- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Feb 11, 2002 (Vol. 7, #12 - Issue #343)
Warning: IRS Audit Scam
  This issue of W2Knews™ contains:
    • What Is Happening In IT?
    • Warning: IRS Audit Scam
    • The Average Cost And Duration Of Unplanned Downtime
    • Here Is A Security Site To Send Your Family To
    • Secure Wireless Server Control: How To Foil "Whackers"?
    • Aelita Pushes For A Multi-Forest Architecture. Why?
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Small Business Server 2000 Best Practices
Got systems management headaches? We've got your cure--read our
free eBook, "The Definitive Guide to Enterprise Manageability."
You'll learn how to get enterprise-class event and performance
management of your Windows and mixed IT environments.
Register now!
Visit NetIQ for more information.

What Is Happening In IT?

Hi All,

This week's XBOX Winner gets the iGlasses as well. It's Phil Garoni, a long time reader of W2Knews. Congrats Phil! How to win the weekly XBOX? Scroll all the way down this newsletter, update your profile and refer up to three friends.

And now, what is happening in IT at the moment? Lots of motion as usual. Here are some snippets - Microsoft and the Government are talking about modifying the settlement wording a bit - Oracle's "unbreakable" advertising campaign was shot down in flames as a bunch of vulnerabilities in their flagship database surfaced - SUN is covering its low end and starts selling Linux on Intel - HP and Compaq are going for a do-or-die shareholder vote in a few weeks - The Government and a Tech alliance start promoting home PC security - Just like AOL, SUN might sue MS for anticompetitive behavior - The Technology Of The Year vote was for XML with well over 80 percent of the vote - The U.S. House passes a cybersecurity research bill, and a whole lot more is happening.

In Microsoft Server Land, things are moving along as usual. They see Linux as their biggest threat, and I think they are right. SUN just decided to give away parts of Solaris to the open source community and Red Hat said it was a good day for Linux. Personally from a "market forces" perspective I see Linux eat more into the existing Unix flavors than take business away from Microsoft. However, one of our Techs here showed me an interesting config he built: Red Hat running MS Terminal Server. Indistinguishable from a windows-driven PC, and a possible choice for a thin client.

It is up to you guys to look at the application, the required functionality, and find the best OS- and hardware platform to run that on. Having some competition in the market keeps the vendors on their toes and we'll all benefit.

Warning: IRS Audit Scam

I generally don't send out these notices, but this is so serious that it's important that the general public be immediately informed. The IRS Criminal Investigations Division recently sent out an alert to law enforcement agencies regarding this scam. PLEASE READ and FORWARD to others, so they might not be a victim of what could seriously damage you financially.

Some taxpayers have received e-mails from a non-IRS source indicating that the taxpayer is under audit and needs to complete a questionnaire within 48 hours to avoid the assessment of penalties and interest. The e-mail refers to an "e-audit" and references IRS form 1040. The taxpayer is asked for social security numbers, bank account numbers and other confidential information. The IRS does not conduct e-audits, nor does it notify taxpayers of a pending audit via e-mail.

That e-mail is not from the IRS. Any e-mail received of this nature should be saved so that a computer forensics investigation can be conducted to determine the originator. Law enforcement personnel should remain cognizant of this latest identity theft ploy. And this social engineering exploit is not limited to the U.S.A. A criminal in your country can also pull a scam like this. Be Warned! More info at: [email protected] - Federal Law Enforcement Officers Association

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

2001 Best Seller Double-Take provides real-time (and open file) data
replication. You can use it for either High Availability and/or
Disaster Recovery. It is your main job to prevent downtime for NT and
W2K networks. Double-Take is the industry leading product that will help
you do just that. Because it is not a matter of "if" disaster strikes.
Fires, floods and other mayhem always happens when you least expect it.
Visit DOWNTIME PREVENTION for more information.

The Average Cost And Duration Of Unplanned Downtime

I thought you would like the results of a survey that was recently done by GlobalContinuity.com. Their members were asked three questions:

Q1. How often unplanned downtime occurs for their most critical NT-based system?

A. Out of 147 respondents 49 percent experienced unplanned downtime to their most critical NT system at least once per month. Of these, 31 percent said that downtime occurred once a month on average, 14.3 percent experienced downtime once a week and an unlucky 3.4 percent saw daily downtime. A further 33 percent of the respondents experienced downtime once a quarter.

Q2. On average, how long each unplanned downtime event lasts?

A. The majority (87 percent) of incidents were resolved within six hours, with 25 percent reporting that systems were operable again after less than an hour and 34 percent up and running within two hours.

Q3. What unplanned downtime for this system costs per hour?

A. For comparative purposes we asked respondents to report the average hourly cost of downtime to their organization in US dollars. The survey found that for 22 percent of respondents downtime costs less than $1000 per hour; for 36 percent it costs between $1000 and $5000; 18 percent reported that it costs between $5000 and $10000 and for 13 percent downtime costs more than $10,000 per hour.

It is interesting to see that the Numbers 1 and 2 Best Selling tools are both in the High Availability Tools category:


Here Is A Security Site To Send Your Family To

All of us are the "Guru" the whole family descends on when they have PC problems, right? Well, a bunch of high-tech outfits and the Feds announced a new campaign to educate home computer users and small businesses about ways to keep hackers and viruses at bay. The campaign is called "Stay Safe Online" and of course it is all web-driven with under the new .INFO banner:

If your relatives have "always on" DSL or cable modem connections, this site is full of information and tips they can follow to protect the security of their computers in a low cost way. Most of the home users and small business do not have the security awareness they should have, this site will help. Practically all home users are vulnerable to Net threats since they do not adhere to all of the key practices that protect their systems from attack.

Things like regularly updated anti-virus software, hard-to-guess passwords, firewalls and other security practices are practically unknown in those environments. This is a start to improve their awareness levels.

Alliance members include the FBI; Department of Defense, Federal Trade Commission, Microsoft, Cisco, AT&T, AOL, and more than 30 others.


Secure Wireless Server Control: How To Foil "Whackers"?

The issue of using wireless technology to improve your quality of life and productivity seems to be popping up more and more. Early adopters of wireless system admin utilities initially believed that they would use the tool primarily for emergency response such as:

  • "I was out at a Microsoft seminar in the morning when the mail server crashed. I was able to log in and cut the power to the server and restore the power to cold boot the server without leaving the seminar."

    And although for many of us, this is reason enough to have a wireless solution available, more and more admins are finding that we are using these tools in non-emergency situations just to improve productivity and end user responsiveness:

  • "I was walking down the hall when the VP of Operations stopped me and said that he had forgotten his password, and hadn't been able to work all morning. He left a message on my voicemail, but I had been working in the server room all morning and didn't get the message. On the spot I reset his password using my Blackberry 857."

    Consider the case of Wingenback Inc, a manufacturer of kiosks and Automated Teller enclosures. Wingenback has one dedicated IT manager: Mike Phipps. Mike is responsible for corporate systems infrastructure and support. Wingenback's internal network consists of 10 mission critical NT 4.0 servers combined with several routers and switches. Mike is highly capable of dealing with network issues as they arise, providing of course, that he is physically in the office or in a location where he can easily access his system when it happens. Mike's work requires him to be mobile, move between sites, and this is in conflict with his support role.

    Anyone that has had to deal with system issues knows that network problems does not always adhere to an 8 to 5, Monday to Friday schedule. Because Mike is the only person responsible for the network it means that he must always be available and always be prepared to drive to the office to deal with network issues. While this situation is common for many organizations, it is less than ideal.

    Mike chose to implement SonicAdmin from Sonic Mobility. Within days of installation, he had the opportunity to really put the solution to the test:

    "I wanted to go to Comdex in Las Vegas and since I am the only support person, I was a little nervous about going. What could I do from Vegas even if I knew about a problem? SonicAdmin was the answer. Not only did I go to Comdex but also while I was there I received a call telling me that there was network problem.

    SonicAdmin allowed me to fix the issue in only a few minutes using my wireless iPaq. I was able to diagnose the problem and cycle power to a locked up router to get it running smoothly again. With that one incident alone, SonicAdmin was paid for".

    But the biggest question that comes up when deciding to implement a wireless solution is the inherent security (or lack) of a wireless admin tool. Given the obviously critical nature, admins want to know what security is built into the solution.

    They don't want to hear that you rely on the security of your wireless carrier, as "whackers" (the new term for 'wireless hackers') have frequently proven this to be inadequate. They also are leery of solutions that are driven by a web server, as these solutions and their platforms are often targets for hackers.

    Tools like SonicAdmin embed a robust high encryption native client that make the large organizations sit up and take notice. Combining that with expiring tokens to thwart war drivers and radio 'restreamers', unique device signatures allowing only designated devices to access the network, and much more makes wireless remote administration suddenly a viable reality for security sensitive admins. Check:

    Aelita Pushes For A Multi-Forest Architecture. Why?

    As you already know, Microsoft issued a security bulletin two weeks ago, concerning elevation of privilege attacks that are made possible by the way domain trust relationships are handled in Windows 2000 and NT. Aelita was instrumental in bringing this vulnerability to Microsoft's attention. Aelita's has some recommendations for how companies can help protect themselves. They created a white paper that outlines how Aelita is encouraging companies to consider the SID filtering capabilities that Microsoft released, but also is urging companies to strongly consider a multi-forest architecture.

    The Microsoft bulletin is located on their Web site at:

    The Aelita white paper in HTML format is over here:


    This Week's Links We Like. Tips, Hints And Fun Stuff

  • MS found a buffer overflow hole in Telnet. Good one to patch. Here it is:
  • Keep falling asleep in meetings, seminars and especially conference calls? Here is a way to change all that (PDF):
  • Streaming thousands of movies from Taiwan in flagrant violation of copyright laws, just 1 buck a pop... Let's see how long this one stays in the air!

    Small Business Server 2000 Best Practices

    Finally, the third-party Microsoft Small Business Server 2000 book that everyone has been waiting for. Based on shipping code and written six months after the SBS 2000 release, this book is packed with real world, detailed SBS 2000 topics. The planning, setup, administration and management topics dominate the first half of the book and include references to KBase articles, hard learned workarounds and in-the-trenches best practices.