Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Feb 11, 2002 (Vol. 7, #12 - Issue #343)
Warning: IRS Audit Scam
This issue of W2Knews contains:
- EDITORS CORNER
- What Is Happening In IT?
- Warning: IRS Audit Scam
- TECH BRIEFING
- The Average Cost And Duration Of Unplanned Downtime
- NT/2000 RELATED NEWS
- Here Is A Security Site To Send Your Family To
- NT/2000 THIRD PARTY NEWS
- Secure Wireless Server Control: How To Foil "Whackers"?
- Aelita Pushes For A Multi-Forest Architecture. Why?
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Small Business Server 2000 Best Practices
FREE MANAGEABILITY eBOOK from NetIQ
Got systems management headaches? We've got your cure--read our
free eBook, "The Definitive Guide to Enterprise Manageability."
You'll learn how to get enterprise-class event and performance
management of your Windows and mixed IT environments.
Visit NetIQ for more information.
What Is Happening In IT?
This week's XBOX Winner gets the iGlasses as well. It's Phil Garoni,
a long time reader of W2Knews. Congrats Phil! How to win the weekly
XBOX? Scroll all the way down this newsletter, update your profile
and refer up to three friends.
And now, what is happening in IT at the moment? Lots of motion as
usual. Here are some snippets - Microsoft and the Government are
talking about modifying the settlement wording a bit - Oracle's
"unbreakable" advertising campaign was shot down in flames as a
bunch of vulnerabilities in their flagship database surfaced - SUN is covering its low end and starts selling Linux on Intel - HP and Compaq are going for a do-or-die shareholder vote in a few weeks - The Government and a Tech alliance start promoting home PC security - Just like AOL, SUN might sue MS for anticompetitive behavior - The Technology Of The Year vote was for XML with well
over 80 percent of the vote - The U.S. House passes a cybersecurity
research bill, and a whole lot more is happening.
In Microsoft Server Land, things are moving along as usual. They
see Linux as their biggest threat, and I think they are right. SUN
just decided to give away parts of Solaris to the open source
community and Red Hat said it was a good day for Linux. Personally
from a "market forces" perspective I see Linux eat more into the
existing Unix flavors than take business away from Microsoft.
However, one of our Techs here showed me an interesting config
he built: Red Hat running MS Terminal Server. Indistinguishable
from a windows-driven PC, and a possible choice for a thin client.
It is up to you guys to look at the application, the required
functionality, and find the best OS- and hardware platform to
run that on. Having some competition in the market keeps the
vendors on their toes and we'll all benefit.
Warning: IRS Audit Scam
I generally don't send out these notices, but this is so serious
that it's important that the general public be immediately informed.
The IRS Criminal Investigations Division recently sent out an
alert to law enforcement agencies regarding this scam. PLEASE READ
and FORWARD to others, so they might not be a victim of what could
seriously damage you financially.
Some taxpayers have received e-mails from a non-IRS source indicating
that the taxpayer is under audit and needs to complete a questionnaire
within 48 hours to avoid the assessment of penalties and interest.
The e-mail refers to an "e-audit" and references IRS form 1040. The
taxpayer is asked for social security numbers, bank account numbers
and other confidential information. The IRS does not conduct e-audits,
nor does it notify taxpayers of a pending audit via e-mail.
That e-mail is not from the IRS. Any e-mail received of this nature
should be saved so that a computer forensics investigation can be
conducted to determine the originator. Law enforcement personnel
should remain cognizant of this latest identity theft ploy. And this
social engineering exploit is not limited to the U.S.A. A criminal
in your country can also pull a scam like this. Be Warned! More info
at: [email protected] - Federal Law Enforcement Officers Association
(email me with feedback: [email protected])
SPONSOR: DOWNTIME PREVENTION
DISASTER WILL STRIKE, NOT IF... BUT WHEN?
2001 Best Seller Double-Take provides real-time (and open file) data
replication. You can use it for either High Availability and/or
Disaster Recovery. It is your main job to prevent downtime for NT and
W2K networks. Double-Take is the industry leading product that will help
you do just that. Because it is not a matter of "if" disaster strikes.
Fires, floods and other mayhem always happens when you least expect it.
Visit DOWNTIME PREVENTION for more information.
The Average Cost And Duration Of Unplanned Downtime
I thought you would like the results of a survey that was recently done
by GlobalContinuity.com. Their members were asked three questions:
Q1. How often unplanned downtime occurs for their most critical NT-based system?
A. Out of 147 respondents 49 percent experienced unplanned downtime to
their most critical NT system at least once per month. Of these, 31
percent said that downtime occurred once a month on average, 14.3
percent experienced downtime once a week and an unlucky 3.4 percent
saw daily downtime. A further 33 percent of the respondents experienced
downtime once a quarter.
Q2. On average, how long each unplanned downtime event lasts?
A. The majority (87 percent) of incidents were resolved within six hours, with 25 percent reporting that systems were operable again after less
than an hour and 34 percent up and running within two hours.
Q3. What unplanned downtime for this system costs per hour?
A. For comparative purposes we asked respondents to report the average
hourly cost of downtime to their organization in US dollars. The survey
found that for 22 percent of respondents downtime costs less than $1000
per hour; for 36 percent it costs between $1000 and $5000; 18 percent
reported that it costs between $5000 and $10000 and for 13 percent
downtime costs more than $10,000 per hour.
It is interesting to see that the Numbers 1 and 2 Best Selling tools
are both in the High Availability Tools category:
NT/2000 RELATED NEWS
Here Is A Security Site To Send Your Family To
All of us are the "Guru" the whole family descends on when they have
PC problems, right? Well, a bunch of high-tech outfits and the Feds
announced a new campaign to educate home computer users and small
businesses about ways to keep hackers and viruses at bay. The campaign
is called "Stay Safe Online" and of course it is all web-driven with
under the new .INFO banner:
If your relatives have "always on" DSL or cable modem connections, this
site is full of information and tips they can follow to protect the
security of their computers in a low cost way. Most of the home users
and small business do not have the security awareness they should have,
this site will help. Practically all home users are vulnerable to Net
threats since they do not adhere to all of the key practices that
protect their systems from attack.
Things like regularly updated anti-virus software, hard-to-guess passwords,
firewalls and other security practices are practically unknown in those
environments. This is a start to improve their awareness levels.
Alliance members include the FBI; Department of Defense, Federal
Trade Commission, Microsoft, Cisco, AT&T, AOL, and more than 30 others.
THIRD PARTY NEWS
Secure Wireless Server Control: How To Foil "Whackers"?
The issue of using wireless technology to improve your quality of
life and productivity seems to be popping up more and more. Early
adopters of wireless system admin utilities initially believed that
they would use the tool primarily for emergency response such as:
"I was out at a Microsoft seminar in the morning when the mail
server crashed. I was able to log in and cut the power to the server
and restore the power to cold boot the server without leaving the
And although for many of us, this is reason enough to have a
wireless solution available, more and more admins are finding that
we are using these tools in non-emergency situations just to improve
productivity and end user responsiveness:
"I was walking down the hall when the VP of Operations stopped me
and said that he had forgotten his password, and hadn't been able
to work all morning. He left a message on my voicemail, but I had
been working in the server room all morning and didn't get the
message. On the spot I reset his password using my Blackberry 857."
Consider the case of Wingenback Inc, a manufacturer of kiosks and
Automated Teller enclosures. Wingenback has one dedicated IT
manager: Mike Phipps. Mike is responsible for corporate systems
infrastructure and support. Wingenback's internal network consists
of 10 mission critical NT 4.0 servers combined with several routers
and switches. Mike is highly capable of dealing with network issues
as they arise, providing of course, that he is physically in the
office or in a location where he can easily access his system when
it happens. Mike's work requires him to be mobile, move between
sites, and this is in conflict with his support role.
Anyone that has had to deal with system issues knows that network
problems does not always adhere to an 8 to 5, Monday to Friday
schedule. Because Mike is the only person responsible for the
network it means that he must always be available and always be
prepared to drive to the office to deal with network issues. While
this situation is common for many organizations, it is less than
Mike chose to implement SonicAdmin from Sonic Mobility. Within
days of installation, he had the opportunity to really put the
solution to the test:
"I wanted to go to Comdex in Las Vegas and since I am the only
support person, I was a little nervous about going. What could I
do from Vegas even if I knew about a problem? SonicAdmin was the
answer. Not only did I go to Comdex but also while I was there I
received a call telling me that there was network problem.
SonicAdmin allowed me to fix the issue in only a few minutes using
my wireless iPaq. I was able to diagnose the problem and cycle
power to a locked up router to get it running smoothly again. With
that one incident alone, SonicAdmin was paid for".
But the biggest question that comes up when deciding to implement
a wireless solution is the inherent security (or lack) of a wireless
admin tool. Given the obviously critical nature, admins want to
know what security is built into the solution.
They don't want to hear that you rely on the security of your
wireless carrier, as "whackers" (the new term for 'wireless
hackers') have frequently proven this to be inadequate. They also
are leery of solutions that are driven by a web server, as these
solutions and their platforms are often targets for hackers.
Tools like SonicAdmin embed a robust high encryption native client
that make the large organizations sit up and take notice. Combining
that with expiring tokens to thwart war drivers and radio 'restreamers',
unique device signatures allowing only designated devices to access
the network, and much more makes wireless remote administration
suddenly a viable reality for security sensitive admins. Check:
Aelita Pushes For A Multi-Forest Architecture. Why?
As you already know, Microsoft issued a security bulletin two weeks
ago, concerning elevation of privilege attacks that are made possible
by the way domain trust relationships are handled in Windows 2000 and
NT. Aelita was instrumental in bringing this vulnerability to Microsoft's
attention. Aelita's has some recommendations for how companies can
help protect themselves. They created a white paper that outlines how
Aelita is encouraging companies to consider the SID filtering capabilities
that Microsoft released, but also is urging companies to strongly
consider a multi-forest architecture.
The Microsoft bulletin is located on their Web site at:
The Aelita white paper in HTML format is over here:
This Week's Links We Like. Tips, Hints And Fun Stuff
MS found a buffer overflow hole in Telnet. Good one to patch. Here it is:
Keep falling asleep in meetings, seminars and especially conference calls?
Here is a way to change all that (PDF):
Streaming thousands of movies from Taiwan in flagrant violation of copyright laws, just 1 buck a pop... Let's see how long this one stays in the air!
PRODUCT OF THE WEEK
Small Business Server 2000 Best Practices
Finally, the third-party Microsoft Small Business Server 2000
book that everyone has been waiting for. Based on shipping code
and written six months after the SBS 2000 release, this book is
packed with real world, detailed SBS 2000 topics. The planning,
setup, administration and management topics dominate the first
half of the book and include references to KBase articles, hard
learned workarounds and in-the-trenches best practices.