- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Oct 25, 2001 (Vol. 6, #82 - Issue #317)
WinXP Officially Unleashed
  This issue of W2Knews™ contains:
    • Today: WinXP Officially Unleashed / New SunPoll
    • Password Strength SunPoll Results
    • CompTIA Integrated into MCSA Certification
    • Want To Be A Security Expert?
    • Is This Virus Real? Will It Affect NT or W2K?
    • Microsoft Tablet PC A Year Away
    • Interesting NT/W2K Industry News
    • Why Do Your Own Data Migration?
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Server+ Certification Training Guide
  SPONSOR: Kensington
and 1000's of computers stolen daily, it's easy to
see why an unlocked notebook means a network that's vulnerable to data
theft and network hacking. Add in the costs of replacing all the data
and the stolen machine (15X original costs) and you begin to appreciate
why the Kensington MicroSaver(R) security cable makes so much sense.
To secure your network, click here:
Visit Kensington for more information.

Today: WinXP Officially Unleashed / New SunPoll

Well, better get ready for the onslaught of Microsoft's zillions of marketing dollars at work. The coming few months it's going to be interesting to watch if they are going to be able to make a big impact or not. In the corporate environment where you and I live, this is a foregone conclusion though. It's going to be slooooow.

Most of us are still in the process of migrating toward W2K, and even that is progressing not that quickly. Just an example: Look at the sales of last week's Book Of The Week: "Configuring W2K without Active Directory". It rocketed up to #33 in general Amazon.com sales after we sent out the last issue #316. I mean, even in Sunbelt we haven't yet made the cutover to AD. We're getting closer though, our Techs have been telling me for the last year [grin].

In my humble opinion WinXP is just finally "NT For Consumers" and that is major progress in itself. But for our business environment it's hardly an earth shattering event. However, you'd better believe that MS marketing is going to do its darnedest to convince everybody and their brother (including your CIO) to upgrade to WXP. But since I'm the guy who makes that upgrade decision for Sunbelt, not for me quite yet, thank you. I'm still recovering from upgrade fatigue.

Next is the new SunPoll. The question is simple. "Would you like Microsoft to extend the deadline for MCSE Exam 70-240?"

  • Yes, I'd like it pushed back a year
  • Yes, I'd like it pushed back 6 months
  • Not really necessary
  • Already passed it!
Vote here, left column, scroll a little bit down. (Double votes get nixed). http://www.w2knews.com

PS, we're thinking about a clone of W2Knews: a separate e-zine for consumers and small business, called WinXPnews. That allows us to continue to focus on technical and enterprise type topics in W2Knews. Tell me what you think?

Warm regards,

Stu Sjouwerman
(email me with feedback: [email protected])

  SPONSOR: Remote Control Power
Here's why: "Thanks a bunch for the help. Great service in a timely
manner, and let me add I too have used the gamut from VNC to Intel
LanDesk to Citrix MetaFrame and other 'not-so-white-hat' remote control
tools to admin many systems, and the Sunbelt Remote Administrator is
by far the best such tool I have used. Since things like backup, system
updates (not to mention security monitoring 24/7!) dictate some off-
hours system connections, using this product at home with a broadband
connection is as good as being 'on the LAN'. Thanks again." Move over,
pcAnywhere! Try it out yourself and get a 30-day eval over here:
Visit Remote Control Power for more information.

Password Strength SunPoll Results

Here are the results of how your colleagues are handling the issue of passwords in their organizations. The SunPoll question was as follows, and the final percentages are mentioned right after: "As you know, passwords are very important to network security. In your company have you implemented (for your users):"

  • 24%: Strong password policy, enforced by AD and Group Policy
  • 17%: Strong password policy, implemented via the Resource Kit tools
  • 19%: Written policy about password strength
  • 37%: No written policy, no additional tools implemented and rely on NT/W2K's password functionality
  • 2% : We do not use passwords at all for our users
So, the majority of you (37%) are relying in NT's built-in password features, without any other frills, and another 36% have a strong password policy implemented either by written policy or software.

Although organizations create these strong password standards, you still have specific challenges when trying to execute these policies:

  • Native tools in the NT/W2K environment do not provide the ability to enforce truly strong password policy on the level required to really effectively protect your network
  • Automated systems that compare and validate passwords against illegal wordlists do not exist
If your organization decides it wants to really have strong passwords, (which is a choice that needs to be made consciously as it definitely has repercussions) you would need to have something like 'consolidated password policy management' in place:
  • Enforce password length, minimum and maximum
  • Enforce use of upper & lower case character (mixed case)
  • Enforce use and position of special characters
  • Enforce use and position of numeric characters
  • Accept/Reject palindromes
  • Accept/Reject repeating sequences
  • Compare & Validate Passwords Against Illegal Wordlists
  • 300,000 word English wordlist
  • 4,000 word proper name wordlist
  • Support for custom wordlists with wildcard support
Typically a job for some software tool.

CompTIA Integrated into MCSA Certification

It's very good news that the existing CompTIA's A+, Network+ and Server+ certifications have been integrated as electives into the new Microsoft Certified Systems Administrator credential. The MCSA certification is designed for IT pros working in the typically complex computing environment of medium to large organizations, but do not need to actually -build- networks. For more info:

Want To Be A Security Expert?

Here's your chance to see if you are up to snuff. NSA's New 60 Minute Network Security Guide is available as a Beta. You can help review NSA's new Security Guide. To download the guide, please, first read over the terms of use. By agreeing to the terms and submitting the form you will be granted access to a download link. Their terms of use are: In return for early access to this draft document, I agree to provide feedback within seven days including:

  1. any positive comments about the value of this document
  2. any errors identified in the guidance
  3. any missing elements that should be included
  4. any other comments or suggestions
Return your comments to [email protected] with the subject "60 Minute comments" The SANS Institute thanks you. Here is the link:

Is This Virus Real? Will It Affect NT or W2K?

It's a good idea to check out for virus hoaxes before you panic. There are a few sites that you can check before you pull your network connection out of the wall. The hoaxes are major pain in the neck, as usually you get a bunch of worried forwarding it asking if they damaged their machines. Here are some sites that report "HOAX or REAL".

CERT Institute:

McAfee's Virus Hoaxes:

Symantec's Hoax Page

Microsoft Tablet PC A Year Away

You will be able to get the new MS ultra-thin laptop, dubbed the "Tablet PC", in your hot little hands the second half of 2002. BillG announced this last Tuesday, when MS started handing out the dev-kits to software developers so they can build apps.

Gates was speaking at the MS Professional Developers Conference over at the LA Convention Center. He announced that MS works with both hardware and software vendors to get this new hot puppy ready for release by the end of next 2002. And of course it's running a flavor of NT that by then will likely be 6.0 or something. (I'm calling WinXP by my own count NT V5.1) [grin]


Interesting NT/W2K Industry News

To start with, NetIQ (which by now is the 800-pound gorilla in the NT/W2K system management tools developer space) reported first quarter operating earnings of 17 cents a share, and did 60Mil in its Q1 that ended Sept 30. Pretty decent.

Dell has committed to sell EMC's line of Clariion storage units. A good solution for both parties. Storage is still growing almost 100% per year in most outfits, but budgets are growing at single digits. You are being asked to do more with less. Time for a Storage Resource Management type tool to manage all that stuff. Stay tuned for the new StorageCentral V5.0 we'll announce next week.

NSI Software, the developer of Double-Take made a deal with Marathon to deliver a High-Availability / Disaster Recovery combo. I'm aware of a few more deals in this space that will be announced very soon!

One of SANS most popular instructors, Eric Cole, has agreed to present a special class that highlights the key hacker exploits and defenses from his incredibly successful new book, "Hackers Beware." The inaugural offering of this on-the-road training opportunity will be in Washington DC, November 28, 2001 in conjunction with the CDI East Conference. The description of this course can be found at:

Why Do Your Own Data Migration?

Imagine your boss owns a 5000 square foot house and every room is full of old heavy hardwood antique furniture, irreplaceable artwork, expensive crystal, one-of-a-kind family heirlooms, and the like. Every piece in every room has a specific place, order and function for each room. If one piece were lost, broken, or misplaced it would throw the rest of the house out of order. Get the idea?

Now, your boss comes and tells you that you are personally responsible for moving EVERYTHING from that house to his NEW 5000 square foot home. He doesn?t care how you get it done just as long as nothing gets lost, broken, or misplaced along the way. We are talking about everything from the dining room table down to the little baggie of twist ties in the junk drawer in the kitchen under the microwave. And by the way, this move can?t happen during work hours of course.

Now. Let me ask you a question. Would you do it, or would you hire a professional mover? If your answer was ?Somebody get me the number to Two Guys and A Truck!? then let me ask you this:

Why do your own data migration?

Sunbelt Services System Engineers can handle your data migration for you. Let?s face it. Data migration is the one project that holds the most amount of liability attached to it. You want to make sure that it gets done right and secure as well as fast.

That is where our experienced staff comes in. Regardless of whether you are moving platforms or installing SANs, our professionals can get the job completely done, and done right. So give us a call. For more information contact:

Chad Kemmerlin
V.P. Services
Sunbelt Software, Inc
101 N. Garden Ave.
Clearwater, FL 33755
1-800-688-8404 Ext. 214
[email protected]


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Trying to find out if you are eligible for a retail WinXP upgrade package?
  • Ten IT Career Tips from a 30-year veteran who now is a CIO. Useful insights!
  • Here is a techie-site that has a bunch of good tips about upgrading to WinXP.

    Server+ Certification Training Guide

    Now that this is an elective for MCSA, get 35% percent discount on this puppy at the W2Knews BookClub! If you plan to get your Server+ certification, which measures essential competencies in advanced PC hardware issues such as RAID, SCSI, multiple CPUs, SANs, and much more, this Training Guide has what you need to pass.

    Elton Jernigan brings you an excellent resource that not only will help you pass the exam, but will also prove to be a handy, concise reference for managers and technicians who must select and implement hardware for network servers. You will benefit from his insight as a 27-year veteran of the IT industry.