the extent appropriate and consistent with these Articles and its Bylaws, through open and transparent processes that enable competition and open entry in Internet-related markets. To this effect, the Corporation shall cooperate as appropriate with relevant international organizations.” Among ICANN’s most demanding responsibilities are the creation of top-level domains and the (re-)delegation of domain registries.

FUNDING: ICANN is funded mainly from domain name and IP address registries and registrars. Its budget includes funds for a number of staff, headed by a President/CEO and including an Ombudsman.

ASSOCIATED BODIES: IANA, U.S. Department of Commerce, IAB, IETF, W3C.

10. IANA

ORGANIZATION: The tasks that the Internet Assigned Numbers Authority (IANA) performs began in the early ’70s. Those and ensuing tasks were performed, and the organization was led, by Jon Postel for decades. Formally, IANA is said to be a service or set of functions. In practical terms, it is a subsidiary organization of ICANN.

GOVERNANCE: In March, 2003, the U.S. Department of Commerce awarded its most recent contract to ICANN to perform the IANA functions. ICANN operates IANA under the authority of the U.S. government. IANA works collegially with the IAB, IESG and IETF in carrying out its mission.

MEMBERSHIP/COMPOSITION: ICANN appointees.

MISSION/GOALS: IANA oversees IP address allocation, manages the DNS (this includes root server system oversight and top-level domain delegation), and coordinates protocol parameter assignment. All Internet domain names and IP addresses are allocated from IANA, either directly or, much more likely, indirectly through IANA’s delegation of authority via a worldwide system of Internet registries and registrars.

FUNDING: ICANN funds IANA.

ASSOCIATED BODIES: ICANN, IAB, IESG, IETF, RFC Editor.

11. W3C

ORGANIZATION: The World Wide Web Consortium (W3C) was founded by Tim Berners-Lee in October, 1994 at MIT in collaboration with the European Organization for Nuclear Research (CERN).

GOVERNANCE: The W3C is a group hosted by MIT in the U.S., the European Research Consortium in Informatics and Mathematics (ERCIM) in Europe, and Keio University in Japan (the Hosts). The W3C is responsible to the Hosts, who maintain a Steering Committee that sets general policy and strategy for W3C from time to time; the majority of the Steering Committee are either from, or appointed by, MIT. W3C calls its technical tasks “Activities”, and groups them into broad units called domains. Activities are carried out by Working Group(s) (for technical work), Interest Group(s) (for general work) and Coordination Group(s) (for group coordination). Groups have a chair and consist of member representatives, Team representatives and invited experts. The Team is the Hosts’ technical and staff corps that leads Activities and manages the W3C. The Team includes the Director, the Chief Operating Officer, the W3C Chair, W3C Fellows, and others. The Director: has responsibility and authority for overall direction of W3C, is the chief technical architect, chairs the Technical Architecture Group (TAG), appoints group chairs, hears appeals of working group decisions, is appointed by MIT and reports to the Director of MIT’s Lab for Computer Sciences. The Chief Operating Officer is responsible for worldwide operations and general management of W3C. The W3C Chair, appointed by MIT, is responsible for member relations and external liaison. The Advisory Committee (AC) is the general assembly of the membership, with one representative from each member; it reviews proposed Activities and recommendations, and suggests future directions for the W3C. The Advisory Board, elected by the Advisory Committee, is the representative council of the membership; its chair is appointed by the Team; it is not a board of directors; it gives guidance to the Team on legal issues, strategy, administration, structures, process, etc., and can do so in between Advisory Committee meetings, which are infrequent.

MEMBERSHIP/COMPOSITION: The W3C is structured, and membership is priced, to have organizations as members. Individuals in the Internet community have limited opportunity for participation in W3C, mainly via those W3C mailing lists that are public.

MISSION/GOALS: “The mission of the World Wide Web Consortium (W3C) is to lead the World Wide Web to its full potential by developing common protocols that promote its evolution and ensure its interoperability.” [4]. The W3C develops, tests and implements new Web technological standards (“recommendations” in W3C parlance). The W3C is similar to the IETF in that it develops technological standards, but its focus is more tightly directed, at the Web and associated technologies.

FUNDING: W3C is funded mainly from organization member fees, and some grants. Its budget includes funds for a number of staff and collaborative resources.

ASSOCIATED BODIES: IETF, ICANN.

12. Acknowledgements

Thanks to Dawson College. Thanks to Tim Berners-Lee, Bob Braden, Vint Cerf and Ian B. Jacobs for their constructive reviews of major portions of this document.

13. References

[1] Internet Activities Board, “The Internet Standards Process” – RFC1310, RFC Editor, March 1992.

[2] ISOC, URL http://www.isoc.org/isoc/mission/, February 2005.

[3] ICANN, URL http://www.icann.org/general/articles.htm, February 2005.

[4] W3C, URL http://www.w3c.org/Consortium/Process, February 2005.

14. Author Information

Alex Simonelis is a faculty member in the Computer Science Department of Dawson College in Montreal, Canada, and is interested in the Internet, operating systems, programming languages and data structures. Email: asimonelis@dawsoncollege.qc.ca
Author’s Note

The reader should be aware that this document was submitted to the RFC Editor as a proposed RFC, and rejected, essentially because it contains some points that were judged to be too controversial. For example, this paper describes ICANN as a technical coordinating and regulatory body; the senior leadership of ICANN, however, maintains that ICANN is definitely not a regulatory body, which is clearly contrary to reality. On another point, some groups described herein have contradictory views on which body has jurisdiction over IANA. Furthermore, there are differences of opinion regarding the degree of independence of the IETF from ISOC, and therefore any statement that takes a position will be considered controversial by some. And so it would be extremely difficult, if not impossible, for a document to treat this subject matter in a concise and accurate way, and at the same time avoid controversy. In any case, it is the author’s conviction that this document does achieve objectivity by using historical and legal facts as its basis.

Source: Ubiquity, Volume 6, Issue 5, (February 15 – February 22, 2005) http://www.acm.org/ubiquity

Win 2000 Cannot Access XP Pro Shares

I ran into a strange problem while trying to access a shared folder on XP Pro from a Windows 2000 system.

The Win 2000 could see the shared folder, but when I tried to access it I got: Not enough server storage is available to process this command.

Both systems had the same username, password, and admin rights.

Interestingly enough, the XP Pro system could see and access shared folders on the Windows 2000 system.

To solve this problem I did two things:

1) Updated the XP Pro system with the latest patches.
2) Used regedt32 to change this key on both systems to the maximum value of 0x32.

HKLM/
System/
CurrentControlSet/
Services/
Lanmanserver/
Parameters/
IRPStackSize

Floppy Based Linux Distributions

Some links with linux-based distributions that fit on either one or two floppies.

http://www.confederatelinux.com/linux/floppy.htm

http://www.linuxlinks.com/Distributions/Floppy/

Also try searching on “linux floppy” at the freshmeat site.

http://freshmeat.net/

You may find a need for the RawWrite utility to create disk images on the floppy. Here is a nice Windows version of it.

http://uranus.it.swin.edu.au/~jn/linux/

Fixing TCP/IP Winsock Corruption

I ran into this problem a couple of times on XP systems. The ethernet card fails to get an IP address from the DHCP server. Even a new ethernet card fails to get an address. This could indicate a problem with the winsock.

This method seems to work. If possible, test if you have winsock corruption by running the netdiag tool. You probably don’t have it installed so you have to get it from the XP CD.

1. Insert your Windows XP Setup CD, and then locate the Support\Tools folder.
2. Double-click the Setup.exe file.
3. Follow the steps on the screen until you reach the Select An Installation Type screen.
4. On the Select An Installation Type screen, click Complete, and then click Next.

When the installation is complete, follow these steps:

1. Click Start, click Run, type Command, and then click OK.
2. Type netdiag /test:winsock, and then press ENTER.

Reinstall Winsock.

Step 1: Delete the corrupted registry keys

1. Click Start, and then click Run.
2. In the Open box, type regedit, and then click OK.
3. In Registry Editor, locate the following keys, right-click each key, and then click Delete:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock2
4. When you are prompted to confirm the deletion, click Yes.
Note Restart the computer after you delete the Winsock keys. Doing so causes the Windows XP operating system to create new shell entries for those two keys. If you do not restart the computer after you delete the Winsock keys, the next step does not work correctly.

Step 2: Install TCP/IP

1. Right-click the network connection, and then click Properties.
2. Click Install.
3. Click Protocol, and then click Add.
4. Click Have Disk.
5. Type C:\Windows\inf, and then click OK.
6. On the list of available protocols, click Internet Protocol (TCP/IP), and then click OK.
7. Restart the computer.

http://support.microsoft.com/kb/811259

-=-=-=
Another method to reinstall TCP/IP is this:

To Reinstall TCP/IP do the following:

Navigate to: C:\windows\inf
Find the File: nettcpip.inf
Right click the file and choose install

http://www.tweakxp.com/tweak1016.aspx

-=-=-
And if the above still doesn’t work, then try this:

1) netsh int ip reset resetlog.txt

http://www.petri.co.il/reinstall_tcp_ip_on_windows_xp.htm

2) And the same reinstall of TCP/IP

a) Right click your network connection

b) Choose Properties

c) Click Install

d) Click Protocol and click Add

e) Click Have Disk

f) Type c:\windows\inf and click OK

g) Choose TCP/IP from the list of protocols

h) Click OK and restart the PC.

Panda Titanium 4 and ZoneAlarm

Lately Norton Antivirus (AV) has been getting very bloated so I’ve been testing the waters with a new antivirus program called Panda. I have some mixed feelings about the product, which I believe is developed in Spain.

Pros
Updates virus definitions often
Seems to catch a lot more email viruses than Norton’s

Cons
No apparent way to schedule a system scan
Seems to conflict with ZoneAlarm — I often cannot open certain Explorer windows when I have both programs running

That last con item really bugs me since I’ve learned to trust having my ZA running at all times. I going to reinstall ZA to see if it makes a difference. If not, I would have a difficult time recommending Panda.

My Top 6 Free Software Utilities

Here is a list of my top 6 free utilities. A must have for every computer user.

1. ZoneAlarm – This is a great free software firewall that checks if any application is making strange outgoing connections. You need to be a little computer savvy to know when to allow and when to deny connections, though. Still the best in it’s class.

2. Ad-Aware and Spybot – The two best free spyware cleaners on the market. Get both if you like since there currently is no cleaning software that catches 100% of spyware.

3. EditPad – A cool general purpose text editor that is light years ahead of NotePad. You can open multiple windows, wordwrap, autoindent, etc. The Lite version is free.

4. PowerToys for XP – A host of cool utilities such as Command Prompt Here for dropping into the correct DOS directory and TweakUI which allows you to make adjustments to your Windows environment. The best feature of TweakUI is the Paranoia tab that allows you to clear out your history buffers.

5. Screen Hunter – An excellent screen capture utility from the fine folks at Wisdom-Soft.

6. Trend Micro’s House Call – Fast becoming my virus checking program of choice. Online scanner is useful for checking systems where you feel the local Norton or McAfee has been compromised.

Security Links

A few of my favorite security links:

www.insecure.org has all kinds of utilities for testing your network security.

www.securityfocus.com has the latest and greatest news on the security homefront. I’d like to try and list their RSS feed here someday.

www.grc.com is from the guru who brought us SpinRite oh-so-many years ago. You computer old-timers know about this product. Steve Gibson’s site has some pretty cool utilities and you can always try his Shields-Up test on your PC to see if you have any leaks.

www.dnsstuff.com allows you to look up all kinds of DNS info.