- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, May 6, 2002 (Vol. 7, #36 - Issue #367)
How To Prevent Installation Problems?
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • How To Prevent Installation Problems?
  2. TECH BRIEFING
    • Why The Klez Virus Confuses Your Users
    • Free Utility For Startup Launch Control
  3. NT/2000 RELATED NEWS
    • Understanding MS Licensing 6.0
  4. NT/2000 THIRD PARTY NEWS
    • Why Did Georgia Pacific Choose Pentasafe?
    • DEFCON 10: Largest Hacker Convention On The Planet
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • Windows 2000 Enterprise Storage Solutions
  SPONSOR: Security Explorer
Solve your NTFS file permissions mysteries!
Security Explorer is a powerful and intuitive utility to search for and
modify Windows NT security on NTFS drives, the Registry, and Shares. Search
across subdirectories for permissions. Grant, revoke, and clone permissions
across subdirectories without affecting any other user's permissions. Select
50 shares on a server, and grant permissions to multiple users and groups at
one time. Back up your file permissions and restore them if necessary. Set
ownership on files and directories and more. Security Explorer makes finding
security holes and fixing them a snap!
Visit Security Explorer for more information.
  EDITORS CORNER

How To Prevent Installation Problems?

Well, my "McAfee Mayhem Experience" article sure got a lot of you to write me! Dang, many hundreds of you came back with your own experience and opinions. Some agreeing and having (had) McAfee problems themselves, and others saying the tool was great and that their enterprise version for networks did not have all these problems. And then many of you suggested your own fave anti-virus tools. Thanks for all your comments!

Some subscribers though, accused me of something close to criminal stupidity and they too have a point. [grin] I have to explain something first about my setup. I have the box sitting with its back toward me so that I can easily change plugs. I have to reach all the way back to the power button so it's easier to pull the plug instead.

What I did this time was just "play consumer" and expect everything to just "go right" with a blind trust in the software developer. Silly me. Just have a look at what I did not do (and should or could have):

  • Read the online manual
  • First read the Readme.TXT
  • Made a new Emergency Repair Disk
  • At least make some sort of a backup
  • Checked beforehand for incompatibilities between two competitive kernel level driver-based products that both intercept the I/O stack
  • Ran the Custom install instead of the Standard install
  • Keep my finger for 6 seconds on the power button, which would turn off the system anyway, instead of resorting to the power cord
  • During booting press F8 and used "Safe Mode" to cleanly uninstall from there (which works of course)
  • First install the W2K recovery console from the CD, then during booting use that console to enable or disable services.
  • Boot from the W2K CD and disable the services
  • Exclude the folders containing the firewall software from being scanned by both the memory-resident on-access scanner and also the manual on-demand scanner.
  • Shut down all other applications before the install
  • And then some...
They all shook their collective heads and pretty much commented: "Tsk, tsk, Stu! You should have known better, you are not the professional I thought you were".

They are kind of right. One should do all these things before installing a new piece of software, and especially if you start messing with software-based firewalls you need to be careful. And mixing firewall software (or anti-virus tools) from different vendors is a clear invitation for disaster I might add.

So, I admit to having a "blonde moment". Obviously no one else would ever make a mistake like this. [grin] I reinstalled the product using the Custom install, went through a few screens, turned off the firewall and I can now run scans manually. But if I turn on the real-time Outlook email scanner, the conflicts immediately turn on and the system freezes up again. In this particular area it's "deja-vu all over again" when you look at the TSR (Terminate and Stay Resident) days of DOS with install order and grabbed-up resources causing major havoc fighting their turf wars. Unfortunately the industry still has not made sufficient progress to resolve this type of problem.

My only feeble excuse for this inexcusable lapse in professionalism :-) is that I was in a hurry, and still think that McAfee should make this a little clearer in their standard install. And guess what? Their lead product manager has already been in touch with me, and promised they would do that in their next release.

So the whole experience turned out to be somewhat useful after all, perhaps not for me but for future users at least. And make yourself a pre-flight checklist so you can run through those items before you install software again!

Quote of the Day: Never ascribe to malice, that which can be explained by incompetence.

UNDO: The figure on home automation comms speeds over power lines. The web link says 7.5kb/sec, not 7.5Mb/sec!

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Secure Copy
Powerful NTFS File Copying for NT Administrators
Secure Copy permits seamless migration, allowing you to copy files and
directories on NTFS partitions while keeping the security intact, creating
shares, and migrating local groups. All of this functionality is available
in an easy to use GUI, which keeps you updated on copy progress, as well
as any errors that may occur. Secure Copy also includes functionality such
as differential copying, full command line support, saving multiple jobs,
and scheduling jobs to run after hours. Invaluable for server migration!
Visit Secure Copy for more information.
  TECH BRIEFING

Why The Klez Virus Confuses Your Users

Klez forges both the To: and From: headers. Nasty litter critter, it does great "social engineering" and misdirection. So, when a user receives a message from someone saying that they sent them a copy of a virus, they probably didn't, especially if you've kept your antivirus software up to date.

Free Utility For Startup Launch Control

David Stringer from the University of Auckland, NZ sent me this:

"Stu, re the McAfee Mayhem and the problem of applications that assume the right to startup whenever you bootup or login.

"Having been caught out numerous times in trying out software for my network users I have discovered a solution. A young guy by the name of Mike Lin has written some freeware programs called "StartUp Monitor" and "StartUp Control". StartUp Monitor sits in the background and gives you the power to determine the outcome whenever an application decides to install into the following registry areas :- Startup(user), Startup(common), H K E Y_LOCAL_MACHINE/run(all users), H K E Y_CURRENT _USER/run and /run once.

"I have yet to find an application or installer that can beat it and it is yet to compromise any installation that I have done. It just pops up and says, in effect, "Hey, shall we do this or not?".

"StartUp Control is a Control Panel applet that allows you to later decide what programs to allow to launch at startup. The good part is that you just tick and untick as you wish as against having to manually remove stuff from the registry and then remember how (or where) to put it back later if you change your mind. Great for temporarily removing programs that load at startup while you try something out, or look for conflicts etc.

"Mike Lin's website is below and he has some other good software there to look at including "StartUp Selector" that lets you save different startup configurations and switch between them. I hope you give his software a try. Regards, David."
http://www.w2knews.com/rd/rd.cfm?id=020506TB-Mike_Lin

  NT/2000 RELATED NEWS

Understanding MS Licensing 6.0

Microsoft is on a campaign to explain their new licensing (leasing) model. Their point person is Rebecca Labrunerie and she was on the SearchWin2000 site and answered some questions. Also, Laura Didio, principal of industry analyst Information Technology Intelligence Corp. has been on their radio show showing the pitfalls and bear traps.

I happen to know Laura is working on a report which will help you negotiate the best deal you can get from Microsoft. Stay tuned and I'll let you know more about that in a coming issue. For the moment, here are some questions and answers that might enlighten this new program somewhat.
http://www.w2knews.com/rd/rd.cfm?id=020506RN-MS_Licensing

  THIRD PARTY NEWS

Why Did Georgia Pacific Choose Pentasafe?

Georgia-Pacific Corporation is one of the world's leading building and paper products manufacturers. They chose PentaSafe's VigilEnt Security Solution. It will assist Georgia-Pacific in performing security management across thousands of Windows NT, UNIX, and AS/400 (iSeries) production servers operating around the world.

PentaSafe's products will enable Georgia-Pacific to perform easier and more effective security auditing, vulnerability assessment, host based intrusion detection, and security management on all of its systems.

"Policy validation is one of the most important tasks that my team has responsibility for because it ensures the fundamental safety of all of our corporate systems and data," said Herb Mattord, Technical Consultant with Georgia-Pacific's Information Resources department. "PentaSafe's products will save us hours of manual labor and help us continuously validate more servers in less time. With PentaSafe, we'll soon have the ability to go out and check the security all of our servers on a regular basis without a complex process or, in some cases, interstate travel."

PentaSafe VigilEnt Security Solution enables security managers to proactively scan, pinpoint and address potential security issues on business critical systems. PentaSafe's solutions protect systems and files from unauthorized access, track changes to system configuration, perform regular system security audits, automate corporate security reports, and send alerts if suspicious activities are detected.

A "top-down" tool that takes a people-and-policy approach is a great combination with strong "point solutions" like Retina and UpdateEXPERT.
http://www.w2knews.com/rd/rd.cfm?id=020506TP-PentaSafe

DEFCON 10: Largest Hacker Convention On The Planet

The 10th anniversary of what has become the largest hacker convention on the planet will be held August 2nd to the 4th at the Alexis Park Hotel and Resort in Las Vegas, Nevada, USA.

Defcon is a convention for the more "underground" elements of the computer culture. Defcon is geared towards hackers, programmers, phreaks, cyberpunks, cypherpunks, open source hackers, civil liberty and privacy advocates, HAMs, casual bystanders, lookieloos, feds, reporters, and anyone interested in seeing what's going on in the computer underground today.

Taking advantage of expanded meeting space this year, there will not only be three tracks of speaking, but two break out areas for mini- classes on select topics. For complete up to the minute info visit:
http://www.w2knews.com/rd/rd.cfm?id=020506TP-Defcon

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  • OK, AntCity is a destructive game, but just imagine these are your clueless users that unfortunately and suddenly experience a flash! [evil grin]

  • http://www.w2knews.com/rd/rd.cfm?id=020506FA-AntCity
  • Remember the clip with Steve Ballmer shouting: Developers! Developers! ? Here is a Japanese take-off taking this to a new level of absurdity.

  • http://www.w2knews.com/rd/rd.cfm?id=020506FA-Developers
  • Wanna get away from it all and sit on a mountaintop for 10,000 years? Here's the place to go first:

  • http://www.w2knews.com/rd/rd.cfm?id=020506FA-Mountains
  • For the technically inclined among us. This site instructs you how to write unmaintainable code. Very entertaining.

  • http://www.w2knews.com/rd/rd.cfm?id=020506FA-Code
      PRODUCT OF THE WEEK

    Windows 2000 Enterprise Storage Solutions

    As part of the Mark Minasi Windows 2000 Series, this book provides you with specific in-depth technical solutions to the problems that arise with implementing enterprise storage. It's got Solutions to a all your storage challenges. If your organization's storage needs are modest, you'll benefit from this book. But if they're big, and if they are complicated, then you really can't afford to be without it. Windows 2000 Enterprise Storage Solutions helps you take advantage of all the storage technologies that W2K supports, teaching you, step-by-step, the standard and advanced techniques for managing data, and ensuring its availability.

    http://www.w2knews.com/rd/rd.cfm?id=020506BW-Storage_Solutions