Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jan 13, 2003 (Vol. 8, #2 - Issue #408)
"DotNet" Out The Window!
This issue of W2Knews contains:
- EDITORS CORNER
- Thanks For All Your Feedback!
- TECH BRIEFING
- Intel Based Workstation Survey
- No More NT 4.0 and W95 Support in 2003: What Now?
- NT/2000 RELATED NEWS
- "DotNet" Out The Window! It's Windows Server 2003 (W2K3)
- W2K3 Does Not Support Exchange 2000
- Microsoft Launches U.S. Smartphone Push
- Top 20 Holes Are Exploited Over And Over
- What Is This 'SPOT' Gates Is Talking About?
- NT/2000 THIRD PARTY NEWS
- New: Sysadmin Toolbox Plus ? A Dozen Tools In-One
- PestPatrol ? What's New in Version 4.1
- Integrity Protection Driver (IPD) for NT and W2K
- Microsoft Certified Pro Mag's TechMentor Conference & Expo
- iHateSpam Server Edition
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Hacking Exposed: Linux Security Secrets & Solutions
FREE UNIX Management Guide
Do you want to improve user experience, exceed SLAs, save time and
increase the return on your infrastructure investments? Get the "Top
10 Reports Every IT Manager Lives For" from NetIQ. This free guide
to managing your enterprise application infrastructure explores 10
critical system views and management reports that can help answer
your most pressing UNIX management questions. Register now.
Visit NetIQ for more information.
Thanks For All Your Feedback!
You know, sticking out your neck like I did with the New Year's
wishes in the crystal ball issue is always a bit risky. But the
amount of flames I received was not that much. The vast majority
of you sent me very interesting feedback, data and viewpoints.
Thanks very much for your often thoughtful observations and
perspectives. Let's make 2003 a better year for all of us. And
now back on topic for another 12 months. To start with, MS has
thrown "DotNet" out of the Window! Check the NT/2000 section
But first, the new SunPoll is: "What type of OS Platform do you
use for your day to day System Management work?" Go and vote here
(leftmost column) and see what your colleagues are using to manage
their domains. The results are surprising already:
Quotes Of The Day:
UNDO: the size of the Beta SP4 service pack was of course wrong. We put a comma instead of a period. It's 136Meg.
(email me with feedback: [email protected])
- Great spirits often meet violent opposition with mediocre minds: Albert Einstein
- COFFEE. E X E Missing - Insert Cup and Press Any Key.
Disaster Recovery has become priority #2, right after Security.
This means you have to have a tested plan and reliable tools in
place for the moment your site goes down. Double-Take is that tool.
Sold more than all other High-Availability tools combined. It is
even certified for W2K Datacenter. No other HA tool is. How does
it work? "Server A goes down--Server B takes over transparently".
Get the eval copy here, this is your ultimate job-security:
Visit Double-Take for more information.
Intel Based Workstation Survey
As a W2Knews subscriber, we value your expert opinion on business
and technology-related issues. We are currently conducting a
survey about user satisfaction with Intel based workstations.
You must be responsible for selecting or recommending brand/model
of workstation purchases for company, and have purchased one of
these brands (HP, Compaq, Dell, IBM) within the last 18 months.
We would like to include your opinion if you have Intel based
workstations installed at your location and are involved in the
purchase of/recommending process for workstations.
To show our appreciation for your time participation in the study,
you will be entered into a drawing to win $500. AND, the first 100
people that respond and qualify, will get a $15 Amazon gift cert (Terms and Conditions). The survey takes about 10-15 minutes to complete and is right here:
No More NT 4.0 and W95 Support in 2003: What Now?
Yup, the year has turned and your W95 support has reached end of
life: Just Not There Anymore! And mainstream support for NT 4.0
is now gone too, you have to start paying. Ouch. That's an
estimated 4 million NT servers and 10 mil NT workstations. Both
W95 and NT 4.0 are more than 6 years old by now, that's antique
for IT standards. It's time to dump W95 as soon as you can.
So, what to do now? It's different for workstations and laptops
on the one side, and servers on the other side. Let's start with
the first. You can migrate corporate desktops and laptops from NT
to W2K, and that is a pretty good bet. Solid and still supported
for a while. But you can also go straight to WinXP for those
machines, which by now you should seriously look at. WinXP has
some added features that are nice for laptops, and the lifecycle
is going to be (a lot) longer than W2K.
Your servers is another story. This is a business decision based
on security and cost. Your NT4 support is now going to be an
immediate out-of pocket expense. But there are no more service
packs for NT, so security is really a concern as patches are now
hard to come by, and likely cost money. I suggest you wait and
not take W2K but upgrade to W2K3, to be released in April.
If you run old Pentium Pro servers you will have to shell out
money for new hardware. Better plan that in. Good thing is that
this stuff is getting cheaper by the month. Remember, new MS
server software will simply not run on NT 4.0. The new Exchange
2003 is a good example, so keep that in mind. Here is a link to
the MS site about retiring NT 4.0:
NT/2000 RELATED NEWS
"DotNet" Out The Window! It's Windows Server 2003 (W2K3)
Last Thursday, MS changed the name of its next server OS from
Windows .NET Server 2003 to Windows Server 2003. The final
release is expected in April. We counted, and this is the FIFTH
name (yes) for what is really Windows NT 6.0. They sure had a
heck of a time to position this puppy correctly and brand it for
the "future". And now [tongue firmly in cheek] I'm sure that the
MS marketeers must have peeked at all the results people sent to
the W2Knews naming survey, where a good chunk proposed just "W2K3".
See that SunPoll at:
Anyway, so there you have it, we're going "Detroit" all the way.
For readers outside the US, "Detroit" is the nickname for "Big
Auto": New models every year with built-in obsolescence. And your
W2Knews is going to simply keep its name, the way it looks now
we are good for the next decade! I'm going to use W2K3 as an
acronym from now on.
W2K3 Does Not Support Exchange 2000
Yup, you read that right. You cannot run E2K on W2K3. They say
the service pack to make this possible would be not viable. It's
mainly the underlying security changes that were made in W2K3
that cause this. The current solution is that your current E2K
which now runs on W2K, will use/support the AD infrastructure
in W2K3. And yes, you are right to expect that this very well
may mean a shorter lifecycle for E2K than you may have thought.
Microsoft Launches U.S. Smartphone Push
Last year I told you this was coming, and now it's finally here.
Microsoft and two hardware makers are announcing mobile phones
that run Microsoft's Smartphone software and can be used on
cellular networks in the U.S. More at the MS PressPass site:
Top 20 Holes Are Exploited Over And Over
The FBI and the SANS Institute have just released a list of top
20 vulnerabilities that network administrators MUST fix to protect
their network against malicious attacks from worms and hackers.
Most people don't realize a very small number of vulnerabilities
are used over and over. That's why fixing the Top 20 can pay off.
Get started by going to:
Then, get an eval of Retina and scan your networks:
What Is This 'SPOT' Gates Is Talking About?
Think of the first generation of Simple Personal Object Technology
as being small receive-only devices for 128 Byte packets being
broadcast over a wide area using FM sub-carrier bands. Also think
of a certificate-based security infrastructure where there is a
middle-ware authentication and authorization service provided for
filtering of messages before they are transmitted to the SPOT
device, each with a unique burned-in key. The goal is for the SPOT
device to run on extremely low battery power, similar to the flat
pancake-style ones. They have receive capabilities in your car for
getting traffic update and reroute messages or being stuck on your
refrigerator for displaying the weather or a notification message
from something like My Alerts. This is the kind of stuff sitting
in your WATCH later this year. More about this and other goodies
at the Consumer Electronics Show at:
THIRD PARTY NEWS
New: Sysadmin Toolbox Plus ? A Dozen Tools In-One
Enterprise Admins: Analyze and Fine Tune Your Systems!
SysAdmin Toolbox Plus 2.0 is a cool little software tool box
that can help you analyze and fine tune your MS networks.
It's a breakthrough in cost and efficiency, (only $185 with
immediate on-line delivery) and contains a combination of
functions found in a dozen or more separate and more
expensive software utilities.
Software Shelf CEO, Bill Feeley, says, "This newest tool combines
the power of many programs in one product. The system admin can
handle key functions on any machine on his network without
incurring the substantial costs in buying multiple software
products to do the same job. SysAdmin Toolbox Plus puts power
at the admin's finger tips. It can help analyze and fine tune
files, memory, processes, services, accounts, printing, error
translating, IP addresses, system snapshots, auditing, CPU details,
system data, and on and on. It is a powerhouse product and a major
budget saver. It can save the admin enormous amounts of time
and reduce end user downtime."
SysAdmin Toolbox Plus is licensed per administrator. A single
license is $185.00 and volume discounts are available. A free
fully functional trial version can be downloaded here (and
you can buy it online at the same location):
PestPatrol ? What's New in Version 4.1
PestPatrol is a powerful security and personal privacy tool that
detects and eliminates destructive pests like trojans, spyware,
adware and hacker tools. It complements your anti-virus and firewall
software, extending your protection against non-viral malicious
software that can evade your existing security and invade your
- CookiePatrol?: Memory-resident Spyware Cookie Detection: detects spyware cookies the moment they land on your computer, and quickly blasts them away.
No need to block all cookies just to block some, the way your
browser would have it. And no need to block blindly, limiting
your ability to access certain sites, the way some personal
firewalls would have it. CookiePatrol allows the cookie to be
created, satisfying the web site that gave it to you. Then it
destroys the spyware cookie, satisfying your need for privacy.
All the benefits of cookies... with none of the risks.
- KeyPatrol?: Generic Keylogger Detection: detects both known and unknown keyloggers, using both behavioral and pattern-matching algorithms. Even if a new keylogger gets to your computer before it gets to our lab, you are protected. KeyPatrol's behavior-detecting algorithms are able to detect a
keylogger simply because it has hooked the keyboard, and is watching your typing. Pattern-matching algorithms compare every running file with a database of pests to determine if the running program is a known keylogger.
- Improved scan engine enables faster scans, improves dynamic
update abilities, and substantially decreases memory usage.
- New heuristic cookie detection techniques detect new, "unknown"
spyware cookies, improving detection results over the use of
scan strings alone.
These pests often lurk silently on your computer until something ? or
someone ? sets them off. When that happens, you could lose
passwords, personal data, credit card numbers, and - if you
telecommute and connect to your office via a VPN - open up a
back door for the hacker into your entire company network.
PestPatrol defeats the threat by detecting and removing:
PestPatrol's easy-to-use interface, automatic updates and extensive
on-line research center make it simple to keep your computer clear
of unwanted pests. A 2002 PC Magazine Five Star Utility, PestPatrol
allows you to surf with confidence, knowing that your personal
information stays private and your computer stays secure.
- Spyware and adware that "phones home" information about you, your computer, and your surfing habits
- Remote access trojans (RATs) that allow an attacker to remotely control your computer
- Keyloggers that can steal passwords and other confidential data
- Denial-of-service (DoS) attack agents that can crash or hang a program, or your entire system
- Probe tools that look for vulnerabilities on your system that a hacker can exploit
Get an eval copy here:
- Scans all or selected file types, including inside archives
- Scans memory for active pests and kills the process
- Zaps spyware cookies before they can phone home about you
- Stops known and unknown keyloggers from hooking your keyboard
- Quarantines or deletes any identified pest
- Checks and removes pests from registry and start-up areas
- Downloads and installs updates automatically on availability
- Tells you the specific threat level of any pest found
- Saves all pest-related events in an easy-to-read log file
Integrity Protection Driver (IPD) for NT and W2K
A common technique that hackers use to disguise themselves on
compromised systems is installing a "rootkit", which is typically
a program or suite of programs used to cover up evidence of
intrusion and to hide trojans and other applications and data
(such as agents used in Distributed Denial of Service (DDOS)
attacks). One of the most powerful rootkit techniques is to alter
the behavior of the operating system by running as a kernel
driver in privileged mode. These applications are capable of
hiding processes, files, directories, registry keys and values.
They also alter the access control mechanisms and manipulate
the Operating System in other ways.
The Integrity Protection Driver (IPD) is an open source kernel
driver for Windows NT and Windows 2000 that attempts to provide
integrity to the Windows kernel by blocking kernel-altering
device drivers, such as rootkits, from changing normal kernel
function. A new version of the IPD has been released that corrects
a vulnerability that circumvents the driver's protection.
The IPD uses some of the same techniques as rootkits to attempt
to block new drivers from being installed or executed by anyone,
including Administrator or System. The goal is to block any new
device drivers from executing at all, even on a compromised system.
More information about the IPD, including its open source license,
can be found at:
Microsoft Certified Pro Mag's TechMentor Conference & Expo
MCP Mag's Conference in New Orleans is going to be interesting. If
you live in that area, check it out:
When: April 8-12, 2003 - New Orleans, LA.
- Training: TechMentor provides Windows networking professionals
the depth and breadth of training not offered at other such
conferences. Their instructors include many of the networking
experts who write for Microsoft Certified Professional Magazine.
More than 200 hours of training is offered at TechMentor, with
courses arranged in easy-to-choose categories?Network Management,
Network Security, Technical Management, Desktop Administration,
Windows Networking Fundamentals and Certification Training.
- Super Special Events: NCAA Final Four action, receptions, hands-on labs, after-hours gaming, on-site certification testing and more?attendees will
appreciate the extra-curricular and peer networking activities included in your agenda at TechMentor.
- Top Keynote Speakers: Lutz Ziob, Microsoft's new head of certification and training, will tell you where the MCP program is heading and veteran
Windows-watcher Mark Minasi will put his unique spin on the latest technology out of Redmond.
- Vendor Access: Microsoft will be there, as will a host of other key vendors who offer solutions and services in the Windows networking and certiification space.
iHateSpam Server Edition
Sunbelt Software is excited to announce the Feb 2003 release of iHateSpam for Exchange 2000. This server-based version (with MMC interface) is currently in Beta. In 2002, iHateSpam has become the best-selling anti-spam add-in for Outlook. The Press loves it. PC World just said: "The iHateSpam Outlook version caught an impressive 96 percent." Spam costs anywhere from $8 to $26 per
employee per month. Do not lock into any other server side spam filter until you have evaluated iHateSpam Server edition. Need an anti-spam solution right now? Buy the client-side solution and get a 100% upgrade credit when you move to iHateSpam Server. More at:
This Week's Links We Like. Tips, Hints And Fun Stuff
The Beta for Exchange 2003 (code name Titanium) is available. But
carefully read the requirements for testing!
This is a European humor site. Quite different from the rest...
Warning: Massive waste of time:
"Britney Spears Physics". A riot:
I was behind the times in my New Year's Predictions. Nokia already
has a card that I expected to arrive: both Wi-Fi and GPRS. Yay!
Check this picture out and you'll understand why you have to insure
a Server you are sending to a remote office: [grin]
The risks of working with a Laptop at Home. (a 1.5Meg Mpeg):
By far the COOLEST motorbike I have -ever- seen. Dodge Tomahawk:
Security and USB devices... interesting read:
PRODUCT OF THE WEEK
Hacking Exposed: Linux Security Secrets & Solutions
Tighten holes and maintain security on your Linux system! From the publisher of the international best-seller, Hacking Exposed: Network Security Secrets & Solutions, comes this must-have security handbook for anyone running Linux. This up-to-date edition shows you how to think like a Linux hacker in order to
beat the Linux hacker. You'll get detailed information on Linux-specific hacks, both internal and external, and how to stop them.