Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Feb 5, 2001 (Vol. 6, #7 - Issue #241)
Tell Your Friends!
This issue of W2Knews contains:
- EDITORS CORNER
- More On the W2Knews HTML Version / New SunPoll
- TECH BRIEFING
- Tell Your Friends! Stat Scanner For Free
- NT/2000 RELATED NEWS
- Securing Credit Cards
- What's The New SMS Version All About?
- 'Read The Fine Manual'
- NT/2000 THIRD PARTY NEWS
- Special Feb-2001 Storage Management Offer
- Tired of Stupid Questions From Users?
- Push Change Permissions Down A Tree!
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- A+ Certification Concepts and Practice
MONITOR AND MANAGE INTERNET USE - FREE TRIAL!
If you're not managing Internet access, you're asking for
trouble. SurfControl, the #1 market leader in Internet
filtering improves employee productivity, frees up network
traffic and reduces legal threats. Find out exactly WHO is
doing WHAT, WHEN, and WHERE on the Internet. SurfControl
monitors, records and controls all TCP/IP protocols.
*FREE* 30-day trial.
Visit SurfControl for more information.
More On the W2Knews HTML Version / New SunPoll
First of all, thanks VERY MUCH for the many hundreds of responses
we got on the new HTML version. The vast majority of you loves it!
But about 25% of you does not like HTML, and told me why. Good
reasons too I might add. But first, I think I may not have been
completely clear about how we are going to implement TXT vs. HTML
I talked about it since December, and already got a lot of feedback
from you, so this is the way we are going to proceed. The normal
TXT based issue will continue to appear on Monday. No change there.
On Thursdays you will get an HTML version, and since you wanted
the choice, this is a fully separate list called W2Knews-html.
So, you can choose to receive just TXT, or both TXT and HTML (or
neither of course if you are getting tired of me :-)
Since 75% of you wants HTML, I chose for the 'most efficient & least
resources' approach. Next week, I'll send a TXT-based message to
everyone, that allows you to UNSUB from the W2Knews-html list. It's
a 'one-click' unsubscribe. But you will still get this normal TXT
based newsletter on Mondays! If you would unsub like this, it'd be
great. Thanks very much in advance.
And you can always go to the new www.w2knews.com to read the Thursday
html issues via the website there. Oh, and your privacy is just as
protected with our HTML newsletter as with the existing TXT one. I'm
looking forward to being able to get you the latest NT and W2K news
in both formats.
And talking about that, how is everyone thinking about MCSE for W2K?
The result of the most recent SunPoll is revealing. The question was
"Which one of these W2K MCSE core exams will you be doing first?"
- Windows 2000 Professional 42.48% - 421 votes
- Windows 2000 Server 10.89% - 108 votes
- Windows 2000 Network Infrastructure - 4.13% - 41 votes
- Windows 2000 Directory Services Infrastructure - 3.93% - 39 votes
- None, I am too upset with Microsoft that they will nix my NT MCSE end of this year. 38.54% - 382 votes
This proves first and foremost, about 60% of you are looking to get
certified for W2K. Option #5 (forget it Microsoft!) came out a close
second. Many of these will pursue other certifications like Cisco and
Linux I'm sure. Our sponsor just below this Editor's Corner has an
interesting offer for you if you want to go the Cisco route. Getting
a bigger paycheck is what certification has been all about in the
past. And it will remain the case in the future. In a few years I
think most of the MCSE's will choose to get W2K certified after all,
and the fact that the next version of W2K (which I nicknamed W2K2)
will grandfather in your W2K cert may help make that decision.
Next, here is our NEW SUNPOLL:
"The media are rife with bad economic news. How is this influencing
your budgets for system management tools?"
- Not at all. Budgets have been set and I can spend the approved dollars.
- Management told us to watch our cost a bit more, nothing drastic though.
- We are reducing our headcount and actually need more tools.
- All my tools budgets have been put on ice.
- I'm looking for a new job, my resume is on-line!
Please vote here, it's the first thing you see on the left side.
And after voting, you can pick up your free copy of the STAT Discovery. Read all about it in the Tech Briefing of this week.
(email me with feedback: [email protected])
SPONSOR: CISCO CERTIFICATION WITH TEKNOWLOGY
CISCO CERTIFICATION WITH TEKNOWLOGY
Want to earn $15,000 to $20,000 more per year? Looking for a Hot
Commodity in computer networking? Prepare for the Cisco Certified
Network Associate exam with Teknowlogy Professionals' innovative
course! Teknowlogy Professionals has helped students all over the
country prepare for challenging and exciting careers through their
proprietary courseware. No one else does it like us, with our
specially-developed combination of lecture and hands-on training!
Visit CISCO CERTIFICATION WITH TEKNOWLOGY for more information.
Tell Your Friends! Stat Scanner For Free
Jeez, these software vendors nowadays! How are they going to make
any money when they give their stuff away for free? Now another one
(Harris) has decided to donate a large chunk of their previously
"for sale only" code for you to download and run without cost.
You all remember STAT (at least I hope :-). It's a market leader
in NT/W2K vulnerability scanning. In its earlier incarnations, the
demo was only something like the 20 most common holes. But NOW...
they are giving away the whole kit and kaboodle: all the around
1,000 known NT/W2K holes are in the FREE STAT DISCOVERY KIT.
It's really unbelievable. I just downloaded this puppy and ran it
on my brand new Dell Dual 933 box, with W2K SP1 installed. I'm
embarrassed to say it found 2 High Risk holes, 20 medium Risk, and
53 low risk vulnerabilities. Dang! But the good thing is that I
did not pay anything for it.
This free Discovery Scanner has a 'nag' screen at the start, and
after the scan it comes back with a little report that said: "It
will take approximately 58 hours to fix 75 Vulnerabilities manually.
STAT AutoFix (tm) can fix many of them automatically in a fraction
of the time". The numbers will change with the amount of holes it
found. This is what it said after the scan on my box. And there is
the angle of course. They want you to buy the full version of STAT
which works network-wide and has the auto-fix feature.
But still, with the free Discovery, you can click on each hole,
and it brings you to the statonline website where it explains what
this vulnerability means. So, they will surely get some web-traffic
next week! Now remember: Download from the Sunbelt site, check the
vulnerabilities on the Harris site but when you decide to buy this
tool, come back to Sunbelt to buy it?
That's the least you can do in exchange for me telling you about
this unbelievably cool opportunity [grin]. So, this is why I gave
this item the title "Tell Your Friends!". Cut and Paste this little
article and distribute it to everyone you know with either an NT or
a W2K Box. They will owe you a ~B I G~ favor. But Enough talk.
GO GET THIS PUPPY NOW! The only thing you need to do is fill out the
download form at the very end of the STAT product page.
NT/2000 RELATED NEWS
Securing Credit Cards
In the article on Egghead in issue 238, January 22-nd I commented
that any online shops or e-commerce sites should "age off" cards of
people after 3 months. Nigel Ball suggested this advice doesn't go
far enough. He said that online shops in an NT/2000 environment
should consider either:
- removing from their databases critical card data (e.g., the last
few digits of the card number) as soon as the payment is confirmed;
- encrypting customer's personal details using a key that is _not_
held in the same database as the customer's record;
- moving customer's personal details to a separate database that
is not accessible from the web server as soon as possible;
or some combination of the above. Keeping customer's credit card
details for up to 3 months may limit the online shop's exposure but
it still provides an unnecessary "window of opportunity" for criminal
What's The New SMS Version All About?
ZDNet recently reported about the latest SMS version code-named
Topaz. SMS is not dead, as many people expected it to be folded
into W2K, but it looks like that 'aint gonna happen'. There is
going to be a new beefed-up version.
Microsoft looks like it definitely wants to stay into Windows
plumbing. They built its management technologies team to 500 staff
and are putting more pieces of the puzzle in place. These coders
are working on stuff like SMS, Terminal Services, Intellimirror
and Windows Management Instrumentation interfaces.
As you know, one of MS's BackOffice Servers is called Systems
Management Server (SMS for short.) This is the module for admins
in large environments. SMS gets you hardware and software inventory,
software license metering, distribution and installation of software,
and remote control.
Looks like Topaz will arrive in Beta form somewhere this summer, and
at roughly the same time Service Pack 3 for SMS version 2.0 will be
released. The main new feature in SP3 is that it will allow you to
roll out Whistler (W2K2) Professional to all the workstations in
Topaz will have closer integration with the Active Directory, better
cluster server support, improved remote-user support, and improved
reporting which certainly was needed seen the immense amount of raw
data that SMS generates. It looks like MS will try to get rid of
overlap between SMS and Windows, by separating functions into either
one or the other. Obviously this has something to do with the .Net
architecture they are working toward. SMS will support XML and SOAP.
'Read The Fine Manual'
Knowing that MS has had 4 name servers on the same subnet and got
punished for it, this came out of one of their own manuals:
"Generally, plan to install the primary and secondary
servers on different subnets to provide continual
support for DNS name queries if one subnet should go
The minimum number of DNS servers needed to serve
each zone is two -- a primary and a secondary -- to
provide database redundancy. As with any fault
tolerant system, the computers should be as
independent as possible, for example, by placing the
primary and secondary servers on different subnets".
Lesson: RTFM [grin]
THIRD PARTY NEWS
Special Feb-2001 Storage Management Offer
Storage is exploding. NAS, SAN's, RAID, 80Gig drives, you name it.
How the heck are you going to keep all that stuff under control?
Automate this disk babysitting chore! For every $1,000 dollars ordered
for Quinn Products (Storage Central, Quota Advisor, Disk Advisor),
Sunbelt will give you a value of $500 of either Autopilot or the brand
new security tool Fortress NT/2000. Offer valid only for the month of
Feb-2001 so better hurry.
Here are the links. Check it out:
Fortress NT/2000: http://www.sunbelt-software.com/product.cfm?id=677
Tired of Stupid Questions From Users?
One of the most complained about perpetual problems is end-users
endlessly calling you with questions that normally can be answered
like: "Did you check if the power is on?". Things like asking for
the 'any-key' they cannot find, and other complete wastes of time.
They always call at the wrong moment, are disruptive, a pain, and
unfortunately a necessary evil. Who else do we maintain these systems
for otherwise? The ideal scene would of course be to simply have no
end users at all. Wouldn't that be heaven?
Well, the next best thing is to at least have them trained on a level
they can understand, and get rid of those stupid questions. It may
even help to make them more productive. We found a very useful
brand new little web-based course that gets completely PC illiterate
end-users grooved into what a PC and a Network is, how it works, and
how to solve simple problems. It's also really fun to do. Two cartoon
characters take you through the course and explain the internals.
We decided to offer this course as a means to help offload some of
the "Stupid Question Syndrome" we all suffer from at regular times.
There is a little example section on our website you can look at
which explains what RAM is. (You need macromedia flash to see it).
We hope it will help wearing the 'helpdesk-hat' a little more
bearable. And who is the developer?
Competence Software Corporation, one of the most effective online
learning companies in the world, created this new course. Their
courses have been given top ratings by http://www.lguide.com
with ratings above Harvard University online courses. I think this new
online course will be the first and only course you will ever need
to give PC users a thorough understanding of computer basics from
Pascal's adding machine in the 1700s to today's PC's and networks.
There are 35 lessons in the course covering subjects from the GUI
down to how a computer uses binary numbers (and clearly showing the
simplicity of what binary counting really is) to calculate, process
data, display graphics, play sound, etc. Students completing the
course will gain a thorough understanding the basics of hardware,
operating systems, application software and networking.
General Electric says of Competence Software's earlier released
course, "... an ideal tool for our staff who need a basic, easy to
use package for self-study training." Rid yourself of timewasters:
Push Change Permissions Down A Tree!
Security Explorer is a powerful and intuitive utility to search
for and modify Windows NT security on NTFS drives, the Registry,
and Shares. You can search across subdirectories for permissions,
grant, revoke, and clone permissions across subdirectories without
affecting any other user's permissions.
Select 50 shares on a server, and grant permissions to multiple
users and groups at one time. Export permissions to a database for
further analysis and reporting. Back up your file permissions and
restore them if necessary. Set ownership on files and directories.
Seamless integration with the Windows NT 4.0 Desktop (right-click
just about anywhere).
Security Explorer makes finding security holes and fixing them a snap!
New Product Features:
New: Fully supports the new NTFS inheritance model found in W2K.
New: Auto-detect the operating system when making permissions changes
on remote servers, so you can use Security Explorer safely in a
mixed (NT/W2K) environment.
New: Allows you to override protected objects, and allow the
permissions modifications to propagate down to all subdirectories, files, and folders, including protected objects.
New: Fully supports Windows 2000's set of extended permissions
Security Explorer in Single Copies is available through the Sunbelt
Online Shop with instant online delivery. For multiple copies, talk
to one of our Reps or Resellers. Here's the product specs.
This Week's Links We Like. Tips, Hints And Fun Stuff
FREE Group Policy eBook by industry gurus Darren Mar-Elia and Sean
Reboot Remote Equipment. Register to WIN a new APC Masterswitch!
#Money Talk$. The BrainBuzz Salary Wizard is a pretty useful tool:
PRODUCT OF THE WEEK
A+ Certification Concepts and Practice
The new A+ Certification Test by Comp TIA will be one of the toughest ever to pass. There are tons of new areas and topics that you'll need to master. Experts stress that you need to do everything possible to prepare for this new test. If you want to improve your chances of passing and want to see more job offers from getting certified, you need the one total learning package available to pass the new exam! Normally $86.04. Now in the Sunbelt bookclub for only: $39.95