Thursday, September 17, 2009

You always need to read your bank and credit statements

It was with some interest that I read today’s “The Advocate” column in the Times Union.  A man had $400 taken out of his credit union account and the credit union wasn’t going to give it back to him.  He has an account with the State Employees Federal Credit Union (SEFCU).  Another SEFCU member was making a bill payment over the phone and mistyped her account number.  It ended up being his account number and the money was taken from his account.

The guy was on vacation and did not get his bank statements in a timely manner.  When he noticed the error, he contacted SEFCU and they declined to reverse the transaction because he did not notify them within a 60 day window of the transaction.  He contacted the Advocate (Cathy Woodruff), who was able to reach an upper level marketing manager who was able to get the transaction reversed in a few hours.  The manager said that the transaction could have been reversed if the SEFCU member had asked for a manager.

That’s ridiculous, the service representatives that originally handled the case could have easily waved the 60 day period limitation.  It’s just an arbitrary time limit that SEFCU had set, nothing more.  If you think about this, it’s really SEFCU’s fault that they allowed the transaction to go through in the first place.

The woman who typed in the wrong number had made a simple mistake entering in the account number.  There should be enough security in SEFCU’s over the phone banking where you should only be able to access the accounts that you actually have access to.  If you think about, that’s a huge security hole in their system.

Hypothetically speaking, you could open an account with SEFCU today and make payments from other people’s account by lopping one digit of your own account number.  it may work, it may not, but apparently the SEFCU over the phone banking system will let you do that.

You really have to examine your bank statements each month with a fine toothed comb.  And that goes for your credit cards too.  Nearly two years ago, something similar happened to my checking account with Citizens Bank.  You can not count on the bank to protect your money, you have to monitor the transaction for your own fiscal safety.  And if you get caught in a jam like this, contact your local consumer affairs person at the newspaper or TV station.

Thursday, September 10, 2009

Wireshark work around for Windows 7

I do a fair amount of programming at the socket level and Wireshark is one the tools that I use to test the data going over the wire.  Wireshark is a free application that analyzes packets going across the network.  It knows about the different protocols and can display the data with a nice GUI front end.  It’s a cross platform tool, and I hit a small snag when I went to Windows 7.

To capture the packets, Wireshark uses pcap, which is an API for capturing network data.  Unix/Linux systems use a libpcap library, Windows uses WinPcap.  When you install Wireshark under WIndows, the installer checks to see if WinPcap is installed and if it’s not, it runs a bundled installer for the latest version of WinPCap.

When I installed Wireshark on my Windows 7 box, the installer was unable to install WinPCap.  It displayed the following error message:

This version of Windows is not supported by WinPcap 4.1 beta5.

Oh, the joy of using a new version of Windows.  There is a work around.  Download the WinPcap installer from here and install it first.  When you install it, run it in Vista compatibility mode. 

  1. With Explorer, Right-click on the installer and select “Troubleshoot compatibility”.  This will bring up the “Program Compatibility” dialog.
  2. Select the second option, “Troubleshoot program”.
  3. Under “What problems do you notice”, select the first checkbox, “The program worked in earlier versions of WIndows but wont install or run now”.  Then press the “Next” button.
  4. Under “Which version of Windows did this program work on before?”, select “Windows Vista”.  Press the “Next” button.
  5. Under “Test compatibility settings for the program”, press the “Start the program…” button.  This should allow you to install WinPCap.
  6. After the installer has completed, press the “Next” button on the “Test compatibility settings for the program” dialog.
  7. On the “Troubleshooting has completed. Is the problem fixed?” page,  select “Yes, save these setting for this program” to close out the “Program Compatibility” dialog

At this point, you should have WinPcap successfully installed and you can now run the Wireshark installer.  The Wireshark installer will detected that WinPCap is already in place and you can complete the install.

Tuesday, September 08, 2009

Blocking spam that appears to come from your own email address

At work, I get a lot of email where the sender has spoofed the email address so that it appears to come my work email address.  It’s annoying and our corporate email filter doesn’t catch it.  I did find a way to block it with a close to 100% success rate.  What I did was to create an email filter in the email application that traps those messages.  I’m using Outlook 2007, but the technique should would work for any email client that has decent filtering.  Here’s how I created the rule (using an obviously fake email address of a known spammer):

1.       From the Tools menu, select “Rules and Alerts…”

2.       From the “Rules and Alerts…” dialog, press the  “New Rule…” button.

3.       Under “Start from a blank rule” section, select “Check messages when they arrive” template.

4.       Under the dialog for “Which condition(s) do you want to check?”, select "with specific words in the message header"

5.       Click on “specific words” to open the dialog box that allows you to enter the search criteria.  I entered the following list, you would enter what matches your junk email and each line is entered in separately:
X-Barracuda-Envelope-From: sanford.wallace@spamking.com

From: <sanford.wallace@spamking.com>

6.       After closing this dialog, press “Next”

7.       On the “What do you want to do with the message?” dialog, select the following actions:
mark it as read

clear the Message Flag

move it the specified folder

8.       Click on "specified" and select the "Junk E-mail" folder.

9.       Click the “Next” button to the Finish rule setup dialog.

10.   Name the rule and set "Turn on this rule".  There is also a checkbox “Run this rule on messages already in “Inbox”.  You can set that checkbox to test the new rule.  If you have lots of messages in your inbox, create a new folder and copy some of the spam into that folder.  Then select that folder and edit the rule.  The “Run this rule…” checkbox will now list the name of the selected mail folder.  Your rule will run much faster on a mail folder with just a few times in it.

 

As you edit the settings, Outlook will display a text representation of the rule as you configure it.  It should look something like this:

Apply this rule after the message arrives
with ‘X-Barracuda-Envelope-From: sanford.wallace@spamking.com or From: <sanford.wallace@spamking.com>‘ in the message header
clear the message flag
  and move it to the Junk E-Mail folder
  and mark it as read

You may need to tweak the rule a bit to match the right messages, but it’s fairly robust.  If you want to allow email from your own address, add an exception to the rule and have the exception match some specific text in your message header or your email signature.