See an unfamiliar term? Check the newsletter glossary.
newsletter://mv.com
August 2003
rpc/dcom and other lovely infections
In mid-July a couple of major security problems were found with sev-
eral versions of Microsoft Windows software. It was only a matter of time
before there were exploits (worms or viruses) released to take advantage of
these problems. In early August such a virus began attacking systems
around the Internet.
Normally we like to take a hands-off approach to Internet packets. If
you have a computer connected to the Internet, it's your job to secure it,
to keep up with security updates and bug fixes, and otherwise keep it from
getting infected. It's not possible for an ISP to block every kind of dan-
gerous packet, and indeed it's likely counterproductive to do so -- after
all, many people don't fix their computer's vulnerabilities until after the
system has been attacked. If we keep a problem hidden, it just means that
there will be a large number of vulnerable systems hidden as well. If we
were to block packets and later take those blocks away, those vulnerable
systems would then be infected. The problem would simply be delayed to a
time when the issue had faded from public view, perhaps making it harder to
identify and deal with the problem.
Even so, in this case we decided to temporarily block some of the
ports used in the attack. We did this for a couple of reasons. One is
that once a system is infected, it is likely to crash repeatedly, making it
hard to get and apply the software update. Another is that the target
ports being blocked are extremely unlikely to be used across the Internet
(indeed if you are using these services across the open Internet, you might
consider other ways to do what you are doing).
Note well: we are only blocking these ports for a short time. Please
make sure you protect your computer systems. As with many computer viruses
and worms, if you get infected your computer can likely be used to hurt
others. With some of these exploits, you might not even know that your
system is being used to do nasty things. It's always a good idea to keep
on top of bug fixes and apply any security patches that are available. If
you have computers attached to the Internet, you should take care to con-
figure them so that they don't offer services that you don't intend or need
them to offer.
To find out about critical updates available for Microsoft Windows operat-
ing systems, go to:
http://windowsupdate.microsoft.com/
http://www.microsoft.com/technet/
More information about these specific security issues can be found at
(among others):
http://www.microsoft.com/security/incident/blast.asp
http://www.cert.org/advisories/CA-2003-16.html
http://www.cert.org/advisories/CA-2003-20.html
http://www.microsoft.com/technet/security/bulletin/MS03-023.asp
http://www.microsoft.com/technet/security/bulletin/MS03-026.asp
http://isc.sans.org/
More mail filtering options
We continue to receive some great feedback about webmail and our mail
filtering options. According to our statistics those who are using our
filters, even in very basic ways, are blocking approximately 50% of incom-
ing mail. In last month's newsletter we told you to watch for some new
filtering options -- they are here! You now have some discrete controls
over exactly what happens to mail coming into your mailbox. Whenever a
mail message arrives, it will be screened according to the rules that you
have set up. With these rules you can do things like:
* file the message into a folder on our server;
* discard the message if you don't want to see it;
* file the message into a "Caught Spam" folder;
* forward the message to another destination;
* accept the mail.
depending on such things as:
* who sent the message;
* what text is in the Subject line;
* who the message was sent to;
* and, as before, the results of DNSBL tests.
To set up or modify filters on your incoming mail, go to http://web-
mail.mv.net/. (While the webmail tool and the mail filtering tool are two
separate things, the webmail program provides a nice interactive interface
for you to set up and maintain your filters.) Note that there are other
filtering capabilities supported and some of these will be showing up in
the webmail interface soon. Please continue to watch for notices on the
webmail login screen. In parallel, we will be working on the next revision
of the filter tool. (Comments and suggestions are welcome!)
1-500 number
We maintain several sets of phone numbers for dialup access. One of
these is the 1-500 number that lets you call us from any Verizon phone line
in NH. This number uses a special Verizon product called Single Number
Service PRI (SNS/PRI) or "PRI Hubbing" that we have been using for several
years. We've recently been told to expect this product to go away.
The SNS/PRI product has an odd history in NH. It was proposed by Bell
Atlantic (which is now Verizon) partly to compete with some innovative ser-
vices offered by competitive telephone (CLECs) that MV and other ISPs made
use of in order to have local phone numbers for people around the state and
in other states. Bell Atlantic had rolled out the SNS/PRI service in other
states and they were looking to do so in NH as well. MV signed up as a
test case, to help make sure the technology worked in advance of it being
made a tariffed product.
In the meantime, the underlying switching technology used by SNS/PRI
was also being used to implement another potential Bell Atlantic product
offering, known as IPRS. IPRS is a service that provides a statewide num-
ber but removes control of the modem and other equipment from the ISP.
(This is the sort of bundling that puts a damper on innovative choices and
service differentiation.) Time passed, and Bell Atlantic/Verizon never
filed the SNS/PRI tariff in NH, choosing instead to offer only the bundled
IPRS product. And as they do not intend to offer SNS/PRI in general, they
have informed us that since other ISPs would also like to purchase this
service, they have determined that the correct thing to do is not to offer
it to those other ISPs but to make it unavailable to us too. That does not
make a lot of sense to us -- it seems more likely that this simply fits
into Verizon's strategy of selling service bundles where possible in order
to increase vertical market share, and restricting the sale of individual
service elements.
Note that this service is not gone yet -- you can still dial the 1-500
number for access. When we have more firm information we will let you
know.
Email billing
Did you receive this newsletter in the US Mail with your bill? Remem-
ber that we assess a $1 fee for paper billing. You can save this by allow-
ing us to send you your invoice and this newsletter via email. If you want
this, just contact our customer service staff to switch to email billing.
DSL coverage increasing
We have had some recent additions to our DSL/V coverage areas -- and
new numbers within existing areas are being added constantly as well. If
you've checked before but didn't qualify, maybe it's time to check again.
You can find our services areas at http://dsl.mv.net/. And if you go to
http://home.mv.net/ you'll see a link where you can check your phone number
or address to see if you can get DSL.
MV Communications, Inc. PO Box 4963, Manchester, NH 03108 (603) 629-0000