- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Dec 18, 2000 (Vol. 5, #58 - Issue #233)
MCSE Exam Deadline Extended
  This issue of W2Knews™ contains:
    • Some New Stuff On The Horizon
    • NT4 MCSE Exam Deadline Extended!
    • Magical W2K Service Pack 2 Disappearing Act
    • Microsoft Security Holes 30% On The Rise
    • AutoPilot 2000 on my new Dual Pentium 933: Results.
    • Are Users With Write-Access Filling Your Servers With Junk?
    • Anti-Virus Software Does Not Offer Enough Email Protection
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • MCSE 2000 "Bundle of Four" Continued!
Are you working toward certifications from vendors like Cisco, CompTIA,
Microsoft, Novell, and/or Prosoft? MeasureUp practice tests can help.
Over 570,000 customers already use MeasureUp products to prepare for
and reach their certification goals. Isn't it time you did too?
MeasureUp is a Microsoft Certified Professional Practice Test Provider.
Free demos, information, purchase. Check out this site. It's worth it:
Visit MEASUREUP for more information.

Some New Stuff On The Horizon

Hi NT/W2K-ers,

Behind the scenes, Sunbelt has been working hard to get you guys some cool new stuff shortly. The recent surveys showed that a big part of you wanted an HTML newsletter and we'll come out with one in Jan 2001. But that's not all. We have a special Sunbelt SysAdmin Browser for you, built on MS IE technology but with an improved interface, and a network enabled performance monitor that allows you to see how any machine on your domain is doing (CPU & Mem)

More over, the browser will come with a 'points program' that will allow you to win all kinds of gadgets & toys like camera watches and the like. I'm just tellin 'ya, the future will be fun! The browser will also help you get ready for W2K. How? That's still a secret. Stay tuned for more.

And now, let's look at the actually *important* news this week.

Warm regards,

Stu Sjouwerman
(email me with feedback: [email protected])

  SPONSOR: CyberwallPLUS
The #1 rule in security is "You can't attack what you can't access".
CyberwallPLUS - World's best packet filter firewall for Windows NT/2000.
Fine-grain access controls for NT/2000 servers and workstations.
Network intrusion detection & prevention identifies and stops hackers.
Comprehensive traffic audit logs with real-time connection monitoring.
For a free evaluation and white paper on host-based firewalls visit
Visit CyberwallPLUS for more information.


Just yesterday I heard something nifty that I thought you would like. One of the up and coming tools we introduced this year has a new feature everyone will be 'oohing and aahing' about. The tool is Opalis Robot. It detects & corrects system malfunctions to improve uptime of business critical resources. You can monitor applications, event logs, Web servers, services, performance, text files & more. Opalis allows you to automate daily monitoring chores & minimize downtime. But what is new?

Now Opalis offers Remote Admin (I'm talking *wireless* here!) of NT and 2000 servers via the Blackberry Handheld. Purdy darn cool. What can you do with this? OpalisRobot now truly delivers on 'anytime, and anywhere' network management. No longer cooped up in the office 80 hours a week. Great!

With the Opalis E-mail Add-on you can use any e-mail service to receive vital information about your LAN, like a down router or server.You can send commands to the server(s) by sending an e-mail that instructs OpalisRobot on how to remedy the situation.

The BlackBerry(TM) is an end-to-end wireless e-mail solution designed to allow mobile users to access their e-mail wherever they go. BlackBerry features an integrated package that includes the industry's most advanced wireless handhelds, innovative software and nationwide airtime on leading wireless data networks.

When OpalisRobot with the E-mail Add-on and BlackBerry are used in tandem, you have a powerful wireless assistant to help you manage your network. Let's say you run OpalisRobot and carry a BlackBerry handheld. You can now receive wireless e-mail from your systems regarding important admin messages, such as the status of OpalisRobot automated job processes, Event Log entries, storage quotas, application status, and a whole bunch more. Check the webpage what this puppy can monitor.

With the OpalisRobot E-mail Add-on, you can immediately react to the information by sending the server a command via any e-mail account, using either a PC or a BlackBerry handheld. OpalisRobot then processes each message based on filters and takes the appropriate action on the server (i.e. restart services, reboot server, launch a program, etc.)

If the e-mail server goes down, you can use the OpalisRobot Call Add-on to telephone the server and instruct it how to remedy the situation by simply using touch-tones to execute preprogrammed processes (i.e. restart e-mail server, purge archives, reboot server, etc.) OpalisRobot is US$ $999 per computer. The OpalisRobot E-mail and Call Add-ons are $495 USD each per computer. 30-day eval here:


NT4 MCSE Exam Deadline Extended!

I told you last week there was a rumor that the deadline for MCSE NT4 might be extended as the exam slots were pretty much sold out. Well here is some good news. It was indeed pushed back 2 months. Microsoft announced they will delay the retirement to Feb. 28, 2001. The upgrade deadline remains at December 31, 2001 though.

To get some more data, specifics and an FAQ on the all this, check http://www.microsoft.com/trainingandservices/default.asp

There is also an interesting link you should click on. This is a new elective: "New Exam to Ease Transition to Windows 2000."

Magical W2K Service Pack 2 Disappearing Act

Last week MS released a beta of Service Pack 2 for W2K. But then it was taken off in a hurry. There is no official announcement from MS about the production version of SP2, but I expect it end of Q1, 2001. This was one heavy mother of an SP weighing in with almost 100MB. What may have made it so large are the latest version of the OpenGL libraries (3D-animation).

As MS promised earlier, it contains no new stuff, just replacements of current code. They are not using SP's to add new features any more. Service Packs are now subject to thorough quality testing, especially with W2K. Beta's though can be quite buggy. I assume this one caused blue screens. I would not recommend to install beta's in production environments anyway.

For the current list of bugs that are fixed with W2K SP2, click here:

This is the place where SP2 used to be, but was yanked:

Microsoft Security Holes 30% On The Rise

ENT Newsline reported the following this week: Microsoft Corp. has released 30 percent more security patches this year than last year, according to an analyst group, which says "the burgeoning popularity of all things Windows make Microsoft and its products more frequent targets". The report, by Giga Information Group?s Laura DiDio whom I know personally, says that two security patches released by Redmond last week bring the total to 90 this year, compared with 62 patches released last year.

The patches last week both related to Windows Media Player, although they were separate problems. In both cases, however, the Media Player software could enable hackers to run programs on other users? PCs. "It continues the disturbing trend, common to nearly all security flaws, of invading a network and/or individual PC and making unwanted changes," states the report. It rates the seriousness of the security hole at 5 on a 1-10 scale.

Ironically, DiDio says that the increase in security patches could be seen as a positive for Microsoft: "Microsoft has become much more security conscious in the latest versions of all its software patches and more pro-active in responding quickly to correct reported flaws."

The report also warns that each company has to take responsibility for its own security. "Know what?s on your network and PCs. Keep up-to-date on the latest patches and fixes and perform regular risk analysis and assessments of your site. In the final analysis, it?s your data -- if you don?t defend it, no one else will."

Here are some tools to help. STAT scans for all known holes and reports back to you which ones are the most important ones:

And SPQuery helps you to automate the application of hotfixes to make sure you do not leave any (just discovered) holes open:

The article is over here: http://entmag.com/breaknews.asp?ID=3823


AutoPilot 2000 on my new Dual Pentium 933: Results.

Here are some first results of AutoPilot 2000 on a Dual 933 with W2K Professional SP1 installed. First I ran the APBench a few times to get a baseline established. Funny thing was that the second run was way faster than the first, but this was probably a fluke as when I went on the results were pretty close in runs 2 thru 5. Next I installed AP for W2K. (This is a Dell Dual Optiplex PIII, 256MB ECC RAM, 40Gig EIDE drive, and a TNT2 video card that is hooked op with a cross- over cable to my 2 year old Dell Dimension with 256RAM, a 15Gig SCSI drive and single PII 450.)

The Transactions per Second were:

Run 1 w/o AP: 58
Run 2 w/o AP: 193
Run 3 w/o AP: 150
Run 4 w/o AP: 203
Run 5 w/o AP: 190

That's an average of 184 TPS for runs 2-5. Next I ran three times The APBench tool in the 'First Without And Then With AutoPilot' mode. The results were:

W/O: 196 With: 232
W/O: 191 With: 223
W/O: 183 With: 226
-------- ---------
Avg: 190 Avg: 227 -> 16% to 18% improvement. Not bad!

Hardware manufacturers love improvements like these. But testing AP with benchmarks is a problem as they are usually created to measure hardware performance, or the performance of a single application. AutoPilot is so unique in what it does, that there are very few benchmarks that actually show its results. The best is to run it in your own environment with a full load of apps on your WS or Server and run something you know already takes x-time. That?s the best way to see if AP will benefit that machine. Both APBench and the 30-day AP trial are here for download:

Are Users With Write-Access Filling Your Servers With Junk?

With access to lots of disk space, (and the new NAS and SAN storage technologies are not making it easier) employees with write-access to server folders are filling them with more and more junk. Users can plug pretty much anything they like on your servers. I recently found one of our own Sunbelt employees with a full application to monitor the weather on his server share: 70MB worth of weather database files.

All that stuff they plug in their home directories could be in the form of an email attachment, files created by the user, but mainly they are Internet downloads. Usually bandwidth is not a problem, so employees don't think twice about loading 50 megabytes of MP3 files that take 2 minutes to put on the server. It can result in a mess:

  • Duplicate files
  • fat MP3 and GIF/JPG files
  • outdated files, not accessed in 9 months or more
  • orphaned files, user is no longer with the company
  • large files, such as desktop backups.
You can either "throw more disks at the problem," or try to manage it with software that can automatically manage this data. You can't manage what you can't measure. Take a look at what's on your severs, using sophisticated reporting tools and scheduled reports. Do an initial audit, find outdated files, duplicate, orphan files or MP3. Most users don't have a business need to put music files or graphic files on company server. Sometimes there are pornography or racial jokes there that could get your company sued.

Educating end users comes next, and it begins with showing them a list of their outdated files. "You tell them, 'Here's what you haven't looked at in one year, and here are your duplicate files. If you don't think you will need to access them, we'll clean it up and free up space on the server.' Having the audit alleviates you from being called the 'net-nazi' or the 'disk-police'. It allows the user to manage the situation.

The audits also identify who uses the most storage, or which server is most heavily used. Then, software allows you to control the space hogs. The software offers real-time quota enforcement, giving the user five warnings, such as "You are at 70% of your space limit." You will find that it will save you a lot of time and headaches to install and run software that audits and controls storage on your servers. Our Fortune 100 customers get back at least 30% of space wasted by obsolete, non-business related data. 30-day trial:

StorageCentral: http://www.sunbelt-software.com/product.cfm?id=423
SpaceMaXX: http://www.sunbelt-software.com/product.cfm?id=424

Anti-Virus Software Does Not Offer Enough Email Protection

E-mail may be the really 'mission critical app' for your company (it is for us at Sunbelt) -- but it's also the perfect way for someone to cripple your corporate e-mail system -- whenever they feel like it. Anti-virus software alone is not enough to safeguard organizations against the present and future onslaught of email viruses and attacks. This IS the holiday season: the ideal time for attacks as there are less people that manage IT than normal. Be alert, especially now.

Anti-virus vendors simply cannot update their signatures in time against some deadly viruses that are distributed worldwide via email in a matter of hours, such as the recent LoveLetter virus and its variants. This means that if you use a virus-scanning engine alone you are not necessarily safeguarded when a new virus comes out in the wild.

These kinds of tools work reactively, letting all emails in and then trying to disable a virus. At this point, it may already be too late: once a virus has entered the system, it takes one quick click for an unwitting user to activate it and infect everybody in the company.

You can also outsource the whole thing, and make it some one else's headache to make sure your email is clean. These services prevent errant e-mail messages from damaging your network, reputation, or business relationships. They protect your network against viruses, spam, offensive or inappropriate content, and oversized attachments that clog e-mail networks and distract -- or offend -- employees.

Outsourced services scan both incoming and outgoing messages for words, phrases, images, and attachments that violate your e-mail policy, according to lexical weighting and keyword detection assigned by your e-mail administrator. The entire process takes less than five seconds and remains completely transparent to both sender and recipient.

They can automatically send a notification, based on preferences set forth by yourself, to the sender, recipient and administrator that a message has been blocked. Via an easy-to-use Web interface, you can then clean, release, or delete quarantined messages, detain large messages for delivery during non-peak periods, track message volume, and generate real-time and historical reports. Based on industry standard protocols like SMTP and MIME, these services integrate with new products and services without super-human efforts by e-mail administrators or end users.

You should make the choice between two options. Run it in-house or outsource the whole thing. I have some info for you, so that you can make that determination. First, there is a new whitepaper about this that you should read. It explains in a nutshell what kind of email attacks exist including email Trojans, buffer overflows and HTML viruses. Then the paper demonstrates how anti-virus software offers no protection at all against such attacks, which are often highly harmful one-off attacks secretly targeted at a specific organization. The white paper sits on the Mail Essentials page, in the section White Papers, Documents and other files, the third one down.

The other option is outsourcing the process. A good example is MailWatch. This service protects against viruses, spam, offensive content and proprietary information. I think they are the biggest in this industry, and filter millions of messages per day for big outfits like Ford Motor and Mercedez-Benz. There is a PDF you can download from this page and read about how it all works.


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Testing if your firewall leaks from the inside out. Interesting but perhaps a bit farfetched.
  • Bill Gates shot dead in 'mockumentary' over at:
  • Find out who the online scam artists are. Don't get ripped off. Here's the Top 10 DotCons:

    MCSE 2000 "Bundle of Four" Continued!

    It?s practically a give-away. MCSE 2000 Training Guide: Core Exams "Bundle of Four!" By: New Riders (70-210, 70-215, 70-216, 70-217) Suggested Retail: $149.99. But the Sunbelt BookClub Price is only: $89.99! Killer deal.

    The pricing for MCSE W2K Training Guide: Core Exams is pretty cool. If each of the four books in the "bundle" were purchased separately at List Price, you would pay $200; if you purchased them separately at BookClub pricing, you would pay $144. As the Value of the Week, the bundle is priced at $89.99. That is truly significant savings. Quite a few of you have already taken advantage of this special offer; I hope more of you will the special $89.99 price will end on 12/22/00.

    In addition to the special pricing, the bundle of four books includes the ExamGear Training Guide Edition Software (CD-ROM). ExamGear focuses on exam preparation with quality scenario-based questions and adaptive testing, and is comprised of three key components: Exam Simulation, Exclusive DirectHelp Mentored Learning, and Study Tools. Get them over here: