Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, May 6, 2002 (Vol. 7, #36 - Issue #367)
How To Prevent Installation Problems?
This issue of W2Knews contains:
- EDITORS CORNER
- How To Prevent Installation Problems?
- TECH BRIEFING
- Why The Klez Virus Confuses Your Users
- Free Utility For Startup Launch Control
- NT/2000 RELATED NEWS
- Understanding MS Licensing 6.0
- NT/2000 THIRD PARTY NEWS
- Why Did Georgia Pacific Choose Pentasafe?
- DEFCON 10: Largest Hacker Convention On The Planet
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Windows 2000 Enterprise Storage Solutions
SPONSOR: Security Explorer
Solve your NTFS file permissions mysteries!
Security Explorer is a powerful and intuitive utility to search for and
modify Windows NT security on NTFS drives, the Registry, and Shares. Search
across subdirectories for permissions. Grant, revoke, and clone permissions
across subdirectories without affecting any other user's permissions. Select
50 shares on a server, and grant permissions to multiple users and groups at
one time. Back up your file permissions and restore them if necessary. Set
ownership on files and directories and more. Security Explorer makes finding
security holes and fixing them a snap!
Visit Security Explorer for more information.
How To Prevent Installation Problems?
Well, my "McAfee Mayhem Experience" article sure got a lot of you to
write me! Dang, many hundreds of you came back with your own experience
and opinions. Some agreeing and having (had) McAfee problems themselves,
and others saying the tool was great and that their enterprise version
for networks did not have all these problems. And then many of you
suggested your own fave anti-virus tools. Thanks for all your comments!
Some subscribers though, accused me of something close to criminal
stupidity and they too have a point. [grin] I have to explain something
first about my setup. I have the box sitting with its back toward me
so that I can easily change plugs. I have to reach all the way back to
the power button so it's easier to pull the plug instead.
What I did this time was just "play consumer" and expect everything to
just "go right" with a blind trust in the software developer. Silly me.
Just have a look at what I did not do (and should or could have):
They all shook their collective heads and pretty much commented: "Tsk, tsk,
Stu! You should have known better, you are not the professional I thought
- Read the online manual
- First read the Readme.TXT
- Made a new Emergency Repair Disk
- At least make some sort of a backup
- Checked beforehand for incompatibilities between two competitive kernel level driver-based products that both intercept the I/O stack
- Ran the Custom install instead of the Standard install
- Keep my finger for 6 seconds on the power button, which would turn off the system anyway, instead of resorting to the power cord
- During booting press F8 and used "Safe Mode" to cleanly uninstall from there (which works of course)
- First install the W2K recovery console from the CD, then during booting use that console to enable or disable services.
- Boot from the W2K CD and disable the services
- Exclude the folders containing the firewall software from being scanned by both the memory-resident on-access scanner and also the manual on-demand scanner.
- Shut down all other applications before the install
- And then some...
They are kind of right. One should do all these things before installing
a new piece of software, and especially if you start messing with
software-based firewalls you need to be careful. And mixing firewall software (or anti-virus tools) from different vendors is a clear invitation for disaster
I might add.
So, I admit to having a "blonde moment". Obviously no one else would ever
make a mistake like this. [grin] I reinstalled the product using the
Custom install, went through a few screens, turned off the firewall and
I can now run scans manually. But if I turn on the real-time Outlook
email scanner, the conflicts immediately turn on and the system freezes
up again. In this particular area it's "deja-vu all over again" when you
look at the TSR (Terminate and Stay Resident) days of DOS with install
order and grabbed-up resources causing major havoc fighting their turf wars.
Unfortunately the industry still has not made sufficient progress to
resolve this type of problem.
My only feeble excuse for this inexcusable lapse in professionalism :-)
is that I was in a hurry, and still think that McAfee should make this a
little clearer in their standard install. And guess what? Their lead
product manager has already been in touch with me, and promised they would
do that in their next release.
So the whole experience turned out to be somewhat useful after all,
perhaps not for me but for future users at least. And make yourself a
pre-flight checklist so you can run through those items before you install
Quote of the Day: Never ascribe to malice, that which can be explained by incompetence.
UNDO: The figure on home automation comms speeds over power lines.
The web link says 7.5kb/sec, not 7.5Mb/sec!
(email me with feedback: [email protected])
SPONSOR: Secure Copy
Powerful NTFS File Copying for NT Administrators
Secure Copy permits seamless migration, allowing you to copy files and
directories on NTFS partitions while keeping the security intact, creating
shares, and migrating local groups. All of this functionality is available
in an easy to use GUI, which keeps you updated on copy progress, as well
as any errors that may occur. Secure Copy also includes functionality such
as differential copying, full command line support, saving multiple jobs,
and scheduling jobs to run after hours. Invaluable for server migration!
Visit Secure Copy for more information.
Why The Klez Virus Confuses Your Users
Klez forges both the To: and From: headers. Nasty litter critter, it
does great "social engineering" and misdirection. So, when a user
receives a message from someone saying that they sent them a copy of
a virus, they probably didn't, especially if you've kept your antivirus
software up to date.
Free Utility For Startup Launch Control
David Stringer from the University of Auckland, NZ sent me this:
"Stu, re the McAfee Mayhem and the problem of applications that assume
the right to startup whenever you bootup or login.
"Having been caught out numerous times in trying out software for my
network users I have discovered a solution. A young guy by the name
of Mike Lin has written some freeware programs called "StartUp Monitor"
and "StartUp Control". StartUp Monitor sits in the background and gives
you the power to determine the outcome whenever an application decides
to install into the following registry areas :- Startup(user),
Startup(common), H K E Y_LOCAL_MACHINE/run(all users), H K E Y_CURRENT
_USER/run and /run once.
"I have yet to find an application or installer that can beat it and
it is yet to compromise any installation that I have done. It just
pops up and says, in effect, "Hey, shall we do this or not?".
"StartUp Control is a Control Panel applet that allows you to later
decide what programs to allow to launch at startup. The good part is
that you just tick and untick as you wish as against having to manually
remove stuff from the registry and then remember how (or where) to put
it back later if you change your mind. Great for temporarily removing
programs that load at startup while you try something out, or look for
"Mike Lin's website is below and he has some other good software there
to look at including "StartUp Selector" that lets you save different
startup configurations and switch between them. I hope you give his
software a try. Regards, David."
NT/2000 RELATED NEWS
Understanding MS Licensing 6.0
Microsoft is on a campaign to explain their new licensing (leasing)
model. Their point person is Rebecca Labrunerie and she was on the
SearchWin2000 site and answered some questions. Also, Laura Didio,
principal of industry analyst Information Technology Intelligence Corp.
has been on their radio show showing the pitfalls and bear traps.
I happen to know Laura is working on a report which will help you
negotiate the best deal you can get from Microsoft. Stay tuned and
I'll let you know more about that in a coming issue. For the moment,
here are some questions and answers that might enlighten this new
THIRD PARTY NEWS
Why Did Georgia Pacific Choose Pentasafe?
Georgia-Pacific Corporation is one of the world's leading building and
paper products manufacturers. They chose PentaSafe's VigilEnt Security
Solution. It will assist Georgia-Pacific in performing security management
across thousands of Windows NT, UNIX, and AS/400 (iSeries) production
servers operating around the world.
PentaSafe's products will enable Georgia-Pacific to perform easier and
more effective security auditing, vulnerability assessment, host based
intrusion detection, and security management on all of its systems.
"Policy validation is one of the most important tasks that my team has
responsibility for because it ensures the fundamental safety of all of
our corporate systems and data," said Herb Mattord, Technical Consultant
with Georgia-Pacific's Information Resources department. "PentaSafe's
products will save us hours of manual labor and help us continuously
validate more servers in less time. With PentaSafe, we'll soon have
the ability to go out and check the security all of our servers on a
regular basis without a complex process or, in some cases, interstate
PentaSafe VigilEnt Security Solution enables security managers to
proactively scan, pinpoint and address potential security issues on
business critical systems. PentaSafe's solutions protect systems and
files from unauthorized access, track changes to system configuration,
perform regular system security audits, automate corporate security
reports, and send alerts if suspicious activities are detected.
A "top-down" tool that takes a people-and-policy approach is a great
combination with strong "point solutions" like Retina and UpdateEXPERT.
DEFCON 10: Largest Hacker Convention On The Planet
The 10th anniversary of what has become the largest hacker convention
on the planet will be held August 2nd to the 4th at the Alexis Park
Hotel and Resort in Las Vegas, Nevada, USA.
Defcon is a convention for the more "underground" elements of the
computer culture. Defcon is geared towards hackers, programmers,
phreaks, cyberpunks, cypherpunks, open source hackers, civil liberty
and privacy advocates, HAMs, casual bystanders, lookieloos, feds,
reporters, and anyone interested in seeing what's going on in the
computer underground today.
Taking advantage of expanded meeting space this year, there will not
only be three tracks of speaking, but two break out areas for mini-
classes on select topics. For complete up to the minute info visit:
This Week's Links We Like. Tips, Hints And Fun Stuff
OK, AntCity is a destructive game, but just imagine these are your
clueless users that unfortunately and suddenly experience a flash!
Remember the clip with Steve Ballmer shouting: Developers! Developers! ?
Here is a Japanese take-off taking this to a new level of absurdity.
Wanna get away from it all and sit on a mountaintop for 10,000 years?
Here's the place to go first:
For the technically inclined among us. This site instructs you how to
write unmaintainable code. Very entertaining.
PRODUCT OF THE WEEK
Windows 2000 Enterprise Storage Solutions
As part of the Mark Minasi Windows 2000 Series, this book provides
you with specific in-depth technical solutions to the problems that
arise with implementing enterprise storage. It's got Solutions to a
all your storage challenges. If your organization's storage needs are
modest, you'll benefit from this book. But if they're big, and if they
are complicated, then you really can't afford to be without it. Windows
2000 Enterprise Storage Solutions helps you take advantage of all the
storage technologies that W2K supports, teaching you, step-by-step, the
standard and advanced techniques for managing data, and ensuring its