Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Oct 25, 2001 (Vol. 6, #82 - Issue #317)
WinXP Officially Unleashed
This issue of W2Knews contains:
- EDITORS CORNER
- Today: WinXP Officially Unleashed / New SunPoll
- TECH BRIEFING
- Password Strength SunPoll Results
- NT/2000 RELATED NEWS
- CompTIA Integrated into MCSA Certification
- Want To Be A Security Expert?
- Is This Virus Real? Will It Affect NT or W2K?
- Microsoft Tablet PC A Year Away
- NT/2000 THIRD PARTY NEWS
- Interesting NT/W2K Industry News
- Why Do Your Own Data Migration?
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Server+ Certification Training Guide
AMAZINGLY, WITH 57% OF ALL NETWORK DATA BREACHES ORIGINATING ON
STOLEN COMPUTERS and 1000's of computers stolen daily, it's easy to
see why an unlocked notebook means a network that's vulnerable to data
theft and network hacking. Add in the costs of replacing all the data
and the stolen machine (15X original costs) and you begin to appreciate
why the Kensington MicroSaver(R) security cable makes so much sense.
To secure your network, click here:
Visit Kensington for more information.
Today: WinXP Officially Unleashed / New SunPoll
Well, better get ready for the onslaught of Microsoft's zillions of
marketing dollars at work. The coming few months it's going to be
interesting to watch if they are going to be able to make a big
impact or not. In the corporate environment where you and I live,
this is a foregone conclusion though. It's going to be slooooow.
Most of us are still in the process of migrating toward W2K, and
even that is progressing not that quickly. Just an example: Look at
the sales of last week's Book Of The Week: "Configuring W2K without
Active Directory". It rocketed up to #33 in general Amazon.com sales
after we sent out the last issue #316. I mean, even in Sunbelt we
haven't yet made the cutover to AD. We're getting closer though, our
Techs have been telling me for the last year [grin].
In my humble opinion WinXP is just finally "NT For Consumers" and
that is major progress in itself. But for our business environment
it's hardly an earth shattering event. However, you'd better believe
that MS marketing is going to do its darnedest to convince everybody
and their brother (including your CIO) to upgrade to WXP. But since
I'm the guy who makes that upgrade decision for Sunbelt, not for me
quite yet, thank you. I'm still recovering from upgrade fatigue.
Next is the new SunPoll. The question is simple. "Would you like
Microsoft to extend the deadline for MCSE Exam 70-240?"
Vote here, left column, scroll a little bit down. (Double votes
get nixed). http://www.w2knews.com
- Yes, I'd like it pushed back a year
- Yes, I'd like it pushed back 6 months
- Not really necessary
- Already passed it!
PS, we're thinking about a clone of W2Knews: a separate e-zine for
consumers and small business, called WinXPnews. That allows us to
continue to focus on technical and enterprise type topics in W2Knews.
Tell me what you think?
(email me with feedback: [email protected])
SPONSOR: Remote Control Power
WHY A COMMERCIAL BUT SUPER CHEAP REMOTE CONTROL TOOL?
Here's why: "Thanks a bunch for the help. Great service in a timely
manner, and let me add I too have used the gamut from VNC to Intel
LanDesk to Citrix MetaFrame and other 'not-so-white-hat' remote control
tools to admin many systems, and the Sunbelt Remote Administrator is
by far the best such tool I have used. Since things like backup, system
updates (not to mention security monitoring 24/7!) dictate some off-
hours system connections, using this product at home with a broadband
connection is as good as being 'on the LAN'. Thanks again." Move over,
pcAnywhere! Try it out yourself and get a 30-day eval over here:
Visit Remote Control Power for more information.
Password Strength SunPoll Results
Here are the results of how your colleagues are handling the issue
of passwords in their organizations. The SunPoll question was as
follows, and the final percentages are mentioned right after:
"As you know, passwords are very important to network security.
In your company have you implemented (for your users):"
So, the majority of you (37%) are relying in NT's built-in password
features, without any other frills, and another 36% have a strong
password policy implemented either by written policy or software.
- 24%: Strong password policy, enforced by AD and Group Policy
- 17%: Strong password policy, implemented via the Resource Kit tools
- 19%: Written policy about password strength
- 37%: No written policy, no additional tools implemented and
rely on NT/W2K's password functionality
- 2% : We do not use passwords at all for our users
Although organizations create these strong password standards, you
still have specific challenges when trying to execute these policies:
If your organization decides it wants to really have strong passwords,
(which is a choice that needs to be made consciously as it definitely
has repercussions) you would need to have something like 'consolidated
password policy management' in place:
- Native tools in the NT/W2K environment do not provide the ability
to enforce truly strong password policy on the level required to
really effectively protect your network
- Automated systems that compare and validate passwords against
illegal wordlists do not exist
Typically a job for some software tool.
- Enforce password length, minimum and maximum
- Enforce use of upper & lower case character (mixed case)
- Enforce use and position of special characters
- Enforce use and position of numeric characters
- Accept/Reject palindromes
- Accept/Reject repeating sequences
- Compare & Validate Passwords Against Illegal Wordlists
- 300,000 word English wordlist
- 4,000 word proper name wordlist
- Support for custom wordlists with wildcard support
NT/2000 RELATED NEWS
CompTIA Integrated into MCSA Certification
It's very good news that the existing CompTIA's A+, Network+ and
Server+ certifications have been integrated as electives into the
new Microsoft Certified Systems Administrator credential. The MCSA
certification is designed for IT pros working in the typically
complex computing environment of medium to large organizations,
but do not need to actually -build- networks. For more info:
Want To Be A Security Expert?
Here's your chance to see if you are up to snuff. NSA's New 60 Minute
Network Security Guide is available as a Beta. You can help review
NSA's new Security Guide. To download the guide, please, first read
form you will be granted access to a download link. Their terms of
use are: In return for early access to this draft document, I agree
to provide feedback within seven days including:
Return your comments to [email protected] with the subject "60 Minute comments"
The SANS Institute thanks you. Here is the link:
- any positive comments about the value of this document
- any errors identified in the guidance
- any missing elements that should be included
- any other comments or suggestions
Is This Virus Real? Will It Affect NT or W2K?
It's a good idea to check out for virus hoaxes before you panic.
There are a few sites that you can check before you pull your
network connection out of the wall. The hoaxes are major pain
in the neck, as usually you get a bunch of worried forwarding it
asking if they damaged their machines. Here are some sites that
report "HOAX or REAL".
McAfee's Virus Hoaxes:
Symantec's Hoax Page
Microsoft Tablet PC A Year Away
You will be able to get the new MS ultra-thin laptop, dubbed the
"Tablet PC", in your hot little hands the second half of 2002.
BillG announced this last Tuesday, when MS started handing out
the dev-kits to software developers so they can build apps.
Gates was speaking at the MS Professional Developers Conference over
at the LA Convention Center. He announced that MS works with both
hardware and software vendors to get this new hot puppy ready for
release by the end of next 2002. And of course it's running a
flavor of NT that by then will likely be 6.0 or something. (I'm
calling WinXP by my own count NT V5.1) [grin]
THIRD PARTY NEWS
Interesting NT/W2K Industry News
To start with, NetIQ (which by now is the 800-pound gorilla in the
NT/W2K system management tools developer space) reported first quarter
operating earnings of 17 cents a share, and did 60Mil in its Q1 that
ended Sept 30. Pretty decent.
Dell has committed to sell EMC's line of Clariion storage units. A
good solution for both parties. Storage is still growing almost 100%
per year in most outfits, but budgets are growing at single digits.
You are being asked to do more with less. Time for a Storage Resource
Management type tool to manage all that stuff. Stay tuned for the new
StorageCentral V5.0 we'll announce next week.
NSI Software, the developer of Double-Take made a deal with
Marathon to deliver a High-Availability / Disaster Recovery combo.
I'm aware of a few more deals in this space that will be announced
One of SANS most popular instructors, Eric Cole, has agreed to
present a special class that highlights the key hacker exploits and
defenses from his incredibly successful new book, "Hackers Beware."
The inaugural offering of this on-the-road training opportunity will
be in Washington DC, November 28, 2001 in conjunction with the CDI
East Conference. The description of this course can be found at:
Why Do Your Own Data Migration?
Imagine your boss owns a 5000 square foot house and every room is
full of old heavy hardwood antique furniture, irreplaceable artwork,
expensive crystal, one-of-a-kind family heirlooms, and the like.
Every piece in every room has a specific place, order and function
for each room. If one piece were lost, broken, or misplaced it
would throw the rest of the house out of order. Get the idea?
Now, your boss comes and tells you that you are personally responsible
for moving EVERYTHING from that house to his NEW 5000 square foot home.
He doesn?t care how you get it done just as long as nothing gets lost,
broken, or misplaced along the way. We are talking about everything
from the dining room table down to the little baggie of twist ties
in the junk drawer in the kitchen under the microwave. And by the
way, this move can?t happen during work hours of course.
Now. Let me ask you a question. Would you do it, or would you hire
a professional mover? If your answer was ?Somebody get me the number
to Two Guys and A Truck!? then let me ask you this:
Why do your own data migration?
Sunbelt Services System Engineers can handle your data migration for
you. Let?s face it. Data migration is the one project that holds
the most amount of liability attached to it. You want to make sure
that it gets done right and secure as well as fast.
That is where our experienced staff comes in. Regardless of whether
you are moving platforms or installing SANs, our professionals can
get the job completely done, and done right. So give us a call.
For more information contact:
Sunbelt Software, Inc
101 N. Garden Ave.
Clearwater, FL 33755
1-800-688-8404 Ext. 214
This Week's Links We Like. Tips, Hints And Fun Stuff
Trying to find out if you are eligible for a retail WinXP upgrade package?
Ten IT Career Tips from a 30-year veteran who now is a CIO. Useful insights!
Here is a techie-site that has a bunch of good tips about upgrading to WinXP.
PRODUCT OF THE WEEK
Server+ Certification Training Guide
Now that this is an elective for MCSA, get 35% percent discount
on this puppy at the W2Knews BookClub! If you plan to get your
Server+ certification, which measures essential competencies in
advanced PC hardware issues such as RAID, SCSI, multiple CPUs,
SANs, and much more, this Training Guide has what you need to pass.
Elton Jernigan brings you an excellent resource that not only will
help you pass the exam, but will also prove to be a handy, concise
reference for managers and technicians who must select and implement
hardware for network servers. You will benefit from his insight as
a 27-year veteran of the IT industry.