- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Nov 11, 2002 (Vol. 7, #70 - Issue #401)
And More Patching Woes
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • And More Patching Woes, Unix This Time
  2. TECH BRIEFING
    • So, Now You're Going To Support Tablet PC's
    • Email Monitoring & Reporting Best Practices Webinar
  3. NT/2000 RELATED NEWS
    • MS Legal Update
    • MS Shooting Itself In the Other Foot?
    • What Do Customers Want From MS?
  4. NT/2000 THIRD PARTY NEWS
    • The 12 layers of Adequate Security
    • Sick And Tired Of Messing With Login Scripts?
    • iHateSpam Gets The Nod From PCWorld And Newsweek
    • PestPatrol Update to V4.0
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • MCSE: Windows 2000 Directory Services Admin Study Guide
  SPONSOR: Marimba
Can You Solve Your OS Migration Problems
Watch a Marimba and Installshield Web Seminar that discuss how you
can lower your migration and management costs and how to automate
the migration to Windows 2000/XP. Learn how you can upgrade your
systems with a minimum of desktop support visits. To learn more
about this seminar please click below:
Visit Marimba for more information.
  EDITORS CORNER

And More Patching Woes, Unix This Time

One of your colleagues, a system admin that managed both Windows and Unix systems, sent me this:

"Take a look some time at the quantity of patches issued between HP-UX releases, or most any other version of Unix, for that matter. Huge. Worse, the applications built to run on these systems are often highly "sensitive" to patch levels within the O/S version levels, so that if more than one application is installed on one system, or an application is installed that doesn't exactly fit the patch level, compatibility can become a nightmare.

Though most users might not admit it, the system can become unstable and difficult to correct. For one example, I have had even the otherwise highly stable RS/6000 AIX system become unstable when a version of a terminal server application was installed that was not a match for the minor version patch level we had. Converting to the latest patch level then caused a problem with the primary application on that system."

And here are some comments from an Oracle user:

"On the constant patching problems and the reader's comment concerning PeopleSoft HRMS enterprise software, I work with Oracle Enterprise Applications and I say, 'Ditto times ten'."

It looks like we as technical consumers need to continue to push software vendors to produce Higher Quality Software! In the mean time, check out our Top 10 Best Sellers List for November, and see if UpdateEXPERT can help you out.

While free updating tools are available from Microsoft, most include limited or simple functionality. UpdateEXPERT provides a superior way to manage all patches released as well as enforcing software security policies. Supporting a long list of mission critical apps and WinOS flavors, UpdateEXPERT enables you to research available fixes, scan your workstations and servers, deploy updates to any number of networked machines - without remote agents - and validate that the job was done right. If you have a handful of W2K servers and/or workstations, I recommend taking UpdateEXPERT for a 15-day test drive. Here is the November 2002 Top 10 Best Seller List:
http://www.w2knews.com/rd/rd.cfm?id=021111ED-Top10

Quotes of the Day:
You know you've achieved perfection in design, not when you have nothing more to add, but when you have nothing more to take away.
-- Antoine de Saint Exupery

If you aren't fired with enthusiasm, you will be fired with enthusiasm.
--Vince Lombardi

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Double-Take
Your #2 headache is High Availability. It's your job to keep
mission critical data available for your users. Double-Take is
the World's Number One tool for data replication and disaster
recovery. Verified for all W2K Platforms. How it works? "Server
A dies, Server B takes over transparently". Your users won't even
know there was downtime. Double-Take outsells all other solutions
for W2K combined. It's time you check it out too. This is the
ultimate job security tool:
Visit Double-Take for more information.
  TECH BRIEFING

So, Now You're Going To Support Tablet PC's

They have arrived. Your "early adopter power users" are going to clamor for one, just because it's the latest and greatest. But is it really extremely useful? No. They run WinXP with a bolted on "digital-ink" module that allows that system to capture, save and recognize handwriting. The thing is called MS Journal, and takes handwritten notes. Another utility called the Tablet Input Panel allows you to enter notes in other apps.

The plus side of these things is that you can save and search notes that are handwritten, you can annotate slides in PowerPoint and read long documents better than on a normal laptop. The downside is that managing Windows itself with a pen is a headache and clumsy. Actual handwriting recognition and transforming it onto ASCII is still not perfect by a long shot unless you take the time to write legibly on the screen. We're talking an MS Version 1.0 here folks. You know what that means. They usually get it right over time though.

These things are probably good for people that are on the move a lot, and synch up once a day or so. This is certainly not yet ready for the mainstream use and replace everyone's desktops. For the moment, entering normal text with the virtual keyboard is going to get you a lot of tech support complaints, it just does not work as well as a keyboard. Better carefully set your corporate standard to a model that performs what your (mobile) users really need. It's time for cautious optimism, but limited to the people that are really good candidates for the functionality. Expect some bugs in the new bolted-on modules though. Check out more at MS' website:
http://www.w2knews.com/rd/rd.cfm?id=021111TB-TabletPC

Email Monitoring & Reporting Best Practices Webinar

Introducing Insight for Exchange 3.0 (formerly Melia) and ExRay 1.1

Email abuse, Exchange security, server problems, and Exchange management issues all have the potential to hurt email performance and IT productivity. Don't let this happen to you and your IT staff. We are offering you a FREE seat in the last webinar of the year in our online Exchange educational series:

"How to Take Control of Exchange: Best Practices for Email Monitoring & Reporting"
Date: Thursday, November 21, 2002
Time: 4:30 PM GMT/11:30 AM US Eastern / 8:30 AM US Pacific
To register now, visit:
http://www.w2knews.com/rd/rd.cfm?id=021111TB-Webinar

This webinar will cover:

  • Key strategies for preventing Exchange management problems
  • Best practices for email monitoring and reporting
  • Valuable Exchange management tips that you can benefit from immediately
  • Critical products all administrators can leverage to dramatically reduce downtime, eliminate abuse, and enforce policies
You will see the newest products for Exchange management: ExRay 1.1 and Insight for Exchange 3.0 (formerly Melia). And just for attending you'll receive a FREE seat in our upcoming Exchange 2000 web training valued at $195!

Seating is limited and this is your last chance to attend this webinar in 2002. Don't miss this exciting Exchange event! To register now, visit:
http://www.w2knews.com/rd/rd.cfm?id=021111TB-Webinar

  NT/2000 RELATED NEWS

MS Legal Update

As you know, I generally do not spend a lot of time discussing the MS legal situation, and I have said over the last few years that it's "business as usual" for us in the trenches. And it will continue to be that way as well. The appeals judge that was supposed to review the settlement that MS made with the Dept of Justice actually pretty much approved it without much change.

That means that the rogue states who did not want to join the original settlement have been told to go home. It also signals to the companies (Sun Microsystems specifically) that instigated this whole lawsuit, that they need to compete and come out with better products in the marketplace instead of trying to fight competitors in court. MS has promised to make it easier to compete with them and now has smooth uninstall options for IE, Media Player and their Messenger, among others. (You need to first install Service Packs for this though). Sun is vowing to keep the suit alive, but the 600 (!) MS lawyers will be providing enough legal air cover to keep Sun off their backs.

The US court case is really over though. The restrictions on MS business practices (never really a major part of their operations) go into effect for 5 years. There are no realistic grounds for another appeal, and if any States would try it, this would be a waste of taxpayer money. Very little "politics" was actually involved in the final resolution. The case has been run through the courts in a legitimate way. MS will be free to improve its products long into the future. Their legal woes are not going to be completely over though. With 40 Billion in cash, anyone can sue and try to get some of that hoard in a settlement. More over, MS board members have been made responsible for compliance with the terms of the settlement.

So, how is the case in Europe getting along? The US and EU have two different types of complaints, and it is certainly not an apples-to-apples comparison. In Europe the scene is that the MS competitors are claiming Redmond is illegally muscling its way into software that runs servers and so called neighboring markets.

It's a slow going process and if any punishments would be decided that MS thinks are unacceptable, the thing would go into appeals and another 2-3 years would pass. In other words, again, for us in the trenches both in the US and EU it is business as usual and we should see improved MS products. I hope MS has learned a lesson though, and that the improvements are going to be mainly in improved code regarding security. We do not need more features. We need code that does not need patches all the [email protected]*n time !! The key requirements for MS under the latest court ruling are:

APPROVED

  • Make it possible for computer makers and users to disable access to middleware programs, such as Web browsers and media players.
  • Establish Uniform licensing and pricing terms for the 20 largest computer makers.
  • Releases information needed to help other companies make products, including server programs, that work with Microsoft operating systems for PCs.
  • No retaliation or threats to retaliate, against personal computer makers, software companies or other partners for supporting non-Microsoft software.
  • Establish a compliance committee of at least three outside members of its board, which will appoint an internal compliance officer.
  • Be subject to settlement terms for five years, unless extended by judge for up to two years.
REJECTED
  • Offer a separate version of Windows, at a lower price, that excludes any additional middleware programs the company adds.
  • Distribute Sun's Java technology with Windows.
  • Auction the right to sell versions of its Office software for other use on operating systems other than Windows.
  • Disclose and license the source code used to develop its Internet browser software.

MS Shooting Itself In the Other Foot?

Client/Server News is a paid industry newsletter that I have read for years. They are very good in getting the inside scoop of the IT industry, and worth the $600 subscription per year. They just came out with more data about paying for security which was recently discussed in an earlier W2Knews issue. Here is their copy:

"Microsoft apparently hired Zoomerang to do a survey asking people about updates, daily security patches, Service Packs and the like and how much they would be willing to pay for them. Obviously MS is intent on repeating its Licensing 6 mistake and is laying the groundwork to make people pay to remedy the deficiencies and vulnerabilities in its software just like Microsoft VP Craig Mundie recently suggested it was up to."

You can find Client Server News here:
http://www.w2knews.com/rd/rd.cfm?id=021111RN-Client_Server_News

What Do Customers Want From MS?

Network World did a thorough survey about what customers want from Redmond. The results are definitely interesting, but nothing new. Here is a short extract from the full article:

"If customers had any doubt as to Microsoft's dominance in the server and desktop markets they need look no further than the latest numbers from IDC. The research showed Microsoft accounted for a 49% share of the 5.7 million new server operating system licenses shipped worldwide in 2001, an increase of 7% over the previous year. The nearest competitor was Linux at 25.7%. And Microsoft took home a whopping 95% of the desktop market, a 1% increase over the previous year.

To get a sense of what this huge collection of customers would like to see next from Microsoft, we polled a cross section of them. These were their top issues:

  • Patch management
  • Security
  • Training
  • Licensing
  • Support
  • Management tools:
    "The fact that so many Microsoft products have become critical cogs in corporate network infrastructures means Microsoft must improve its management tools, users say. They need better system admin tools for logging, monitoring, Active Directory management and workstation configuration,"
  • Consistency in product upgrades
  • Integration with other vendors"
Full article over at:
http://www.w2knews.com/rd/rd.cfm?id=021111RN-WishList

And the brand new Active Administrator tool we just came out with is going g r e a t g u n s. The orders are rolling in for that puppy. It even made it in the Top 10 Best Sellers this month!
http://www.w2knews.com/rd/rd.cfm?id=021111RN-ActiveAdministrator

  THIRD PARTY NEWS

The 12 layers of Adequate Security

So, in the last issue, we gave you 26 definitions of different kinds of security tools. Obviously you do not need all of these. But how to "layer" your security? You could use the OCTAVE methodology.

"Octave is a self-directed information security risk evaluation that enables organizations to make information-protection decisions based on risks to the confidentiality, integrity and availability of their critical information technology assets. An interdisciplinary analysis team consisting of an organization's staff members manages the evaluation process and makes decisions about protecting their critical IT assets." Here are the layers they recommend. I have added some links to suggested tools for each layer.

  1. Chief Security Officer. Get one.
  2. OCTAVE methodology
    Operationally Critical Threat, Asset and Vulnerability Evaluation methodology for conducting threat assessments. Developed by CERT Coordination Center, Pittsburgh.
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-Octave_pdf
  3. Authentication
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-Authentication
  4. Firewalls
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-TargetAwards
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-Firewalls
  5. Intrusion-detection systems
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-VigilEnt
  6. Virus scanners
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-TargetAwards
  7. Policy management software
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-VigilEnt
  8. Vulnerability testing
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-VigilEnt
  9. Encryption
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-TargetAwards
  10. Proper system administration
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-SYS_Admin_Tools
  11. Active content filtering
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-Active_Content
  12. Incident response plan/ continuity of operations
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-HAD
    http://www.w2knews.com/rd/rd.cfm?id=021111TP-VigilEnt

Sick And Tired Of Messing With Login Scripts?

The new ScriptLogic version 4.1, helps you manage your Win-clients. This last release gives you a performance increase and with cool new features: multithreaded management components and a brand new engine that processes the client logon request. The new support for multiple profiles gets you enterprise scalability.

The latest version provides you with enhancements in validation logic and now uses a four-part validation logic scheme. You can also use the new Service Manager to configure multiple servers and services with just one click. More enhancements include a very useful logoff agent, a new dialog box for Assign Logon Script, a new API and updated global options. Check the eval out at:
http://www.w2knews.com/rd/rd.cfm?id=021111TP-ScriptLogic

iHateSpam Gets The Nod From PCWorld And Newsweek

iHateSpam just got a 4-STAR review in PCWorld. Here is an extract from the December 2002 issue:

"iHateSpam -- available for a free 30-day trial -- has many useful features, including a way to block messages that are in foreign character sets, a fully customizable iHateSpam toolbar, easily configurable spam folders, and a powerful way to create customized filtering rules. iHateSpam for Outlook worked flawlessly in checking my Hotmail account. I simply added the account, and I was off and running. The Outlook version caught an impressive 96 percent."

Newsweek Magazine, December 2002 Issue:

"Software site Download.com lists more than 200 such programs ... [but] among the best programs we've tested or heard about: iHateSpam ($29.95) works directly with Outlook or Outlook Express. Exploiting the power of peer-to-peer networks, it reports spam that the software missed to other users of the program. McAfee's Spamkiller ($40) gets a thumbs down because it overcharges and generates complaints to the spammer's e-mail account and ISP. Since spammers often hijack other people's accounts, this has the ironic effect of sending the complaint to an innocent user. Anti-spam spam?"

Sunbelt just received an order for 5,000 units from a very large energy company that really likes the idea to have their end users manage all their own email, including junk which gets filtered into quarantine folders by iHateSpam. Get a 30-day eval here:
http://www.w2knews.com/rd/rd.cfm?id=021111TP-iHateSpam

PestPatrol Update to V4.0

It's finally here! PestPatrol version 4 is available from our web site. The update is free of charge to all PestPatrol customers whose subscriptions are current. Licensed users are being sent notification by e-mail of where and how to download the new version. If you are a home user, have an evaluation copy of PestPatrol version 3.x, and are not yet ready to purchase, you should download new evaluation software:
http://www.w2knews.com/rd/rd.cfm?id=021111TP-PestPatrol

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  • Need a new corporate (private) jet? This one on EBAY will kick butt.

  • http://www.w2knews.com/rd/rd.cfm?id=021111FA-eBay_Jet
  • Got "carpal tunnel"? This vertical mouse is a pretty good alternative.

  • http://www.w2knews.com/rd/rd.cfm?id=021111FA-Vertical_Mouse
  • You guys went wild on the optical illusion fave link last issue. Here are more of these mind-bending "Lightness Perception and Lightness Illusions. You just do not believe your own eyes!

  • http://www.w2knews.com/rd/rd.cfm?id=021111FA-Illusions
  • This is just entirely cool... New Verbatim CD-R Blanks look like old vinyl 45's.

  • http://www.w2knews.com/rd/rd.cfm?id=021111FA-New_CDs
  • Yup. It was inevitable. Here is your new corporate multi-media fridge:

  • http://www.w2knews.com/rd/rd.cfm?id=021111FA-Refrigerator
      PRODUCT OF THE WEEK

    MCSE: Windows 2000 Directory Services Admin Study Guide

    MCSE: Windows 2000 Directory Services Administration Study Guide is as sizable as its title would indicate, providing its readers with ammunition for use in both real life and on the Active Directory exam (70-217). As is typical of technologies for which certification tests exist, the actual skills you need to set up and work with Active Directory are related to (but not the same as) the knowledge you need to pass the Microsoft certification exam on the subject. The authoring team on this book has done a good job of covering all the subjects covered in the Microsoft outline of the Active Directory test's objectives. They've also backed their written work with a good-quality assessment test (with answers) on CD-ROM, suitable for use when you don't want to tote schlepp the book around.

    http://www.w2knews.com/rd/rd.cfm?id=021111PW-MCSE