- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Mar 3, 2003 (Vol. 8, #9 - Issue #415)
W2K3 Gets 'Copy Protection'
  This issue of W2Knews™ contains:
    • SA Vocabulary (End)
    • Upgrading My MCSE? Not Me.
    • Serious Security Flaw In Tech.Ed Barcelona Registration
    • MS Releases Securing Windows 2000 Server Guide
    • W2K3 Gets 'Copy Protection'
    • Here Is Some Ammo To Get Budget!
    • Disaster Recovery Plan - True Story
    • Want To Play With Ipv6? Here's A Sample Application
    • OpalisRobot Will Soon Speak Linux
    • Did You Know? Secure NTFS File Copying
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • MCSE/MCSA Implementing & Administering Security (70-214)
  SPONSOR: Sunbelt Radmin
"I love your Sunbelt Remote Administrator software. Easy to setup
and use.
I can accomplish the same kind of remote (co-located) server
access using pcAnywhere but that is a "pig". But here is the cool
part. I never could copy really large image files using MS VPN, one
packet drops and it dies. But RADMIN copied 1.8 GB without crashing!
In fact I tested it on my home LAN. During file copy, I yanked a
patch cable and plugged it back in. RADMIN stopped for a moment (of
course, the connection was lost) but quickly resumed and completed
the transfer! That won't normally work with a MS mapped drive.
Very reliable! Dirt Cheap! It works great and I'm impressed." R.N.
Visit Sunbelt Radmin for more information.

SA Vocabulary (End)

To end off the System Admin Vocabulary series, there were quite a few people that sent me email pretty much voicing "the opposite" viewpoint. It goes something like this: "Users are clueless because it's not their job to know all this stuff, and it's what we get paid for to know and support". It is obvious that each group develops its own terms and even language. These shortcuts are needed for fast communication and group survival. Technical specialists like us are a great example of the acronym jungle that gets created in a hurry. And when an end-user gets confronted with words they cannot define, the next thing you know is they go blank and become 'stupid'. It's just an issue of words that are not- or mis-understood, really. I have the same phenomenon when I look at a tax form! [grin]

Upgrading My MCSE? Not Me.

Some one sent me this. Let me know if that is true for you too?

"I was one of the first groups of people to get the MCSE, and I was also one of the first people in the world to earn both the MCSE and MCT designations. When Windows 2000 came out and MS refused to "grandfather" existing trainers into the new program I simply stopped upgrading my certifications... and I was certified as a trainer in 22 different areas at the time. Having to re-test for every single exam is not only unfair, but it takes a lot of time and costs a lot of money for those of us who work for ourselves. That doesn't mean that I quit learning the new technologies as they came out though! In the long run the amount of time and money that it takes to upgrade simply wasn't worth the cost."

So, how do you think about this? Once I get some feedback we'll so a SunPoll in the next issue.

Warm regards,

Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Retina
How often is your network being attacked? How do you know you
are safe?
Retina is the award winning network vulnerability scanner
and remediation management system that discovers and helps fix
all known security vulnerabilities on Internet, intranet and
extranets. Retina is easy-to-navigate and includes advanced
reporting tools to help prioritize and isolate necessary fixes.
Retina gives you total control over auditing open gateways, user
security policies, registry settings, as well as a long list of
known security vulnerabilities. Get an eval here:
Visit Retina for more information.

Serious Security Flaw In Tech.Ed Barcelona Registration

OK, they may have solved it by now, but listen to this:

"Hi Stu,
Thought you may be interested in the following - and it should serve as a warning to your readers. I booked Teched Barcelona tonight using my credit card over the web to the registration site and some minutes later received the following email ..

"I thought you might like to know that I was able to load the html document (attached) which originally appeared blank on my screen. A credit card authorization form for NAME DELETED (attending the TechEd03) appeared on my screen. I now have his visa card number (which I will not abuse). This is a serious security flaw in the registration system."

OUCH! I'll keep you up to date on this one. Anyone in Redmond reading this, could you get in touch with me when it's fixed? (I have the names of the people involved.)

MS Releases Securing Windows 2000 Server Guide

In case you missed it, Redmond came out with a new guide: 'Microsoft Solution for Securing Windows 2000 Server' which is available at the link below. It's got 11 chapters and it start with an "initial lockdown" of servers and recommends steps to "get secure and stay secure." And as you all know, SECURITY IS A PROCESS. MS calls it a Security Risk Management Discipline. Ok, fine. Same thing. Redmond states about the guide: "These are proven and tested solutions."

Other chapters go into how to "harden" W2K servers, and it contains tips on auditing, intrusion detection and how to respond to security incidents. The guide is part of MS's Trustworthy Computing initiative, which promises much more secure servers in W2K3. This guide is basically a stopgap until we get the new stuff in April.

Seeing the Tech.Ed item just above, it's time for them to start read their own stuff, as the guide is pretty good. [grin]


W2K3 Gets 'Copy Protection'

No, not what you think. Thank heavens. But they -are- going to put additional digital rights management (DRM) in W2K3 and in the new Office 2003.

They are calling it Windows Rights Management Services (RMS), and the goal is to secure corporate documents from any prying eyes. Not in the least your own employees. Potentially good for the company, but perhaps not so good for external investigators.

The stuff is XrML-based, which is a new standard for expressing rights in digital content. Redmond implemented this as a web service (asp.net) probably counting on the fact this thing will work fine via the Net, which is reasonable in a commercial environment.

Rights Management Services will be able to work with apps like email clients, word processors and sensitive corporate documents, stuff like designs, research results, and the like. All these will be protected in a persistent way, and the code to do this will reside in the documents themselves. It allows or disallows, (using time-based expiration dates) things like printing, copying and forwarding.

Because support for XrML will not be introduced until Office 2003 is released, users with older operating systems, including XP, will not be able to use the RMS. Redmond said it is developing tools that will allow users with older operating systems to view RMS-enabled documents using Internet Explorer.

The master plan is of course that apps will be written so that your end-user can easily designate who has access to specific content and what kinds of access rights they have. I can already see the tech support problems attached with this kind of thing. This stuff could easily proliferate to your back office servers and even games. Organizations will be able to enforce these policies outside the company. More at the MS website:

Here Is Some Ammo To Get Budget!

ComputerWorld is running their Premier 100 Conference in Scottsdale Arizona. IT security is a top concern for the IT execs attending the event.

Doug Lewis, CIO at Six Continents Hotels Inc., called the problem of IT security "the single biggest threat" to his organization. And Curtis Robb, CIO at Delta Airlines Inc., said his company gets 500 attempts to break into its computer systems every day.

Little wonder, then, that Phil Tyler, operational security consultant at Phoenix-based Avnet Inc., told an audience that establishing IT security policies and procedures is critical and shouldn't be placed under strict return-on-investment constraints. "It's like auto insurance," he said. "You don't ask about its ROI."

I like that concept. You should have a look at the article and forward it to your own execs to get them accustomed to this new and revolutionary viewpoint. ;-)

And here is another article about defending your security budget:

Disaster Recovery Plan - True Story

The NTSYADMIN list server is a free forum for professionals like you that want a live discussion about problems. Disaster Recovery plans were discussed. One participant, (Clayton Doige from the UK) came up with this instructive story:

"A guy is charged with BCP for his entire company. He creates a plan that covers offsite data protection, staff contact, counseling, relative notification, office relocation, back up office facilities, everything you can think of.

"One day everyone arrives at work to see a sign on the door. 'This building has been blown up, please invoke Business Continuity Plan' Everyone stands around, not knowing what to do, and then the guy who wrote the plan shows up, and says OK, no problem, as he has it in his brief case. Just then the CEO walks up and says to him 'You, you were in the building when it blew up. You're dead now.' This document was over a hundred pages. No one else had a copy. One failed DR test.

"Do you know who needs to be responsible for Business Continuity Planning? Company directors. It is totally their responsibility to decide how much money it is worth spending to ensure that the business stays up and running, and to guess at the odds of this or that event occurring. Then they need to delegate things like backups to IT, staff concerns to HR, and so forth. Next the plan has to come together as a whole for the board to review, and decide if they want to spend the money. Then, next year, they need to do it all over again. If your directors don't want to spend the cash, they are the one's with the most salary at risk at the end of the day. Hmmmm."

Subscribe to the NTSYSADMIN (and all other forums) here:

Want To Play With Ipv6? Here's A Sample Application

Three degrees loads a Teredos Client on the workstation, which is Microsoft?s back-end service for encapsulating IPv6 though an IPv4 link, which allows IPv6 end nodes to see each other across the Internet. It enables an IPv6 stack on the workstation. I believe it then leverages what I would term as IPv6 multicast groups for true Peer2Peer. I just brought it up on two machines with two different messenger addresses and it is going to open up a whole new world of interactive communications and content sharing. I can initiate showing files, sending "winks" (real-time attention getters) to the other desktop, and initiating playing music on multiple machines simultaneously - although it downloads it to the other machine first instead of streaming it. It does leverage Microsoft?s Teredos client for allowing IPv6-based clients to see each other across and IPv4-based network. Now imagine that they enable this functionality for Office-based collaboration. Check it out at:


OpalisRobot Will Soon Speak Linux

In about 30 days, Linux/Solaris support to come with V 4.06

OpalisRobot will run on Linux/Solaris servers while administered from a Windows only client. Support for Windows-relevant objects has been removed for Linux/Solaris servers, including monitoring event logs, performance counters, WMI events and other Windows/MS specific objects. You will be able to install and manage both Windows and Linux/Solaris environments from the client interface. When you select the server, the object window will update with the objects supported under that operating system.

Remote Management: Sonicadmin has released a wireless management interface for OpalisRobot via your Pocket PC device, and support for RIM Blackberry to come shortly. For details check out:

Did You Know? Secure NTFS File Copying

Secure Copy permits seamless migration, and allows you to copy files and directories on NTFS partitions while keeping the security intact, creating shares, and migrating local groups. All of this functionality is available in an easy to use GUI, which keeps you updated on copy progress, as well as any errors that may occur. Secure Copy also includes functionality such as differential copying, full command line support, saving multiple jobs, and scheduling jobs to run after hours. It is available on the Sunbelt Onlineshop with instant delivery for just $837.


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Samsung is coming out with a phone designed after the 'Matrix' one. Click on the phone, to see a quick flash of how it will look.

  • http://www.w2knews.com/rd/rd.cfm?id=030303FA-Matrix_Phone
  • Check how your favorite gas station stacks up, or find a cheaper one (different brands aren't different)

  • http://www.w2knews.com/rd/rd.cfm?id=030303FA-Gas_Prices
  • Subscribe to the IT-grin of the day over at FreeTechMail:

  • http://www.w2knews.com/rd/rd.cfm?id=030303FA-IT_Grin
  • No one can tell you what OmletteSoft is. You must experience it for yourself.

  • http://www.w2knews.com/rd/rd.cfm?id=030303FA-OmletteSoft
  • Diary Of A Datacenter Move. The archives are interesting reading.

  • http://www.w2knews.com/rd/rd.cfm?id=030303FA-Datacenter
  • DANGEROUSLY ADDICTIVE: Playing with lasers

  • http://www.w2knews.com/rd/rd.cfm?id=030303FA-Lasers_game

    MCSE/MCSA Implementing & Administering Security (70-214)

    Will Schmied (BSET, MCSE, CWNA, MCSA, Security+, Network+, A+) is a featured writer on W2K and WinXP technologies for CramSession.com. He has also authored several works for various Microsoft cert exams. He holds a bachelor?s degree in Mechanical Engineering Technology. This book's Technical Editor Tom Shinder is a contributing editor to WinXPnews.

    Syngress has hit a homerun with this 70-214 study guide and DVD combination. This book covers every aspect of this exam in very good detail and then offers you even more useful information that will go a long way towards keeping your network secure. The 2 hour DVD is an awesome addition that hammers home some of the most important subjects. As well, the depth of the practice questions is superb...this is a rare thing anymore with study guides.