- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Feb 4, 2002 (Vol. 7, #10 - Issue #341)
Pushing Patches
  This issue of W2Knews™ contains:
    • "Refer A Friend" Program Works Great
    • New W2K Security Rollup Package
    • New Windows Based Home Automation List Server
    • 79 Percent Increase Cyber Attacks
    • Event Archiver Enterprise 3.5.63 Now Available
    • HFNETCHKPRO Now Pushes Patches
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Windows 2000 Security
  SPONSOR: PentaSafe
Is Your IT Security Program Including A Combination Of People,
Policies And Technology?
PentaSafe provides you with unsurpassed
multiplatform vulnerability assessment and intrusion detection
technology, and also gives you solutions that help you more
effectively manage and implement security policies and awareness --
all from a central point of control. (and HIPAA compliance in a box)
Fill out the form to get the web-demo:
Visit PentaSafe for more information.

"Refer A Friend" Program Works Great

Thanks to all of you for referring your friends to W2Knews. The program has really taken off, so we're upping the ante this week. Next week's winner gets an XBOX and a set of iGlasses if they win. (iGlasses are a personal home theater system, that creates a large screen that seems to float 6 feet away). We tested it here in Sunbelt and they are pretty cool. Careful, don't get motion sickness [grin].

The winner this week is Skip Peterson in Trenton, NJ. Congrats to Skip!

How to Refer A Friend? Go to your Profile, fill it out, and enter three email addresses of friends that might be interested. They will be sent an invitation to join the list. When they join they must also fill out their profile for both of you to be eligible. Here is the link:

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

2001 Best Seller Double-Take provides real-time (and open file) data
replication. You can use it for either High Availability and/or
Disaster Recovery. It is your main job to prevent downtime for NT and
W2K networks. Double-Take is the industry leading product that will help
you do just that. Because it is not a matter of "if" disaster strikes.
Fires, floods and other mayhem always happens when you least expect it.
Visit DOWNTIME PREVENTION for more information.

New W2K Security Rollup Package

Almost all IT press mentioned this week that Wednesday a new Security Rollup pack was released. It includes the latest fix for the domain trust vulnerability that was announced a few hours earlier. This puppy is called SRP1 and Scott Culp, manager of the MS Security Response Center, said SRP1 includes 44 fixes. You get all the security fixes since Service Pack 2 with this pack, so it's a cumulative pack. But it does require SP2 to be installed.

I strongly recommend you get and apply this Security Rollup, since it seems to take them a bit longer than expected to get SP3 ready. All this stuff would (should) be in SP3 too, but you don't want to have 44 holes uncovered. The first experiences with it are relatively good. But as always, TEST, TEST, and TEST. Always make sure you can roll back if you have to. You'll find it here:


New Windows Based Home Automation List Server

Windows NT/2000 and XP will be used as a server in a home automation environment more and more. It is a special use, and comes with its own challenges and interesting solutions. Want to discuss this with other hobbyists, professionals and pioneers? Sunbelt has created a new list server where you can discuss this stuff in detail.

What does that include?
Anything you can think of (tools, scripts, hints and tips, exchanging of knowledge and experience, suggestions to solve problems, compatibility issues) to make home automation run better in your environment.


  • Discuss home automation problems and/or workarounds, how to, what to, why to, type questions
  • Discuss third-party home automation products
  • In short: ON TOPIC, LOW NOISE, and FRIENDLY!
  • Discuss Windows '95/98/NT/2000/XP general operating system problems. Use the Sunbelt ntsysadmin list for that.
  • Post large articles to the list, web pages were made for that. Send a link with the URL! We prefer no HTML posts.
  • Generate noise, voice your upset, flame, or make inflammatory remarks. Save that for offline or better yet, do not do it at all.
Please read the List Charter after you have subscribed. As you see, this gives you a very wide range of topics to discuss in a fun environment. Sunbelt hopes that the list proves useful to you.

79 Percent Increase Cyber Attacks

It was about time someone did this.

Riptech, a so called "Managed Security Provider, just last week released a report revealing that the rate of cyber attacks has increased by 79 percent in the last six months. They came out with their Internet Security Threat Report, which they say is the first report to actually present cyber attack trends based on the empirical analysis of actual cyber attacks detected against a global sample of security devices.

According to their report, the rate of attack activity increased by 79 percent between July and December 2001, with a substantial percent of attacks (39 percent) targeted at a specific organization. A small number of nations were the source of the vast majority of the attacks: U.S. (30 percent), South Korea (9 percent), China (8 percent). Interestingly, after adjusting for the number of Internet users in each country, the intensity of attacks from Israel was nearly double the attack intensity rate of any other individual country.

Riptech also found that different industries suffered significantly different rates of attack intensity and severity. High tech, financial services, media/entertainment, and power and energy experienced the highest number of attacks per company, each averaging more than 700 attacks per company over the past six months. However, the power and energy industry suffered the most, with companies in that industry being subjected to severe attacks at a rate that was over twice the mean of all companies in the sample set.

Attack intensity and intent varied moderately based on company size, and differed significantly based on ownership type. Companies with 500 or more employees suffered at least 50 percent more attacks per company than companies with less than 500 employees. Public companies suffered approximately twice the number of attacks per company as private and nonprofit companies. The Internet Security Threat Report is based on a sample set of over 300 companies in more than 25 countries.

Getting the holes fixed in your environment is no longer a luxury item but as necessary as taking a shower on a regular basis. Here's a tool:

Event Archiver Enterprise 3.5.63 Now Available

More and more, it seems like security admins spend a whole lot of time on external intrusion detection at the peril of internal network security. This is like putting 5 different deadbolts on your front door but leaving your back door wide open with a welcome sign outstretched. Who in your organization is looking out for employees stealing data or rogue admins modifying elements of your NT/2000 domain? Who is auditing your internal networks for threats from within?

Event Archiver, by Dorian Software Creations, Inc, lets you roll out the level of auditing required to adequately secure a W2K/NT network. Use its wizards to quickly deploy uniform audit policies and log settings to member servers and workstations, regardless of whether or not your organization has deployed AD and Group Policy. Let it automatically collect and consolidate your event log data on your schedule in the data format of your choosing. Configure it to run as a central collection station without clients on remote machines, or install it individually on isolated machines in workgroups or DMZs.

New Features in V3.5.63:

  • Event Archiver now supports monthly archiving, in addition to daily, weekly, and file size based archiving
  • A user-definable "log fullness" definition has been added, so you can control when a log is archived based on its file size
  • Utilizes Windows Installer technology for super easy installations on Windows NT/2000 machines, and now can be scripted for unattended installations
Customer Testimonials:

"We've had nothing but positive results with the product and we love it"
Sherry - Event Archiver customer with the U.S. Military

"Event Archiver is still going strong, archiving 3 GB of logs a week to SQL 7.0, and has performed without error"
Danny - Event Archiver Customer with a U.K. media company

"Event Archiver is a great product for archiving multiple Win2K and NT systems? event logs"
Windows 2000 Magazine, October 2001

Find out yourself why Event Archiver is the auditing tool of choice for so many U.S. government agencies, defense department networks, and large and small corporations worldwide. Click here to download your free evaluation copy.

HFNETCHKPRO Now Pushes Patches

Scanning, analyzing and pushing patches is getting more and more important. The new HFNETCHKPRO (included in the Shavlik Admin Suite) features in the area of Patch Pushing are:

  • Detailed error logging and displaying
  • Scheduled updates
  • Connected User notification of patch installation
  • Remote shutdown and restart of SQL and IIS to assure quality updates
  • Support machines that are not running the Scheduler
  • Log events to allow for tracing and reporting
  • Support the RunOnceEx setting to allow for controlled installation
  • Emergency server shutdown support to quarantine virus attack
  • Advanced patch copy
  • Full reporting and tracking using and open database
Other features:
  • Advanced GUI with search and scan engine that allows users to only look for the computer types they want to check for including IIS, SQL and others.
  • Uses a full relational to database for scan history and full analysis and reporting
  • IP look up on NT systems to allow for range scanning form NT desktops
  • International support
  • Input Files for the creating of robust batch files
  • Advanced IP lookup and scanning to find all the computers on your network
  • Workgroup and OU support
  • HTML and XML output for custom application integration
  • Directory Services Support
Check it out at:

This Week's Links We Like. Tips, Hints And Fun Stuff

  • No more dang noise from a multitude of fans in those PC's. Nice if it works.
  • Microsoft taps former DOJ cybercop for their top security slot. Article:
  • Nope, I'm not kidding you. Someone built a working DAT tape loader from Lego's.

    Windows 2000 Security

    Bored hackers looking for a new playground. Digital marauders destroying a carefully planned network infrastructure. These and other security nightmares keep network administrators awake at night. Knowledge is the best way to combat these fears, and Windows 2000 Security does its part to help you protect your systems against intruders. The book speaks to an audience of network administrators and support personnel. Previous knowledge of Windows 2000 and Active Directory is recommended, but not required, to find this book useful.