Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jan 8, 2001 (Vol. 6, #2 - Issue #236)
Year 2001: Security and Storage!
This issue of W2Knews contains:
- EDITORS CORNER
- Year 2001: Security and Storage!
- TECH BRIEFING
- When The Hacker IS On The Inside
- NT/2000 RELATED NEWS
- Two New Free Sunbelt Lists: 'MAC-NT' and 'FireWalls'
- Novell On The Ropes
- W2K In MS Game Console At Consumer Electronics Show (CES)
- NT/2000 THIRD PARTY NEWS
- Windows 2000 Magazine Tests Major Quota Management Tools
- Thanks Very Much OpalisRobot (Domo arigato)
- NetIQ's AppManager First to get W2K Datacenter Certified
- Customer Explains How QualysGuard Helps Against Hackers
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- MCSE Training Guide (70-219): Designing W2K Directory Services Infrastructure
Get Transcender. Get Certified
Hurry! Get $99 TranscenderCerts for the NT 4.0! Complete your NT
4.0 certification by Feb. 28, and you'll be on the fast track to
upgrading your certification to the 2000 MCSE via the 70-240
Accelerated exam. With top-rated TranscenderCerts, you'll be ready
to pass the real thing. Order now and download online at:
Visit Trancender for more information.
Year 2001: Security and Storage!
Well, it's incredible but another year has passed. Welcome to 2001.
Looking at where we are in the IT market generally, the state of
NT/W2K development and how the Internet is expanding, it is fairly
easy to see what the two big areas of headache are going to be
this year: Security and Storage.
Apart from normal uptime concerns, these two are the areas where
you will *have* to spend a lot of time. Security is obvious, with
your company veins hooked up to the Internet IV you gotta keep
viruses, worms and Black Hats out. But Storage is also one of the
main points of worry as it's exploding. New technologies spring
forward like mushrooms and more and more time goes into making
sure your corporate data is safe. A company without its data does
not have its memory. Translated to a person that means being
psychotic. Hardly a way to survive and get that paycheck.
I suggest all of you to create new 2001 plans for both Security
and Storage (or revise and update your existing ones). First begin
with defining GOALS (mission statements) and work from general
to specific. Next steps are POLICY and then more detailed PLANS.
This takes a bit of time and discipline but is an absolute 'must'
if you want to prevent things like the true story down in Tech
Let's make this our System Administration 2001 goal. Sunbelt will
help you with our user communities, tech support, and tools.
(email me with feedback: [email protected])
Now it's easy to schedule automatic defragmentation of the native
Windows defragmenters you already own! Winternals Software's Defrag
Commander NE schedules Windows 2000/ME/9x defragmenters throughout
your network from a single Windows 2000 console, so it's a snap to
install, manage, secure, and support. Try it free for 30 days at
Visit WINTERNALS.COM for more information.
When The Hacker IS On The Inside
I found this story on the BusinessWeek Online site, and I think you
should send the URL at the end of this story to your IT/MIS manager,
who can use it as ammo for the CFO or CEO. This is an excellent
illustration what can happen if you keep your NT/W2K networks full
of vulnerabilities. What follows are the events, next the links to
the BusinessWeek site and the solutions that I suggest. Here goes:
By Dennis Blank in Orlando / Edited by Alex Salkever
DECEMBER 13, 2000
Thousands of attacks each year come from current or former employees
-- and companies are only now beginning to step up their defenses
For Elite Web Hosting in Orlando, Fla., September, 2000, was a
nightmare. A disgruntled former employee allegedly hacked into the
company's computer system without authorization. He then allegedly
sent e-mails that contained vulgar language and implying that Elite
was moving into the Web porn business to every Elite customer. The
missives further claimed that the company's majority owner, Augustino
Mireles, had been raiding Elite's coffers for personal use.
The impact on Elite was immediate. Thirty steady customers jumped
ship, each taking $5,000 per month in revenue from Elite's cash flow.
Elite owner Mireles brought in Advanced Computer Investigations (ACI),
a computer-security company. Its assignment was to bolster the
company's defenses against hackers and ensure that the former employee
could not get back into the system.
BLOOD FROM A STONE. But the exodus of longtime customers was so great
that Elite folded, says ACI President Kellie Carlisle. Mireles decided
not to sue because you "can't get blood out of a stone." The
ex-employee is now on probation after pleading guilty to assault
charges arising from a physical altercation he had with Mireles.
Elite's sad tale is far more common than you might imagine. Experts
say insider hacking represents about 70% of all malicious attacks and
causes $1 billion in damages each year to U.S. businesses. And it
appears to be on the rise as more companies come to rely on computer
networks and e-mail. "I have seen a lot of cases of a systems
administrator gone bad," says Bill Spernow, security-research director
for technology-industry consultancy Gartner.
Pinning down the exact number and nature of transgressions by
once-trusted workers remains more art than science, but they likely
number in the thousands each year. The motivation in most cases is
simple. "Most of them are doing it for revenge, because they felt they
were harmed in some way," says Diana Neuman, a computer analyst with
information-security company EnGarde Systems in Albuquerque, N.M.
ALL BARK, NO BITE. However, justice is rarely meted out. "Most of
these cases never go to court," notes Karen Worstell, a computer
investigator for consultancy AtomicTangerine in Tacoma, Wash.
Companies don't want their trade secrets publicly examined and the
negative publicity court cases generate, she says.
Once in court, a company will have to show that an employee violated
policies to break into the system. That can be trickier than it
sounds, particularly for many small and midsize companies: "There
seldom is a corporate policy that addresses this issue," says Spernow.
Businesses that do maintain such policies often have difficulty
enforcing them. "Even when there is one, it's always in a gray area,
and you end up with one that has no teeth."
Elite found out how hard it is to make charges stick. "It's
interesting, but one of the defenses being used was that [the former
employee] was authorized to do what he was doing and that companies
were frequently negligent in defining the level of access," says Bill
Cook, a former U.S. Justice Dept. prosecutor who now represents
companies that have suffered inside hacks. Cook says a company's first
legal action should be to get a temporary restraining order preventing
the former employee from using internal security and other information. That can at least set a clear date beyond which incursions are illegal.
BUILDING DEFENSES. According to Cook and others, more insider-hacking
complaints are being filed with the FBI. And companies have been more
successful in getting their cases prosecuted without suffering
public-relations black eyes. But the best way to avoid such a
catastrophe is to plan for it before it happens. Gartner's Spernow
says using new filtering and blocking systems from reputable software
makers can frustrate errant employees.
That may sound like a simple solution. But companies are only now
beginning to acknowledge that security is a major concern. Gartner
says most of the companies it has surveyed spend only 1% to 3% of
their budget to tackle this problem.
To be sure, most of them plan to boost such spending in the near
future, Gartner notes. But the majority of security providers and
consultants continue to emphasize defending against external
intruders. The far stickier issue of inside hacks is usually not
addressed. That will have to change if business owners like Mireles
will be able to sleep easy at night.
Here is the original article, with grateful acknowledgement:
Plugging security vulnerabilities from the inside out: STAT
Plugging security vulnerabilities from the outside in: QualysGuard
NT/2000 RELATED NEWS
Two New Free Sunbelt Lists: 'MAC-NT' and 'FireWalls'
Many of you are members of one of the Sunbelt Sponsored communities.
Especially the NTSYSADMIN, Exchange and MCSE lists are popular with
many thousands of active contributors. We're happy to announce two
more lists. One is a list that has been in existence for a while
already and was migrated to our lyris server. It's called the Mac-NT
list and you can discuss all the issues related to using Mac clients
with NT/2000 servers.
1) Like I said this is an already active list with over 900 people on
it and moderated by the expert Daniel L. Schwartz from Dan's Mac
OS Consulting. Here is the List Charter where you can read about the
list and subscribe / unsubscribe. Run Macs? This list is for you!
2) What is the Firewalls List Charter? Sunbelt Software hosts this
list to invite the free and open discussion of NT/2000 Firewalls
Administration Issues. This list is intended to be a forum to discuss
how to keep firewalls up & running in a production environment,
discuss firewall-related security issues, and as help to pass any
Firewall Certification Exams. What does that include?
Anything you can think of (tools, scripts, hints & tips, firewalls
of knowledge and experience, suggestions to solve problems, compati-
bility issues) to make firewalls run better in your environment and
keep your IT infrastructure secure. Here's where to subscribe
Novell On The Ropes
Client/Server News 2000 just reported that a few more Execs at Novell
are jumping ship. Their senior VP of worldwide marketing, and Senior
Veep/General Manager of Novell Customer Services are leaving. Too bad
really as the software is actually pretty good, and is still running
in tons of companies. But the management is not cutting it. I just
had a look at Novell's stock that I had not checked for a while.
Dang! This company's stock just 'upped and died' during the April 2000
dot-com meltdown. Which is not really logical as Novell is far from
a dot-com but was dragged down in the vortex of tech stocks anyway.
They are now trading at about 5 bucks and if they are not careful
they willbe kicked off NASDAQ (1 month of your stock trading below
one dollar and you're out). This may be a bit over the top but you
get my drift ;-)
Netware has a few years more life in it, but it's dying and you need
to start planning for migration sooner or later. Just have a look at
their stock and you will see what I mean (link to NASDAQ below). Has
anybody seen/used really high quality 3-rd party utilities to migrate
NetWare to NT/2000? (I'm aware of the MS-tools) Email me with your
experience at [email protected]. Thanks!
W2K In MS Game Console At Consumer Electronics Show (CES)
The CES just started Friday Jan 5, 2001 in Las Vegas. This is the
ultimate gadget show. It is expected the MS Xbox will be announced
with a bang at the show. They might even have the largest presence
at the whole CES. Bill Gates is doing the keynote on Saturday the
6-th at the time I'm writing this. Officially MS is supposed to
roll out the Xbox North America and Japan in fall 2001 but who knows
how long it really is going to take. Vaporware can both be 'soft' or
'hard'. As you all know, the Xbox runs on a stripped version of W2K.
There are some rumors flying around about MS having changed the specs
of the Xbox but MS spokespeople deny this. They also said that there
were no plans to start the Xbox ad campaign. One of the reports was
that MS would kick off its TV ad campaign during the Super Bowl. Two
special spots were planned, with one of them mocking Sony by showing
a PlayStation 2 console being destroyed.
Microsoft is working hard to make the Xbox a hit, and invests or
outright acquires both game publishers and hardware suppliers.
A game box without killer games will fail to sell. MS just bought
up Digital Anvil, which joins other game companies outfits that
MS snapped up: Access Software, Bungie Software, and FASA Interactive.
Electronic Arts also recently endorsed the Xbox ad will come out
with 10 titles for it.
Stuff like the above games need powerful hardware. The Xbox will
have 64MB of 200MHz system memory (rumors are they might bump it up
to 128). It will give gamers 6.4GB per second of bandwidth, which
is two times more compared to Sony's PlayStation 2.
The box itself is based on a PIII 733MHz processor with Streaming
SIMD Extensions (providing enhanced handling for graphic processing
instructions), an NVIDIA graphics-processing unit, and an NVIDIA
media communications processor (MCPX). Strictly from a hardware
perspective, the Xbox MCPX pulls an impressive 4 billion operations
per second which gets you theater-quality video and audio.
The box comes with a built-in 10/100 for playing networked games
over a broadband connection to the Internet. It will have a Seagate
8GB drive, a 5X DVD movie playback drive, four game controller
ports, an expansion port, and an audio/video connector.
It looks like MS will produce all the Xbox machines via Flextronics
starting in Hungary and Mexico. It will be a significant enterprise
if you look at the total systems that this will comprise. In the mean
time, MS is looking for game testers of about 13 years and older in
its Washington area. More specs on the Xbox and the 'game console
war' and the latest news over at
THIRD PARTY NEWS
Windows 2000 Magazine Tests Major Quota Management Tools
Win2K Mag has bent over backwards and in its January 2001 issue has
done a very, very thorough article about the 4 existing Disk Quota
Management tools on the market at the moment. They did an in-depth
analysis of the features, ease of use, and many other factors
including the reasons why you would use this kind of tool to begin
with. I'm quoting the first paragraph of Ed Roth's article, which
I warmly recommend:
"Network and systems administrators constantly fight the disk-space
battle for network storage. Although disk space is fairly inexpensive, the administrative cost of managing large volumes of data can sneak up on an organization. When a file system becomes full, some level of administrative involvement?adding more storage, finding and deleting unnecessary files, or rebuilding a crashed volume?is inevitable. In addition to fixing the immediate problem, the administrator typically needs to identify individuals who consume more than their share of disk space. Quota-management software takes a proactive approach to space allocation and removes the administrator from the enforcer role when users attempt to use more than their allotted storage."
There is a clear winner in the article. You should check it out.
Windows 2000 Mag Lab Tester Ed Roth gives it the 'best-of-breed'
endorsement. I have two links for you. One to the article, and one
to the winning product. Which tool was deemed the best? Find out!
Best-of-Breed Tool: http://www.sunbelt-software.com/product.cfm?id=421
Thanks Very Much OpalisRobot (Domo arigato)
In Japan, they say 'Domo Arigato' for 'Thanks Much'. There is a really
excellent review of OpalisRobot in InfoWorld which in my eyes is one
of the most trustworthy magazines on the market. The title they gave
the article is "Domo arigato OpalisRobot for intelligent, flexible
I think you should read the article if you are looking for a powerful
tool that will help you to automate and schedule a bunch of your
routine system admin tasks. Especially the ones that need to be run
at midnight [grin]. Here is a Quote from the InfoWorld article: "But
be forewarned: OpalisRobot is an addictive tool. Once you've used it,
you'll want to automate more and more tasks. The tool is reasonably
easy to learn, powerful, and flexible. As a result, we gave OpalisRobot a score of Very Good."
Here's the tool: http://www.sunbelt-software.com/product.cfm?id=585
NetIQ's AppManager First to get W2K Datacenter Certified
NetIQ Corp is probably by now the largest player in the original NT/
W2K developer scene. They started out as an NT-only house and did
pretty much everything right. Then they acquired the Mission Critical
people and became the 800-pound gorilla in the NT/W2K infrastructure
This week they announced that its AppManager Suite was the first
systems management software awarded the "Certified for Windows 2000
Datacenter Server" logo. To obtain this pretty exclusive logo,
AppManager passed stringent compliance testing requirements set by
MS in their Application Specification for W2K Datacenter Server.
These Certs establish highest technical standards for apps so you
can count on these apps being secure and manageable and run reliably
on the W2K platform. The MS W2K Datacenter Server certification also
is the final and most demanding piece of the new W2K certification.
Tom Kemp, Senior Veep of products at NetIQ said: "And, it is apparent
to us that certification for Windows 2000 Datacenter raises the bar
significantly. Microsoft's latest application specification introduces
enterprise-level disciplines such as 24x7 customer support, stringent
application compatibility and stability, as well as clearly defined
processes for interaction with hardware vendors."
Background: The NetIQ AppManager Suite is a pretty complete solution
for monitoring the performance and availability of more than 30
distributed Windows NT- and Windows 2000-based systems servers and
apps, such as Microsoft Exchange, Microsoft SQL Server, Citrix
WinFrame/MetaFrame, Oracle, SAP R/3 and Lotus Domino. You can find
them over at http://www.netiq.com
Customer Explains How QualysGuard Helps Against Hackers
Literally thousands of you were interested in how you could hack
your own network from the outside in. Well, here is the story of a
customer that followed up on this:
"We started using QualysGuard about two weeks ago. I'm pleased
to report it is just what we were looking for. We are a national
bank that launched an Internet banking service in recent weeks.
As you know, security is a major concern of any financial
institution and the thought of allowing a link to the public
Internet makes bank executives nervous. The ability to run
vulnerability assessments on our Internet banking service as well
as our corporate Internet connection have relieved some of our
"I believe your product is an excellent fit for all financial
institutions involved in Internet services. This is particularly
true for the small to medium-size community bank that may not have
in-house network and network security support. You don't have to be
an expert to run QualysGuard scans, but the ability to have almost
instantaneous, first-hand knowledge of the company's network security
goes a long way in helping managers and executives sleep better at
Ed Elliott, Ed.D.
Vice President and Manager, Computer Services
National Bank of Commerce, Mississippi
You can still subscribe to this new kind of service, the amount of
users is steadily climbing! Here is a web-based canned demo for a
quick overview. After that, you can get a scan of one IP on your
own network. Yes, it will cost a bit of time and paperwork but we
have to make sure you are who you say you are when we OK an IP scan
for vulnerabilities. We're dealing with your and other companies'
security after all.
This Week's Links We Like. Tips, Hints And Fun Stuff
PurePerformance is a site that only looks at squeezing the most our
of your hardware. Useful.
IT people are very mobile. Looking for a USA nationwide calculator
that shows how much you need to make to survive in another state and/
or city? Check out:
Independent review of my Windows 2000 System Admin's Black Book at:
Been wondering what a particular file extension means and what app it
PRODUCT OF THE WEEK
MCSE Training Guide (70-219): Designing W2K Directory Services Infrastructure
Publisher: New Riders. Normal List Price: 49.99 - Sunbelt Bookclub Price: $35.99.
This exam measures your ability to analyze the business requirements
and design a directory service architecture, including: unified
directory services such as Active Directory and Windows NT domain;
connectivity between and within systems, system components & apps,
and data replication such as directory replication and data repli-
cation. Keep in mind if you already have MCSE certification on Win
NT 4.0 you can update your certification by just taking two exams-
the Accelerated Exam (70-240) and their choice of Designing Directory
Services Infrastructure (70-219), Designing Security for a Windows
2000 Network 970-220), or Designing Network Infrastructure (70-221).
You must also choose one of the three core electives-ICA Windows 2000
Professional (70-210), ICA Windows 2000 Server (70-215), I & A Win
2000 Network Infrastructure (70-216), I & A Windows 2000 Directory
Services Infrastructure (70-217).