- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Mar 5, 2001 (Vol. 6, #14 - Issue #249)
Earthquakes and Disaster Recovery
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • Your Own W2Knews Profile
  2. TECH BRIEFING
    • Earthquakes and Disaster Recovery
  3. NT/2000 RELATED NEWS
    • Microsoft Crack: Password Left Blank During Server Config.
    • How Did Microsoft Do in 2000? Pretty Good.
    • Careful With Active Directory 'Link Value Replication' Bug
  4. NT/2000 THIRD PARTY NEWS
    • New White-Paper on AD implementation
    • Did You Know About The Sunbelt Communities?
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • Exchange 2000 Server Administration: A Beginner's Guide
  SPONSOR: NTP SOFTWARE
HOW MANY HOURS DO YOU SPEND PUTTING OUT APPLICATION AND NETWORK FIRES?
NTP Software System Sentinel pinpoints problems or failures and takes
corrective actions immediately. It monitors: - Critical applications
(e.g., email, e-business, client/server, web & line-of-business)
- Windows NT/2000 event logs, performance & services - UNIX & Linux
servers & SYSLOGs - TCP/IP (Hubs, routers, switches, workstations, PCs,
& Terminals) - Preconfigured templates for: Windows NT/2000, Exchange,
SQL, Proxy, IIS, SMS, Lotus Notes/Domino and more:
Visit NTP SOFTWARE for more information.
  EDITORS CORNER

Your Own W2Knews Profile

Hi All,

Two events have come together nicely. The new version of Lyris with a SQL back-end went well and it is up & running. We are debugging one last thing but having SQL7.0 as the engine now allows us to give you a choice. The second event is that you practically universally just love the new HTML version. Thanks a lot for your great feedback. So, what choice do you now have? You will shortly get an invitation to have W2Knews at all times in HTML or in TXT!

Instead of one TXT version on Monday and an HTML version on Thursday, you'll be able to get HTML on both days, or TXT on both days. We'll create a SQL-based profile where you can opt-in for either of these choices, and if you want to get the news in French or German as well. As you can imagine, I'm pretty stoked about this new option [grin]. You'll get a separate email one of the coming weeks where you'll be able to take your pick :-)

And another fairly exciting announcement is the Sunbelt has teamed up with a leading security consulting firm and that we'll be able to get you a whole range of dedicated security services. More on this very soon. Let's have a look at the relevant news items these last few days.

Warm regards,

Stu Sjouwerman
(email me with feedback: [email protected])

  SPONSOR: STAT
WIN NT = HACKER TARGET #1
Ever had the feeling of ACUTE PANIC that a hacker has invaded your
network? Plug NT/2000's 1,000+ holes before they plug you. You_have_to
protect your LAN_before_it gets attacked. STAT comes with a responsive
web-update service and a dedicated Pro SWAT team that helps you to hunt
down and kill security holes. Built by anti-hackers for DOD sites.
Download a demo copy before you become a statistic.
Visit STAT for more information.
  TECH BRIEFING

Earthquakes and Disaster Recovery

Part of the State of Washington has been declared an official Disaster Area after the Quake this week. No wonder, as the early estimates of the damage are something like $2 Billion. And let me tell you that when they are done, they will find much more hidden damage and it's likely to be double that amount.

We have all seen either TV-footage or we streamed AVI's to see how badly it was all shaking. I saw some server room being roughed up. All the machines were banging each other up as if trying to get the other box off the rack and onto the ground. Interesting and scary at the same time. But this recent event gets ONE very clear message across. If your business is worth anything to you, you just GOTTA have disaster recovery in place.

It's usually floods or fires, but something like 6.8 on the Richter Scale can be pretty devastating too. Good example of a flood was something happening in Texas the other day. Crew from a telecom outfit was putting in fiber and ripping open the streets. One of the guys with a jackhammer hits a big water main. An hour later the underground parking garage with three levels of cars right next to it was completely underwater. Damage: more than 2 million. What would have happened if that was your server room instead?

Offsite Disaster Recovery is not an option. It's a MUST. The math is simple. Downtime costs many thousands of dollars per hour. Lost data is even much more costly. You cannot afford to NOT have some kind of offsite assurance. There's many ways to do it. You can take nightly backup tapes home, or send them out of state. But that still causes a whole day of data loss. I just did the math. One day of downtime would cost Sunbelt US $48,000.

Many of us cannot afford a whole day of data loss! Especially if you have any kind of Internet commerce enabled servers running and you would lose transactions. So for your webserver/cluster or for whole WebFarms this is one of the things that are part and parcel of preventing downtime.

There is a good 'Real World Solutions' write-up on the Double-Take page I suggest you read. It's at the end of the page in the 'White Papers, Documents and Other Files' section and called Real World Solutions: Web Server Farms (PDF-129,493 bytes) This is the time to get approval for these kinds of tools! Check it out now over at:
http://www.sunbelt-software.com/product.cfm?id=111

  NT/2000 RELATED NEWS

Microsoft Crack: Password Left Blank During Server Config.

Paul Thurott's WinInformant site reported on the following story that I think is worth your attention. There is finally some more data about the recent MS-crack. Bob Herbold, one of the MS veterans who is retiring his COO position gave a lecture at the University of Washington Business School and explained what happened.

Herbold said that human error was to blame, and not a bug in any particular software product. He added that usually these kinds of cracks can be traced back to people, not software. In this particular case, some one left a password blank when they configured a server.

The attacker came though an employee's PC, and then did a search & discovery for a server with a blank password. He found an NT 4.0 server, and then gained access to the MS network and had fun roaming around all over the place. What he did not know, it that MS was on his trail after a while and monitored his movements trying to catch the intruder.

Once they found out that the cracker had been looking at source code, they pulled in the FBI and went public. They are still in the process of investigating. A lot of details are not known yet, including how the cracker got access to begin with to the PC. Lessons learned: 1) ALWAYS, ALWAYS, ALWAYS plug a mind numbingly difficult password when configuring your servers. Seven characters is ideal, and include things like %$#*. Take a normal word for instance, like the date of this issue which is March05, but change some characters so it is easy to remember but difficult to crack, e.g. [email protected]#05.

2) Have telecommuting employees that are on a broadband connection run personal firewalls that keep enemy traffic OUT, but also keep that PC from reaching out to unauthorized sites. You have to shut off both incoming and outgoing traffic. The latter is something most people forget.

How Did Microsoft Do in 2000? Pretty Good.

I just got a Press Release from IDC, one of the foremost industry analysts, especially in the area of 'market share drilldowns'. They have some interesting news. The reason for these releases BTW is to announce their reports. These cost $1,500 and are for companies that rather pay for this research than having to do their own.

So, what was the MS-related news? Despite the MS battle with the US Dept of Justice, it has increased its iron grip on the server OS market. According to IDC, Windows accounted for 41% of server operating environment (SOE) shipments and an overwhelming 92% of shipments for the client operating environment (COE).

"The strong are getting stronger," said Dan Kusnetzky, vice president of IDC's Operating Environments research. "In what could have easily been a tough year for Microsoft because of its transition to Windows 2000, the company managed to increase its position in both the client and the server operating environments market."

Microsoft's SOE shipments jumped 20% in 2000 while the overall market's growth was less than 13%. With 24% growth, Linux was the only other category of operating environment to increase its shipments faster than Microsoft - or to increase its shipments at all. That's pretty much what I said in my last issue, but now I have some backing [grin].

Linux continues to garner backing from some big guns in the IT industry, helping to drive its growth. IBM, Hewlett-Packard, and Dell are all shipping workstations and low-end servers with Linux as the OS.

"Critics and nonbelievers can no longer dismiss the Linux market as a fad," said Al Gillen, research manager for IDC's Operating Environments program. "If leading hardware vendors are willing to risk their credi- bility by endorsing and placing Linux systems in the market, it's easy for customers to conclude there must be something real about Linux."

The IDC reports this comes out of (and have a LOT more data) are called 'Server Operating Environments: 2000 Year in Review (IDC #B23731) and Client Operating Environments: 2000 Year in Review (IDC #B23849).

Careful With Active Directory 'Link Value Replication' Bug

Network World reported that AD has a bit of a bug you need to work around for the coming year. It's been there for a while already but will only be fixed in the new Windows XP Server, so you will have to upgrade your domain controllers to WXP to get rid of this puppy.

It's a security related issue in AD that can cause changes to user groups to be dropped before being recorded. The flaw centers on the requirement that admins manage user groups as a single entity, or attribute, and not by individual user, a concept called "multivalued attributes." Multivalued attributes force administrators to update an entire attribute, or list, to add or delete even a single user. If two administrators make changes to the same list, one set of changes is dropped out during replication as part of conflict resolution.

One result could be that a user deleted from a group membership by one admin could be returned to the group and retain group access rights and permissions due to the work of another admin. Sloppy, and a security risk. You can get around it by centralizing admin of group membership lists. But you want to be able to delegate that stuff, so it's a headache.

Microsoft says the best way to avoid the problem is to make all group membership changes on a single domain controller, which prevents replication conflicts.

If you are in the process of implementing AD, here is a good little nugget. MS just released the free NT 4.0 Active Directory Client [1.48M] A new Active Directory client has been released for Windows NT 4.0 (SP 6a required) systems, allowing "legacy" systems to play nice with W2K AD environments. It should be noted that several AD features are still not available to either Windows 9x or NT 4.0 clients. Check out:
http://microsoft.com/windows2000/news/bulletins/adextension.asp

And while you are at it, here is another white paper. This time from MS on how they did their in-house AD roll-out. Good "how to" reading.
http://www.microsoft.com/technet/showcase/w2kacdir.asp

  THIRD PARTY NEWS

New White-Paper on AD implementation

Today's conventional wisdom concerning Windows 2000 speaks to its stability and reliability as an OS server platform. However, when considering Active Directory, most enterprises are holding back due to:

1) High costs of implementation in both money and time

2) The dynamic nature of their organizations and ADS'seeming inability to evolve along with them

3) Lack of 3rd party tools that streamline routine administrative operation

A lot of us are still studying the issue of how to implement AD. We have a new white-paper for you that will shed some light on part of the relevant issues.

One solution that offers secure delegation capability combined with task automation and consolidation today is Trusted Enterprise Manager (TEM) from MDD Inc. TEM offers secure, centralized management and enforcement of network policy along with controlled delegation, including built-in accountability and reporting. Read MDD's position paper on these issues and see how TEM can help you achieve full delegation capability in Windows 2000. It's in the 'White Papers, Documents and Other Files' section, the second file. Download here:
http://www.sunbelt-software.com/product.cfm?id=255

Did You Know About The Sunbelt Communities?

We have a few very popular communities that we support as a service to the industry. It's all via our free list server. You can subscribe to these peer-support groups and both help others and receive help if your're stumped and need some one as a sounding board. We are all coping with similar problems! Underneath are the lists with a short description and a link to each List Charter where you can read the Rules (ON TOPIC, NO NOISE and FRIENDLY) and subscribe to the lists.

Here they are:

Disaster Recovery - 1000+ Members
Sunbelt Software hosts this list to invite the free and open discussion of Disaster Recovery Administration and Tech Issues. This list is intended to be a forum to discuss how to plan, implement and keep Disaster Recovery installations up & running in a production environment.
http://www.sunbelt-software.com/dr_list_charter.htm

MS SQL Admin Issues 1,100+ Members
Sunbelt Software hosts this list to invite the free and open discussion of Microsoft SQL Administration Issues. This list is intended to be a forum to discuss how to keep SQL up & running in a production environment, and as help to pass the SQL Certification Exams.
http://www.sunbelt-software.com/dr_list_charter.htm

NTSYSADMIN 5,400+ Members
Sunbelt Software hosts this list to invite the free and open discussion of Windows NT/2000 System Administration Issues. This list is intended to be a forum to discuss how to keep NT Servers up & running in a production environment.
http://www.sunbelt-software.com/ntsysadmin_list_charter.htm

MS-Exchange Admin Issues 3,000+ Members
Sunbelt Software hosts this list to invite the free and open discussion of Microsoft Exchange Administration Issues. This list is intended to be a forum to discuss how to keep Exchange up & running in a production environment, and as help to pass the Exchange Certification Exams.
http://www.sunbelt-software.com/exchange_list_charter.htm

Issues re MCSE Study 3,000+ Members
Sunbelt Software hosts this list to invite the free and open discussion of MCSE Certification Issues. This list is intended to be a forum to discuss how to obtain Microsoft Certification.
http://www.sunbelt-software.com/mcse_list_charter.htm

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

Sony bundles NEW tape utilities. Get a Sneak Peak and FREE Demos
http://www.sunbelt-software.com/redir.cfm?id=030501FL-NOVASTOR

Need B2B e-commerce software built exclusively for Microsoft?
http://www.sunbelt-software.com/redir.cfm?id=030501FL-INFOMECH

SQL Probe, pretty good Microsoft SQL Server DBA Monitoring and
Performance Tuning Solution.
http://www.sunbelt-software.com/redir.cfm?id=030501FL-SQLPROBE

  PRODUCT OF THE WEEK

Exchange 2000 Server Administration: A Beginner's Guide

Was written by Bill English and Nick Cavalancia. It's a comprehensive book targeting those who are new to the E2K product (which is darn near everyone ;-). Implement and manage Microsoft's leading messaging and collaboration system using this instructive guide. You'll quickly learn everything you need to deploy and administer E2K effectively, and learn about migration and coexistence with Exchange 5.5 Server. If you are a Windows administrator new to Exchange 2000 Server, this is the book for you. You can see more about the book over at Amazon:
http://www.sunbelt-software.com/redir.cfm?id=030501BOW-Exchange