- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Thu, Apr 11, 2002 (Vol. 7, #29 - Issue #360)
NO CHARGE Penetration Test
  This issue of W2Knews™ contains:
    • Biometrics Could Be Painful [grin]
    • Microsoft Baseline Security Analyzer Released
    • IE Vulnerability Workaround
    • "FREE One-Time Penetration Test Of Your Network!"
    • Somewhat Automated Patch Management
    • W2K Servers Cheaper To Run Than Unix
    • Save With Top Security Bundle: Retina + UpdateEXPERT [REPEAT]
    • New Build Of ELM Products
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • MCSE Consulting Bible
  SPONSOR: Double-Take
Full Site Failover and Infrastructure Redundancy delivered by the #1
tool for data replication: Double-Take. Ensure that your data and
applications are always safe. Help your Company and Homeland Security
by protecting your most valuable resources at the source: Your Servers.
Double-Take will fail over if your source server goes down. 2001 Editor's
Choice of both Windows 2000 and Network Magazine. Download a 30-day
eval copy now and start protecting your data and apps.
Visit Double-Take for more information.

Biometrics Could Be Painful [grin]

A subscriber with some Biometrics experience in his back pocket sent me this:

"I was working for a South African owned company in Australia recently and heard this story from a migrant out of Johannesburg about the inclusion of ATMs in some of the mines over there, with the idea of capitalizing on the number of workers and the lack of banks in the area. (For people outside of the U.S., ATM means Automatic Teller Machines that allow you to pull money out of the wall, usually with a Card and a PIN code. Yes, I know you have them too but they are called differently in every country).

"To make it simple they introduced thumb print identification. Within weeks of the implementation they had to take the ATMs out because there were a number of incidents of muggings and peoples thumbs being cut off to steal their ID. Given the rise of crime generally in the US, how long do you think before something like this starts happening in America? Or certainly in other less lawful areas in the world."

My only response to this is that the biometrics companies better come up with technology to identify if a thumb is alive or dead, and announce that fact to the world at large. I'd like to see some proof of that, but are you willing to be the guinea pig? Let me know by email!

This week's XBOX Winner is Marc Nadeau from St-Charles de Bellechasse, Canada! Congrats Marc and enjoy!

PS, the MS 6.0 Licensing survey we recently did certainly got noticed!

Quote of the Day: "There are 30 million telecommuters in the USA. Service providers are going to be the next utility in the home".

Warm regards,
Stu Sjouwerman
(email me with feedback: [email protected])

  SPONSOR: "pcAnywhere Killer"
User Declares Remote Admin "pcAnywhere Killer"
You might want to give Remote Admin a try too. It's as if you are there,
with all the admin tools to control remote systems. This puppy was
"made-by-and-for" system administrators. Pricing is dirt cheap, especially
site- and company licenses. Now a "client & server" combo is available
via the online shop for just 35 bucks! Get yours here:
Visit "pcAnywhere Killer" for more information.

Microsoft Baseline Security Analyzer Released

As you read in the W2Knews scoop, issue 347, Feb 25 this year, Microsoft finally released their Microsoft Baseline Security Analyzer (MBSA). It replaces the Microsoft Personal Security Advisor (MPSA). MBSA is a standalone application that scans Windows NT 4.0, Windows 2000, and XP systems for common security misconfigurations. MBSA includes the same security checks as MPSA, but adds value by scanning local and remote machines, as well as both Windows servers and workstations, it supports Windows, IIS, and SQL Server.

For home machines and small LANs this may be useful, but essentially it is a tool that combines HFNETCHK and the MS security page. It does not really compare to the professional tools out there but then it is free. I guess you get what you pay for. MBSA can be downloaded from the following location:

IE Vulnerability Workaround

If there is no particular fix for a hole, it is often still possible to use a workaround to make sure some one does not use a (now) known vulnerability. Workarounds are good and necessary until a hotfix arrives. For instance, I would strongly recommend to disable the scripting of ActiveX objects and obviously also disable Active Scripting as a simple solution to a few new known holes.

These recent issues are all due to a new feature of IE 6.0: the ability to create lists of Administrator approved ActiveX controls. For the normal end user this has no value what so ever, but an Admin could use this to restrict which controls can be scripted. If you would apply this in all zones, it can control quite a few of the new vulnerabilities.

It is normal to approach router and firewall configuration with the tried-and-true DENY rule. Disallow everything and then specifically allow only certain things. IE 6.0 offers you that feature too. I suggest you use it and get no nasty surprises. Grateful acknowledgement to Russ Cooper, the venerable NTBugtraq Editor.


"FREE One-Time Penetration Test Of Your Network!"

Sunbelt Software and eEye offer you a free outside-in vulnerability assessment of your network to see if hackers might be able to penetrate. We will be using Retina to perform this penetration test of one IP-address you will provide us. The results will be emailed to you. Interested? Keep on reading.

We are obviously doing this to expose you to the power of Retina. There is nothing like a white-hat external penetration test to show you where the holes are. Note that we can only audit what we see from the outside world. If you have an excellent firewall, chances are we won't be able to get too far (which is good). You will be notified about that too of course.

Safeguards will be in place so that the we know that the IP that you give us is an IP you actually have authority over. This FREE Test is limited to the first 500 respondees, 200 from Europe and 300 from the USA and Canada. For logistics and legal reasons we cannot process requests from other countries at this time.

Instructions: Click on the link below and click on Download Retina Evaluation. Fill out the download form and as Promotional Code cut and paste in this one: R3tIz4
Forms without the above code are not eligible for this limited time offer.

Somewhat Automated Patch Management

Got feedback from a reader about my earlier complaints about patch management essentially being such a headache. He wrote back that MS has had a tool out for a while called QChain that handles some of this:

"QChain.exe enables an NT 4.0 or W2K Administrator to install multiple Hotfixes with only one reboot. MS Q296861 discusses this tool in good detail. In Microsoft's own words: "...QChain.exe gives system admins the ability to safely chain hotfixes together. Hotfix chaining involves installing multiple hotfixes without rebooting between each installation. Without this tool, the only supported method is to reboot after each hotfix installation. The QChain.exe tool has the following benefits:

  • It increases uptime for servers because computers are not being rebooted between each hotfix installation.
  • It allows faster installations of multiple hotfixes on a single computer.
It is a solution that works on both Windows 2000 and Windows NT 4.0. NOTE : The QChain.exe tool is not required on Windows XP and later. The hotfix installer in Windows XP includes functionality to support multiple hotfix installation."

W2K Servers Cheaper To Run Than Unix

A new survey has found that Intel-based servers running W2K and trusted with key back-office applications are significantly cheaper than Unix servers. The cost of running back-office servers on Windows and Intel technology is around half that of Unix servers, a new report has found.

According to the survey of US medium and large sized enterprises, over a three-year ownership period, companies can expect to see 46 per cent lower costs associated with acquiring, maintaining and running a W2K server over a Unix/Risc machine.

"We expected there to be a cost advantage, but not this high," said Thomas Manter, research director at Aberdeen Group and author of the report. So, we're not crazy after all. [grin] Here is the link.


Save With Top Security Bundle: Retina + UpdateEXPERT [REPEAT]

[Last issue had some transmission problems so we are repeating this important news here one more time]

Use Retina to identify vulnerabilities and recommend security policies. Use UpdateEXPERT to enforce policies for software patches: Scan and Fix! Retina + UpdateEXPERT together are your total solution for system and network vulnerabilities: Assessment and Remediation.

Any out-of-update system can be exploited, and errors in updating your system can create new vulnerabilities and disastrous results. Remediation is complex and requires specialized knowledge, and keeping settings and patches up to date is an ongoing process to prevent your domains from getting hacked into.

Product Features: Retina: Vulnerability Scanning and Policy Setting

  • Retina is the best-of-class network vulnerability security scanner on the market (Reference Network World Buyer's Guide "Blue Ribbon" award for excellence).
  • Retina scans and audits all IP's (servers, workstations, firewalls, routers, desktops, Web interfaces, OS, etc.,) looking for security vulnerabilities.
  • The result is a customized report listing all the vulnerabilities on every IP and their threat level.
Product Features: UpdateEXPERT: Patch Application and Management
  • Make informed decisions
  • Manage from a central console without agents:
  • Improved reliability without needing to install remote software
  • Install only those updates that are missing and applicable:
  • Worry-free installation
  • Deploy worry-free using exclusive database:
  • Combine any patches, eliminate reboots
  • Check all systems to make sure that patches are still installed and valid:
  • Support on-going efforts to manage patch levels
  • Define required list of patches:
  • Make all machines comply in 1 click
  • Conformance report (odd-man-out) scans against list of required patches:
  • Check to see if exceptional systems do not comply and why
Product Benefits:

What Makes Retina Unique?

  • Fastest - 2 to 10x faster than the competition
  • Constant Updates - Often multiple dailies
  • NMAP - Most comprehensive and accurate database available plus eEye's daily research (discovered and named Code Red worm & XP- UPnP, hundreds of advisories)
  • Non-Intrusive - ID's vulnerabilities without exploit testing
  • CHAM - Common Hacking Attack Methods (for "unknown" vulnerabilities used by Sec Admin)
  • Customized Audits - Admin can customize a check
  • No IP restrictions - Scan ranges of IP's
  • Reports - Both "Executive" and "Technical"
UpdateEXPERT - Remediation and Policy Enforcement:
  • UpdateEXPERT installs security, system stability & private software patches
  • Identifies what hotfixes are missing & applicable to your system
  • Arranges hotfixes in proper order
  • Schedules when to push out a hotfix
  • Broadcasts hotfix from central console inside a wrapper
  • Installs hotfix independently
  • Way more complete, powerful and reliable than any free tool
UpdateEXPERT solves the challenges of keeping your systems patched correctly. It is extremely important that you deploy patches in the proper sequence. It determines success or failure. Try this combination on your own domains now and save a bundle.

New Build Of ELM Products

We are pleased to announce the immediate availability of Build of:
ELM Enterprise Manager(tm) 3.0
ELM Log Manager(tm) 3.0
ELM Performance Manager(tm) 3.0

ELM Enterprise Manager is now Certified for Windows 2000 Server and Windows 2000 Advanced Server.

A comparison of these three products can be found at in the White Papers section of this page, and you can also download your new version from this location:

Instructions for upgrading from a prior release can be found at:
Instructions for upgrading from Beta 2 can be found at:
Instructions for upgrading from Event Log Monitor can be found at:

Added: You can now use Boolean characters and wildcard characters in the Message Contains field within the Event Alarm, Event Collector and Event Filter criteria. Several bugs were fixed in this new build.


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Top 10 Active Directory Bloopers at the SearchWin2000.com site:

  • http://www.w2knews.com/rd/rd.cfm?id=020411FA-ADBloopers
  • A very controversial PowerPoint show that was sent to me. It's about how Palestinian children are being raised to become killers. This is pretty heavy to watch and not fun, but impressive. Not for the weak of heart!

  • http://www.w2knews.com/rd/rd.cfm?id=020411FA-children
  • ViewSonic's First Wireless Monitor, the ViewSonic airpanel 100:

  • http://www.w2knews.com/rd/rd.cfm?id=020411FA-viewsonic
  • Fly the space shuttle virtually:

  • http://www.w2knews.com/rd/rd.cfm?id=020411FA-shuttle
  • Always thought that wireless networks have a perfect circle in signal strength? Think again!

  • http://www.w2knews.com/rd/rd.cfm?id=020411FA-waves

    MCSE Consulting Bible

    According to the 1999 Salary Survey conducted by MCP Magazine, the average MCSE has 6.8 years of experience. The average self-employed MCSE consultant with 6 - 9 years of experience earns $85,000 - that's over $8,000 more than the average salary +bonus and benefits package of other MCSEs. There is a demand for MCSEs who can offer a variety of technical expertise and services, and this book will show you how to create a successful consulting business. MCSE CONSULTING BIBLE walks you through the issues to consider when making the decision to start their own consulting business and then offers key advice on each aspect of the business from deciding what services to offer, to marketing, to maintaining customer relationships.