Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jan 7, 2002 (Vol. 7, #2 - Issue #333)
What Are The Current Admin Headaches?
This issue of W2Knews contains:
- EDITORS CORNER
- Welcome to 2002 / First New SunPoll
- TECH BRIEFING
- So, What Are The Current Admin Headaches?
- NT/2000 RELATED NEWS
- AOL Instant Messaging Hole Fixed
- First Major WinXP Hole Alert Revised
- Windows Migrations Progress Slowly
- NT/2000 THIRD PARTY NEWS
- Release of SecureIIS version 1.2.4
- How A System Admin Monitors His Network And Security
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Consumer's Guide to Cell Phones & Wireless Service
SPONSOR: Issues in Storage Management
IS YOUR STORAGE MANAGING YOU?
Storage is growing exponentially, but new technologies designed
to help you scale for growth offer few management tools. Who's
using it? How much? What is it? Who's paying for it? How do you
manage it? NTP's End-To-End SRM drastically reduces storage TCO.
You automate allocation, reporting, and cross-charge through a
single, policy- based management interface.
Visit Issues in Storage Management for more information.
Welcome to 2002 / First New SunPoll
The year has started well! The stock markets were very strong the
first few days and that generally sets the tone for the rest of
the year, a statistical market expert tells me. Which means higher
consumer confidence, economy perking up and general business
conditions that improve. We can use some of that for sure.
And here is your first SunPoll of 2002:
Q: Now that the new Microsoft Certified System Administrator
option has come available, are you going for that certification?
You can vote here, leftmost column, and immediately see what your
colleagues are planning:
- Naah, I'm still upset with Microsoft.
- Perhaps, when I get time for that.
- I'm sure I'm going to do that in 2002.
- Absolutely! I'm already cramming for the exams.
This week's winner of the Refer A Friend Campaign is Marty Stenuis
([email protected]) of Akibia, a CRM Consulting and IT support
services company outside Boston, Mass. He's getting his XBOX by
(email me with feedback: [email protected])
SPONSOR: Win An XBOX
W2Knews would love more techie subscribers. And referring your friends
may get you an XBOX! Want to play? Click on the link that gets you to
your profile. Complete the profile and propose up to three colleagues.
They will be sent a one-time INVITATION, (not auto-subscribed). They
will need to opt into W2Knews. When they do, both you and them become
eligible for an XBOX -- every week! Here is the link, click and win:
Visit Win An XBOX for more information.
So, What Are The Current Admin Headaches?
Just this week we asked over 5,000 front line, in the trenches system
admins what their major problems are at the moment, but also where they
are able to get budget for. Sunbelt regularly does this survey and then
reports back to the community what the current status is. Here are the
items we surveyed. The respondees rated the issues from 1 to 10, where
1 represents "No Problem" and 10 represents "I don't sleep at night
Network Security 7-9
Disaster Recovery 7-8
Storage Management 5
User Administration 3-5
System Administration 5
W2K & AD migration 7-8
Exchange Management 1
Next, they were asked: Now please indicate what areas you are able to get
budget for in 2002. Please assign a rating on a scale from 1 to 10, where
1 represents "no budget" and 10 represents "I can buy whatever I want".
Network Security 5-7 (last year this was only a 5)
Disaster Recovery 5-7 (last year this was only a 5)
Storage Management 3-5
User Administration 1-3
System Administration 3-5
W2K & AD migration 1
Exchange Management 1
Two more questions remained: How bad is it with the lack of manpower in
your IT department at the moment? Please assign a rating on a scale from
1 to 10, where 1 represents "no problem" and 10 represents "everyone is
working 80 hours a week". The result was heavily tilted toward 7-8.
The last multiple choice question was: "How important is it at the moment
to show "Return On Investment" to your management for admin tools you want
to purchase? Please assign a rating on a scale from 1 to 10, where 1
represents "they never ask the question" and 10 represents "means you need
to jump through 3 burning hoops to get a lousy thousand bucks approved".
This varied wildly. It is apparently heavily depending on the different
sections of industry as 5, as well as 7-8 and 10 were strong in the votes.
The upshot was that compared to last survey in 2001, both network security
and disaster recovery were a bigger problem, but budgets now were way
easier to get compared to last year. Migration is a major headache,
but budgets are hard to come by. IDC just said that IT budgets are going
to grow 3% this year, and more in the years after. Well, now you know
where these budget dollars are going to!
NT/2000 RELATED NEWS
AOL Instant Messaging Hole Fixed
Most of us were hesitant, and more than a little skeptical about the
security of these instant messaging applications that sprung out of
nowhere like mushrooms last year. Well, two days after AOL announced
there was a big hole in its IM app, they announced they fixed the
The vulnerability allowed attackers to use the shared game-invitation
feature of AIM to attack and run code on target systems running it.
The problem was fixed when AOL made changes to its servers early
Thursday. AIM users to not need to patch their own systems though,
as the problem was solved on the server side. Careful with that
IM-stuff is the message!
First Major WinXP Hole Alert Revised
It was all over the news during Christmas, even CNN was running this
story. Universal Plug-and-Play in WinXP suffers from a Buffer Overflow
vulnerability. Even the FBI got involved and put out a general alert
regarding the UPNP-hole. They initially said to shut down UPNP all
together, but now they said it's better to run the MS patch. If you
have not done so yet, you should definitely deploy it. It's not just
WinXP either. Here is the right page on the Microsoft Support Site:
Windows Migrations Progress Slowly
ENT reported that IDC just published new research. What they did not
say is that IDC did that with W2Knews. This is just a snippet, but
you will get the real deal from IDC in three of the coming W2Knews
issues! Here goes:
"Dragging your feet on a Windows 2000 server deployment? You're not
alone, according to a new study from market researchers at IDC.
Rolling out the Windows 2000 Active Directory continues to serve
as a major roadblock for organizations in getting to Windows 2000,
and that new directory service technology may be keeping those
organizations from even considering moves to subsequent operating
systems such as Windows XP clients and the forthcoming Windows .NET
servers, IDC found in a survey of more than 300 IT managers.
THIRD PARTY NEWS
Release of SecureIIS version 1.2.4
This latest version of IIS application firewall incorporates various
bug fixes to the product and the product installer. If you run SecureIIS,
please take the time to install this latest version in order to avoid
some possible minor interface issues. If you do not run it yet, this is
a really good time to download it and protect your webservers.
What's new in SecureIIS v1.2.4?
- Licensing mechanism now supports multi-byte operating systems. This
solves the problem when launching on Japanese, Korean and Chinese
- Language resources will now properly default back to English when
localized versions are not found.
- Selecting "Enable FrontPage Server Extensions" now properly adjusts
other settings after an upgrade from 1.2.1.
- Installer now checks to verify that a previous version of the config
shell is not currently running before installing.
- Installer removes unnecessary 1.2.1 files during upgrade install.
- Installer deletes existing INSTALL.LOG file, which was causing users
who upgraded and then uninstalled to have their profiles deleted.
How A System Admin Monitors His Network And Security
As an administrator, I am constantly reviewing my NT 4 Server for
irregularities. While my network is small, I have the sole responsibility
of ensuring the data contained within is kept secure. In an attempt to
thwart would be attacks, I have invested in a firewall, some generic
security seminars through SANS and ensure our virus software is up to
date with weekly releases and an automated deployment. In order to
successfully support clients, I determined that accessibility to the
server and email remotely via 3rd party applications was a major
requirement. This opens up the network to potential hackers through
easily compromised operating systems.
While making every effort to close published holes in the operating
system and keep up with various news lists to ensure threats are
handled in a timely fashion, the bottom line is that if something
strange shows up in my logs, it has been a manual process to identify.
I have installed ELM 2.0 Enterprise Edition on the server and set
up rules that when specific events are triggered, I'm immediately
notified with the contents of the error.
During the business day when I'm at client offices, if someone were
to attempt to use my SMTP server as a relay agent or a mass mailer
worm were to infiltrate my Exchange server, I'm notified via pager
immediately so I may respond and resolve. Based on the ease of use
and customizable notification methods, I have also started to monitor
my clients' external routers, SMTP servers and HTTP services.
-- Steve Clark, Clark Systems Support, www.clarksupport.com --
Try ELM out yourself. The new V3.0 will come out in a few weeks but
if you buy now, you can still pay the old price as V3 is going up
This Week's Links We Like. Tips, Hints And Fun Stuff
Quite entertaining interesting war stories of the early days of computing
IDC, one of the industry's main analysts made their own Top 10 predictions
MCSA becomes a live title in January 2002. Article on the MCPmag Site
PRODUCT OF THE WEEK
Consumer's Guide to Cell Phones & Wireless Service
Now, why a book like this that has nothing to do with NT/W2K?
Many of you are going to a PDA/Cell phone combo this year, and
need a new services plan. I have found this book to be very
useful, as it can save you dozens of dollars per month. It was
written by the people that created the getconnected.com site.
Here is their pitch:
Consumers are paying between 50% and 500% too much every month
for the services that keep them in touch, in tune, and informed.
Why would anyone pay $.30 per minute for long distance when they
could pay just $.05? The answer is because there has not been a
good way to determine the correct services based on the way YOU
use your wireless phone. You will learn how to choose:
And you will learn what questions to ask:
- a wireless phone and service
- the right roaming options
- the best accessories
- between local, regional, and national plans
Check it out over at Amazon.com:
- Who has the best quality of service?
- What types of special deals and promotions are available?
- What services are available to me?
- What services can I get from third parties?