RSS | MY PROFILE | PRIVACY 

Vol. 19, #43 - October 27, 2014 - Issue #1003

POODLE for Windows admins

  1. Editor's Corner
    • Ask our Readers - Outlook PST file won't reattach
    • Ask our Readers - CloudMark
    • POODLE for Windows admins
    • Tip of the Week - Update for Windows 7 (32-bit) (KB2952664) FAILED
    • Recommended for Learning
    • Microsoft Virtual Academy
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Events Calendar
    • Americas
    • Europe
  4. Webcast Calendar
    • Register for Webcasts
  5. Tech Briefing
    • Cloud computing
    • Enterprise IT
    • Networking
    • Windows Server
    • Certification
  6. Recommended TechGenix Articles
    • Recommended articles from websites in TechGenix Network
  7. Windows Server News
    • 4 keys to tip-top cloud performance
    • Better physical to virtual migrations
    • Why you should budget for new servers in 2015
    • Setting a vCenter server straight when it acts up
  8. WServerNews FAVE Links
    • How Not To Save A Cat Stuck In A Tree
    • Motorcycle Race Through The City Of Porto
    • Sukhoi Su-35 and Su-37 Air Show Demo
    • Amazing Coin Magic by Moritz Mueller
  9. WServerNews - Product of the Week
    • Deep Packet Inspection for Quality of Experience Monitoring

 

Deep Packet Inspection for Quality of Experience Monitoring

Read this whitepaper to get a detailed description of packet analysis techniques to measure high network response times, network delay, server processing times, client processing time, traffic distribution, and overall quality of experience.

Download Now>>

 

Editor's Corner

This week's newsletter is all about the SSL 3.0 vulnerability that Google security researches recently discovered and which they affectionately named POODLE which stands for Padding Oracle On Downgraded Legacy Encryption. Although SSL 3.0 has been largely superseded by TLS 1.x, many web servers and web browsers automatically downgrade to SSL when negotiation of an encrypted HTTP session using TLS fails for some reason. Of course, just because something LOOKS like a poodle doesn't mean it ACTUALLY IS a poodle...as this Dilbert comic strip illustrates:

http://www.wservernews.com/go/1414407993938

It must be embarrassing for a tough guy to style his hair like that.

Ask our Readers - Outlook PST file won't reattach

Last week in Issue #1002 More Shellshock for Windows admins a reader named Jim who is Chief of an IT group based in Pennsylvania, USA asked us the following:

We recently upgraded one of my users from Win7 Pro/Office 2007 to Win8 Pro/Office 2013 with a 'clean' install. When we went to restore his data, a problem arose. His PST file -- a whopping 4.4 GB -- would restore to the disk but couldn't be reattached to Outlook. We've restored the file to another Win7 Pro, equivalent to his old system, but have the same issue: "Corrupt File". We don't know if the issue was somehow caused during the backup process or if it is just too damn big. None of our usual repair tools, like ScanPST, will fix it -- most won't even open it because of the size.

    1. Any clever ways/tools to fix this problem?
    2. Any way to split the file into manageable chunks (even if have to we lose a few emails in the process)?
    3. And for my own edification… I thought that Office 2010 had removed the file size limitation on PST… True or false?

Jim later followed up saying he had found an answer to question 3 as follows:

By the way, I just read that Outlook 2007 increased the PST file size limit to 20GB and 2010 increased it again to 50GB.

We've received a ton of responses from our readers concerning Jim's questions. Obviously a lot of you have had experiences similar to Jim as you manage the Exchange/Outlook messaging infrastructure of your organization. Here is a selection of the responses we thought might be most helpful to the original poster:

Do you have Exchange Servers? Create a tempuser mailbox:

New-MailboxImportRequest tempuser -FilePath c:\temp\my.pst  -AcceptLargeDataLoss -BadItemLimit 10000000

--from Keith, Exchange Engineer for a food services company

This issue was fixed in Office 2003 but the PST MUST be converted to Unicode.  After conversion it must be repaired.  The new size limit will now be 50Gb.

http://www.wservernews.com/go/1414408271345

http://www.wservernews.com/go/1414408274063

It is easiest to convert in place on the old system before migrating.  I have done this many times.  It is fairly quick.

--from a reader named James

There may be no way to fix the problem. A lot depends on where the original PST file was created.

If you upgraded from 2002 in the past and didn't convert the PST to the new file type then the file is larger than the maximum file size for the older structure can handle. If so then you are probably hosed.

However there may be away around this:

  1. In your new outlook 2013 create a new PST file (when you add a new account it will create a new PST file).
  2. Once you have done this go to "File" then "Open" and select "Import" then "Import from another program or file".
  3. Click "Next" then select Outlook data file (PST) from the options and then "Next".
  4. Locate your file and let it proceed to import. 

This may work but if the file is too large it may fail at some point.

--from a reader named John

There are a couple possibilities:

--from a reader named Luis

There is a great utility Kroll OnTrack EasyRecovery Pro that repairs .pst  files. I have used it for many years:

http://www.wservernews.com/go/1414408459220

--Howard, Network Administrator for an architectural firm

I got similar issue before. Just add physical memory then it works. For your reference and hope it helps.

--from a reader named Ching

One question comes to mind.  Where is the .pst file stored, locally or on a network share?  PST files on a network share are not supported any more and will show this symptom.

--from a reader named Lyle

This problem has been caused in our environment if the file was backed up while MS Communicator/Lync was still running on the user's PC.

--from a reader named Barry

Just wondering if they reattached the PST file by using the import feature or did they just stick it into the APP Data/Local folder hoping it would find and attach itself?

--from a reader named Tom

Ask our Readers - CloudMark

Also in last week's issue was the following request we received from reader who works at an ISP in the eastern USA:

Hi, one of our readers asked us what we knew about CloudMark and which ISPs use it. Knowing virtually nothing about such things, we thought maybe you can help her. THX.

So far we've received two responses from our newsletter readers to the above request:

Just read the call out for feedback on Cloudmark in the 10/20 issue of WServerNews. I have been using Cloudmark -- both the Desktop and Exchange versions for years.  I am, however, an end-user, not an ISP.  So, I have no idea if this is going to help the reader who made this query, but the one thing I can tell you with absolute certainty is that you will not find a more accurate spam filter.  And by accurate, I mean not only identifying spam, but also *not* identifying legitimate e-mails as spam (false positives).

I recently decided it was time to upgrade to an actual spam-filtering appliance and we installed a Barracuda Spam & Virus Firewall Model 200.  Barracuda is undeniably a high-end product.  My experience, however, is that it doesn't hold a candle to Cloudmark when it comes to false positives. Hope this is helpful.

--from Stewart, President of a hardware company

We've been experimenting with fighting SPAM at the desktop level.  This free product is very very good at getting what our Symantec Filters cannot and it lets you mark them. You can download it here from their website:

http://www.wservernews.com/go/1414408757376

--from Scott, Enterprise Server Programmer for the IT department of an educational organization

Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at wsn@mtit.com

And now on to the main topic of this week's issue...

POODLE for Windows admins

Things just seem to keep getting worse in IT, don't they? Just when you thought you had a handle on the ShellShock vulnerability a.k.a. BASH bug, another gaping flaw in the underlying protocols of the Internet raises its nasty head. So what is POODLE? Why should we worry about it? Can it affect Windows-based environments? If so, what can we do about it?

What is POODLE?

It's basically a flaw in version 3.0 of the SSL protocol which used to be the standard for encrypting web traffic but has since been superseded by an updated protocol named TLS.

Should I be worried?

If your company or organization does business over the web then you should probably be worried for two reasons. First, while your web servers are likely configured to use TLS by default for encrypting web traffic, they are also likely configured to fall back to using SSL 3.0 should negotiation between your web server and a customer's web browser fail with TLS for some reason. Second, if your users need to securely connect with their web browsers to any web servers that are outside your control, those web servers are vulnerable for the same reason described above. And if those web servers beyond your control get compromised, then users connecting to them are potentially exposed to various kinds of information disclosure attacks.

I want to know more about POODLE

Want to learn more about how POODLE works? Here is the original announcement concerning this vulnerability on the Google Online Security Blog:

http://www.wservernews.com/go/1414409473798

The above blog post references a security advisory published on OpenSSL.org by some members of the Google Security Team (PDF file):

http://www.wservernews.com/go/1414409475392

StackExchange also has an excellent "in a nutshell" explanation of how POODLE works:

http://www.wservernews.com/go/1414409477517

OK what should I do?

There are basically two things you can do to protect your assets against POODLE:

What about Microsoft products?

SSL 3.0 is still supported (available for fallback purposes) in the following Microsoft products:

Yikes! OK how can I disable SSL 3.0 on Microsoft products?

See the Suggested Actions section of Microsoft Security Advisory 3009008 for some general workarounds (requires Windows ID sign-in):

http://www.wservernews.com/go/1414409480923

This thread on ServerFault may also be helpful especially with regard to IIS:

http://www.wservernews.com/go/1414409483204

And this tweet by Microsoft MVP Eric Lawrence shows an easy way users can disable SSL 3.0 if they use Internet Explorer as their web browser:

http://www.wservernews.com/go/1414409485501

Eric later followed this up with another tweet:

http://www.wservernews.com/go/1414409488298

What about other web servers and web browsers?

Scott Helme has a terrific post on his blog describing how to disable SSL 3.0 on:

Here is Scott's post:

http://www.wservernews.com/go/1414409490376

Scott's article also includes links to sites where you can test your web server or web browser to ensure they have SSL 3.0 disabled.

George Chetcuti also published a note about the POODLE exploit on his blog on WindowsSecurity.com:

http://www.wservernews.com/go/1414409492376

At the end of George's note he says "Go here to find out how to disable SSLv3 support in your browser" and points you to another good article that describes how to disable SSLv3 on various browser platforms:

http://www.wservernews.com/go/1414409495157

Anything more for Windows admins?

We've found a few threads on various Microsoft forums that you might want to keep an eye on:

Send us feedback

Got any other recommendations or tips concerning POODLE you'd like to share with our readers? Let us know at wsn@mtit.com

Tip of the Week - Update for Windows 7 (32-bit) (KB2952664) FAILED

This week's tip has been contributed by Hubert Heller who manages the Flixxy.com site that has the fun videos we include in the FAVE Links section of our newsletter:

Update for Windows 7 (32-bit) (KB2952664) FAILED

Just in case it happens to you (as it did to me and a friend of mine who also uses Windows 7), here is the fix. During my Windows update I received the above error message while attempting the Update for Windows 7 (KB2952664). I had to do this step to re-install:

Go to Windows update then click on View update history then click on Installed updates, search for the failed kb number and double click on it and it will prompt to uninstall.  Uninstall then reboot and go back to Windows update and click Check for updates it should come up and re-download and install. 

I hope this works for you. See here for more:

http://www.wservernews.com/go/1414409801345

How can a company like Microsoft let this go through?

How indeed? I've actually become more concerned lately about the quality control Microsoft exercises over their update release process and have begun advising my family and friends to changed the Windows Update settings on their PCs from "Install updates automatically (Recommended)" to "Download updates but let me choose whether to install them." Then I tell them that when the Windows Update popup appears in their taskbar notification area, they should wait a week and haunt the Microsoft Answers forums to see whether any problems have been discovered with the newly released updates before they go ahead and install the updates on their PCs.

How do other readers feel about this issue and how do you deal with it? Email us at wsn@mtit.com

Recommended for Learning

This week we have some books to recommend if you want to learn more about the different web server platforms available:

Learn Windows IIS in a Month of Lunches

http://www.wservernews.com/go/1414409915063

IIS Fast Start: A Quick Start Guide for IIS

http://www.wservernews.com/go/1414409917048

Professional Microsoft IIS 8

http://www.wservernews.com/go/1414409918907

Pro Apache Hadoop

http://www.wservernews.com/go/1414409921454

60 Recipes for Apache CloudStack: Using the CloudStack Ecosystem

http://www.wservernews.com/go/1414409923985

Nginx HTTP Server - Second Edition

http://www.wservernews.com/go/1414409925907

Mastering Nginx

http://www.wservernews.com/go/1414409928126

Web server 101 Success Secrets: 101 Most Asked Questions On Web server - What You Need To Know

http://www.wservernews.com/go/1414409930282

Microsoft Virtual Academy

Some announcements from the Microsoft Virtual Academy:

Here's a good one on Oct 28:

October 28:  Modernizing Your Data Center Jump Start

If you're migrating from Windows Server 2003 and want to get ahead of the project, join Matt Hester and Jennelle Crothers for an informative look at modernization and data center transformation options in Windows Server 2012 R2 and Microsoft Azure. On October 28, this demo-rich Jump Start, "Modernizing Your Data Center," explores storage, networking, and the cloud. Discover what you need to update your data center to match your workloads, directly from the experts. Register today!

http://www.wservernews.com/go/1414410009392

October 29:  Using PowerShell for Active Directory Jump Start

Do you want to automate redundant tasks and do it right the first time? This live session will show you how.  The training includes live Q&A with renowned experts Ashley McGlone and Jason Helmick, informative deep-dive drills and coding one-liners, plus a fast and fun round of "Challenge the Master." Learn how PowerShell works and make it work for you! Register today!

http://www.wservernews.com/go/1414410006751

Quote of the Week

"The man who does not read good books has no advantage over the man who can't read them." - Mark Twain

Until next week,
Mitch Tulloch

Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at wsn@mtit.com and we’ll try to troubleshoot things from our end.

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Active Directory® replication issues can be difficult to diagnose because there are so many root causes. Get your free Active Directory Healthcheck with SolarWinds® Server & Application Monitor.
http://www.wservernews.com/go/1414410413110

Concerned about data loss during a data migration? “LinkFixer Advanced” is a software tool that fixes broken links in most file types, preventing data loss. Get your free trial version today!
http://www.wservernews.com/go/1414410559767

StarTech SATA Hard Drive HDD Duplicator Dock lets you clone hard drives without having to connect to a host computer
http://www.wservernews.com/go/1414410629485

R-Studio is a family of powerful and cost-effective undelete and data recovery software
http://www.wservernews.com/go/1414410631563

Forensic Acquisition Utilities is a collection of utilities and libraries for forensic investigative use in a Windows environment
http://www.wservernews.com/go/1414410633626

 

Events Calendar

Americas

Microsoft SQL Server PASS Summit 2014 on November 4-7, 2014 in Seattle, Washington, USA
http://www.wservernews.com/go/1414410818751

Convergence 2014 on March 16-19 in Atlanta, Georgia, USA
http://www.wservernews.com/go/1414410821767

Microsoft will be hosting an inaugural, unified Microsoft commercial technology conference the week of May 4, 2015 in Chicago, Illinois, USA
http://www.wservernews.com/go/1414410823735

Europe

TechEd Europe on October 27-31, 2014 in Barcelona, Spain
http://www.wservernews.com/go/1414410891595

Convergence 2014 Europe on November 4-6, 2014 in Barcelona, Spain
http://www.wservernews.com/go/1414410893876

Add your event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 95,000 subscribers about? Contact michaelv@techgenix.com

 

Webcast Calendar

Register for Webcasts

Add your Webcast

PLANNING A WEBCAST you'd like to tell our subscribers about? Contact michaelv@techgenix.com

 

Tech Briefing

Cloud computing

Security-as-a-service, Cloud-Based on the Rise (Part 2) (CloudComputingAdmin.com)
http://www.wservernews.com/go/1414411085017

Trustworthy Cloud Series: Managing Secure Cloud Operations (Microsoft Cyber Trust Blog)
http://www.wservernews.com/go/1414411087095

Enterprise IT

Getting started with SaltStack (VirtualizationAdmin.com)
http://www.wservernews.com/go/1414411089079

Product Review: Netwrix Auditor (VirtualizationAdmin.com)
http://www.wservernews.com/go/1414411091376

Networking

Improving Network Performance in Windows Server and Client (Part 2) (WindowsNetworking.com)
http://www.wservernews.com/go/1414411106110

Message Analyzer has Released -- A New Beginning (MessageAnalyzer)
http://www.wservernews.com/go/1414411109235

Windows Server

Microsoft RDS Policies explained (Part 4) (VirtualizationAdmin.com)
http://www.wservernews.com/go/1414411111454

Video: Generating Active Directory Group Members Recursively (WindowSecurity.com)
http://www.wservernews.com/go/1414411113970

Certification

Recertification Exams Now Available for MCSE: Desktop Infrastructure, Server Infrastructure, & Private Cloud (Born To Learn Blog)
http://www.wservernews.com/go/1414411116954

Want to Earn Your MCSA: Windows Server 2012 or SQL Server 2012? You Now Have More Options! (Born To Learn Blog)
http://www.wservernews.com/go/1414411119048


Recommended TechGenix Articles

Configuring Unstructured File Storage in Microsoft Azure
http://www.wservernews.com/go/1414411761930

How to transition your current SMTP service to EOP in 45 minutes or less
http://www.wservernews.com/go/1414411763711

Active Directory Migration Considerations (Part 2)
http://www.wservernews.com/go/1414411765664

Planning Considerations for BYOD and Consumerization of IT (Part 5)
http://www.wservernews.com/go/1414411767524

System Center Virtual Machine Manager for Beginners (Part 6)
http://www.wservernews.com/go/1414411769524

 

Windows Server News

4 keys to tip-top cloud performance

It's crucial to be proactive when it comes to cloud network maintenance and monitoring to ensure optimal business performance at all times. Inside this exclusive guide, learn four essential tips for effectively maintaining and monitoring your cloud performance to avoid disasters down the road.
http://www.wservernews.com/go/1414411272189

Better physical to virtual migrations

With virtualization, you can migrate your pre-existing physical servers to the virtual world without having to reinstall them. Though migrating is wizard-driven, there are some best practices that can help you become a P2V expert and ensure the health of your virtual environment -- find out what they are inside.
http://www.wservernews.com/go/1414411274846

Why you should budget for new servers in 2015

While data center hardware can last years, with 2015 on the horizon, it's time for you to think about updating your servers so you can regain a competitive edge by driving business innovation and productivity.  Uncover the key reasons why you should budget for new servers in 2015.
http://www.wservernews.com/go/1414411277971

Setting a vCenter server straight when it acts up

When best practices aren't followed, it can be difficult to get your vCenter Server functioning properly. Get a firsthand account of one IT pro's vSphere vCenter troubleshooting experience. Find out what steps he took to figure out and fix the problem he was having and learn how to avoid his mistakes.
http://www.wservernews.com/go/1414411280596

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at wsn@mtit.com

How Not To Save A Cat Stuck In A Tree

A Russian soldier comes up with some 'clever' ideas to save a cat stuck in a tree:
http://www.wservernews.com/go/1414411501552

Motorcycle Race Through The City Of Porto

Helmet camera view of an intense obstacle race through the narrow alleys of the old city of Porto, Portugal:
http://www.wservernews.com/go/1414411503770

Sukhoi Su-35 and Su-37 Air Show Demo

The Sukhoi Su-35 and Su-37 pilots show the amazing maneuverability of their aircraft at an air show in Dubai:
http://www.wservernews.com/go/1414411506302

Amazing Coin Magic by Moritz Mueller

Young magician Moritz Mueller from Germany has a brilliant smooth touch and impresses even experienced magicians with his superb skill:
http://www.wservernews.com/go/1414411509239


WServerNews - Product of the Week

Deep Packet Inspection for Quality of Experience Monitoring

Read this whitepaper to get a detailed description of packet analysis techniques to measure high network response times, network delay, server processing times, client processing time, traffic distribution, and overall quality of experience.

Download Now>>

 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.