knoxcotn

knoxcotn-digest Friday, March 23 2001 Volume 01 : Number 135

----------------------------------------------------------------------

Date: Fri, 23 Mar 2001 00:31:51 -0500

From: "Kenneth Dunlap" <kdunlap59@home.com>

Subject: Re: [KnoxCoTN] Chism, Chisholme or Chisum?

Hello,

According to LaReine Clayton's "Stories of Early Inns and Taverns of the E.

Tenn. Country",

"In 1791, the year when Knoxville was incorporated, Captain [John] Chisolm,

friend of Governor Blount purchased the lot where his tavern was built.

Located at the corner of Front and Arch Streets (later State St.) , it was

convenient to Blount Mansion, the Governor's house, high above the Tennessee

River. It was Knoxville's first and oldest tavern of any permanency and

repute."

An old and historic building on the bank of the Tennessee which was for many

years called Chisolm's Tavern, could not be saved after it's identity was

questioned.

Hope this helps,

Ken Dunlap

- ----- Original Message -----

From: "ball2mm" <ball2mm@email.msn.com>

To: <KnoxCoTN@rootsquest.com>

Sent: Wednesday, March 21, 2001 12:12 PM

Subject: Re: [KnoxCoTN] Chism, Chisholme or Chisum?

> Subject: Re: [KnoxCoTN] Chism, Chisholme or Chisum?

> > There was a Chisholm's Tavern someplace. The surname was spelled a

> variety of ways in Hawkins

> > County. I'm doing this from rusty memory...someone else probably knows

> more about it.

> From my rusty memory also - When Neyland Drive was being constructed, it

was

> necessary to move the old Chishom's Tavern after having being neglected

for

> years. It was going to be demolished and a group of concerned citizens

> moved it from the bank on what I think was Hill Avenue to the site which

was

> to be White's Fort (now). Robert McGinnis may respond with better

> information, please.

> Marilyn Moser Ball

------------------------------

Date: Fri, 23 Mar 2001 07:18:11 -0500

From: "Billie R. McNamara" <knox@tngenweb.org>

Subject: [KnoxCoTN] Norton AntiVirus for Windows SupportNow! News Bulletin: Mar. 22, 2001

This is kinda long, but it is jam-packed with good information that should

be distributed to everyone whose computing future you care about. The

benefit of this compilation is that it's not terribly technical...

=======================================

March 22, 2001

_____________________________

In this issue:

Understanding and guarding against Internet-based attacks

1. The plan of attack

2. Internet worms

3. Script-based attacks

4. What makes your computer a target

5. How to recover

6. How to improve security

7. Feedback

8. Subscribing and unsubscribing

9. Disclaimer

_____________________________

NOTE: This is an outgoing email address. Do not reply to this email

message. If you require assistance with installing, configuring, or

troubleshooting a Symantec product, or if you have a question for

Customer Service, then visit the Symantec Service & Support Web site

at the following Internet address:

http://www.symantec.com/techsupp/

Select your product and version, and then click Go.

To view this and prior News Bulletins in HTML format, visit the

following Internet address:

http://www.symantec.com/techsupp/vURL.cgi/navarc

_____________________________

1. The plan of attack

Everyday people are searching the Internet for vulnerable computers.

Once a target computer is identified, the computer is compromised,

and the attacker quietly moves on in search of another target.

The first phase of the attack is to scan the Internet for computers.

Every computer connected to the Internet has an IP (Internet

Protocol) address. Malicious hackers use tools to scan either random

IP addresses, or blocks of addresses. Because of this, you do not

need to be well known or in a high-traffic region to be selected as

the target of attacks. Your home computer, connected to the Internet

for the very first time, is just as likely to be randomly probed as

that of a high-powered Wall Street executive.

The second phase of the attack is to determine whether the computer

is vulnerable. Typically, a malicious hacker will search for only one

specific security vulnerability at a time. If your computer displays

the desired security hole, then your computer will be targeted for

the attack. Otherwise, a malicious hacker will continue to search for

another target.

The third phase of the attack is to compromise your computer.

Remember, malicious hackers look for easy targets because so many

computers exhibit security holes. Using safe computing practices will

limit your chances of becoming a victim of a computer attack.

___________________________

2. Internet worms

One Internet worm with an interesting origin is W32.HLLW.Bymer. It

spreads by randomly searching IP addresses for Windows computers with

shared network drives.

This story begins with a company called Distributed.net, who uses

distributed processing to solve complex mathematical and scientific

problems. Distributed.net provides a program named Dnetc.exe to

install on your computer. Once installed, Dnetc.exe directs your

computer's unused processing power to solve these problems. As an

incentive, Distributed.net offers monetary prizes to those who solve

the problems. By directing more computing power towards solving a

problem, you have a better chance of winning the cash prize.

The W32.HLLW.Bymer worm was designed to infect your computer and

direct your unused processing power to Distributed.net. When the

infected computer contacts Distributed.net, it credits the author of

the worm for contributing the processing power. In this way, the

author of the worm has in effect multiplied his processing power and

increased his chance of winning the cash prize.

Once this was discovered, Distributed.net made changes to its data

collection process, which nullified the credit to the worm's author.

For more information about Distributed.net and distributed

processing, visit the following Internet address:

http://distributed.net/

An excellent source of information about worms using Dnetc.exe can be

found at the following Distributed.net Web site:

http://distributed.net/trojans.html.en

___________________________

3. Script-based attacks

Internet worms that use the Windows scripting host are now the

fastest spreading type of malicious code. Recent worms have been

known to exploit a security hole in Microsoft Outlook and Outlook

Express email programs. These worms have been known to spread by

emailing themselves to everyone in your email address book.

Using this tactic, worms have been able to spread around the world in

a few short hours. For example, if you have 50 entries in your

address book, and one of those entries is a list of everyone at your

work place, then you may unintentionally send off hundreds of extra

and unexpected email messages that day. Coworkers, who receive the

email, may also send their share of extra email. The end result will

clog or even shut down mail servers and slow the entire Internet to a

crawl.

Examples of these worms include VBS.LoveLetter, W97M.Mailissa.A, and

Wscript.KakWorm. The Symantec AntiVirus Research Center (SARC)

provides complete information about these worms and other malicious

threats at the following Internet address:

http://www.sarc.com

For detailed information about script-based threats, visit the

following Internet address:

http://www.symantec.com/techsupp/vURL.cgi/nav92

_____________________________

4. What makes your computer a target

"By the end of last year, there were more than 200 million PCs

connected to the Internet. Ninety percent of these are Windows

machines running the same applications, such as Word, Microsoft

Exchange, and Excel. For the first time, we have a computing

monoculture. Monocultures in the natural world are extremely

vulnerable to pests, such as viruses."

- -- Carey Nachenberg, Chief Researcher at the Symantec AntiVirus

Research Center

Many Internet-based attacks are targeted toward Windows 95/98

computers. This is not because of any inherent design flaw in these

operating systems, but rather because there are a growing number of

these computers, and newer users of these operating systems tend to

be less security minded. Allowing unrestricted file sharing or

Windows scripts to be run makes your computer vulnerable to such

attacks.

Many computers have permanent connections to the Internet. Because of

this, these computers may have an unchanging (or static) IP address.

If a malicious hacker discovers that your computer has a security

hole, for example in Microsoft Outlook, then your IP address can be

logged into a database. If another security hole is discovered in

Outlook, then the malicious hacker can again attempt to compromise

your computer, bypassing the need to scan the Internet for new

targets. Malicious hackers may also trade these databases with one

another, again bypassing the need to scan the Internet for targets.

_____________________________

5. How to recover

Today's Internet-based threats often damage critical computer files

that can be difficult to repair or replace. Norton AntiVirus may not

always be able to replace your computer's damaged Windows or program

files. Because of this, you should prepare a toolkit to facilitate

your recovery from a virus-related incident.

For more information on developing your recovery toolkit, please

review the December 2000 Norton AntiVirus newsletter located at the

following Internet address:

http://www.symantec.com/techsupp/vURL.cgi/nav93

_______________________________

6. How to improve security

Some viruses spread across a network by using unrestricted shared

files. Windows File Sharing grants the user of another computer the

rights to read, write, copy, and move data to and from your computer.

You may grant some or all of these rights. You may also require a

password before these rights are granted.

File sharing can be an important way to distribute information to

your friends and coworkers. However, password protecting your shared

files is a safe practice that you should adopt.

For instructions on how to password protect your shared files and

folders, visit the following Internet address:

http://www.symantec.com/techsupp/vURL.cgi/nav94

Other viruses rely upon the Windows Scripting Host to spread to your

computer. While using the Windows Scripting Host, your computer will

automatically run scripts it encounters. Virus writers now embed

viruses in a script, which will run, for example, when you open an

email. With the Windows Scripting Host enabled, the virus will infect

your computer as soon as you open the email. To make matters worse,

these are typically the types of viruses, or worms, that email

themselves to people in your address book. As you can see, these

worms have the potential to spread very quickly, and have been known

to overload email servers.

For instructions on how to disable the Windows Scripting Host, visit

the following Internet address:

http://www.symantec.com/techsupp/vURL.cgi/nav95

Norton AntiVirus (NAV) has a many layers of virus protection,

including email scanning and Auto-Protect. In a recent survey of

customers experiencing problems with the Wscript.Kak.Worm, it was

noted that 89% of these users did not have email scanning activated,

and 21% of users did not have Auto-Protect activated. In order for

Norton AntiVirus to protect your computer, it is important for all

components of NAV to be configured for optimal protection.

For instructions on how to maximize your virus protection, visit the

following Internet address:

http://www.symantec.com/techsupp/vURL.cgi/nav96

_____________________________

7. Feedback

Do you have feedback that can help us provide better products or

services? If so, then we want to hear from you. Visit the Symantec

suggestion box at the following Internet address, and let us know how

we can improve:

http://www.symantec.com/feedback/

_______________________________

8. Subscribing and unsubscribing

If you want to subscribe to other Symantec newsletters, then follow

the instructions at the following Internet address:

http://www.symantec.com/techsupp/bulletin/index.html

If you no longer want to receive this newsletter, then follow these

steps:

1. Create a new email addressed to:

LISTSERV@LSERVER.SYMANTEC.COM

2. In the Subject line, type the following:

UNSUBSCRIBE

3. In the body of the message, type the following:

SIGNOFF NAV-TECHINFO-L

4. Send the message.

If you want to unsubscribe from other Symantec newsletters, then

follow the instructions at the following Internet address:

http://www.symantec.com/techsupp/bulletin/index.html

_____________________________

9. Disclaimer

THIS DOCUMENT IS PROVIDED FOR INFORMATIONAL PURPOSES ONLY.

This message contains Symantec Corporation's current view of the

topics discussed as of the date of this document. The information

contained in this message is provided "as is" without warranty of any

kind, either expressed or implied, including but not limited to the

implied warranties of merchantability, fitness for a particular

purpose, and freedom from infringement. The user assumes the entire

risk as to the accuracy and the use of this document. This document

may not be distributed for profit.

Symantec and the Symantec logo are U.S. registered trademarks of

Symantec Corporation. Other brands and products are trademarks of

their respective holder(s).

Materials may not be published in other documents without the

express, written permission of Symantec Corporation.

------------------------------

End of knoxcotn-digest V1 #135

******************************