RSS | MY PROFILE | PRIVACY 

Vol. 20, #7 - February 23, 2015 - Issue #1017

Security briefs

  1. Editor's Corner
    • Ask Our Readers - Moving from Windows Server 2003 to Office 365 with SharePoint
    • From the Mailbag
    • Outlook app for iOS
    • SSL dissed by NIST
    • Are containers risky?
    • Monitoring DNS threats
    • Recommended for Learning
    • Microsoft Virtual Academy
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. This Week's Tips
    • Copying only subtotals in Excel
    • Change the case of a list in Excel
    • Outlook calendar issue solved
  4. Events Calendar
    • Americas
  5. Webcast Calendar
    • WindowsNetworking.com Webinar: Preventing High Cost Security Breaches
    • Register for Webcasts
  6. Tech Briefing
    • Cloud Computing
    • Security and Privacy
    • SharePoint, Exchange and Office
    • Storage
    • Windows client
  7. Recommended TechGenix Articles
    • Recommended articles from websites in TechGenix Network
  8. Windows Server News
    • How to allot your shrinking cloud dollars in the future
    • How to use and when not to use VMware snapshots
    • DRaaS or DaaS? You can have both
    • Learning problem-solving techniques from kids at play
  9. WServerNews FAVE Links
    • Spider Man
    • Mind-Blowing Origins Of Everyday Symbols
    • Train Dashes Through The Snow In Canada
    • Dog Performs Amazing Magic Trick
  10. WServerNews - Product of the Week
    • Deep Packet Inspection for Quality of Experience Monitoring

 

Deep Packet Inspection for Quality of Experience Monitoring

Read this whitepaper to get a detailed description of packet analysis techniques to measure high network response times, network delay, server processing times, client processing time, traffic distribution, and overall quality of experience.

Download Now>>

 

Editor's Corner

In this week's newsletter we look at some of the latest happenings in the security field that admins and other IT pros should know about. In particular we'll be examining whether you should let your users use the new Outlook app for iOS, whether SSL is still a secure encryption protocol, whether it's safe to run applications in containers as opposed to virtual machines, and how you can monitor your DNS traffic to detect possible threats. All that and more in this issue including tips from some of our readers! Enjoy!

Here's this week's Dilbert comic which naturally is on the topic of corporate security:

http://www.wservernews.com/go/1424787261453

Ask Our Readers - Moving from Windows Server 2003 to Office 365 with SharePoint

In Issue #1015 Active Directory change matrix, we included the following email which we received from a reader named Hans:

I've been having recurring nightmares re-connecting my Win 7 PCs to an old HP printer on an XP desktop, every time the power goes out or the router needs to re-boot. Your tip here: http://www.wservernews.com/go/1423576396937 saved the day. I'm still only able to connect to the XP when I use its local IP address, not its name. The machine does not show up when I browse the network. Microsoft really stepped in it when they added all sorts of enhancements to good old workgroups. But at least it works and I know how to fix it next time the XP machine gets assigned a new IP address. Thanks so very much!

By the way, if you can point me to any easy to follow advice for a very small business that's trying to move from a Server 2003 environment to Office 365 with SharePoint, I'm all ears. It's harder than it should be. We just want to be able to share files and host our QuickBooks company file on SharePoint the way we do it on the Server now.

Another reader named Steve who runs a business that provides consulting and support services was gracious enough to reply to both of Hans' questions as follows:

Am responding to the question regarding the small office – I have several offices that are still running 2003 and the prospect of moving to Office365 keeps me up nights having to export to PST and then import to new profiles. However, I found a company called BitTitan that will do the upload in a few simple steps and the cost is reasonable. Product is called MigrationWiz – enter server OWA address and the Office365 credentials and migrate.

Regarding the WinXP PC printing issue – set a reservation in your firewall or worst case assign a static IP to the XP PC so if it does reboot, you never have to touch any of the other PC's to reconnect to the printer.

You can find more info about BitTitan on their website:

http://www.wservernews.com/go/1424787300250

Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at wsn@mtit.com

From the Mailbag

Our last newsletter Issue #1016 No more Windows 7 ISO and more, generated some rather emotional feedback from some of our readers. For example, Rob, a Manager of Network Administration in Indiana, USA, said:

You'd think that MS would be smart enough to realize that after the mistakes they have made with Windows 8 (and 8.1) they would of kept support for 7 active at least until Windows 10 is finished.  I'm a manager in an IT department and we are NOT going to upgrade the Windows 7 system in our organization until there is a better choice than 8.1 available.  Hopefully that choice is 10.  Apparently Microsoft is out of touch with their customers or doesn't care about making them happy customers.

A reader named Jim who owns his own company said the following:

If Microsoft drops support for Windows 7 and no longer activates Windows 7 as it does with XP, it is the end of Microsoft and my company. EVERY Windows 8 system I have sold, I have had to buy back! The simple complaint: IT SUCKS! 

My medical users tell me it is not HIPPA compliant and cannot be used where a patient can see the PC because of a vast number of reasons and therefore they will NOT load their medical application on it!

I have a modified version I created that looks like Windows 7 but the terrible hype about Windows 8 has KILLED it. If the same idiots release a "home" version of 10 (as I am testing) sell your Microsoft stock.

Another angry reader named Lorne had this to say about Microsoft:

Something will have to be done about Microsoft, sooner or later. I have Windows 7 ultimate 64 on two machines for which I paid, in good coin of the realm, an exorbitant sum. I have only had Windows 7 for a few years and already Microsoft is trying to force us to spend more money. This has simply got to stop. I have a machine running Windows 95, another running XP, another running Windows 98 second edition and all of them access the Internet just fine and do all of the other things I need to do as well. Microsoft must be congratulated because they have managed to get us all to drink the Kool-Aid. I am not particularly interested in increasing Microsoft's already bloated bank account. I have other words that I could use but are not necessarily appropriate for this note. I could say one thing, Microsoft can go to hell and reside there permanently for aught I care.

Another reader named Richard sent us this comment:

To force anyone onto the horrid Windows 8 is an egregious malicious act.

Finally, a reader named Ron responded to the "got feedback?" blurb in our last issue with the following short but sweet comment:

Yeah any thoughts: Windows 8.1 sux

Let's hope Windows 10 doesn't.

Now on to our Editor's comments for this issue...

Outlook app for iOS

Microsoft's new Outlook app for iOS has been getting rave reviews from those who have tried it. But should you allow users in your organization to use the app to access their corporate email accounts? Rene Winkelmeyer posted a warning on his blog a few weeks back that explains in several ways how the new app could actually break your company's security, and before you allow your users to use the app we suggest you read Rene's blog post carefully:

http://www.wservernews.com/go/1424787346218

A number of organizations have responded to this problem by blocking their users from using the app. For example, PCWorld has an article about the EU Parliament blocking the app here:

http://www.wservernews.com/go/1424787357640

Whether you're a Microsoft Exchange admin or use Office 365 in your organization, you may want to block users from using this app until the security concerns have been resolved by Microsoft to your satisfaction. You can learn how to block the app on ExchangeServerPro here:

http://www.wservernews.com/go/1424787374937

SSL dissed by NIST

George Chetcuti has a short article on WindowSecurity.com, one of our TechGenix family of sites, describing how the National Institute of Standards and Technology (NIST) has identified the Secure Socket Layers (SSL) v3.0 protocol as no longer being acceptable for protection of data due to inherent weaknesses within the protocol. George's article has a link to a bulletin from the PCI Security Standards Council where you can learn more about this:

http://www.wservernews.com/go/1424787399187

Are containers risky?

One of the hottest emerging trends in IT and cloud computing is running applications in containers instead of in virtual machines. For a simple explanation of the difference between these approaches, see this article by Scott Lowe on NetworkingComputing:

http://www.wservernews.com/go/1424787417453

Containers have become so popular that even Microsoft Azure supports them, and not just for Linux VMs but also for VMs running Windows Server:

http://www.wservernews.com/go/1424787428296

While containers provide organizations with another way of provisioning applications to users, there may be security risks with using them as Lenny Zeltser explains in this new article on his website:

http://www.wservernews.com/go/1424787440531

Monitoring DNS threats

Finally, Dave Piscitello a.k.a. The Security Skeptic has a helpful article on his blog describing five different ways you can monitor DNS traffic for possible security threats to your network. DNS is such a foundational part of IT infrastructure that securing it is essential nowadays, so I recommend you read Dave's article:

http://www.wservernews.com/go/1424787456953

Send us feedback

Let us know at wsn@mtit.com

Recommended for Learning

Continuing with this issue's topic of security, Andrew Case has compiled a helpful list of good books on topics like security, digital forensics, incident response, malware analysis, and reverse engineering, and so on. Take a look:

http://www.wservernews.com/go/1424787469875

Microsoft Virtual Academy

One announcement this week from the Microsoft Virtual Academy:

March 26:  Azure Active Directory Core Skills Jump Start  

Join us for Part 1 of the "Enterprise Mobility Core Skills" series. Microsoft Corporate Vice President Brad Anderson and Microsoft Technical Evangelist Simon May help you prepare your environment for mobility with Windows 10, including Identity and Access Management (IAM) in Azure AD, single sign-on, user self-service management, multifactor authentication, and more. Don't miss it!  Register today!

http://www.wservernews.com/go/1424787485156

Quote of the Week

"The trouble with the rat race is that even if you win, you're still a rat." --Lily Tomlin

Until next week,

BTW feel free to follow me on Twitter and connect with me on LinkedIn

Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at wsn@mtit.com and we’ll try to troubleshoot things from our end.

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

VNew Veeam Explorer for Microsoft SQL Server gives you fast, transaction-level recovery of SQL DBs. With agentless transaction log backup and replay, you can restore SQL DBs to a precise point in time:
http://www.wservernews.com/go/1424787594703

Fiddler is a free web debugging proxy for any browser, system or platform:
http://www.wservernews.com/go/1424787596984

Become more productive with your documents, pictures, music, source code with xplorer2, a desktop file manager:
http://www.wservernews.com/go/1424787599078

BlueScreenView scans all your minidump files created during Blue Screen Of Death crashes and displays the information about all crashes in one table:
http://www.wservernews.com/go/1424787601250


This Week's Tips

The Microsoft Excel tip we included in last week's issue seemed to hit a chord with our readers as several of them submitted their own Excel tips to us. Below are two reader tips that we found particularly helpful along with a third tip that was submitted to us by someone at Microsoft which concerns an Outlook calendar issue.

Copying only subtotals in Excel

I use this so much at work and it has always frustrated me not knowing how to do it that I thought I would share.

If you ever subtotal a list (Simple Example Below) and then want to copy only the rows that you see to a new sheet for further analysis, it doesn't work. You select the information, copy and paste to a new sheet and all the rows come with it:

Figure 1

The secret? Highlight the rows, press ALT + ; (that is, hold the ALT key while pressing the semicolon). This selects only the visible rows and allows you to paste them wherever you want.

--Submitted by Brian Drab

Change the case of a list in Excel

I was training a group in Microsoft Excel and was asked if there was a simple way to change a list into all upper case text.  I demonstrated how to add a temporary column next to the list and use the formula =UPPER(cell_reference).  Use auto fill to populate the formula to the full list range. Then copy and paste special - values over the original text. The =LOWER(cell_reference) and =PROPER(cell_reference) Functions can be used the same way.

This wasn't the crowd pleaser though.  I got wows and "why didn't you tell us this before?!" from a simple function key toggle.  In Microsoft Word and Outlook you can highlight any amount of text and press SHIFT + F3. This is a three-way toggle between upper, lower and proper cases.

--Submitted by Jim Way

Outlook calendar issue solved

For years and years I've had this issue but wasn't able to find a resolution. If I did a reply or reply all of a calendar invite that I originally created, the reply includes Friday, April 3, 1998 11:38 AM as the timestamp for when it was sent. I could repro this 100% of the time from Outlook whether it be 2013 or previous versions prior to 2013.

Well it turns out the issue is not specific to this date 1998. It appears that many years ago when I installed an addin for Cisco Unified MeetingPlace, it took over my default calendaring option and now every time I reply to an invite I created, it will have the incorrect 1998 timestamp.

The resolution was to change the following: Right click on My Calendars/Calendar, select Properties, select "When posting to this folder, use" and select IPM.Appointment instead of what it was currently set to which was MeetingPlace Meeting:

Figure 2

This did not fix existing calendar invites, but it did fix new ones.

--Submitted by Quincy Tan. Quincy is an Account Technology Strategist at Microsoft and builds cool new devices with OEM partners. He is the WW Technical Sales lead for Apps and Services in the OEM division

 

GOT TIPS you'd like to share with other readers? Email us at wsn@mtit.com

Events Calendar

Americas

Convergence 2015 on March 16-19 in Atlanta, Georgia, USA
http://www.wservernews.com/go/1424788706218

Microsoft Ignite on May 4-8, 2015 in Chicago, Illinois, USA
http://www.wservernews.com/go/1424788708281

Add your event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 95,000 subscribers about? Contact michaelv@techgenix.com

 

Webcast Calendar

WindowsNetworking.com Webinar: Preventing High Cost Security Breaches

Join experts Brien Posey, Microsoft MVP and Roy Lopez, Netwrix Sales Engineer, as they discuss the increasing frequency of data breaches and real-life lessons learned by organizations, including recent examples such as the Anthem breach. Brien and Roy will also discuss future trends based on recent data breach investigation and address a  range of important, timely topics, including:

You'll also learn how change and configuration auditing can help organizations enable complete visibility into what is happening across the entire IT infrastructure to successfully deal with security challenges.

The webinar will include a Q&A session with our expert presenters to answer your top questions!

Sign up for this informative live event!

Register for Webcasts

Add your Webcast

PLANNING A WEBCAST you'd like to tell our subscribers about? Contact michaelv@techgenix.com

 

Tech Briefing

Cloud Computing

Selecting a Cloud Management Platform (Part 2) (CloudComputingAdmin.com)
http://www.wservernews.com/go/1424788934937

The case for Hybrid Clouds: Business and technology drivers and requirements (CloudComputingAdmin.com)
http://www.wservernews.com/go/1424788936859
                                                         

Microsoft Azure

Reserved IP Address Options in Microsoft Azure (CloudComputingAdmin.com)
http://www.wservernews.com/go/1424788953359

New features in Azure Backup – Long term retention, offline backup seeding and more (Microsoft Azure Blog)
http://www.wservernews.com/go/1424788955546

Mobile Device Management

BYOD Basics: Microsoft's Mobile Device Management Toolset (CanITPro)
http://www.wservernews.com/go/1424788964187

Manage Mobile Devices and Policies in Active Directory (Redmond Magazine)
http://www.wservernews.com/go/1424788966203

SharePoint, Exchange and Office

Managing Exchange Online using Server 2012 R2 Essentials Experience Role (Part 5) (MSExchange.org)
http://www.wservernews.com/go/1424788976609

16 Tips to Optimize Exchange 2013 (Part 3) (MSExchange.org)
http://www.wservernews.com/go/1424788979687

Security and Privacy

Cloud Security: You Can Never Stand Still (CloudComputingAdmin.com)
http://www.wservernews.com/go/1424788991812

Microsoft Outlines Security Protections Using Azure Active Directory (Redmond Magazine)
http://www.wservernews.com/go/1424788994500

Recommended TechGenix Articles

When Good Clouds Go Bad: All about Cloud Services Outages (Part 2)
http://www.wservernews.com/go/1424789297046

Security Best Practices for AWS (IaaS) EC2 (Part 2)
http://www.wservernews.com/go/1424789298875

System Center Virtual Machine Manager for Beginners (Part 10)
http://www.wservernews.com/go/1424789300562

Security: A Shared Responsibility (Part 3)
http://www.wservernews.com/go/1424789302390

Configuring Active Directory Recycle Bin
http://www.wservernews.com/go/1424789304765

Windows Server News

Ace a cloud admin interview in five answers

While there is a lot that goes into becoming a cloud admin, from tools to certifications and more, you can ace the interview portion of the hiring process by utilizing a few simple tactics. Start preparing for your interview by studying these five questions that are sure to put you ahead of the other applicants.
http://www.wservernews.com/go/1424789380437

Which virtual hard disk is right for your production workloads?

Choosing a Hyper-V virtual hard disk is not easy. There are a lot of files associated with a virtual machine that are running on Hyper-V, so it is crucial that users choose the right fit for their production workload. Discover today which virtual hard disk is right for your production workloads so you can streamline the selection process.
http://www.wservernews.com/go/1424789386250

Can tablets and smartphones be thin clients?

Despite the benefits of using a mobile device as a thin client, differences in crucial elements, such as network speed and touch interfaces, still impose challenges. So, how do these pain points get resolved? Discover the pros and cons of utilizing tablets and smartphones as thin clients inside.
http://www.wservernews.com/go/1424789390546

How virtual hardware affects data center flexibility

Performing an upgrade to virtual hardware is crucial for administrators looking to get the most out of their virtualization investments.  However, they also need to be prepared to undo the change if any problems arise. Get the answers to your VM compatibility mode and virtual hardware questions, and learn how to execute a virtual hardware upgrade today.
http://www.wservernews.com/go/1424789395765

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at wsn@mtit.com

Flying Drones FPV with Epson Moverio Glasses & FEARLESS Engage Pack

One of our colleagues found this on YouTube:
http://www.wservernews.com/go/1424789525625

The World's Greatest Bowling Tricks - Andy Varipapa

The most amazing bowling tricks, featuring the greatest bowling master of all time - Andy Varipapa:
http://www.wservernews.com/go/1424789528562

Animal Rascals

Funny animals playing mischief on each other:
http://www.wservernews.com/go/1424789530984

Cat Relaxing In Front Of The Fireplace

Japanese cat relaxing in front of the fireplace, purring loudly:
http://www.wservernews.com/go/1424789533859

WServerNews - Product of the Week

Deep Packet Inspection for Quality of Experience Monitoring

Read this whitepaper to get a detailed description of packet analysis techniques to measure high network response times, network delay, server processing times, client processing time, traffic distribution, and overall quality of experience.

Download Now>>

 

 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.