INTERFACE WINDOWS 7

Microsoft's release of Windows 7 also roughly coincides with Apple's release of its new Snow Leopard; for a visual comparison of the two operating systems, see our slideshow "Snow Leopard Versus Windows 7." Of course, an OS can't be a winner if it turns a zippy PC into a slowpoke or causes installation nightmares. Consult "Windows 7 Performance Tests" for Windows 7 performance test results, and "How to Upgrade to Windows 7" for hands-on advice on the best way to install it. Read on here for an in-depth look at how Microsoft has changed its OS — mostly for the better — in Windows 7.

(Msnbc.com is a NBC Universal-Microsoft joint venture.)

Interface: The new taskmaster
The Windows experience occurs mainly in its Taskbar — especially in the Start menu and System Tray. Vista gave the Start menu a welcome redesign; in Windows 7, the Taskbar and the System Tray get a thorough makeover.


The new Taskbar replaces the old small icons and text labels for running apps with larger, unlabeled icons. If you can keep the icons straight, the new design painlessly reduces Taskbar clutter. If you don't like it, you can shrink the icons and/or bring the labels back.

In the past, you could get one-click access to programs by dragging their icons to the Quick Launch toolbar. Windows 7 eliminates Quick Launch and folds its capabilities into the Taskbar. Drag an app's icon from the Start menu or desktop to the Taskbar, and Windows will pin it there, so you can launch the program without rummaging around in the Start menu. You can also organize icons in the Taskbar by moving them to new positions.

To indicate that a particular application on the Taskbar is running, Windows draws a subtle box around its icon — so subtle, in fact, that figuring out whether the app is running can take a moment, especially if its icon sits between two icons for running apps.

In Windows Vista, hovering the mouse pointer over an application's Taskbar icon produces a thumbnail window view known as a Live Preview. But when you have multiple windows open, you see only one preview at a time. Windows 7's version of this feature is slicker and more efficient: Hover the pointer on an icon, and thumbnails of the app's windows glide into position above the Taskbar, so you can quickly find the one you're looking for. (The process would be even simpler if the thumbnails were larger and easier to decipher.)

Also new in Windows 7's Taskbar is a feature called Jump Lists. These menus resemble the context-sensitive ones you get when you right-click within various Windows applications, except that you don't have to be inside an app to use them. Internet Explorer 8's Jump List, for example, lets you open the browser and load a fresh tab, initiate an InPrivate stealth browsing session, or go directly to any of eight frequently visited Web pages. Non-Microsoft apps can offer Jump Lists, too, if their developers follow the guidelines for creating them.

Click for related content
Windows 7 is strong, but don’t pay to upgrade
Tablet, schmablet: What would it be good for?
Apple’s Snow Leopard is no dramatic upgrade

Other Windows 7 interface adjustments are minor, yet so sensible that you may wonder why Windows didn't include them all along. Shove a window into the left or right edge of the screen and it'll expand to fill half of your desktop. Nudge another into the opposite edge of the screen, and it'll expand to occupy the other half. That makes comparing two windows' contents easy. If you nudge a window into the top of the screen, it will maximize to occupy all of the display's real estate.

The extreme right edge of the Taskbar now sports a sort of nub; hover over it, and open windows become transparent, revealing the desktop below. (Microsoft calls this feature Aero Peek.) Click the nub, and the windows scoot out of the way, giving you access to documents or apps that reside on the desktop and duplicating the Show Desktop feature that Quick Launch used to offer.

Getting at your desktop may soon be­­come even more important than it was in the past. That's because Windows 7 does away with the Sidebar, the portion of screen space that Windows Vista reserved for Gadgets such as a photo viewer and a weather applet. Instead of occupying the Sidebar, Gadgets now sit directly on the desktop, where they don't compete with other apps for precious screen real estate.

ld tray, new tricks
Windows 7's Taskbar and window management tweaks are nice. But its changes to the System Tray — aka the Notification Area —have a huge positive effect.

In the past, no feature of Windows packed more frustration per square inch than the System Tray. It quickly grew dense with applets that users did not want in the first place, and many of the uninvited guests employed word balloons and other intrusive methods to alert users to uninteresting facts at inopportune moments. At their worst, System Tray applets behaved like belligerent squatters, and Windows did little to put users back in charge.

In Windows 7, applets can't pester you unbidden because software installers can't dump them into the System Tray. Instead, applets land in a holding pen that appears only when you click it, a much-improved version of the overflow area used in previous incarnations of the Tray. App­lets in the pen can't float word balloons at you unless you permit them to do so. It's a cinch to drag them into the System Tray or out of it again, so you enjoy complete control over which applets reside there.

More good news: Windows 7 largely dispenses with the onslaught of word-balloon warnings from the OS about troubleshooting issues, potential security problems, and the like. A new area called Action Center — a revamped version of Vista's Security Center — queues up such alerts so you can deal with them at your convenience. Action Center does issue notifications of its own from the System Tray, but you can shut these off if you don't want them pestering you.

All of this helps make Windows 7 the least distracting, least intrusive Microsoft OS in a very long time. It's a giant step forward from the days when Windows thought nothing of interrupting your work to inform you that it had de­­tected unused icons on your desktop.

File management: The library system
Compared to the Taskbar and the System Tray, Explorer hasn't changed much in Windows 7. However, its left pane does sport two new ways to get at your files: Libraries and HomeGroups.

Libraries could just as appropriately have been called File Cabinets, since they let you collect related folders in one place. By default, you get Libraries labeled Documents, Music, Pictures, and Videos, each of which initially di­­rects you to the OS's standard folders for storing the named items — such as My Pictures and Public Pictures.

To benefit from Libraries, you have to customize them. Right-click any folder on your hard drive, and you can add it to any Library; for instance, you can transform the Pictures Library into a collection of all your folders that contain photos. You can create additional Libraries of your own from scratch, such as one that bundles up all folders that relate to your vacation plans.

Libraries would be even more useful if Microsoft had integrated them with Saved Searches, the Windows feature (introduced in Vista) that lets you create virtual folders based on searches, such as one that tracks down every .jpg image file on your system. But while Windows 7 lets you add standard folders to a Library, it doesn't support Saved Searches.

HomeGroups, Sweet HomeGroups?
Closely related to Libraries are HomeGroups, a new feature designed to simplify the notoriously tricky process of networking Windows PCs. Machines that are part of one HomeGroup can selectively grant each other read or read/write access to their Libraries and to the folders they contain, so you can perform such mundane but important tasks as providing your spouse with ac­­cess to a folderful of tax documents on your computer. HomeGroups can also stream media, enabling you to pipe music or a movie off the desktop in the den onto your notebook in the living room. And they let you share a printer connected to one PC with all the other computers in the HomeGroup, a useful feature if you can't connect the printer directly to the network.

HomeGroups aren't a bad idea, but Windows 7's implementation seems half-baked. HomeGroups are password-protected, but rather than inviting you to specify a password of your choice during initial setup, Windows assigns you one consisting of ten characters of alphanumeric gibberish and instructs you to write it down so you won't forget it. To be fair, passwords made up of random characters provide excellent security, and the only time you need the password is when you first connect a new PC to a HomeGroup. But it's still a tad peculiar that you can't specify a password you'll remember during setup — you can do that only after the fact, in a different part of the OS. More annoying and limiting: HomeGroups won't work unless all of the PCs in question are running Windows 7, a scenario that won't be typical anytime soon. A version that also worked on XP, Vista, and Mac systems would have been cooler.

Federated Search, a new Windows Explorer feature, feels incomplete, too. It uses the Open­Search standard to give Win 7's search "connectors" for external sources. That capability allows you to search sites such as Flickr and YouTube from within Explorer. Pretty neat —except that Windows 7 doesn't come with any of the connectors you'd need to add these sources, nor with any way of finding them. (They are available on the Web, though. Use a search engine to track them down.)

What you need to know about Windows 7

What if a new version of Windows didn't try to dazzle you? What if, instead, it tried to disappear except when you needed it? Such an operating system would dispense with glitzy effects in favor of low-key, useful new features. Rather than pelting you with alerts, warnings, and requests, it would try to stay out of your face. And if any bundled applications weren't essential, it would dump 'em.

It's not a what-if scenario. Windows 7, set to arrive on new PCs and as a shrink-wrapped upgrade on Oct. 22, has a minimalist feel and attempts to fix an­­noyances old and new. In contrast, Windows Vista offered a flashy new interface, but its poor performance, compatibility gotchas, and lack of compelling features made some folks regret upgrading and others refuse to leave Windows XP.

Windows 7 is hardly flawless. Some features feel unfinished; others won't realize their potential without heavy lifting by third parties. And some long-standing annoyances remain intact. But overall, the final shipping version I test-drove appears to be the worthy successor to Windows XP that Vista never was.

Motivations of a Criminal Hacker

Although a lot of literature has been written about the technical aspects of securing a network, not much is available about who your enemies are and what motivates them to attack. Before you can determine how to protect your organization, you must learn to think like a hacker, figure out where you’re vulnerable, and then develop a game plan to reduce your exposure. If you can understand who would want to do you harm and what can be gained from such harm, you can better protect your company and your information. Make the following assumptions:

• You do have professional adversaries.
• You are on their target list.
• You will be attacked some day.
• You cannot afford to be complacent.

One of the most difficult realities for an organization to accept is the presence of adversaries who might attempt to harm it by using technology. It’s also possible that you really do not have adversaries in this traditional sense. Today, attackers look for any system that has an exploitable weakness that they can turn to their advantage. Often, attackers look at weakly secured systems as bases from which to launch more sophisticated attacks.

The motivations of attackers can be varied and complex. Hackers are often motivated, in part, by their invisibleness. Today’s more sophisticated hackers are often also motivated by the prospect of a big payday. On the Internet, a hacker can “peek” into a company’s private world—its network—and learn a lot while remaining anonymous.

Some individuals are just curious to see what they can learn about your company or individuals within your company. These hackers often don’t have any malicious intent and are unaware that their actions violate security policy or criminal codes. That does not mean that these casual hackers are any less dangerous, however.

Other hackers are simply trying to help. You’ve probably been in this category once or twice yourself. In your zeal to be helpful, you bypass security policies to fix problems or accomplish emergency assignments. You might even believe that your efforts are more efficient than following established guidelines and policies. Nevertheless, the bypassing of known security policies is one element of hacking a network.

Some individuals act with malicious intent, engaging in acts of sabotage, espionage, or other criminal activities. They can become moles, stealing information to sell to competitors or foreign groups. Some simply enjoy destroying the work of others as well as their own work. Others act out of revenge for a real or perceived wrong committed against them, or believe they are acting in line with a strongly held belief system. Still others are more methodical and hardened and turn hacking into a career; they might even take employment just to do your company harm.

How Hackers Work

Hackers start by learning that an e-mail server exists, which generic scanning tools can tell them. Coupled with the public information of your Domain Name System (DNS) records, hackers can quickly know a lot about your network.

Finding company information is easy for anyone. You can do it. Simply open a command prompt and type nslookup. Set the type of the record you’re looking for to a mail exchanger (MX) record by typing set type=mx. Type a domain name. This example uses Microsoft.com. Figure 19-1 shows the results.

Figure 19-1 Using the NSLookup tool to find the public MX records for Microsoft.com

Next, the hacker determines the platform of your SMTP server in one of two ways. In the first approach, the hacker can use Telnet to open a session to your server over port 25 and then read the banner. Under Exchange Server 2007, the banner no longer identifies the version of Exchange Server being run, but does still indicate that the server is running the Microsoft ESMTP service. By removing the version number, Microsoft makes it harder for hackers to determine the exact version of Exchange that you are using. Note, of course, that because Exchange Server 2007 is the only version that, by default, lacks this identifying information, there are methods to achieve the same goal in older versions. However, a hacker can still figure out what he wants to know. It will take a couple of service packs and another major version of Exchange before this default omission really begins to bear fruit. Figure 19-2 gives you a look at an ESMTP conversation that takes place with an Exchange Server 2007 server.

Figure 19-2 Opening a Telnet session to a server running Exchange Server 2003

Under older versions of Exchange Server, the exact version of the Exchange server being run is displayed (see Figure 19-3). The main version number, 6.0, means Exchange Server 2003. An Exchange 2000 Server registers with a main version number of 5.0. A SendMail server has its name and the version of SendMail software used by the company displayed in the header as well as the operating system (OS). Using this kind of information, a hacker can target his efforts by looking for exploits that will work for your specific system.

Figure 19-3 Opening a Telnet session to a server running Exchange Server 2007

More Info

Although Exchange Server 2007 is the first version of Exchange Server that, by default, does not display versioning information in a telnet window, you can manually configure older versions of Exchange Server to act the same way. Refer to http://support.microsoft.com/kb/281224/en-us for more information..

The second way to determine your e-mail server platform is to send a bogus e-mail to your server. This is accomplished by sending a message to an unlikely e-mail address such as pancake@contoso.com. The nondelivery report (NDR) that is returned has the e-mail server information located somewhere in the NDR. The following sample is a message header sent to the lab Exchange server at contoso.com. Notice that the Exchange server version is included right in the Sent by line:

Delivery has failed to these recipients or distribution lists:

pancake@contoso.com
This recipient e-mail address was not found in the recipient e-mail system.
Microsoft Exchange will not try to redeliver this message for you. Please
check the recipient e-mail address and try resending this message, or provide
the following diagnostic text to your system administrator.
----------------------------------------------------------------------------
Sent by Microsoft Exchange Server 2007
Diagnostic information for administrators:
Generating server: E2007-4.contoso.com
pancake@contoso.com #550 5.1.1 RESOLVER.ADR.RecipNotFound; not found ##
Original message headers:
Received: from E2007-4.contoso.com ([192.168.0.22]) by E2007-4.contoso.com 
([192.168.0.22]) with mapi; Thu, 15 Mar 2007 22:31:42 -0600
Content-Type: application/ms-tnef; name="winmail.dat"
Content-Transfer-Encoding: binary
From: Francis Cat 
To: "pancake@contoso.com" 
Date: Thu, 15 Mar 2007 22:31:37 -0600
Subject: Test message
Thread-Topic: Test message
Thread-Index: AQHHZ4P8FQkU6/4hJka2OY89GG0rfg==
Message-ID: <48b260b970217342aafbcd9bd19b2e5d20a39d1c1b@e2007-4.contoso.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator: <48B260B970217342AAFBCD9BD19B2E5D20A39D1C1B@E2007-4
  .contoso.com>
MIME-Version: 1.0

Now that the hacker knows which e-mail server software you run, he or she checks known databases to find vulnerabilities to exploit. The known vulnerabilities for Exchange Server 2007 are listed in Microsoft’s Security Bulletins and can be found at http://www.microsoft.com/security/default.mspx. On older versions of Exchange, some of the vulnerabilities could involve Microsoft Internet Information Services (IIS) because IIS managed the SMTP service for Exchange. In Exchange Server 2007, SMTP is a core part of Exchange itself, which helps to reduce the attack potential on your server. Other vulnerabilities may involve Microsoft Outlook Web Access (OWA), again because of the involvement of IIS managing the HTTP connectivity to the Exchange server. At a minimum, be aware of any vulnerabilities that exist for Exchange Server 2007 and test and install the patches when they are released.

Generally speaking, the e-mail administrator can expect the following kinds of attacks:

• Buffer overflows Buffer overflows send a larger quantity of data to the server than is anticipated. Depending on how the overflow is executed, it could cause the server to stop working or it might run malicious code from the attacker.
• Data processing errors These are not common currently, but the concept is that a small program is sent directly to the server, and the server runs it. More common today is sending these programs to a network though e-mail as attachments. Depending on their function and purpose, these programs can be viruses, Trojans, or worms (discussed at length later in this chapter).
• HTML viruses These do not require user intervention to run unattended scripts.
• Custom programs written to run against port 25 (SMTP) The more common types of programs that attack port 25 include e-mail–flooding programs or programs that contain their own SMTP engine that use the port for their own malicious purposes.
• Denial of Service (DoS) A Denial of Service attack is an attack on a network that is undertaken in an effort to disrupt the services provided by a network or server.
• Cross-site scripting Cross-site scripting is a vulnerability whereby an attacker places malicious code into a link that appears to be from a trusted source.
• Spam and phishing expeditions Spam, or junk mail, is a well-known e-mail malady and affects just about everyone that uses the communication medium. A particular type of spam, called a phishing e-mail, attempts to lure unsuspecting users into clicking on unsafe web links. These links point to web forms that ask the user to provide sensitive personal information.

Here are some broad actions you can take to guard against the attacks just described, plus others:

• Physical access to the server Lock the doors and use some type of biotech authentication.
• Viruses, Trojans, and worms Use antivirus software and regularly scan your servers and workstations. Use the Exchange Server 2007 Edge Transport server role on at least one Exchange server.
• Loss of data Perform regular backups.
• Unauthorized use of user accounts Conduct user training on information security policies and require complex passwords.
• Denial of service attack Harden the TCP/IP stack and the router.
• Platform vulnerabilities Install all software patches and engage in service that offers minimization. Microsoft has released excellent free software for updating its patches on your servers. This software is called Windows Server Update Services (WSUS).

More Info

A discussion of WSUS is outside the scope of this chapter, but you can learn more about WSUS on Microsoft’s Web site at http://www.microsoft.com/windowsserversystem/updateservices/default.mspx.

about "hack"

Thanks to the media, the word "hacker" has gotten a bad reputation. The word summons up thoughts of malicious computer users finding new ways to harass people, defraud corporations, steal information and maybe even destroy the economy or start a war by infiltrating military computer systems. While there's no denying that there are hackers out there with bad intentions, they make up only a small percentage of the hacker community.

The term computer hacker first showed up in the mid-1960s. A hacker was a programmer -- someone who hacked out computer code. Hackers were visionaries who could see new ways to use computers, creating programs that no one else could conceive. They were the pioneers of the computer industry, building everything from small applications to operating systems. In this sense, people like Bill Gates, Steve Jobs and Steve Wozniak were all hackers -- they saw the potential of what computers could do and created ways to achieve that potential.

A unifying trait among these hackers was a strong sense of curiosity, sometimes bordering on obsession. These hackers prided themselves on not only their ability to create new programs, but also to learn how other programs and systems worked. When a program had a bug -- a section of bad code that prevented the program from working properly -- hackers would often create and distribute small sections of code called patches to fix the problem. Some managed to land a job that leveraged their skills, getting paid for what they'd happily do for free.

As computers evolved, computer engineers began to network individual machines together into a system. Soon, the term hacker had a new meaning -- a person using computers to explore a network to which he or she didn't belong. Usually hackers didn't have any malicious intent. They just wanted to know how computer networks worked and saw any barrier between them and that knowledge as a challenge.


­­In fact, that's still the case today. While there are plenty of stories about malicious hackers sabotaging computer systems, infiltrating networks and spreading computer viruses, most hackers are just curious -- they want to know all the intricacies of the computer world. Some use their knowledge to help corporations and governments construct better security measures. Others might use their skills for more unethical endeavors.

In this article, we'll explore common techniques hackers use to infiltrate systems. We'll examine hacker culture and the various kinds of hackers as well as learn about famous hackers, some of whom have run afoul of the law.

In the next section, we'll look at hackers' tricks of the trade.