- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Dec 9, 2002 (Vol. 7, #74 - Issue #405)
Exclusive Interview With A Hacker
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • Next Week Is Last 2002 Issue / Crystal Ball 2003
  2. TECH BRIEFING
    • Exclusive Interview With A Hacker: "Captain Zap"
  3. NT/2000 RELATED NEWS
    • Build 3718 Declared WinNet Release Candidate 2
    • MS Tinkers With CAL Options - use TS? Act FAST!
    • WinNet 2003 Comes With GPM Goodie
  4. NT/2000 THIRD PARTY NEWS
    • The Causes Of Downtime
    • Got The Batch File Blues?
    • What Really ARE Your Hot Files?
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • Heads-Up on Stu's Upcoming Windows XP Book:
      "A Resource Kit without the Microsoft party line"
  SPONSOR: Altiris
I don't like you, your cubicle, your mouse or your stupid screen-
saver and now with Altiris Client Mgmt Suite, I don't have to
touch any of it!
Client Mgmt Suite is an easy-to-use systems
management solution that helps reduce TCO for desktops, notebooks
and handheld devices. With Client Mgmt Suite you can deploy, manage,
and troubleshoot systems from virtually anywhere. Download your
free 30-day evaluation copy today.
Visit Altiris for more information.
  EDITORS CORNER

Next Week Is Last 2002 Issue / Crystal Ball 2003

Hi All,

The December 16 (next) issue is the last one this year! So during the Christmas period do not do something that would force us to drag our sorry behinds back in the office and write about it. [grin]

I will come out with a Crystal Ball Issue first week of Jan 2003. If you have any predictions for the next year, I'd be happy to receive them. My Ball has a blue haze, and complains in a white font about some .sys file. I think it needs a reboot.

The exclusive W2Knews Interview with Captain Zap is so long that we have the first few questions in the Tech Briefing but the rest you can read on the W2Knews website.

Quotes Of The Day:

  • Perception, not possession is 9 tenths of the law. --Unknown
  • Everyone is into computers! Who is in yours????? --Capt. Zap

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Double-Take
Did you know that a lot of System Admins (apart from high avail-
ability and disaster recovery), use Double-Take for things like:

- enhance their backup windows - centralized backups - data
distribution - web content replication - data migration - server
consolidation and change management? This tool has a lot more uses
than you might think. Check out all these extremely useful Double-
Take features and White Papers. There is a December Special too:
Visit Double-Take for more information.
  TECH BRIEFING

Exclusive Interview With A Hacker: "Captain Zap"

Who is Captain Zap? The year was 1981. The Reagan administration was in its infancy. "Elvira" was setting the Billboard charts on fire. And a young hacker was about to become the first person ever arrested for a computer crime.

Eighteen months earlier, Ian Murphy (a.k.a. "Captain Zap") along with three cohorts, hacked into AT&T's computers and changed their internal clocks. People suddenly received late-night discounts in the afternoon, while others who waited until midnight to use the phone were greeted with hefty bills. For his part in the crime, Murphy was greeted with 1,000 hours of community service and 2 1/2 years probation (considerably less than what fellow hackers would receive today). He also became the inspiration for the movie Sneakers.

Today Murphy, like other hackers, runs his own security company - IAM Secure Data Systems, Inc. For $5,000 a day plus expenses. Murphy has dressed up as a phone-company employee and cracked a bank's security system, aided a murder investigation, and conducted studies in airline terrorism. But Murphy's great love is still hacking into company security systems - with their permission - and helping them guard against potential break-ins.

Here is the W2Knews Exclusive interview. Questions 1 and 2 are in this issue, the other questions are on the W2Knews website.

W2K: 1) What prompted you in the first place to start hacking systems?

CapZap: Hacking systems, is a very broad term to underscore the thoughts that have been part of my total life. From a very young age, I was always a curious person. This love of technology stems from a very early childhood where my parents made sure that my education was of the highest caliber available in the area where I grew up. At a very young age, toys that I was given were taken apart to see what made them work. I also had an incredible curiosity when any of the service personnel would come to the house to attend to any of the problems from the televisions, to the garbage disposals, intercom system, telephone systems, and any other of the systems that are in the house.

I guess I would imagine that my first exposure to hacking a system would have begun with my early fascination with the telephone network. At that time in the early '60s, and mid-60s, there was one telephone company in the country, and the telephone company kept its technology secret from the general public in general. I would say that my first hacking thoughts were with the telephone system and the fact that I was intercepting telephone calls of the local neighborhood girls to find out what they were talking about. Making crude telephone sets to be able to go up to a pole and the ability to listen on telephone calls or to make telephone calls anywhere in the world.

Reading was a great source of pleasure and it was a lot of science books and the like to understand things that work in the world. In fact, long before we had the problems of Bio-Chemical warfare and so-called terrorist attack scenarios, I was fascinated with these systems and the manufacture of such devices and formulas. I remember the first book that I ever read on the subject and it was a book put out in the early 1970s called Chemical and Bio Warfare by Seymour Hersch of the New York Times. I also was fascinated with nuclear weapons and explosives. It opened up my eyes to what can happen at a very early age.

But I have always been a hacker if you want to put it that way. I prefer to call it unorthodox or guerilla research protocols that test the limits of society, technological advances, overall impact upon our world and the never ending thirst for finding out just what the hell is out there. I really think that the lack of our citizens to question technology, let alone understand how anything works keeps most people in a provincial view of technology and stifles their mind in general. Today, we have a huge society that does not understand the working of a simple light switch that is in their homes, and have to call an electrician to change it. And then complains that it cost $150 bucks for such a thing. Grow up and learn to hack your environment to understand what you are living in. Question everything that comes before you and don't take it for granted that it will be alright.

W2K: 2) How was IT security in those early days?

CapZap: IT Security was non-existent. It was a joke if it was anything. Password control, access control, information control did not exist in any real world environment. Only the military had the real computers out there and that made it so much more fun. In fact for all of you who need a history lesson, the Internet was not something that just came along. This was a network that was built for war, nuclear war and a way for the military to converse after the big one to see if they needed to do something else to the other side. Now one of the problems of IT security was that no one ever had to really think about all of this before. No technologies really were in the environment and no one really thought that such things could occur. Computers were large machines that people only saw on PBS or in science fiction movies that were walls of blinking lights, and reels of tape spinning around. No one really thought of access except in research facilities or the like.

Access at first was a physical being, you had to get to the systems, and telecommunications was a joke. 300 baud was considered to be fast. It was the days of teletype and DEC printer terminals, card readers and it was difficult in general to just get online. The security issue had yet to raise its head in general. Telephone switches and systems were fair game for testing and exploration. It was very easy and guessing the password, like guest was simple and easy. No one ever changed the passwords because no one thought that anyone had access to the systems except the systems' owners.

And then came the vast wake up call: war-dialers and password hackers, simple programs that ran on the likes of Apple IIE or a Franklin Ace 1200. These machines were nothing more than souped-up calculators. And still we have the stupidity of the masses being led by their noses by the likes of Microsoft and the other of the cadre of monopolistic behavior. Such players include the likes of Symantec, and Oracle, the loss of the Novell's of the world and the fact that such entities are controlling the lack of and the complete control of the security that is now considered to be the real powerhouses of the cyber-world. And it is these guys that control so much and make sure that no one else will be able to make a buck or produce another method of security that really works, is a great shame of today's computer environment. In essence, Microsoft needs to wake up and really release the source code of the systems that control 80-90% of the world's desktops. The real lack of security today is the simple fact that no one is allowed to look at the recipe of the broth. And without that recipe, it is going to continue to get worse.

But the reality is that the likes of Microsoft and Oracle, the others who control the technologies that are now so fully entrenched in our so-called information society are still causing the failure of the security of millions due to their greed and inability to allow others to see the magic behind the scenes. But of course, when there was a security problem before, it was never able to traverse the globe in a matter of hours and we did not have the arrogance of the corporations, the malevolence of the few cyber-punks who unleash various viruses and other crap upon the masses due to the fact that so many are controlled by Redmond.

W2K: 3) From your perspective, what has changed in the security posture of today's companies?

CapZap: Security was pleaded for by a number of us from the early 80's right up to today. We held back because nothing was happening to the mainstream systems and not many systems were even connected on a full time basis. Only the military had systems connected on a full time basis, and that network, the Arpanet was the playground. Today, a NIC is standard in most computers, broadband is standard in the general population!

But we still see the various rejections of security from the masses because they don't understand the need. Companies still don't see the cost benefit and only respond once they have had an incident. The ideas of security are still back-burner to many system's owners little and big alike. Costs of over expensive software that comes with major flaws in the security arena offers no confidence to any consumer out there and the sheer fact that the systems are so vulnerable to attack from any point on the planet is a special cause for the need of security to be addressed completely. Computer viruses are rampant and most people today still have no idea that they have to update their anti-virus software. And still we have the masses scurrying to buy the latest flawed masterpiece from whomever and then have to download updates and patches to make it work. And if the patches do sometimes work, then you are lucky.

In addition, we have the problem that the systems are so many, software so buggy and so many problems are so wide spread, that even if a vast number of patches are downloaded, still we have the others who are not "fixed" and the problem comes back in spades. We have a major problem with so many systems and owners who are educated in so many stages of computer usage. From the simple home user with the scourge of AOL hell to the sophisticated user who are super techies and build their own machines from weekend computer shows, we have such a vast cornucopia of potential problems that it boggles the mind.

Security today is now reported as a brief news story on your local news with stories of the Love bug, Melissa, and other such crap happening. As of the last few days, "Bugbear" has come around and made the local news as a warning. But still we have a vast sea of morons who have no concept of such things. The Klez virus continues to plague any number of us each and every day and then we have the continued problem of Spam. Spam has become a major problem and it has reached a point where even I can not take control of the volume of the crap that comes to my mailboxes each and every day.

Between the constant offers to grow my breast, my penis and gamble, it looks like I would have a pretty good weekend according to the mail that arrives each and every day. My personal mailbox has made it to 150 spams a day. In these spams that go to a website or renegade IP address, there is the vast potential to inflict major damage to your machine and you not even know it. Trojans and other silicon biologics are hidden in such emails and are commonplace these days and still we have those of you who don't see the need to be vigilant in the cyber-arenas. Stupidity because of cost is one of the problems that we all face.

Anti-pirate technologies are worthless and only proceed to piss off the users. AOL was found in the mid to late 1990's to have installed software on computers that played music cds without the user's permission. And the cost and the backlash was too much to bear. But still this same trick was tried again in the last 12 months and again, it backfired again. And now we have the ability of the media giants to silence the web from music anywhere on the planet because they think that is cost them too much in lost revenue. But in fact with all of the security apparatus being bandied about as a cure-all of piracy and software protection, the day it is released, there is a way to defeat it all. Microsoft will continue to piss off the users who have multiple computers and force them to allow Microsoft to know their machines from the inside out. WHY?

The problems of security are vast, ever changing and will continue to be a major pain in the ass to all of us now and in the future. And in all of this fray we have the problems of the users who are just plain stupid to begin with. No firewalls, you get hacked, no anti-virus, you get sick and die, no control of your connections, you may get a knock at the door from some very nasty guys in bad suits and worse sunglasses with big guns. Security is as simple as keeping your connection secure and understanding that you can get hijacked anytime. You lock your car, why not lock your computer.

Let's look at one thought for all of you to ponder. Now how many of you work for a living? And for all of you that do work, you have had to apply to some very basic and some complex employers. How many of those employers have run your background and then not hired you because you have a blemish on your credit record. Now why is any employer running your credit in the first place? Am I being hired because I pay my bills on time or because I can do the job required on the position? And of those employers that run your background, what happens to that information? Do you have a right to see that information that they gathered and do they destroy it properly? Do you destroy your information that comes in the mail?

Now your security issues are yours alone. You are responsible for your security posture and your total exposure to the rest of the world. Leave your door unlocked on your car and it might get stolen, same with your house, might get robbed, you are taking chances each and every day with your informational security status.

W2K: 4) How easy is it for you (in today's environment) to still penetrate a medium size business?

CapZap: It has gotten a little bit tougher to get into systems, but it is there and you have so many tools out on the net and so many flaws that is becomes childs play. Scripts are rampant all over the net and systems' owners do not take advantage of the security tools available for free. In fact it comes with a fun factor to really think about, it comes with an automated view. So much that you can now just go to dinner and get back and find the breaches in systems just waiting for you to play with.

Systems' owners have not created positions for security protection policies because they themselves do not understand these needed policies. And then we have the lack of understanding from the users who will let you know anything that you need to know if you just call them and ask. An authoritarian voice with the right combination of buzz words and a bit of humor will get you past anyone on the phone.

There are no real password policies in any of the small or mid-range systems out there in force. It is a very interesting mix of security and lack of knowledge. Security still costs money these days and most companies are going to cut back where there is no profit to be seen up front and in your face. And we all know that security is an expensive proposition and it is required.

But the fact is that senior management or even your boss will not see the value of security unless it takes effect and even then you never know if it ever really worked these days. Even with all of the security postures fully in force, the advantage of the cyber world is that the systems can be attacked by hackers; pros looking to use the systems, your employees who store porn or their baseball card collection or the latest recipes from Emrril's cooking shows on the systems, or whoever else wants to use your systems. You have to have a due diligence factor fully in place and in constant force for any form of security to be effective. It is open season on your systems out there and it is a global assault force from anywhere on the planet that you have to face every minute of every day.

Can you even start to figure out where the force that attacks you is coming from? Do you have the ability to stop me from anywhere on the planet? Can you figure out that I have figured out that your systems are so weak minded that it is just too easy to overrun you and seize control of your very digital life? And the very worst point is that you go ahead and promote your systems and people in the news and then you give me a chance to understand more than you can ever understand. When the systems are under attack, as it is now common place, it is done under a way that most system's owners will never know. And this gives us or me a better chance to go after you.

Now one of the problems that is growing each and every day is the simple fact that any form of so-called law enforcement is sadly lacking and grossly understaffed when it comes to computer related incidents. Law enforcement is so far behind in technology and ability, that well, it smacks of stupidity. After all, who would sign up for a job where you can be radio dispatched to complete and total morons who can shoot and kill you all for 35K a year if they are lucky. People with brains do not become cops and not for such low levels of pay to boot. In addition, too many incidents overwhelm the law enforcement so-called professionals.

Then there is the fact that because it is a crime of economics and due to the very nature that information security incidents can become subjective in value and injury in the total scheme of things, the law enforcement attitude seems to be at the 50K dollar figure before they will even lift a finger. Think of it this way, you report your car stolen, maybe you get a visit from the cops, more than likely, you get an incident report number and a curt phone call from these clowns saying that they may or may not find it. Security for the most part is a multi-edge sword for the companies and for the interloper. Most law enforcement persons have no real understanding of computers in general, as do the owners themselves. Remember that you are going to the local 14 year old who understands the complexities of the systems better than you do. And that is the same problem that law enforcement has, they will not invest the time, money or effort and don't have the time money or effort available to investigate every computer related incident.

First when you go attack a system, you have the advantage to take control and use all sorts of devious methods that range from Tech support & social engineering to direct physical attack to just outright banging on the IP door and breaking into the network. It is most enjoyable to see such things happen and to then gain access through the easiest means possible. But in the real world, it is far easier than the security materials providers care to really think about. Boxes put in place to so-call secure the network still have gaping holes that allow any interloper to gain access, but makes it easy to gain entry for a skilled professional. In today's security environment, the advantages of a skilled professional, be it for the betterment of the companies' information security or for the invasion of a companies database, has become so much childs play these days due to the multitude of scripts, known flaws and the loss of true dedication to the cause.

W2K: 5) How do you make your money these days?

CapZap: A very interesting question indeed! Retired in some respects, active and hearty and hale in other respects and well just keeping my fingers in so many pies. I still do investigations and consulting for a number of international clients. It is now so much easier to do the consulting with tele-consulting and information transfer with high speed networks so readily available these days. In addition, I have just completed a British video series for the Discovery Channel on Information Security, completing a number of interview requests like this one and writing my 4th book on security issues and the ever-changing aspects of the internet, completing a paper for publication in the near future titled "A Madman's view of Terrorism!" on a major International Terrorism and Information Warfare Website and in addition for a major print publication, operating part time, an HVAC firm in Florida, what a lucrative market that is; and being in early retirement in sunny Florida out fishing on the D.J.6 on the Gulf Coast for most respects, most days. Times have changed so much and the advent of cell phones and day trading and stocks is now my daily play job too. And computers have even made that job automated for the most part. It is a very interesting lucrative and exciting mix to say the very least.

W2K 6) What is the ONE thing you would advise W2Knews subscribers to help them protect against hacker penetration?

CapZap: Due to companies' antiquated views of security and such programs being static in nature and budget, it behooves any firm to examine the needs of security on a dynamic basis every quarter and more. Users and systems are a dynamic environment and ever-changing in profiles and data streams. Systems attacks are S.O.P. today and well you have to have a brain to stay on top of things. I would really suggest that a hacker viewpoint be established to attack the systems everyday with all of the tools that are available to all from the net. Why not have an office of systems in security research with a dedicated person who does nothing but surf the web each and every day, looking for ways to break any and all systems of the companies' environment. This includes any systems or support structure that has any form of intelligence and connections to the real world. The HVAC, the water systems, internal electrical grid, back-up systems, telecommunications, physical electronic and logical plant, waste management and document destruction; and anything else that can be used as a possible information, weapon or intelligence gathering resource. If you don't have a clue by now as to what you are up against, and that is the entire world, then you need to go sit in your box and close the lid and die.

And with that I bid you a fond farewell, for the fish are calling and I don?t want to miss the tide. It's off to the Gulf of Mexico and another day of laptop / cell phone, stocks and fishing fun.

Sincerely,

Ian A. (Capt. Zap) Murphy, President & CEIO
IAM / Secure Data Systems, Inc
"Everyone is into computers! Who is in yours???????"?

  NT/2000 RELATED NEWS

Build 3718 Declared WinNet Release Candidate 2

Hi, this is just a short note that WinNet is getting close to ready. The next milestone was just reached. Build 3718 was declared RC2. Beta testers (official ones) can get their hands on it over here at the Customer Preview Program. Also, see the story below about GPM.
http://www.w2knews.com/rd/rd.cfm?id=021209RN-GPM

MS Tinkers With CAL Options - use TS? Act FAST!

Redmond also previewed new options for Client Access Licenses that should give you a little more power to match CALs to your needs. But if you use Terminal Services, you need to take some fast action. Quickly check out the licensing change involving Terminal Services and find out if you might be able to quickly upgrade to WinXP before WinNET 2003 gets released. This could save your budget. Read more:
http://www.w2knews.com/rd/rd.cfm?id=021209RN-CAL_Options

WinNet 2003 Comes With GPM Goodie

Together with RC2, MS gave a first peek at a new tool for the headache of Group Policy management. If you sign up for the Corporate Preview Program to get RC2, you also get a Beta 2 version of the "Group Policy Management Console". So, what is Group Policy?

It was first introduced in W2K to give you a policy-based way to set security management, user management, data management, software access and configurations. Group Policy is powerful, but in complex environments it is difficult to predict how rules propagate and affect an individual user or object.

Several third-party tools, such as FAZAM 2000, exist to provide you insight in the impact of Group Policies on a target and allow you to create "what-if" simulations of the effects of certain Group Policy settings. MS new Group Policy Management Console will provide some of those same functions. It combines new capabilities for Group Policy management with Group Policy-related elements of several existing tools. It consists of an MS Management Console snap-in and scriptable interfaces for managing group policy. "GPMC significantly eases the management of Group Policy operations and will be available to Windows .NET Server 2003 customers as a free download," a Microsoft spokeswoman said.

GPMC will be available as a separate, free component when WinNet 2003 is launched. While it will only run on that server platform, or WinXP Pro SP1, you will be able to use CPMC to manage both W2K and WinNet Server 2003 domains. In a coming issue we will have a more in-depth look at this free tool, compare it to the commercial utilities, and report if it is an issue of "You get what you pay for".

  THIRD PARTY NEWS

The Causes Of Downtime

The Standish Group has done exhaustive research about the actual causes of downtime. The results are in one of these large reports that one can buy, but there are some snippets of info that show very clearly what to really watch out for. Here are the numbers:
 
  • Application Bug or Error
  • 37%
     
  • Main System Hardware Failure
  • 12%
     
  • Database Error
  • 10%
     
  • Network Error
  • 8%
     
  • Main Server System Bug
  • 8%
     
  • Data Error
  • 8%
     
  • Other Server System Bug
  • 4%
     
  • Other Server Hardware Failure
  • 4%
     
  • Environmental Conditions
  • 3%
     
  • Planned Downtime
  • 3%
     
  • Other
  • 3%
    As you can see, apps failures are the main problem, but the other causes make well over 60% of the downtime causes. Interesting to see this, don't you think? It makes it a bit more real that you need redundancy built in, for both hard- and software failures. One of the most popular ways to do this is simply put a second server right next to (or a continent away) your main mission critical server and first mirror and then replicate all the changes to that second server. First server goes down (or the main app) and the second server takes over right away. The product that gets used for this more than all the other combined is called Double-Take and you can get an eval here:
    http://www.w2knews.com/rd/rd.cfm?id=021209TP-Double-Take

    Got The Batch File Blues?

    If you're responsible for administering your company's Windows network, check out software products from ScriptLogic Corporation. ScriptLogic drastically reduces the amount of time and money it takes to maintain the network. ScriptLogic combines the functionality found in logon scripting, group policies, and user profile management into a single management tool. Users can log in from any PC, running any Windows 32-bit OS, over any LAN, dial-up or VPN connection and instantly have access to their unique desktop configuration. ScriptLogic eliminates redundant administration so your staff can concentrate on more strategic activities and reduce the total cost of ownership. A free trial version of ScriptLogic is available at:
    http://www.w2knews.com/rd/rd.cfm?id=021209TP-ScriptLogic

    What Really ARE Your Hot Files?

    Especially in these economic times, a lot of folks are trying to get the most out of what they've already got. In looking at how to make their systems (and the people who use them) more productive, two basic principles quickly come to mind:

    1. To get the most out of what you have, you need to know exactly what you have and how you are using it.
    2. Performance is usually perceivable (and bad performance can seem like unavailability).
    Performance is a key consideration in addition to availability/reliability when analyzing the productivity of your systems. When looking at performance, the usual suspects are often approached: faster (and more) processors, more memory, and interfaces (both more and faster).

    What about storage I/O? After all, many if not most applications require access to stored data (for either input and/or output). So storage I/O can be and often is a significant factor in overall performance.

    Now a millisecond for a disk access time seems pretty quick (and it is, since disk I/O operations generally take several milliseconds at best). But a millisecond is a million times slower (that's one followed by six zeroes) than the nanosecond speeds used by the processor to transfer data internally. It's about the same difference as one minute compared to approximately two YEARS!

    So disk I/O operations can be time-consuming (quite literally). And the topic of storage I/O itself is time-consuming, complex and difficult - especially with all of the talk about SAN, NAS, SAN/NAS hybrids, iSCSI, serial SCSI, serial ATA, InfiniBand, virtualization here, there and everywhere, etc.).

    Where does this leave us? Performance is an important part of assessing, ensuring and maintaining productivity, and the storage I/O associated with application (and operating system) usage is an important but often complicated performance consideration.

    Most probably, you can identify what your key applications are, but can you also specifically identify your "hot" files and their associated performance (especially in relation to your key applications)? You might know, for example, the average response time for a particular disk, but do you know the actual amount of I/O (both read and write I/O operation counts), the average and maximum response times, and the throughput for each specific file active upon that same disk?

    Since usually some files are more important than others, do you know how fast your key files are? Amidst all of the file I/O activity associated with an individual disk (or a group of disks), are you able to focus in upon only those particular files of interest? Can you identify (both easily and quickly) which specific files are experiencing (or have experienced) high average response times? Are you able to monitor your file I/O activity (or a subset thereof) to capture particular performance thresholds (like maximum response time) on a specific file basis?

    Some files might be the I/O performance bottleneck for a particular application. Do you know which specific files are experiencing perhaps poor disk I/O performance? Are you moving the location of files around as part of a server and/or storage consolidation effort, and are you trying to precisely determine the resulting impact upon performance (especially in regards to the particular files that you are relocating)? And the same applies for computer system upgrades (processor, memory, interface, storage, software, etc.).

    The Sunbelt hIOmon File I/O Performance Monitor can easily, quickly and precisely help answer all of the questions above (plus many more). The Sunbelt hIOmon lets you both measure and monitor disk I/O operations at the file level so that you can display (in real-time or in 'replay' mode) either detailed and/or summarized file I/O operation performance metrics. You can even use the Windows Performance Monitor or System Monitor to display the real-time summarized file I/O operation performance metrics collected by the Sunbelt hIOmon.

    IMPORTANT NOTE: The latest updated version of Sunbelt hIOmon now includes a "command line interface (CLI)" that you can use from within the DOS Command Prompt window to control the operation of the Sunbelt hIOmon and to also display, in a simple and efficient fashion, a set of real-time summarized file I/O operation performance data collected by the Sunbelt hIOmon. Get the eval here:
    http://www.w2knews.com/rd/rd.cfm?id=021209TP-Sunbelt_hIOmon

      FAVE LINKS

    This Week's Links We Like. Tips, Hints And Fun Stuff

  • No kidding, 1K stored on an atom:

  • http://www.w2knews.com/rd/rd.cfm?id=021209FA-Atom
  • The silly one of this week. Turn on the sound and poke the doughboy:

  • http://www.w2knews.com/rd/rd.cfm?id=021209FA-Doughboy
  • A new tool: KerbCrack is a combined Windows 2000/XP Kerberos login sniffer and cracker. Shows you how safe this really is. NOT.

  • http://www.w2knews.com/rd/rd.cfm?id=021209FA-KerbCrack
  • This thing works far too well, I love it. What it is, is an applet that lets you right click on any popup, and select "nuke it", and it adds an entry to your hosts file that routes the site to 127.0.0.1, which I have been doing for a while manually, but this does it automagically:

  • http://www.w2knews.com/rd/rd.cfm?id=021209FA-WebNuke
      PRODUCT OF THE WEEK

    Heads-Up on Stu's Upcoming Windows XP Book:
    "A Resource Kit without the Microsoft party line"

    Just when you think you've got a handle on Win XP, something else comes up and surprises you. We all could benefit from learning more about Windows XP, power user and network administrator alike. Reading the W2Knews is a great start, but how about a very comprehensive resource on Windows XP? Look no farther than the Windows XP Power Toolkit. This book continues in the great tradition of Windows Power Toolkits, earlier books in this series were Windows NT Power Toolkit and Windows 2000 Power Toolkit. It was produced by yours truly and will arrive on the scene Feb. 25-th, 2003. So do not buy any other WinXP books for Christmas, because this new member of the Power Toolkit Family contains a free full copy (not a 30-day demo) of the new performance Booster AutoPilot for XP! Stay tuned for more news on this hot new WinXP book.