VBOK #11 - Audio(MIDI/WAV/Sound cards)/SYN Flooding ______________________________________________________________________ TOC 1. Audio (MIDI/WAV/Sound cards) 2. Security Issues 3. Software Review (There's something for MAC people in this edition too.) 4. Cool Sites 5. Nickel Knowledge (New section) If the columns in the below articles appear misaligned, it's because you are using a non-fixed width font. If you would like to see them nice and straight, change your E-mail font to Times New Roman. ______________________________________________________________________ 1. Audio (MIDI/WAV/Sound cards) ------ Most people have a sound card installed in their computer. It performs two main functions, the first is to play MIDI (Musical Instrument Digital Interface) files, and the other is to play digitized (sampled) audio. MIDI - You can think of MIDI music as a sheet of music, a page with musical notes on it. There is no actual sound encoded in a MIDI file (hence it's small size), because it's left up to your computer to play the note with the "correct" instrument. Correct is in quotes, because this may not always be the case. Think of it this way, a friend writes a piece of music for the piano. He has a grand piano that he uses, and the music he wrote sounds really great on it. Later on, he gives you a photocopy of his sheet music which you take home to play on your baby piano. The notes are the same, but it sounds quite a bit different. Sound cards are like this too, but there are more reasons as to why they sound differently. This is where it's going to get confusing.. :) There are two main categories of MIDI: FM synthesis - Instrument sounds are created "on the fly" by oscillators. WaveTable - A ROM chip on the sound card contains an actual recorded sample of the real instrument. Most wavetable sound cards also come with wavetable RAM, so you can load instrument samples from disk, allowing you to specifically tailor the instrument compliments to the piece you are writing/playing. The downfall to this, is that anyone who tries to listen to your MIDI file must have their sound card loaded with the same instrument samples you had, for it to sound the way you had intended. Short of including them in the ZIP file along with your MIDI, they will only be able to approximate it. A little further on, I'm going to talk about how the line between MIDI and digital audio is getting a little blurry. There are different standards to MIDI: Adlib Roland GS Roland MT32 Microsoft Sound System EMU8000 -- 32 voices, wavetable GM -- General MIDI, FM MPU-401 The number you see in the name of your sound card (Soundblaster 16, Orchid Soundwave 32, Soundblaster AWE64 etc.) refers to the number of simultaneous voices it can output. It does *not* refer to the bit resolution as most people are led to believe. Before I get further, let me define these terms. Voices refer to MIDI instruments (piano, clarinet, flute etc.), and bit resolution (which is 16-bit (maximum) for your everyday store bought sound card) refers to how well a signal at any given time is "described" in amplitude. Sound cards use 16-bit digital just like your CD player (whether it be the CD-ROM drive in your computer, or the CD player in your stereo system.) So your Metallica CD should sound just as good when played on your computer as the stereo in your house right!!!? Well, not exactly. There are a good number of differences. Let's hit the obvious first, your speakers. Unless you're like me and have the line level outputs from your sound card going to a stereo receiver using non-computer speakers, then your sound isn't going to be anything like your home stereo system. Don't get me wrong here. Altec Lansing has come out with some good speakers and subwoofer, as did Bose.. But *neither* sound like a set of Bose 901s or Infinity SM-155s.. But I'm getting off track here.. Another problem is the DACs (Digital to Analog Converters). They convert the 1's and 0's encoded on the CD and convert them to analog voltages to be sent to your speakers. In a home stereo system and very high end sound cards for professionals, the DACs are very high quality (I know, I know, there are cheapy home stereo systems out there with lousy DACs too, but I'm speaking generally). The last major problem I'm going to include on this subject is noise filtering. Your computer generates a *lot* of noise (I'm speaking about electrical noise, not necessarily audible until it is processed by your sound card circuitry). The power supply, hard drives, CD-ROM, tape backup, processor cooling fan, ZIP drive etc...All generate noise. Some of this bleeds over into the sound card circuitry. That's why you should try to install your sound card in the slot farthest from all of these devices. Ok, now what we just talked about above (CD audio, 16-bit etc..) falls into the other set of categories pertaining to sound card audio called digital audio (Very first paragraph of this article.) This can be a little bit confusing, so let me explain. *all* sound information in your computer is digital. It will remain digital until it passes through the DAC on it's way to the speakers. What I'm talking about when I say digital is that it was stored as 1's and 0's prior to it's use in producing sound. These include .WAV, .VOC, .AU, CD audio, wavetable samples etc... What it doesn't include is FM (Frequency Modulation (I am not going to explain FM any further than to say that it is an analog wave form where the intelligence is encoded on the carrier by way of varying the frequency of the carrier wave in relation to the "intelligence" of the modulating signal. As opposed to AM (Amplitude Modulation) where the intelligence is encoded by varying the amplitude of the carrier wave in relation to the amplitude of the modulating signal)). FM in your sound card is produced by oscillators. This is where the voices thing comes in (First line, two paragraphs up). The number of oscillators dictates the number of simultaneous voices your sound card can output. Soundblaster AWE64 has 32 hardware voices (oscillators), and 32 software voices (created by mixing frequencies in software and not hardware). The Orchid Soundwave 32 as well as the old 8-bit Soundblaster have 11 voices. Alright, let's get into the good stuff. On the digital audio side, there is another term that is very important to sound quality. It's called sample rate. A waveform is analog right!!? So, to be stored as 1s and 0s on your computer it must be digitized. This is accomplished through sampling. You've probably already seen numbers like 11KHz, 22KHz, 44.1KHz etc.. Well this refers to the sampling rate of the signal. So what exactly is sampling?? Well, I'm glad you asked! Sampling is a digital representation of an analog signal. Get ready, I'm going to tie some stuff together here from previous paragraphs (just didn't want you to miss it), a single sample is (drum roll please) 16 bits. That means it uses 16 bits to "describe" the wave form's amplitude at any one given instant. This is about the only point where the sound card audio is of the same "quality" as a CD. Now, you put a bunch of these samples together at a regular interval, and you have a sampling rate. Here's an analogy: When you watch TV, you are viewing 30 Frames Per Second (fps). That means every second you see 30 pictures (or snapshots if you will). For the most part all the pictures are the same, but very small differences are happening. A hand is moving, a racecar is coming down the track, a bullet is shooting out of a gun etc.. They are all single pictures put together end after end at a certain speed which the human eye perceives as fluid motion. Now contrast this with older computer generated videos (i.e AVI, MOV, but not DVD (DVD is 30fps)). Generally they were recorded at 15 fps. Although this is fast enough to provide a reasonable semblance of motion, it doesn't compare to the 30fps of your TV. Just some nickel knowledge for you, motion picture movies (the ones you see at a theater) are 24 fps. Now, this explains the sampling rate. You must have enough samples occurring fast enough to provide a good representation of the thing you are sampling. Just as the video of a 15 fps AVI looks jerky, an analog audio signal of a symphony recorded at 22KHz will also sound non-fluid. Some more nickel knowledge, CDs are recorded at 44.1KHz, so 22KHz is half that. 30 fps vs 15 fps, 44.1Khz vs 22KHz. So, what is the 16-bit sample providing information wise? Amplitude! I was going to attempt an ASCII drawing, but I don't think it would help. So if you really want to figure out this sampling thing. Do this: 1. Take a piece of notebook paper (preferably with lines). 2. Turn the paper clockwise 90 degrees. 3. Start on the left side of the sheet somewhere towards the middle. 4. Draw a sine wave. (If you have no idea what this is, look on your keyboard for a little squiggly horizontal line. It's generally above the tab key, to the left of # 1 key. When you draw the sine wave, go all the way to the top of the paper, all the way to the bottom, so that it totally covers the sheet of notebook paper (from left to right also). 5. Now, take a piece of tracing paper and place it over your sine wave. 6. The bottom edge of your paper is your starting reference for every sample line you draw. 7. If you've done everything correctly, your sine wave should be divided up by the vertical lines already on the notebook paper. If this is correct, then with your tracing paper in place put your pencil down on the intersection of the bottom of the paper and the vertical notebook paper lines. 8. Draw a line from there, up to where you intersect the sine wave. 9. Move to your right, to the next vertical line and repeat step 8. 10. Repeat step 9 until you have used all the vertical lines in your sine wave. 11. Now remove the tracing paper from the notebook paper and look at it. 12. You'll notice that on top of the lines you drew is a very good representation of the sine wave on the notebook paper (If this wasn't clear, imagine your sine wave sitting on top of the lines you drew.) Easy huh... Now, there are about 30 lines on a piece of notebook paper. Let's pretend that the whole piece of paper is one second, and that your sine wave is 1Hz (Hz is a unit of measurement for frequency. It is the number of times a complete cycle happens in one second. So 1Hz is one complete cycle per second.) Your sampling rate for the example you did on paper is 30Hz (30 samples per second). The minimum sampling rate to reproduce a signal is twice the wave form's frequency. So do the example over, but only describe it with two samples. One at the highest peak, and one at the lowest. Redo it with 4 samples, 8, 16 etc... See how the higher your sampling rate the better you can represent a wave form. So a 30 Hz sampling rate for a 1Hz signal is awesome. The problem with audio, is that the frequencies you are dealing with are much higher.. 0 to 4KHz for just the human voice, some instruments can obtain 20KHz, which is generally the limit, frequency wise of the human ear. So think about it... CDs are recorded at a sampling rate of 44.1Khz, some instruments are capable of producing 20Khz. Taking our paper example we did with a sampling rate of twice the wave form's frequency, you can see that this is not good. This is why you get those hardcore audiophiles complaining of the lack of audio quality in CDs at higher frequencies. Me personally, my ear isn't anywhere near as discriminating, so CD quality sounds good to me. :) Well, I probably forgot tons of stuff I should put in here, but this thing is already too long and in-depth. I'll leave off here with just some nickel knowledge stuff. - 8 bit recording quality can discern 256 levels of amplitude (volume) - 16 bit can discern 65,536 levels Do these numbers look familiar??? They look vaguely like color depth for graphics cards and RAM (such is life in the binary world of computers?) BTW if you missed the piece I did on graphics cards, get it by clicking here. It's pretty in-depth, but not as much as this sound card article. - Telephone quality is 8KHz sampling (Human voice is 0 to 4KHz) - DAT tapes sample at 48KHz - Sampling rates are per channel. So a stereo signal sampled at 11KHz is actually 22KHz (11KHz per channel). I didn't get into encoding and companding with different standards like A-Law, U-Law, FFT etc.... Maybe I'll leave that for a compression article. - Which brings up a point, one minute of recorded sound at 16 bit, 44.1KHz sampling would take up 10MB. WOW!!! Ok, Ok I'm going to stop now... :) ______________________________________________________________________ 2. Security Issues by The NMI ------ Hi Again, readers - The NMI here with this issues security section. For all of those who were wondering last issue what the heck NMI stands for, it means Non Maskable Interrupt - A signal that freezes a CPU up, usually when memory devices develop an error. It's meant as a protective measure, but can be invoked by any half decent assembly programmer :) This issues topic is SYN flooding, which can slow any system using TCP, to a crawl. The reason this attack is so effective is because it requires very little network traffic, unlike many other attacks dealing with flooding, like e-mail bombing, etc. HOW IT WORKS: A TCP connection request, or "SYN" message, is sent to the target computer. The source IP address (where the message came from) in the packet is "spoofed", meaning the address that normally should go there is substituted with a false one, intended to mislead anyone who might attempt to trace the packet back to it's original source. In this case, it's either replaced with an address that is not in use on the Internet, or one that belongs to another computer. Upon receiving the connection request, the target computer allocates resources to handle and track the new connection, then responds with a "SYN-ACK". In this case, the response is sent to the "spoofed" nonexistent IP address. No response is received to the SYN-ACK. A default- configured Windows NT 3.5x or 4.0 computer will re-transmit the SYN-ACK 5 times, doubling the time-out value after each re-transmission. The initial time-out value is three seconds, so retries are attempted at 3, 6, 12, 24, and 48 seconds. After the last re-transmission, 96 seconds are allowed to pass before the computer gives up on receiving a response, and deallocates the resources that were set aside earlier for the connection. The total elapsed time that resources are in use is 189 seconds. As you can see, a series of SYN requests can effectively tie up resources on your system, which, in turn, can possibly slow down your systems internet connection to a crawl! If you think your computer is the target of a SYN attack, you can type the following command at a command prompt to view connections in the "SYN_RECEIVED" state: netstat -n -p tcp This command may cause the following text to appear on your screen: Active Connections Proto Local Address Foreign Address State TCP 127.0.0.1:1030 127.0.0.1:1032 ESTABLISHED TCP 127.0.0.1:1032 127.0.0.1:1030 ESTABLISHED TCP 10.57.8.190:21 10.57.14.154:1256 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1257 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1258 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1259 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1260 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1261 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1262 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1263 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1264 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1265 SYN_RECEIVED TCP 10.57.8.190:21 10.57.14.154:1266 SYN_RECEIVED TCP 10.57.8.190:48 10.57.14.221:139 TIME_WAIT If a large number of connections are in the SYN_RECEIVED state, it may be that your system is under attack! WHAT YOU CAN DO: A network analyzer can be used to track the problem down further, and it may be necessary to contact your Internet Service Provider for assistance in attempting to trace the source. The effect of tying up connection resources varies, depending upon the TCP/IP stack and applications listening on the TCP port. For most stacks, there is a limit on the number of connections that can be in the half-open (SYN_RECEIVED) state. Once the limit is reached for a given TCP port, the target computer responds with a RESET to all further connection requests until resources are freed! The best way to stop an attack at present is to close your internet connection, and then restart it once more. This usually works, because the attackers program will not be able to send the TCP connection request to your target IP. The solution is crude but effective. A better way would be to implement a packet filtering program, as a patch to the TCP/IP sockets DLL, but unfortunately, this hasn't been implemented in NT 3.5, 4.0, or 95 yet. Well, that about wraps up this security brief. If any of you would like a particular concern addressed in this section, or find any technical errors in my article, feel free to e-mail me. Have Phun! The NMI ______________________________________________________________________ 3. Software Review ------ RealOrch Karaoke player - 3.94MB There aren't many programs that I run across that just out and out totally impress me, but I downloaded a karaoke player for Win95 called RealOrch. Essentially it's an enhanced MIDI (Musical Instrument Digital Interface) file that has lyrics encoded onto one of the tracks. These karaoke music files come in two flavors. The first is .KAR which is basically what I described above, and the other is a .ST3 (This is not to be confused with the ScreamTracker modules with the same extension which are also a type of music file.) The .ST3 uses one track that has an instrument imitating the human voice (Similar to when you hum the words to a song when you don't remember them.) This "hummed" track is matched against your voice when you sing into the microphone (during the karaoke session) and gives you a percentage rating at the end of the song to let you know how closely you matched it. Some of the features RealOrch includes are: - Use of .BMP and .AVI as backgrounds for the lyric text to be displayed on. - The ability to create "albums". i.e. a collection of Phil Collins songs. - Has built in games. i.e. tic-tac-toe and puzzles (You must obtain a certain score on your singing to be able to move.) - Search engine on artist, song, or keywords in the lyrics. - A very nicely rendered stereo component system interface. - Controls for your sound card mixer settings built into the stereo interface. ------ Hardwood Solitaire II The Enchanted Decks Card game - 3.17MB There is both a PC and MAC version. One thing I've noticed about the card games written for computers, is that although they generally play well, they are *ugly*. The programmer was mainly concerned more with game play than aesthetics. Which, if I had to choose one or the other, I'd have to go with game play too. This is common sense, because it doesn't matter how pretty your game is if it doesn't work right. Hardwood Solitaire II (HWS) has spent a lot of time on both the interface and game play. What they ended up with, is a beautiful game that not only plays well, but has all the worthwhile bells and whistles too. If you're one of those people that can play solitaire for 500 hours straight, HWS is your dream come true. If you only play it when your computer is busy doing something else, or just killing time, you'll still love it. Here are some of the features: - The card backs are very nicely done. Somebody spent a lot of time drawing them. - With the registered version, you can download theme packs. Such as X-mas and Halloween card backs. - The card face can be changed between the standard look or the very awesome looking "enchanted" version. - The game pauses (timer) anytime you change focus to another window. - It comes with three MIDI files that play while you play. This is another area that someone spent considerable time in, as the music is very nice. You can also just drop any other MIDI files in the game directory, add them to the play list, and enjoy your own taste in music while playing. - The shareware version only includes Klondike (The most common game of solitaire, like Windows solitaire), but the registered version also comes with Freecell, Fourteen Out, Four Seasons, Pyramid, and Golf. - Keeps track of high scores for both the difficult and easy games. You can also double-click a high score game if you wish to replay it. - Has the option to check for news and updates from the makers of HWS right in the game. ______________________________________________________________________ 4. Cool Sites ------ Drivers Headquarters Get the latest drivers for all of your hardware needs. ------ Tom's Hardware Guide This guy is a hardware information pack rat. He covers tons of information on computer hardware. Chipsets, RAM, video cards, HDD, CPU, motherboards etc... ------ TweakIt Here's another place that hardware geeks will just love. ------ The Premier Firebird Trans Am Gallery Although this has nothing do with computers or the internet (other than it's on it), this is a very cool site. If you like Firebird Trans AMs, this is without a doubt the best place to get your daily fix. ------ 0rdernet.com **Warning** GRATUITOUS SELF PROMOTION **Warning** Want to see the newest and hottest internet site to hit the web? This small group of computer geeks got together and started a community. They cover everything from music, graphics, cars, computer repair, electronics, free web graphics, jukebox, greeting cards etc... With an average of 25,000 hits a day, they can't be too bad. Not to mention, my site is part of this community. Thanks to DB, the big dog site owner who made it all possible. ------ Woody's Office Watch This guy has dedicated his life to anything that revolves around the Microsoft Office software. Not only will you find tips, tricks, and the latest breaking news and rumors for Office software, but he's also written Office add-ons called WOPR. They include things like printing multiple pages on one sheet, toolbar editor, an enveloper, a ZIP code lookup, letterhead wizard, and tons more. He also puts out a weekly newsletter with lots of good info about MS Office software. You can subscribe via Javascript on his page, or just click here and press send. No need to fill out any information: ------ Viewpoint Datalabs Ok, you've all seen the dancing baby.. You know, the one that has probably ended up in your e-mail in-box ten thousand times. Well, these are the guys that created him. They've got just about every iteration that was made, and you can even download the wiremesh to make your own version of the Dancing Baby (provided you have the 3D editing and rendering software to do it with). ______________________________________________________________________ 5. Nickel Knowledge ------ - The Earth spins Eastward at 15 degrees per hour. - Spending 15 minutes in the sun provides your daily requirement of vitamin D. I included much of this section throughout the newsletter, later on I will start putting more in this section. Well, that concludes this issue. Have fun. Leif Gregory Copyright (c) 1998 by Leif Gregory. All rights reserved. You may share this copy of the VBOK newsletter with others as long as it is reprinted/resent in it's entirety to include this copyright notice. If you've received this edition of the VBOK newsletter from a friend or colleague and wish to start receiving your own copies, then click the below link and send the generated e-mail message. Virtual Book Of Knowledge (VBOK) VBOK Editor VBOK Homepage Unsubscribe Back-Edition Titles