|
|
|
By John D. Ruley
I FINALLY GOT an ISDN line, and now I don't know how I lived without one.
Why? In a word, speed. ISDN provides 64Kb per second transmission speed (actually, it's 57.6Kbps where I'm dialing from, but who's counting) as opposed to 28.8Kbps from the fastest conventional modems. What's more, a single ISDN line includes two 64Kbps B channels. That's 128Kbps-about five times the speed of a modem. Through a technique called bonding, the two B channels can be combined to create a 128Kbps data connection, but not all ISDN modems support bonding. I haven't tried combining two channels yet; for now, one's fast enough. And besides, it leaves the other one free to work with a plain old telephone service (POTS) device, such as a normal analog modem or a fax machine.
Setting up ISDN can be quite a learning experience. First, the installer runs a line test to verify that the lines running to your house can handle ISDN traffic. If they can't, the installer may have to redo the wiring, which can turn out to be expensive. If the wiring is okay, activating ISDN is largely a matter of changing switch settings at the central office and installing a larger socket (RJ-14 eight-wire, instead of the usual RJ-11 four-wire) to accommodate an ISDN phone jack.
Now you need an ISDN modem. I'm using a Motorola TA-210. Aside from the RJ-14 jack, it's similar to a typical external modem. However, the manual is significantly more detailed and, unfortunately, you do have to wade through it, at least enough to figure out how to program the proper network settings. That's the difference between ISDN and POTS modems. You just plug a POTS modem into any phone jack. With ISDN, you have to program the modem with detailed information about the network you're going to plug it into, including the central office switch type, data rate, phone number and a SPID (service profile identification), which is similar to a phone number. Your telephone installer should provide you with all this information.
You'll also need appropriate software and a driver for your modem. I got beta-II of Windows NT 4.0 just before I got ISDN. This version of NT includes a driver for the TA-210 that works with Dial-Up Networking. No such driver is included with NT 3.51, but you can download one from Motorola's Web site ( http://www.motorola.com). With either driver you need one more setting-a data rate negotiation protocol. You must use a protocol that's consistent with whatever equipment you're dialing into. The most common protocols are V.120 and PPP with Line Control Protocol (LCP) extensions (also known as PPPC). V.120 was once the most common protocol, but PPPC is gaining popularity.
WINDOWS Magazine's dial-in router is configurable for either V.120 or PPPC. By default, it's set for PPPC. I initially had trouble with that, so we changed one line on the router to V.120 to see if we had a protocol problem, and voilˆ, I got in. When we changed back to PPPC, I could get into the dial-in router by checking the Request LCP Extensions box in NT 4.0's dial-up networking PPP configuration (or in NT 3.51's Remote Access PPP configuration) and entering my name and password in the Authentication dialog. I didn't do that initially because most POTS dial-in requires manual authentication using a script or a terminal program.
With those settings in place, the modem works very much as advertised, and once I'm dialed in, it's just like having a local connection to WinMag's LAN. My Internet access is also much faster than before.
A number of WinMag staffers were wishing I'd stayed offline. That's because I caught a virus, and before I knew what hit me, I spread it via e-mail. You've probably already been introduced, but if not, meet the Prank macro. Prank infects Word documents by turning them into templates and preventing you from making any changes.
Want to know how I got the virus? Microsoft gave it to me. Some months ago, I attended a Microsoft-sponsored developer's conference in San Francisco, at which large binders were handed out for the conference proceedings. This particular conference was thrown together in such a hurry, the binders were empty. Attendees were expected to either pick up a copy of each presentation or wait for a promised "conference CD" that would contain all the presentations in electronic form.
Like most attendees, I picked up printed copies of the presentations that most interested me, and decided to wait for the CD for the rest.
The CD arrived a few weeks after the conference, and it was clear Microsoft produced it in haste. It included some interesting filenames, such as AV INTRO-SALIMABI.DOC (who says long filenames have to make sense?), but lots of good information. So good I decided to share it with other folks at WinMag by copying several files to a shared directory on WinMag's server in New York.
Shortly thereafter, Microsoft's developer relations group sent out a fax warning that AV INTRO-SALIMABI.DOC was infected with the Prank virus. I advised other WinMag staffers of the problem, deleted the file in question from the server and then wondered if I was infected myself. The fax from Microsoft directed recipients to a Web address on Microsoft's server, which in turn pointed to http://www.symantec.com. This site hosts the free Norton AntiVirus (NAV) software for Windows NT. I downloaded it and ran a check on my hard disks, which came up clean. What a relief!
A few days later, Mark Frale, WinMag's able network administrator, told me he was fighting a Word Macro virus infection that appeared to originate from my e-mail attachments. "Impossible!" I said. "I down- loaded NAV for NT and it said I was clean."
What I didn't know is that there are several versions of the Word macro virus, and by default, the NAV-NT version I downloaded (dated April 1, 1996) didn't include the latest macro definitions. The only Word macro virus it was capable of detecting was the original Concept virus, which isn't what infected AV INTRO-SALIMABI.DOC.
The most effective cure is Microsoft's own fix. When I tried it, I found I had a number of infected files. The virus installs several bogus macro commands, the worst of which is FileSaveAs. This replaces the regular File/Save As command with one that saves all documents in template format, and embeds the virus in the template. The safest thing to do is remove the bogus macros, open the templates and copy/paste the data into blank documents.
Both Microsoft and Symantec insist NAV for NT does detect and eliminate the Prank macro. Yet Alex Haddox, product manager for Symantec's AntiVirus Research Center, explained that with new viruses constantly appearing, Symantec has given up trying to keep its antivirus applications up to date. Instead, users have to download a separate virus definition file. When you download NAV-NT you get the virus definition file that was current when the app was most recently updated, not the most current definition file. Symantec says its most current definition file does detect and correct the Prank macro.
Prank teaches enterprise administrators a valuable lesson. You can't assume you're secure just because you've installed a firewall to prevent hackers from entering your company via the Net. Make sure you protect all systems with a good virus scanner and that you keep the scanner's virus definition file up to date. Software distribution might be a good way to handle this. Microsoft's System Management Server (SMS) allows you to construct a "package" with the most up-to-date definition file, and distribute it to users automatically when they log on. I'm sure you can configure other software distribution systems to do something similar.
I still wonder what possessed Microsoft to master 5,000 copies of a conference CD without checking it for viruses (then again, maybe Microsoft didn't have the most up-to-date definition file). But the real blame here lies with Prank's author, who should be locked up. Prank takes an appalling amount of time to chase down and correct, and its creator should be punished.
Editor-at-Large John D. Ruley is the principal author of Networking Windows NT 3.51 (John Wiley & Sons, 1995). Contact John in the "Enterprise View" topic of WINDOWS Magazine's areas on America Online and CompuServe. To find his E-Mail ID Click Here
|
|
|