- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jan 13, 2003 (Vol. 8, #2 - Issue #408)
"DotNet" Out The Window!
  This issue of W2Knews™ contains:
    • Thanks For All Your Feedback!
    • Intel Based Workstation Survey
    • No More NT 4.0 and W95 Support in 2003: What Now?
    • "DotNet" Out The Window! It's Windows Server 2003 (W2K3)
    • W2K3 Does Not Support Exchange 2000
    • Microsoft Launches U.S. Smartphone Push
    • Top 20 Holes Are Exploited Over And Over
    • What Is This 'SPOT' Gates Is Talking About?
    • New: Sysadmin Toolbox Plus ? A Dozen Tools In-One
    • PestPatrol ? What's New in Version 4.1
    • Integrity Protection Driver (IPD) for NT and W2K
    • Microsoft Certified Pro Mag's TechMentor Conference & Expo
    • iHateSpam Server Edition
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Hacking Exposed: Linux Security Secrets & Solutions
FREE UNIX Management Guide
Do you want to improve user experience, exceed SLAs, save time and
increase the return on your infrastructure investments? Get the "Top
10 Reports Every IT Manager Lives For" from NetIQ. This free guide
to managing your enterprise application infrastructure explores 10
critical system views and management reports that can help answer
your most pressing UNIX management questions. Register now.
Visit NetIQ for more information.

Thanks For All Your Feedback!

You know, sticking out your neck like I did with the New Year's wishes in the crystal ball issue is always a bit risky. But the amount of flames I received was not that much. The vast majority of you sent me very interesting feedback, data and viewpoints. Thanks very much for your often thoughtful observations and perspectives. Let's make 2003 a better year for all of us. And now back on topic for another 12 months. To start with, MS has thrown "DotNet" out of the Window! Check the NT/2000 section below.

But first, the new SunPoll is: "What type of OS Platform do you use for your day to day System Management work?" Go and vote here (leftmost column) and see what your colleagues are using to manage their domains. The results are surprising already:

Quotes Of The Day:

  • Great spirits often meet violent opposition with mediocre minds: Albert Einstein
  • COFFEE. E X E Missing - Insert Cup and Press Any Key.
UNDO: the size of the Beta SP4 service pack was of course wrong. We put a comma instead of a period. It's 136Meg.

Stu Sjouwerman (email me with feedback: [email protected])
  SPONSOR: Double-Take
Disaster Recovery has become priority #2, right after Security.
This means you have to have a tested plan and reliable tools in
place for the moment your site goes down. Double-Take is that tool.
Sold more than all other High-Availability tools combined. It is
even certified for W2K Datacenter. No other HA tool is. How does
it work? "Server A goes down--Server B takes over transparently".
Get the eval copy here, this is your ultimate job-security:
Visit Double-Take for more information.

Intel Based Workstation Survey

As a W2Knews subscriber, we value your expert opinion on business and technology-related issues. We are currently conducting a survey about user satisfaction with Intel based workstations.

You must be responsible for selecting or recommending brand/model of workstation purchases for company, and have purchased one of these brands (HP, Compaq, Dell, IBM) within the last 18 months.

We would like to include your opinion if you have Intel based workstations installed at your location and are involved in the purchase of/recommending process for workstations.

To show our appreciation for your time participation in the study, you will be entered into a drawing to win $500. AND, the first 100 people that respond and qualify, will get a $15 Amazon gift cert (Terms and Conditions). The survey takes about 10-15 minutes to complete and is right here:

No More NT 4.0 and W95 Support in 2003: What Now?

Yup, the year has turned and your W95 support has reached end of life: Just Not There Anymore! And mainstream support for NT 4.0 is now gone too, you have to start paying. Ouch. That's an estimated 4 million NT servers and 10 mil NT workstations. Both W95 and NT 4.0 are more than 6 years old by now, that's antique for IT standards. It's time to dump W95 as soon as you can.

So, what to do now? It's different for workstations and laptops on the one side, and servers on the other side. Let's start with the first. You can migrate corporate desktops and laptops from NT to W2K, and that is a pretty good bet. Solid and still supported for a while. But you can also go straight to WinXP for those machines, which by now you should seriously look at. WinXP has some added features that are nice for laptops, and the lifecycle is going to be (a lot) longer than W2K.

Your servers is another story. This is a business decision based on security and cost. Your NT4 support is now going to be an immediate out-of pocket expense. But there are no more service packs for NT, so security is really a concern as patches are now hard to come by, and likely cost money. I suggest you wait and not take W2K but upgrade to W2K3, to be released in April. If you run old Pentium Pro servers you will have to shell out money for new hardware. Better plan that in. Good thing is that this stuff is getting cheaper by the month. Remember, new MS server software will simply not run on NT 4.0. The new Exchange 2003 is a good example, so keep that in mind. Here is a link to the MS site about retiring NT 4.0:


"DotNet" Out The Window! It's Windows Server 2003 (W2K3)

Last Thursday, MS changed the name of its next server OS from Windows .NET Server 2003 to Windows Server 2003. The final release is expected in April. We counted, and this is the FIFTH name (yes) for what is really Windows NT 6.0. They sure had a heck of a time to position this puppy correctly and brand it for the "future". And now [tongue firmly in cheek] I'm sure that the MS marketeers must have peeked at all the results people sent to the W2Knews naming survey, where a good chunk proposed just "W2K3". See that SunPoll at:

Anyway, so there you have it, we're going "Detroit" all the way. For readers outside the US, "Detroit" is the nickname for "Big Auto": New models every year with built-in obsolescence. And your W2Knews is going to simply keep its name, the way it looks now we are good for the next decade! I'm going to use W2K3 as an acronym from now on.

W2K3 Does Not Support Exchange 2000

Yup, you read that right. You cannot run E2K on W2K3. They say the service pack to make this possible would be not viable. It's mainly the underlying security changes that were made in W2K3 that cause this. The current solution is that your current E2K which now runs on W2K, will use/support the AD infrastructure in W2K3. And yes, you are right to expect that this very well may mean a shorter lifecycle for E2K than you may have thought. Hmmmm.

Microsoft Launches U.S. Smartphone Push

Last year I told you this was coming, and now it's finally here. Microsoft and two hardware makers are announcing mobile phones that run Microsoft's Smartphone software and can be used on cellular networks in the U.S. More at the MS PressPass site:

Top 20 Holes Are Exploited Over And Over

The FBI and the SANS Institute have just released a list of top 20 vulnerabilities that network administrators MUST fix to protect their network against malicious attacks from worms and hackers. Most people don't realize a very small number of vulnerabilities are used over and over. That's why fixing the Top 20 can pay off. Get started by going to:

Then, get an eval of Retina and scan your networks:

What Is This 'SPOT' Gates Is Talking About?

Think of the first generation of Simple Personal Object Technology as being small receive-only devices for 128 Byte packets being broadcast over a wide area using FM sub-carrier bands. Also think of a certificate-based security infrastructure where there is a middle-ware authentication and authorization service provided for filtering of messages before they are transmitted to the SPOT device, each with a unique burned-in key. The goal is for the SPOT device to run on extremely low battery power, similar to the flat pancake-style ones. They have receive capabilities in your car for getting traffic update and reroute messages or being stuck on your refrigerator for displaying the weather or a notification message from something like My Alerts. This is the kind of stuff sitting in your WATCH later this year. More about this and other goodies at the Consumer Electronics Show at:


New: Sysadmin Toolbox Plus ? A Dozen Tools In-One

Enterprise Admins: Analyze and Fine Tune Your Systems! SysAdmin Toolbox Plus 2.0 is a cool little software tool box that can help you analyze and fine tune your MS networks. It's a breakthrough in cost and efficiency, (only $185 with immediate on-line delivery) and contains a combination of functions found in a dozen or more separate and more expensive software utilities.

Software Shelf CEO, Bill Feeley, says, "This newest tool combines the power of many programs in one product. The system admin can handle key functions on any machine on his network without incurring the substantial costs in buying multiple software products to do the same job. SysAdmin Toolbox Plus puts power at the admin's finger tips. It can help analyze and fine tune files, memory, processes, services, accounts, printing, error translating, IP addresses, system snapshots, auditing, CPU details, system data, and on and on. It is a powerhouse product and a major budget saver. It can save the admin enormous amounts of time and reduce end user downtime."

SysAdmin Toolbox Plus is licensed per administrator. A single license is $185.00 and volume discounts are available. A free fully functional trial version can be downloaded here (and you can buy it online at the same location):

PestPatrol ? What's New in Version 4.1

  1. CookiePatrol?: Memory-resident Spyware Cookie Detection: detects spyware cookies the moment they land on your computer, and quickly blasts them away. No need to block all cookies just to block some, the way your browser would have it. And no need to block blindly, limiting your ability to access certain sites, the way some personal firewalls would have it. CookiePatrol allows the cookie to be created, satisfying the web site that gave it to you. Then it destroys the spyware cookie, satisfying your need for privacy. All the benefits of cookies... with none of the risks.
  2. KeyPatrol?: Generic Keylogger Detection: detects both known and unknown keyloggers, using both behavioral and pattern-matching algorithms. Even if a new keylogger gets to your computer before it gets to our lab, you are protected. KeyPatrol's behavior-detecting algorithms are able to detect a keylogger simply because it has hooked the keyboard, and is watching your typing. Pattern-matching algorithms compare every running file with a database of pests to determine if the running program is a known keylogger.
  3. Improved scan engine enables faster scans, improves dynamic update abilities, and substantially decreases memory usage.
  4. New heuristic cookie detection techniques detect new, "unknown" spyware cookies, improving detection results over the use of scan strings alone.
PestPatrol is a powerful security and personal privacy tool that detects and eliminates destructive pests like trojans, spyware, adware and hacker tools. It complements your anti-virus and firewall software, extending your protection against non-viral malicious software that can evade your existing security and invade your personal privacy.

These pests often lurk silently on your computer until something ? or someone ? sets them off. When that happens, you could lose passwords, personal data, credit card numbers, and - if you telecommute and connect to your office via a VPN - open up a back door for the hacker into your entire company network.

PestPatrol defeats the threat by detecting and removing:

  • Spyware and adware that "phones home" information about you, your computer, and your surfing habits
  • Remote access trojans (RATs) that allow an attacker to remotely control your computer
  • Keyloggers that can steal passwords and other confidential data
  • Denial-of-service (DoS) attack agents that can crash or hang a program, or your entire system
  • Probe tools that look for vulnerabilities on your system that a hacker can exploit
PestPatrol's easy-to-use interface, automatic updates and extensive on-line research center make it simple to keep your computer clear of unwanted pests. A 2002 PC Magazine Five Star Utility, PestPatrol allows you to surf with confidence, knowing that your personal information stays private and your computer stays secure.


  • Scans all or selected file types, including inside archives
  • Scans memory for active pests and kills the process
  • Zaps spyware cookies before they can phone home about you
  • Stops known and unknown keyloggers from hooking your keyboard
  • Quarantines or deletes any identified pest
  • Checks and removes pests from registry and start-up areas
  • Downloads and installs updates automatically on availability
  • Tells you the specific threat level of any pest found
  • Saves all pest-related events in an easy-to-read log file
Get an eval copy here:

Integrity Protection Driver (IPD) for NT and W2K

A common technique that hackers use to disguise themselves on compromised systems is installing a "rootkit", which is typically a program or suite of programs used to cover up evidence of intrusion and to hide trojans and other applications and data (such as agents used in Distributed Denial of Service (DDOS) attacks). One of the most powerful rootkit techniques is to alter the behavior of the operating system by running as a kernel driver in privileged mode. These applications are capable of hiding processes, files, directories, registry keys and values. They also alter the access control mechanisms and manipulate the Operating System in other ways.

The Integrity Protection Driver (IPD) is an open source kernel driver for Windows NT and Windows 2000 that attempts to provide integrity to the Windows kernel by blocking kernel-altering device drivers, such as rootkits, from changing normal kernel function. A new version of the IPD has been released that corrects a vulnerability that circumvents the driver's protection.

The IPD uses some of the same techniques as rootkits to attempt to block new drivers from being installed or executed by anyone, including Administrator or System. The goal is to block any new device drivers from executing at all, even on a compromised system. More information about the IPD, including its open source license, can be found at:

Microsoft Certified Pro Mag's TechMentor Conference & Expo

MCP Mag's Conference in New Orleans is going to be interesting. If you live in that area, check it out:

  • Training: TechMentor provides Windows networking professionals the depth and breadth of training not offered at other such conferences. Their instructors include many of the networking experts who write for Microsoft Certified Professional Magazine. More than 200 hours of training is offered at TechMentor, with courses arranged in easy-to-choose categories?Network Management, Network Security, Technical Management, Desktop Administration, Windows Networking Fundamentals and Certification Training.
  • Super Special Events: NCAA Final Four action, receptions, hands-on labs, after-hours gaming, on-site certification testing and more?attendees will appreciate the extra-curricular and peer networking activities included in your agenda at TechMentor.
  • Top Keynote Speakers: Lutz Ziob, Microsoft's new head of certification and training, will tell you where the MCP program is heading and veteran Windows-watcher Mark Minasi will put his unique spin on the latest technology out of Redmond.
  • Vendor Access: Microsoft will be there, as will a host of other key vendors who offer solutions and services in the Windows networking and certiification space.
When: April 8-12, 2003 - New Orleans, LA.

iHateSpam Server Edition

Sunbelt Software is excited to announce the Feb 2003 release of iHateSpam for Exchange 2000. This server-based version (with MMC interface) is currently in Beta. In 2002, iHateSpam has become the best-selling anti-spam add-in for Outlook. The Press loves it. PC World just said: "The iHateSpam Outlook version caught an impressive 96 percent." Spam costs anywhere from $8 to $26 per employee per month. Do not lock into any other server side spam filter until you have evaluated iHateSpam Server edition. Need an anti-spam solution right now? Buy the client-side solution and get a 100% upgrade credit when you move to iHateSpam Server. More at:


This Week's Links We Like. Tips, Hints And Fun Stuff

  • The Beta for Exchange 2003 (code name Titanium) is available. But carefully read the requirements for testing!

  • http://www.w2knews.com/rd/rd.cfm?id=030113FA-Exchange2003
  • This is a European humor site. Quite different from the rest... Warning: Massive waste of time:

  • http://www.w2knews.com/rd/rd.cfm?id=030113FA-European_Humor
  • "Britney Spears Physics". A riot:

  • http://www.w2knews.com/rd/rd.cfm?id=030113FA-Britney
  • I was behind the times in my New Year's Predictions. Nokia already has a card that I expected to arrive: both Wi-Fi and GPRS. Yay!

  • http://www.w2knews.com/rd/rd.cfm?id=030113FA-Nokia
  • Check this picture out and you'll understand why you have to insure a Server you are sending to a remote office: [grin]

  • http://www.w2knews.com/rd/rd.cfm?id=030113FA-Server
  • The risks of working with a Laptop at Home. (a 1.5Meg Mpeg):

  • http://www.w2knews.com/rd/rd.cfm?id=030113FA-Working_at_Home
  • By far the COOLEST motorbike I have -ever- seen. Dodge Tomahawk:

  • http://www.w2knews.com/rd/rd.cfm?id=030113FA-Motorbike
  • Security and USB devices... interesting read:

  • http://www.w2knews.com/rd/rd.cfm?id=030113FA-USB

    Hacking Exposed: Linux Security Secrets & Solutions

    Tighten holes and maintain security on your Linux system! From the publisher of the international best-seller, Hacking Exposed: Network Security Secrets & Solutions, comes this must-have security handbook for anyone running Linux. This up-to-date edition shows you how to think like a Linux hacker in order to beat the Linux hacker. You'll get detailed information on Linux-specific hacks, both internal and external, and how to stop them.