Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Feb 10, 2003 (Vol. 8, #6 - Issue #412)
Microsoft Spills W2K3 Security Specifics
This issue of W2Knews contains:
- EDITORS CORNER
- New System Admin Words For 2003
- TECH BRIEFING
- Discuss Problems With Your Colleagues: Sunbelt Forums
- Auto-replies And Security
- NT/2000 RELATED NEWS
- Microsoft Spills W2K3 Security Specifics
- Redmond Withdraws Security Patch
- Who Is First In Server Sales?
- "Big Windows" (Datacenter) Overhauled
- Slammer Was Fastest Spreading Worm Yet
- NT/2000 THIRD PARTY NEWS
- Why Nevada Federal Moved To Patch Management Application
- Automate And Handle Those 3am Emergency Calls!
- UltraBac Builds On 7.0 Series: Encryption & Speed
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- SECURITY + Study Guide And DVD Training System
Been Hit With The Recent SQL Slammer Worm?
This could have been prevented. A U.K. security firm estimates
the economic damage already over $1 billion. UpdateEXPERT is a
powerful service pack and hotfix manager. You've got to do this
to keep your networks secure. Use UpdateEXPERT as your research,
inventory, deployment and validation tool that enables you to fix
security vulnerabilities and stability problems on your machines.
Visit UpdateEXPERT for more information.
New System Admin Words For 2003
Hi All, some light humor for a change. Here are some essential additions for your System Admin vocabulary: [grin]
- BLAMESTORMING: Sitting around in a group, discussing why a
server went down, and who was responsible.
- SEAGULL MANAGER: A manager who flies in, makes a lot of noise,
craps on everything, and then leaves.
- CUBE FARM: An office filled with cubicles.
- MOUSE POTATO: The on-line, wired generation's answer to the
- STRESS PUPPY: An admin who seems to thrive on being stressed
out, whiney, and complains about stupid users all day.
- SWIPEOUT: An access card that has been rendered useless because
the magnetic strip is worn away from extensive use.
- PERCUSSIVE MAINTENANCE: The fine art of whacking the crap out
of an electronic device to get it to work again.
- 404: A completely clueless end-user.
- OHNOSECOND: That fraction of time after hitting Enter, in which
you realize that you've just permanently erased a big database.
- Inoculatte: Taking coffee intravenously when you are pulling an
all-nighter getting that database online from the backup tapes.
- Osteopornosis: A degenerate disease. (This one got extra credit).
(email me with feedback: [email protected])
OpalisRobot - Automate IT Processes
Find out why more than 1,100 organizations worldwide use OpalisRobot.
Mitsubishi says, "OpalisRobot automates tasks that would otherwise
be performed manually. The solution runs regular batch schedules
and ensures all mission critical processes are taking place.
OpalisRobot is a necessary asset to our IT operations." Start
saving time today. Evaluate a fully functional version here:
Visit Opalis for more information.
Discuss Problems With Your Colleagues: Sunbelt Forums
You may not know that Sunbelt sponsors a whole bunch of no-charge
forums that are a godsend to many when they run into problems.
You could say these are "P2P support groups" [grin]. Have you
recently checked out which forums are available? Please also
forward this to people in your organization that you think might
be helped with subscribing to these free forums? Thanks!
You can find and subscribe to all these free forums here:
5,100+ Members - Free and open discussion of Windows NT System
Administration Issues. This list is intended to be a forum to
discuss how to keep NT Servers up and running in a production
environment. NOTE: High Traffic
- MS Exchange Management Issues
3,600+ Members - Discussion of Microsoft Exchange Administration
Issues. This list is intended to be a forum to discuss how to keep
Exchange up & running in a production environment, and as help
to pass the Exchange Certification Exams. NOTE: High Traffic
- MS SQL Management Issues
1,400+ Members - Discussion of Microsoft SQL Administration Issues.
This list is intended to be a forum to discuss how to keep SQL up
& running in a production environment, and as help to pass the SQL
- Active Directory
1,200+ Members - discussion of Microsoft Active Directory Admin
Issues. This list is intended to be a forum to discuss how to keep
AD up & running in a production environment, and as help to pass
the Certification Exams that have AD-related topics.
- Disaster Recovery
1,300+ Members - Discussion of Disaster Recovery Administration
and Tech Issues. This list is intended to be a forum to discuss
how to plan, implement and keep Disaster Recovery installations
up & running in a production environment.
- Windows Security Issues
1,750+ Members - Discussion of Microsoft Windows NT/2000/XP
Security Issues. This list is intended to be a forum to discuss
how to keep windows security "in" as opposed to "out" in a
production environment, and as help to pass the related Security
- NT/2000 and MAC
1,200+ Members - Sunbelt Software hosts this list to invite
the free and open discussion of Microsoft Mac-NT Admin Issues.
This list is intended to be a forum to discuss how to keep
Mac clients up & running in an NT/2000 production environment.
- Windows XP Users
1,200 + Members - Discussion of Microsoft Windows XP Issues.
This list is intended to be a forum to discuss how to keep WinXP
up & running in a home or small office environment, and for IT
pros, as help to pass the WinXP related Certification Exams.
- MCSE Study Issues
2,500+ Members - Discussion of MCSE Certification Issues. This
list is intended to be a forum to discuss how to obtain MS
- Home Automation
700+ Members - Sunbelt Software hosts this list to invite the free
and open discussion of MS Windows-based Home Automation Issues.
This list is intended to be a forum to discuss how to get and keep
home automation running, for people that have this as a hobby.
- NT Resellers List - Announcement Only
15,000+ Members - Join this "Announcement Only" list for resellers
of Windows System Management Tools and Utilities. Messages from
this forum typically announce new products as well as special
promotional or pricing offers.
Auto-replies And Security
Huh? What's that got to do with the price of fish? Well, more
than you might think. It's not as harmless as you expect. The
people at Panda Software sent me this hint which makes sense:
Information in auto-replies usually deals with one's absence
from their workplace. However, in many cases, they contain
additional data such as return date, alternative contact persons
and even phone numbers. All this data can become very handy in
order to launch an attack using 'social engineering' techniques,
as an attacker could use that information to call the contact
person in the message and, taking advantage of the other user's
absence, try to obtain relevant information that could be used
to prepare more advanced attacks.
A basic measure to prevent this type of attack is to avoid giving
much information on your absence, as when you ask a neighbor to
collect your correspondence so that it does not pile up in your
mailbox and nobody knows you are not at home. Another solution is
to redirect messages to a workmate's mailbox. It also prevents
your email to get bounced up & down from automated list servers.
NT/2000 RELATED NEWS
Microsoft Spills W2K3 Security Specifics
You all know about Bill Gates' trustworthy computing initiative.
They promoted that W2K3 would be much more secure. Well, they
release some specific security features in the OS for the first
time. Newly disclosed security settings and features include details
of some of the services that are disabled or running with reduced
privilege by default, a Security Configuration Wizard tool that
will be available this summer and new documentation for admins
configuring systems and networks for security. One result of the
effort to lock down the OS is that more than 20 services will be
disabled (or run at lower privilege) by default compared to the
new W2K3 which will be available in April this year. More at
Redmond Withdraws Security Patch
MS pulled the Windows NT 4.0 version of a security patch it
issued in December. It led to random crashes and reboots on NT
4.0 systems after it was installed. The problems were solved by
removing the patch. The patch repairs a privilege elevation
vulnerability that could give a hacker admin privileges through
an exploit using a flaw in the WM_TIMER Windows function. MS
said it will patch the patch soon. [grin] Read more at TechNet:
Also, they just issued security bulletins for IE and XP, see
Who Is First In Server Sales?
Dataquest is one of the really large Industry Analysts that keeps
track of server sales in the USA. Well, in 2002, there were 200K
more servers sold compared to 2001. The total was 1.9 Mil, and
the growth was just under 14%. If you look at it worldwide, the
percentage was only 4.2% more than 2001.
If you look at hard numbers, and add up HP and Compaq as "HPQ",
they sold 1.38Mil servers. That was actually down 4.6% from 2001
but they still have the biggest marketshare with just over 30%.
It was clear that Dell was going to gain market share, looking at
the HPQ merger, and they were the real beneficiary in the server
market. Their sales were 851K worldwide, and now have 18.5% of
the total server market. In the USA, they grew the fastest and
with a 25% market share which translates into 488K machines. Many
of these new Dell customers came off Unix, and chose for either
W2K or Linux.
Number 3 was IBM with 225K servers, number 4 was Sun with 144K,
and fifth was NEC with 18K machines.
"Big Windows" (Datacenter) Overhauled
MS Datacenter Server has been about more than technology features
since its launch in late 2000. Fittingly, the tightly controlled
support program that makes Datacenter Server so different from
other MS server operating systems is getting a complete overhaul
for the Windows Server 2003 launch. Microsoft unveiled details of
the program Wednesday, including the new name, the "Windows Datacenter High Availability Program." Read more at ENTMag which was the source for this story:
Slammer Was Fastest Spreading Worm Yet
InfoWorld just posted a story about a detailed analysis of the
recent SQL Slammer. Slammer represented a significant milestone
in the evolution of worms and was by far the fastest spreading
worm yet seen. This particular study was conducted by a whole
slew of IT Bigwigs.
They were able to analyze the first three minutes of the worm's
spread. During that time, the number of infected machines doubled roughly every 8.5 seconds. Yes, you read that right. DOUBLED every
8.5 seconds. That is an awesome speed, and about 250 times faster
than Code Red, which hit in mid-2001 and had a doubling time of
37 minutes. And what was the result of this fast spread? Within 10
minutes of the start of the attack, the majority of the estimated
75,000 machines that were hit had been infected. OUCH. That means
the next 'slammer' could be worse. You really need a solution
to manage and verify patches. Repeat after me: Security Is Not
A Product, It Is A Process. (products only help to keep the
process in place).
Here is an in depth analysis:
THIRD PARTY NEWS
Why Nevada Federal Moved To Patch Management Application
We have a pretty good case study available for you. It shows the
rationale for getting an application to manage patches for your
networks. The product they chose is UpdateEXPERT. One question
we get asked now and then is the following: "UpdateEXPERT doesn't
do the Patch that MS released yesterday!"
As you know St. Bernard performs testing on these things before
they release them into the UE database, so it may take a few days
before a new version is available via the update mechanism. But,
if you really need to update a patch right away, this feature
of UpdateEXPERT handles that problem--you can install the 'latest'
(albeit untested and unchecked) security patches as "private" or
"custom install". Meaning, you have total freedom to patch
whatever you want, whenever you want. Check out UpdateEXPERT here:
Automate And Handle Those 3am Emergency Calls!
Now you can use Sonic Mobility's sonicadmin and OpalisRobot together!
You can connect securely to your network from your BlackBerry RIM
or MS Pocket PC device and access much of the powerful monitoring,
task automation and job scheduling found in Opalis' OpalisRobot.
With this solution, the 3am wake-up calls and weekend "emergency"
system support calls that many of us receive can be remedied with
speed and ease. There is nothing else like it in the market.
You can trigger OpalisRobot server jobs, view vital server information such as reports, logs, statistics and alerts ? all from your Pocket PC PDA or BlackBerry, wherever you are.
Over the past nine months, Sonic Mobility has worked with Opalis
to develop the solution by using the Opalis Developer Edition SDK
to provide "hooks" into OpalisRobot. Sonic Mobility is the first
company in the market to offer wireless PDA access to the comprehensive server automation and management features that OpalisRobot provides. If you use the combined offerings, you will have a complete solution for powerful remote server administration. Check them out here:
UltraBac Builds On 7.0 Series: Encryption & Speed
The fastest backup solution gets faster and more secure with
their shipment of v7.0.3. The latest version of the popular backup
and disaster recovery software now includes built-in encryption,
client side file compression, single file restore from image backups, and a new remote installer. This boils down to security compliance, faster backups and recoveries, and streamlined administration.
"The release of 7.0.3 is a significant build of new features added
to the 7.0 series of our backup and recovery software," said Morgan
Edwards, CEO and founder of UltraBac Software. "Our development
team designed the recently released 7.0 series for the future with
a roadmap of robust enhancements to be added in subsequent months.
The shipment of version 7.0.3 is the second installment of those
enhancements including new features that increase security, speed
backup and recovery times, and simplify administration."
Built-in encryption for backup files is now included in v7.0.3.
Many organizations are currently required by law (under the Gramm-Leach-Bliley Act) to protect sensitive information in order to comply with new privacy laws. Using UltraBac's new encryption feature, users are given an integrated security option to ensure the privacy and protection of their backup files.
System administrators will welcome the new remote install feature
that centralizes the task of installing or updating the UltraBac
application itself. Use of this innovative feature allows the
administrator to simply double-click on one setup.e x e file to
distribute and install the software to chosen servers and workstations on the network. Pricing starts from USD $495 per server with the ability to backup an unlimited number of workstations:
This Week's Links We Like. Tips, Hints And Fun Stuff
Microsoft's view on the Digital Home of Tomorrow. There is no bathroom. Perhaps just as well. What do you do if your MS toilet v 1.0 BSOD's? Jiggle the handle?
Did you know that the Active Directory Database needs to be
FTC Internet Fraud Statistics for 2002. Who lost money on the Net?
Riot animation! ubergeek.tv talks about switching to Linux.
PRODUCT OF THE WEEK
SECURITY + Study Guide And DVD Training System
You can imagine that I have had a look at countless study guides
over the last few years for all the major certifications. This
one is really one of the best around. The authors (I know some
of them personally) have done a bang-up job of covering just all
there is to be found regarding the exam. There is also a great
question and answer section in this book. The DVD is pretty good
too. If you are looking for a comprehensive but cheap way to get
a good security certification behind your belt, this is the one!