- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jan 7, 2002 (Vol. 7, #2 - Issue #333)
What Are The Current Admin Headaches?
  This issue of W2Knews™ contains:
    • Welcome to 2002 / First New SunPoll
    • So, What Are The Current Admin Headaches?
    • AOL Instant Messaging Hole Fixed
    • First Major WinXP Hole Alert Revised
    • Windows Migrations Progress Slowly
    • Release of SecureIIS version 1.2.4
    • How A System Admin Monitors His Network And Security
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Consumer's Guide to Cell Phones & Wireless Service
  SPONSOR: Issues in Storage Management
Storage is growing exponentially, but new technologies designed
to help you scale for growth offer few management tools. Who's
using it? How much? What is it? Who's paying for it? How do you
manage it? NTP's End-To-End SRM drastically reduces storage TCO.
You automate allocation, reporting, and cross-charge through a
single, policy- based management interface.
Visit Issues in Storage Management for more information.

Welcome to 2002 / First New SunPoll

Hi All,

The year has started well! The stock markets were very strong the first few days and that generally sets the tone for the rest of the year, a statistical market expert tells me. Which means higher consumer confidence, economy perking up and general business conditions that improve. We can use some of that for sure.

And here is your first SunPoll of 2002:

Q: Now that the new Microsoft Certified System Administrator option has come available, are you going for that certification?

  1. Naah, I'm still upset with Microsoft.
  2. Perhaps, when I get time for that.
  3. I'm sure I'm going to do that in 2002.
  4. Absolutely! I'm already cramming for the exams.
You can vote here, leftmost column, and immediately see what your colleagues are planning:

This week's winner of the Refer A Friend Campaign is Marty Stenuis ([email protected]) of Akibia, a CRM Consulting and IT support services company outside Boston, Mass. He's getting his XBOX by 2-day air!

Warm regards,

Stu Sjouwerman
(email me with feedback: [email protected])

W2Knews would love more techie subscribers. And referring your friends
may get you an XBOX! Want to play?
Click on the link that gets you to
your profile. Complete the profile and propose up to three colleagues.
They will be sent a one-time INVITATION, (not auto-subscribed). They
will need to opt into W2Knews. When they do, both you and them become
eligible for an XBOX -- every week! Here is the link, click and win:
Visit Win An XBOX for more information.

So, What Are The Current Admin Headaches?

Just this week we asked over 5,000 front line, in the trenches system admins what their major problems are at the moment, but also where they are able to get budget for. Sunbelt regularly does this survey and then reports back to the community what the current status is. Here are the items we surveyed. The respondees rated the issues from 1 to 10, where 1 represents "No Problem" and 10 represents "I don't sleep at night worrying". Results:

Network Security      7-9
Disaster Recovery     7-8    
Storage Management    5
User Administration   3-5
System Administration 5
W2K & AD migration    7-8
Exchange Management   1
Other                 1
Next, they were asked: Now please indicate what areas you are able to get budget for in 2002. Please assign a rating on a scale from 1 to 10, where 1 represents "no budget" and 10 represents "I can buy whatever I want". Results:

Network Security      5-7 (last year this was only a 5)
Disaster Recovery     5-7 (last year this was only a 5)   
Storage Management    3-5
User Administration   1-3
System Administration 3-5
W2K & AD migration    1
Exchange Management   1
Other                 1

Two more questions remained: How bad is it with the lack of manpower in your IT department at the moment? Please assign a rating on a scale from 1 to 10, where 1 represents "no problem" and 10 represents "everyone is working 80 hours a week". The result was heavily tilted toward 7-8.

The last multiple choice question was: "How important is it at the moment to show "Return On Investment" to your management for admin tools you want to purchase? Please assign a rating on a scale from 1 to 10, where 1 represents "they never ask the question" and 10 represents "means you need to jump through 3 burning hoops to get a lousy thousand bucks approved". This varied wildly. It is apparently heavily depending on the different sections of industry as 5, as well as 7-8 and 10 were strong in the votes.

The upshot was that compared to last survey in 2001, both network security and disaster recovery were a bigger problem, but budgets now were way easier to get compared to last year. Migration is a major headache, but budgets are hard to come by. IDC just said that IT budgets are going to grow 3% this year, and more in the years after. Well, now you know where these budget dollars are going to!


AOL Instant Messaging Hole Fixed

Most of us were hesitant, and more than a little skeptical about the security of these instant messaging applications that sprung out of nowhere like mushrooms last year. Well, two days after AOL announced there was a big hole in its IM app, they announced they fixed the problem.

The vulnerability allowed attackers to use the shared game-invitation feature of AIM to attack and run code on target systems running it. The problem was fixed when AOL made changes to its servers early Thursday. AIM users to not need to patch their own systems though, as the problem was solved on the server side. Careful with that IM-stuff is the message!

First Major WinXP Hole Alert Revised

It was all over the news during Christmas, even CNN was running this story. Universal Plug-and-Play in WinXP suffers from a Buffer Overflow vulnerability. Even the FBI got involved and put out a general alert regarding the UPNP-hole. They initially said to shut down UPNP all together, but now they said it's better to run the MS patch. If you have not done so yet, you should definitely deploy it. It's not just WinXP either. Here is the right page on the Microsoft Support Site:

Windows Migrations Progress Slowly

ENT reported that IDC just published new research. What they did not say is that IDC did that with W2Knews. This is just a snippet, but you will get the real deal from IDC in three of the coming W2Knews issues! Here goes: "Dragging your feet on a Windows 2000 server deployment? You're not alone, according to a new study from market researchers at IDC. Rolling out the Windows 2000 Active Directory continues to serve as a major roadblock for organizations in getting to Windows 2000, and that new directory service technology may be keeping those organizations from even considering moves to subsequent operating systems such as Windows XP clients and the forthcoming Windows .NET servers, IDC found in a survey of more than 300 IT managers.


Release of SecureIIS version 1.2.4

This latest version of IIS application firewall incorporates various bug fixes to the product and the product installer. If you run SecureIIS, please take the time to install this latest version in order to avoid some possible minor interface issues. If you do not run it yet, this is a really good time to download it and protect your webservers.

What's new in SecureIIS v1.2.4?

  • Licensing mechanism now supports multi-byte operating systems. This solves the problem when launching on Japanese, Korean and Chinese operating systems.
  • Language resources will now properly default back to English when localized versions are not found.
  • Selecting "Enable FrontPage Server Extensions" now properly adjusts other settings after an upgrade from 1.2.1.
  • Installer now checks to verify that a previous version of the config shell is not currently running before installing.
  • Installer removes unnecessary 1.2.1 files during upgrade install.
  • Installer deletes existing INSTALL.LOG file, which was causing users who upgraded and then uninstalled to have their profiles deleted.
Download: http://www.w2knews.com/rd/rd.cfm?id=020107TP-SecureIIS

How A System Admin Monitors His Network And Security

As an administrator, I am constantly reviewing my NT 4 Server for irregularities. While my network is small, I have the sole responsibility of ensuring the data contained within is kept secure. In an attempt to thwart would be attacks, I have invested in a firewall, some generic security seminars through SANS and ensure our virus software is up to date with weekly releases and an automated deployment. In order to successfully support clients, I determined that accessibility to the server and email remotely via 3rd party applications was a major requirement. This opens up the network to potential hackers through easily compromised operating systems.

While making every effort to close published holes in the operating system and keep up with various news lists to ensure threats are handled in a timely fashion, the bottom line is that if something strange shows up in my logs, it has been a manual process to identify. I have installed ELM 2.0 Enterprise Edition on the server and set up rules that when specific events are triggered, I'm immediately notified with the contents of the error.

During the business day when I'm at client offices, if someone were to attempt to use my SMTP server as a relay agent or a mass mailer worm were to infiltrate my Exchange server, I'm notified via pager immediately so I may respond and resolve. Based on the ease of use and customizable notification methods, I have also started to monitor my clients' external routers, SMTP servers and HTTP services.

-- Steve Clark, Clark Systems Support, www.clarksupport.com --

Try ELM out yourself. The new V3.0 will come out in a few weeks but if you buy now, you can still pay the old price as V3 is going up in price.


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Quite entertaining interesting war stories of the early days of computing
  • IDC, one of the industry's main analysts made their own Top 10 predictions
  • MCSA becomes a live title in January 2002. Article on the MCPmag Site

    Consumer's Guide to Cell Phones & Wireless Service

    Now, why a book like this that has nothing to do with NT/W2K? Many of you are going to a PDA/Cell phone combo this year, and need a new services plan. I have found this book to be very useful, as it can save you dozens of dollars per month. It was written by the people that created the getconnected.com site. Here is their pitch:

    Consumers are paying between 50% and 500% too much every month for the services that keep them in touch, in tune, and informed. Why would anyone pay $.30 per minute for long distance when they could pay just $.05? The answer is because there has not been a good way to determine the correct services based on the way YOU use your wireless phone. You will learn how to choose:

    • a wireless phone and service
    • the right roaming options
    • the best accessories
    • between local, regional, and national plans
    And you will learn what questions to ask:
    • Who has the best quality of service?
    • What types of special deals and promotions are available?
    • What services are available to me?
    • What services can I get from third parties?
    Check it out over at Amazon.com: