Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Dec 20, 2001 (Vol. 6, #96 - Issue #331)
Wireless Server Control
This issue of W2Knews contains:
- EDITORS CORNER
- TECH BRIEFING
- Routers Are The New Cracker Target
- NT/2000 RELATED NEWS
- Triple Fix for IE
- Told You So, Holiday Virus Wreaks Havoc
- WinXP Sales Not That Fast
- NT/2000 THIRD PARTY NEWS
- Wireless Server Control
- Special Year End Price: Get Password Bouncer SE For 50% Off
- pcAnywhere Security Hole?
- Sunbelt Reseller Has Special
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Building Lego Mindstorm Robots
Let Marimba transform you into an IT Super Hero by helping to
reduce your IT support costs! Discover how Marimba's solutions
can reduce Help Desk call volume, simplify the delivery of anti-
virus updates, and effectively manage software license auditing and
W2K/XP Migrations. Attend our free seminar, "Reducing IT Support
Costs" and hear how our solutions are helping customers like
Charles Schwab and Herman Miller manage more with less.
Visit Marimba for more information.
Last 2001 Issue
To begin with, thanks for your referrals. This campaign started out
great. Please keep on going? We want more techie subscribers. And
here is this week's XBOX winner: Laura Barnes in Cincinnati, Ohio. She
was thrilled to bits. Want to play? Go all the way down this newsletter.
Click on your profile link. Complete the profile and propose three
colleagues. They will be sent an INVITATION, and not automatically
be subscribed. They will need to opt into W2Knews and complete their
own profiles. When they do, both you and them become eligible for an
XBOX -- every week!
Second, this is the last issue of the year. Your next full W2Knews
will arrive Thursday, Jan 3rd, 2002. And that will be the "Crystal
Ball" issue. You should have received our Season's Greeting by now,
but if you have not, have a wonderful time and a great 2002.
And now, I suggest you have a look at TWO brand new Wireless Server
Control products we are introducing in this issue. Keep on reading!
(email me with feedback: [email protected])
SPONSOR: NovaStor - Santa's Choice for Backup Software
Backup & Disaster Recovery for one server or an entire network.
Backup to HARD DISK as well as most Tape Devices?
Windows XP, 2000, NT, ME & 9x support?
NetWare 4.x, 5.x and 6.x support?
Plug-ins for Open Files, Exchange, SQL and others?
Save 20% - 50% on our web store and enter to win an XBOX today!
Visit NovaStor - Santa's Choice for Backup Software for more information.
Routers Are The New Cracker Target
Internet Week Mag has a very good article about the next cracker target:
Routers. They are getting bored with denial of service attacks and are
now digging deeper in your infrastructure. This kind of thing allows
them to divert large amounts of traffic into black holes. Not fun.
The vulnerability lies in the Border Gateway Protocol, which translates
routing tables from different vendors' equipment. BGP has been used in
commercial routers since 1994, and the security problems have been known
for at least two years, but experts say they're seeing more router break-
in kits being shared on Internet Relay Chat networks frequented by hackers.
The first and most important thing is to not to use default passwords to
administer your routers, a practice that's far too common. The full
article is on their website and recommended reading for this week!
NT/2000 RELATED NEWS
Triple Fix for IE
It may be overkill to tell you, but this latest IE patch is a MUST.
It was labeled "critical" label on Microsoft's new security rating
system. This cumulative patch repairs three new holes and all previous
issues that affect both IE versions 5.5 and 6.0. Read the bulletin and
GET that patch:
Told You So, Holiday Virus Wreaks Havoc
Two weeks ago I predicted that this would happen. Not so difficult
of course [grin]. Well here it is: A mass-mailer worm that appears
to offer New Year's greetings and a Christmas-related animation
actually deletes portions of the Windows operating system and is
spreading. The story over at ComputerWorld Mag.
WinXP Sales Not That Fast
The Wall Street Journal reported today that WinXP sales are lagging
behind the numbers for W98 when they came out. Up to now NPD TechWorld
(which tracks retail software sales) estimates that 250K WinXP copies
were sold retail in November, down from 400,000 in October. When you
compare that to W98 sales, the first and second month were 580K and
The obvious reason is that only at the most one third (but more likely
less than 25%) of the existing home PC's out there have the hardware
to run WinXP, so the sales to OEM-ers like Compaq, Dell and HP are way
more important. Microsoft said that retail sales are only 10% of their
total numbers. More sales will come through new PC's, but you're not
really going to buy one when you are worried about your job, are you
Anyway, WinXP is here to stay, and MS is still pretty upbeat about it
with good reason. Finally they can get rid of the old W9x code base
which was an incredible pain in the you know what from a support
THIRD PARTY NEWS
Wireless Server Control
We are introducing 2 new tools in this space. Why two? They overlap
but also cover areas the other doesn't. That way you can choose which
fits best with your needs. They are called StarAdmin and SonicAdmin.
Here they come:
StarAdmin ? Wireless Microsoft Enterprise Manager
StarAdmin is a Wireless Microsoft Enterprise Management suite which
gives you the ability to administer enterprise servers and networks
remotely, using a web-enabled wireless phone, PDA (PocketPC/Palm)
or RIM Wireless handheld. Simply put, StarAdmin puts the Microsoft
Management Console (MMC) and other networking tools where you need
them most ? in the palm of your hand, wherever you are. StarAdmin is
loaded with powerful features; here are just a few highlights:
Moreover, StarAdmin satisfies the following Corporate/Federal IT
criteria for remote control software:
- Server Administration: View Event Logs, Start/Stop Services,
View/Kill Processes, View/Move/Email Files, Launch Scripts and
Executables, Restart/Shutdown Servers, Windows Command Line Access
- User Account Management: Add Users, Change/Expire Passwords,
- SQL Server Administration: Create and administer all SQL Server
databases, objects, logins, users, and permissions. Configure,
define and execute all SQL Server administrative tasks.
- Network Administration: Ping, DNS Lookup, WhoIs, Traceroute
- Printer Administration: Restart or Reset Printers, Resubmit or
Remove Queued Print Jobs
- Multiple Domain Access ? A Single Installation of StarAdmin
manages your entire network
- Telnet Management / SSH ? Manage any Device Supporting Telnet/SSH,
Including Routers, Switches, Unix-OS Servers, and More
Try StarAdmin for yourself. Then imagine having this much control from
your phone or PDA while on the road or in your favorite restaurant.
Asking for a budget? Here are reasons you can use:
- Systems Administration: Using StarAdmin, you can monitor servers
and correct problems at any time of the day from any location.
StarAdmin?s features give you a high level of mobility, independence
- Help Desk: StarAdmin lets helpdesk staffs troubleshoot problems
without having to run all over the building.
- Managed Hosting Environment: StarAdmin is ideal for clients that
want to touch and feel their servers, even in a managed hosting
environment. For minor configuration changes or trouble resolution,
customers of hosting facilities can use StarAdmin to remotely manage
their own systems, without the time-consuming process of calling a
hosting facility support technician.
- Security: StarAdmin works with all commercially available encryption
and VPN clients.
- Improve customer service but cut cost at the same time
- Extend support to mobile Administrators = Significant savings on travel
- Faster problem resolution = Increased productivity
SonicAdmin - Never Go To Work Again
Managing servers and networks is vital to your job. It involves ongoing
vigilance, and fast response to problems - but it doesn't have to chain
you to any desk.
Wireless Network Management from the Palm of Your Hand
It's simple. When your systems are down, you are losing money.
SonicAdmin is a complete network and server administration utility that
allows you as a system admin or support workers to diagnose and repair
mission critical server and network problems 24 hours a day, 7 days a
week, from handheld wireless devices. SonicAdmin lets you keep your
systems up and productive.
- True RIM client - currently in beta: Release Date - January 21, 2001
- Does not require MS Internet Information Server
- Power management - cycle power to unresponsive hardware
- Out-of-Band wireless access via wireless or wired modem and RAS
- Secure Telnet to control Unix, Linux, Routers, & other devices
- Handheld software = better usability; no WAP performance/security
issues(no charge for handheld software)
- No agent software required on controlled servers/devices
- Highly secure
- Full Command Prompt/Shell interface for low level control, including
database, file, print server, e-mail management and more.
- Easy install and setup
Installation, scalability and setup
- Services and Server Processes: Monitor, start/stop, Kill, etc.
- Manage Network Users: Edit properties, passwords, add, delete,
boot, power cycle, run custom scripts and batch files
- Secure Telnet access to any telnet device including Unix, Linux and
VMS servers, or routers, switches, hubs, and more
- Control power to any external device including servers, switches,
routers, hubs, modems, lights and more
- Execute any command line instruction with full echo
- Control routers, hubs, print servers, Unix, Linux, other network devices
- Statistics: view uptime, CPU, disk usage, process count, SP versions etc.
SonicAdmin does not rely on inadequate WAP security but uses a multilayer
security model to ensure that your data and your network remains secure.
See the white paper. This tools is great for network and system administrators.
Having the ability to diagnose and fix network issues as they arise from
wherever you are is more than a convenience it is a business requirement.
If you have ever had to make an after hours mad dash to the office to reboot
a server you know how significant (and how great) it would be to be able to
do the same thing using a device that you can keep in your jacket pocket.
- A single installation of SonicAdmin can control all your servers,
even across multiple domains
- No need for MS Internet Information Server
- No need for third party VPN software
- No software agents to be installed on any of the managed servers
- No additional hardware is required. SonicAdmin is a low-overhead program
which can easily run on one of your existing servers
- Easy self-installing routine, GUI setup and configuration
- Supports NT 4.0 (WS + SV) W2K Pro + SV, and can control Linux, Unix,
- Supports Pocket PC devices (The RIM Blackberry client is currently in
beta and is scheduled for release January 2002.)
Here is the eval!
Special Year End Price: Get Password Bouncer SE For 50% Off
Password Bouncer Standard Edition for 50% off the first year.
Reference the special pricing code PGSE-YE50A when contacting
your Sunbelt Software representative or reseller.
Password Bouncer delivers stronger password enforcement than
Win2K/NT, by preventing users from selecting vulnerable passwords
that can be easily guessed or cracked by hackers. Passwords are
screened and validated against a 300,000-word English wordlist
and a 4,000-word proper noun wordlist in addition to highly
configurable password rules.
Allowing lax network logon password policies on your network is
the number one cause of network security violations. Simply put,
user passwords are the weakest link that hackers prey upon and
the most often neglected security hole. With the ever-increased
focus on Security issues now is the time to take proactive steps
to protect your company. Start defeating hackers today, and down-
load the free trial today, but get your orders in soon as possible
as this offer is for a limited time only.
pcAnywhere Security Hole?
A French Computer Magazine called Pirates Mag reported that Symantec,
the self-proclaimed "security expert" claims pcAnywhere is the #
1 remote-control package in sales. I would think that is true, if
you look at the market figures.
The mag made a bold claim though: "We doubt that Symantec clients
know that each time they use pcAnywhere anybody can get their password:
the second IP packet sent over the wire after the authentication process
contains the user name and password (each string starts with a '06'
byte followed by the number of characters and the 'encrypted' string
itself)! This encryption scheme, the default when you install the
product, is so sloppy that 10 lines of BASIC can break it in less
than a second:
Companies which trust Symantec may wonder why such a backdoor exists since
version 2.0 in all the versions of pcAnywhere. If they don't, we do. BTW,
the second encryption method available has been coded by a recognized
security expert: Microsoft. We wish good luck to Symantec clients."
- PRINT "Enter the pcAnywhere string to decrypt (username or password,
in hex bytes): "
- INPUT code$
- length = LEN(code$) / 2
- nb = VAL("&h") + LEFT$(code$, 2)) XOR &HAB
- plaintext$ = CHR$(nb)
- FOR count = 1 to length - 1
- nb = (VAL(&h" + MID$(code$, count*2+1, 2)) XOR VAL("&h" + MID$(code$, (count-1)*2+1, 2)) XOR (count-1) OR &H40
- plaintext$ = plaintext$ + CHR$(nb)
- PRINT "The secret word is: "; plaintext$
Our Comment: Whoa Nellie! I'd like some comment from Symantec about this.
We ran this code in house to try out the exploit, and there actually are
a few bugs in it that would need to be fixed. We ran this against pcAnywhere
V9.2, and conceptually it seems that this works. Link to the Pirates Site
Sunbelt Reseller Has Special
IT'S THE SEASON FOR GIVING!! And we're giving away a free X-Box
or 1 server license of Event Log Monitor software (your choice)
with any purchase of Update Expert over $5,000.00
UpdateEXPERT is a Windows® administration program that helps you
secure your systems by remotely managing service packs and
hotfixes. For those of you who may not need that much Update
Expert, just email us to find out which other products qualify.
This Week's Links We Like. Tips, Hints And Fun Stuff
User calls and asks: "I think I clicked something wrong...?" Wait for
ten seconds and an error message appears
Great link for those looking for project tracking software
Tweakers Asylum is a fun site for techies. Check out the Scott e-vest
PRODUCT OF THE WEEK
Building Lego Mindstorm Robots
Some Christmas fun this time around. This book is about building
robots using Lego bricks and components. In the first section of
the book they discuss why Lego is an ideal system to build them
The second section is about how to build a robot. Here they provide
a set of tools you need to explore the world of robotics. Some basic
knowledge about mechanics, motors, sensors, pneumatics, navigation,
and many tips and tricks. In Part III they start to face the tough
question, the one we actually would try to answer with this book:
"I got a Mindstorms kit, I have learnt how to use it, what do I