- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Nov 18, 2002 (Vol. 7, #71 - Issue #402)
NT 4.0 Mainstream Support Dies In 6 Weeks
  This issue of W2Knews™ contains:
    • New SunPoll: NT 4.0 Mainstream Support Dies In 6 Weeks
    • Securing Microsoft Web Servers
    • It's Official: No Office 11 On Win9x
    • Opalis 4.05 Is Ready!
    • iHateSpam Integrates Habeas / Gets NetWorkWorld "Category Breaker Award"
    • Altiris Software License Mgmt Suite
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • ACE the IT Resume & ACE the IT Job Interview
Is your e-mail traffic growing? What routes are messages taking?
Do you experience delays in e-mail delivery? Get answers now with
NetIQ's free guide, "The Top Reports Every Exchange Administrator
Lives For." This free guide explores ten critical indicators that
leading Exchange Administrators are monitoring and explains how
to put this valuable data to work.
Visit NetIQ for more information.

New SunPoll: NT 4.0 Mainstream Support Dies In 6 Weeks

Lots of us are in the process of getting rid of NT 4.0, now that your mainstream support for 4.0 will end on Dec. 31, 2002. That is 6 weeks from now!

And the extended support for 4.0 will only be one year instead of two and lasts until Dec. 31, 2003. This is consistent with the dates MS gave in 2001, and complies with the seven years of combined mainstream and extended support MS promises in its new plan. Now, keep in mind that hotfixes are another story all together. It is now clear that NT 4.0 will have free security hotfixes until the end of 2003. No more hotfixes for a platform will be an immediate invitation for hackers to start attacking that platform ferociously. So, you have to plan with this! The question is: "move over to W2K before Dec. 2003 or start paying for hotfixes". This is of course also true for your Domain Controllers. So here is the next SunPoll:

If you are currently using NT Server as your PDC, do you intend to:

  • Upgrade to 2000 Server?
  • Wait for .NET Server?
  • Wait indefinitely (till it breaks)
Vote here, leftmost column:

And here are another couple Quotes of the Day that I liked. I was inspired by Wired Magazine that has an issue about technology and religion this time. Wired Magazine is still awesome and one of my all time favorite monthly "techie-nerd" mags.

"Science without religion is lame. Religion without science is blind." -- Albert Einstein in "The New Convergence"

"Two rules for happy living: 1) Be able to experience anything. 2) Cause only those things which others can experience easily" -- L. Ron Hubbard

"The secret of a good sermon is to have a good beginning and a good ending, then having the two as close together as possible." -- George Burns.

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Opalis
"Automate IT-based business processes"
OpalisRobot automates a broad range of tasks including system
monitoring, routine maintenance chores and production jobs.
It detects and corrects system errors to ensure reports, batch
jobs, scripts and IT-based business processes run uninterrupted.
Download FREE white papers & fully functionally demo software:
Visit Opalis for more information.

Securing Microsoft Web Servers

We have a guest column this week. It was written by one of the Techies of eEye, a leading edge security tool developer.

URLScan versus SecureIIS? Web Server Protection ? You Get What You Pay For

Every administrator realizes the importance of preventing unwanted network access points. Having firewalls and intrusion detection systems serves a purpose in preventing certain network exposure points; however these technologies do little to guard against HTTP/Port 80 based attacks. Port 80 is the open door that needs to allow traffic ? but needs to intelligently dissect requests or risk being attacked.

Inherently, Microsoft's Internet Information Services (IIS) is a feature-rich product, but does not have adequate security to prevent intrusion. Administrators need to take the appropriate action to guard against potential attacks on their Microsoft web servers by adding the critical layer of security required to take advantage of IIS' features without jeopardizing security. What we all learned from the Code Red and Nimda experiences is that patch management, while still absolutely necessary, is certainly not enough to keep intruders from gaining access to IIS-based web servers.

To augment patch management, IIS-specific intrusion prevention tools and products emerged last year to address this issue. Specifically, URLScan and IIS Lockdown from Microsoft; and SecureIIS? Web Server Protection from eEye Digital Security. The choice between these utilities comes down to cost of ownership, ease of use, level of protection and feature richness.

URLScan / IIS Lockdown ? The Free Utilities

Microsoft's URLScan and IIS Lockdown are two utilities that are meant to work in conjunction. The combination of the two gives IIS-based web server administrators the ability to turn off unutilized features and restrict certain HTTP requests that the server would process otherwise. By blocking specific HTTP requests, the URLScan security tool prevents some potentially harmful requests from reaching the server and causing damage.

Unfortunately, there are several issues associated with these basic utilities. By using URLScan and IIS Lockdown, the advanced functionality of IIS and other web applications (like FrontPage) are significantly impacted and in some cases, rendered completely useless. For example, features such as using "file includes" in ASP programming or even the use of ASP pages have been removed via IIS Lockdown. Administrators are also susceptible to losing database functionality while "tweaking" the undocumented settings of URLScan just to accommodate simple functions. Given the limited features of these utilities, administrators are expected to be somewhat IIS-savvy and willing to experiment with various configurations until the server and its various web applications are stable.

In addition, with these utilities supporting only one policy per physical server, URLScan and IIS Lockdown were offered by MS primarily to cater to administrators with a limited number of non-critical servers to manage.

SecureIIS? Web Server Protection - The Proven Enterprise Solution

SecureIIS? Web Server Protection is another alternative for IIS administrators to protect their Windows-based servers from intrusion. SecureIIS was developed by eEye Digital Security, the undisputed experts at uncovering IIS vulnerabilities and understanding precisely why IIS is susceptible to attack. See eEye's IIS-related advisories at:

Developed by eEye as the first-ever IIS application firewall, SecureIIS operates within IIS to actively inspect all incoming requests at each stage of data processing. In this way, SecureIIS prevents potentially damaging network traffic ? whether encrypted or unencrypted ? from penetrating your servers. SecureIIS works within the Microsoft web server without altering its core functionality and by ensuring that all requests are RFC compliant. SecureIIS installs as an ISAPI filter into IIS and immediately protects from the entire classes of attack that typically compromise IIS Web servers; including: buffer overflows, parser evasion attacks, directory traversals, and a variety of known and undiscovered exploits.

eEye's response to the release of URLScan and IIS Lockdown (a few months after the release of SecureIIS) was to evolve the product into an enterprise-centric solution with remote central admin, third-party application support and multiple web site per server policies.

Fully supported by eEye Digital Security, SecureIIS is ready to protect right out of the box. Altering configurations of SecureIIS is simple and handled via a point and click interface ? a key feature missing from Microsoft's unsupported tools. Large enterprises will appreciate that SecureIIS is built to support a different policy for every website hosted on a single physical web server, and managing each website can be done from the same interface. SecureIIS provides the ability to centrally manage security policies for many disparate servers.

Though it is tempting to use Microsoft's free tools, administrators serious about implementing web server security without headaches will realize significantly better ROI by choosing SecureIIS over URLScan/IIS Lockdown.

A free trial of SecureIIS? Web Server Protection is available at:


It's Official: No Office 11 On Win9x

The Windows .Net Update e-zine just came out with this item I thought you'd like. By the way, if you do not get their newsletters, you should subscribe. W2Knews and the Win.Net e-zines are the two leaders in this field:

"A controversial decision to stop supporting Windows NT 4.0, Windows Me, and Windows 9x in Microsoft Office 11, due next spring, has Microsoft customers in a tizzy. But the company recently confirmed that this decision is final, setting the stage for a new Office version that will run on only Windows XP and Windows 2000. "Our customers told us they wanted security and reliability, and we are giving them that," a Microsoft spokesperson said this week. "We are confident the [Office] products continue to offer compelling value and will continue to do so going forward." For the complete story, visit the following URL:


Opalis 4.05 Is Ready!

You can now download 4.05, but please read the upgrade instructions below on how to upgrade:

4.04 Users, simply run the install over the current version. Note: You must upgrade all Opalis services and client to 4.05 for them to be able to communicate and share the same interface.

Upgrading from 4.00, 4.01, 4.02 or 4.03 to 4.05: To upgrade, uninstall previous versions and do a fresh install of 4.05.

Important - To ensure your jobs and license information is maintained, save configurations when prompted with the "Do you want to to keep the configuration files?" message during the uninstall. Then install version 4.05

Problems fixed in the 4.05:

  • Database query task
  • Variables
  • Process call task
  • WMI connections
  • Security context issue in the service start event
  • Memory leak in the client when two or more services are installed
  • Performance issues (resulting in service crashes)
  • Cut and paste of folders
  • Schedule templates
  • Log window
What's new in 4.05:
  • Stop feature from the web client
  • Support of variables in events
  • Option to purge the deleted objects older than a certain period of time
  • The email task now allows the usage of the ; as a separator
  • You can now share resources among computers using drag and drop
  • Double-click an object in the objects window to open the dialog
  • Windows position management
  • Ability to print the workspace
  • Ability to select multiple dynamic data codes
  • Counter can have negative values
  • Folder location specified in the find and replace
  • Object location specified in the alerts
  • Format message option in the exchange email task (Plain text, HTML, Rich text)

iHateSpam Integrates Habeas / Gets NetWorkWorld "Category Breaker Award"

PALO ALTO, Calif. -- Habeas?, the company that fights spam with poetry and the law, and Sunbelt Software, makers of the top-selling junk email filtering software add-on for Microsoft Outlook? and Outlook Express?, announced today that the Habeas Sender Warranted Email? (SWE) service is now shipping in the latest release of iHateSpam.

"We have thousands of users who rely on iHateSpam to keep junk email away from their computers," said Alex Eckelberry, President of Sunbelt Software. "With Habeas now integrated into our software, users can be sure they will always get mail that carries the trusted Habeas mark."

iHateSpam is among many leading commercial junk email filtering solutions in the last two months that have integrated Habeas into their spam-fighting software, including Declude, JunkSpy, Mailshell and SpamAssassin.

And five Network World columnists named the winners of their annual Category-Breaker Award: Here is an extract from their rationale:

"Spam threatens to debase e-mail as a communication medium, just as junk postings slowly rendered many Usenet groups uninhabitable. I like Sunbelt Software's innovative iHateSpam client software because it lets me totally shield my e-mail in-box from spam. At the same time, the product lets me inspect every message that comes my way, just to make sure it didn't block or discard any important e-mail.

"iHateSpam is certainly not the only client-based antispam tool on the market, but it is the only client-based product I've come across that builds "whitelists" by scanning your Microsoft Outlook e-mail address book and your Outlook client-side message folders. iHateSpam also is the only client-side antispam tool that quarantines any incoming mail that doesn't come from a whitelisted sender. Whitelist-based antispam filtering is the only effective way to ensure a continuously spam-free in-box. Another plus is that iHateSpam lets users dynamically adjust the client-side rules to ensure the tool doesn't mistakenly filter out legitimate bulk e-mails - such as e-mailed newsletters - that they regularly receive." Article at:

Get your 30-day iHateSpam eval here:

Altiris Software License Mgmt Suite

How many software licenses do you have and how many are actually being used? Check out the new Software License Mgmt Suite, announced Friday by Altiris. This easy-to-use product captures detailed software inventory of installed applications across the network, including mobile users, and tracks usage data for each Windows application. The suite alerts your staff when application installations exceed the number of purchased licenses, helping you plan for future upgrades.

Software License Mgmt Suite provides a huge cost savings to IT organizations by:

  • Identifying software usage patterns that include least- and most-used applications
  • Assisting with license management to prevent overbuying or underbuying
  • Facilitating license distribution
  • Identifying installed non-standard applications
Software License Mgmt Suite also contains a built-in, Web-based administration and reporting feature, giving you the flexibility to access and manage your software and licensing data from the convenience of your Web browser.

Download a free 30-day, eval copy of Software License Mgmt Suite:


This Week's Links We Like. Tips, Hints And Fun Stuff

  • What would the help file of a Microsoft port scanner look like? Funny:

  • http://www.w2knews.com/rd/rd.cfm?id=021118FA-Port_Scanner
  • 5 major studios have come together and now you can rent movies that are playable on your PC. Great for nights in the office when you are waiting for a backup or a server build to finish! Move over Blockbuster:

  • http://www.w2knews.com/rd/rd.cfm?id=021118FA-MovieLink
  • Dinosaur style LCD's are being replaced with cool new stuff. Interesting article:

  • http://www.w2knews.com/rd/rd.cfm?id=021118FA-New_LCDs
  • Oooooh. A roadster part Harley, part hotrod. I want one for Christmas!!

  • http://www.w2knews.com/rd/rd.cfm?id=021118FA-CorbinMotors
  • Really cool new bluetooth wireless keyboard from MS. No more cables. Yay:

  • http://www.w2knews.com/rd/rd.cfm?id=021118FA-Keyboard
  • Last one. Absolutely amazing site. Milky way to protons in 1 second increments:

  • http://www.w2knews.com/rd/rd.cfm?id=021118FA-MilkyWay

    ACE the IT Resume & ACE the IT Job Interview

    Osborne sent me two books for review: Ace the IT Job Interview, and Ace the IT Resume. Instead of reading this myself, I asked our own HR Director to look these over and this is what she told me about them:

    "I reviewed both books you gave to me on resumes and interviews. The books are both easy to read and very informative, the IT Job Interview book highlights the important points so you can breeze through the entire book in very little time. The interviewing book sited many examples on the types of questions asked in an interview and how to answer them. The IT Resume book also was very specific and walked the reader through specific steps to take on putting a resume together. It even went into detail about the correct technical acronyms.

    Even for someone who thinks they are a pro at interviewing and resume writing these books are good reminders of what to do and not to do. So...do you need these books back? I really would like them for my own library, even though they are for Techies they have some good general information in them."

    In other words, I lost these books to HR! They must be good. [grin]

    ACE the IT Resume:

    ACE the IT Job Interview: