- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Mar 10, 2003 (Vol. 8, #10 - Issue #416)
Upgrading Your MCSE?
  This issue of W2Knews™ contains:
    • Upgrading Your MCSE?
    • W2K3, WinXP and Active Directory Deployment: Survey
    • Tech.Ed Europe Registration Site Now Fixed
    • Avoiding AD Disasters
    • Run an Email Server? How much storage does it gobble up?
    • W2K3 Pricing Stays The Same
    • U.S. Companies Don't Invest Properly In Disaster Recovery
    • Reshape AD Without The Pain
    • Retina's Version 4.9.75 checks for Big Sendmail Hole
    • Powerful New Version Of Event Archiver: V4.0!
    • Windows eBooks: Get Dozens of Free Books from the Industry's Top Authors!
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • SPECIAL OPS: Host And Network Security For MS, Unix and Oracle
  SPONSOR: VeriSign
Sponsored by VeriSign - The Value of Trust
Secure all your Web servers now - with a proven 5-part strategy.
The FREE Server Security Guide shows you how:
* DEPLOY THE LATEST ENCRYPTION and authentication techniques
* DELIVER TRANSPARENT PROTECTION with the strongest security
without disrupting users. And more. Get your FREE Guide now:
Visit VeriSign for more information.

Upgrading Your MCSE?

A reader just asked: "I have just got my MCSA and am looking into getting into some form of IT security as I enjoy the subject and it seems to be a big thing in the future. My question is: Should I continue to the MCSE or should I start security training? What are the best areas of IT security to get into? I currently do network/system admin duties. I thank you for your help".

Well, my answer is simple: Security! Start by getting the basic Security+ Cert and take it from there.

And talking about MCSE, many hundreds of you gave me your opinion about upgrading your Certification. It was so much that this time I have not been able to send you a personal thank you note back, which I normally do. Thanks for all your (extremely interesting) feedback though. The answers fell roughly in 5 buckets, so here is the new SunPoll where you can vote on it:

Are you going to upgrade your MCSE to W2K3?

  • Sure thing, I need to stay up to date and the company pays
  • Heck yes, even if I have to shell out the dollars myself
  • Not so sure anymore... But I'll keep learning on my own
  • Not likely, no time and money plus the returns are not there
  • No Way! Seems like Certification has become an MS profit center
Vote here, the SunPoll is at the leftmost column:

Quotes Of The Day:

  • Numbers are like people; torture them enough and they'll tell you anything.
  • One night, as I lay in bed, I looked up at all of the stars in the sky, and thought, "Where the hell is my ceiling!?!?!"
  • Insanity is contagious. Parents get it from their kids.
Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])
  SPONSOR: iHatePopups
Sick and Tired of Irritating Advertising Popups?
Hate being "spammed" like that? Need something to kill Popups?
Fight back with iHatePopups. Fast, easy protection from annoying
popup advertising. Special Intro Price for W2Knews subscribers:
only $9.95. iHatePopups blocks a wide range of annoying popup
advertising. Let's face it - popup windows can make surfing the
net an act of pure frustration. iHatePopups is an unobtrusive
and elegant utility. Buy your copy right away. Click here!
Visit iHatePopups for more information.

W2K3, WinXP and Active Directory Deployment: Survey

Want to know how your organization is doing? Want to compare with all your peers regarding these issues? The Yankee Group and Sunbelt Software are sponsoring this new survey and the results will be made public very soon. That way you get a quick insight how MS-sites are developing. This survey is like our earlier ones, all web-based multiple choice and takes less than two minutes. It would be great if you could contribute! Here is the link, and thanks in advance!

Tech.Ed Europe Registration Site Now Fixed

The person in charge of MS Tech.Ed Europe got in touch with me quickly after we reported last week that the site could be compromised. This is what he sent:

"I was very concerned when this issue was brought to my attention and acted immediately to shut down the link to the 3rd Party site where the error occurred. The site that had this problem was: https://www.albreunos.com/.

The company who runs this site manages all the hotel bookings for the TechEd event and other non-Microsoft events in Spain. This site is owned and operated by a third party called "Ultramar" which is not part of Microsoft, but as it is part of the whole TechEd service we of course take responsibility for it.

Now on our site, https://www.mseventseurope.com/registration/teched we ensure that Credit Card information is securely held. To ensure that the TechED registration site is secure the following is a brief summary of our process for storing and processing credit card info.

The registration pages are SSL based. Any credit card information is never sent or redisplayed to a delegate. The delegate only sees the last four digits of the card number on the confirmation page. The credit card number is stored in our database in encrypted form using an independent encryption algorithm. Only a single process on our system has access to this data in its unencrypted form. There is no way of accessing a conformation html page using query string or http header information.

I am going to take the necessary steps to ensure that this does not happen again on any 3rd party or Partner site that the registration site links to. We have already removed the link from the TechEd site and arranged a technical meeting with the 3rd party to help them fix any issues they have with security. We'll ensure we get an audit trail from this 3rd party regarding the access to the credit card data.

So, it's safe to register for Tech.Ed Europe now! The event is going to be 30 June - 4 July 2003, Barcelona. Spain.

Connect at Microsoft's premier European conference for building, deploying and managing connected solutions. Choose from 270+ in-depth technical sessions and hands-on labs to realize your full potential on the latest Microsoft technologies, platforms and tools. Click here:

Avoiding AD Disasters

Ah, the joys of Active Directory. First there's the design and planning of it. Then the fun migration. Then you actually get to use it. Fear not -- we've collected the most helpful links for you to make your AD deployment go smoothly. This is a good article by the people of SearchWin2000.com.

Run an Email Server? How much storage does it gobble up?

Sunbelt Software and the Yankee Group would like to know how much storage is actually being used, and what you expect in 2003. We'll make the results public soon! This is literally a one-minute survey. Fill it out? Thanks in advance!



W2K3 Pricing Stays The Same

So, you know what the cost will be for new systems. No surprises there really, since they just implemented Licensing 6.0. Some critics said: "Why would they raise prices again, they just did with 6.0". It is still expected late April.

But aside from that, here is the Windows Server 2003 price list:

The Windows Server 2003 Enterprise Edition costs $3,999, plus the cost of 25 client access licenses (CAL). The Windows Server 2003 Standard Edition will sell for $999, plus the cost of five CALs. The server, plus 10 CALs, will cost about $1,199. Pricing for Windows Server 2003 Web Edition is set for $399.

Separately, CAL prices are as follows: a Windows Server 2003 CAL 5-pack is $199, and a 20-pack is $799. The Windows Server 2003 Terminal Server CAL 5-pack is $749 and a 20-pack is $2,669.

The External Connector for Windows Server 2003 costs $1,999, identical to the price of the Internet Connector for W2K. The External Connector for Terminal Services in Windows Server 2003 costs less, $7,999 compared with $9,999 in the Windows 2000 Terminal Services Internet Connector version. These two products are available only through volume-licensing programs.


Some good news is that Web server pricing stays inexpensive. That is obviously not by accident, competitors such as Linux and Apache are free. The new Web Edition will cost less than half as much as the Standard Edition.

All these numbers above are list price. They basically serve as a baseline to calculate what you will pay under volume licensing deals. Larger volume licensing customers can expect a reduction by upwards of 40 percent or more based on Redmond's Licensing 6.0 program.


Terminal Server client licenses remain priced too high. The cost just does not compare to the perceived benefits. TS is built into the OS, you have no additional code to install, so why "pay twice"?

There are very similar issues with the price for the Enterprise flavor. The biggest benefit of Enterprise is clustering. But it costs roughly 300% of the standard product. That simply puts the needed High-Availability (HA) out of reach of many. Sales of third party HA tools like Double-Take grew 100% last year. See:

Last but not least, connecting file and print users now costs more too. The price for 5-packs of CALs rose by $2 to $3 per user. Twenty-packs now cost just as much per user [$40] as do 5-packs, which means some discounts have disappeared.

And, from the MS website, here are the short descriptions of each flavor:

  • "Windows Server 2003 Datacenter Edition: For business-critical and mission-critical applications that demand high levels of scalability and availability. Datacenter Edition will be available in 32-bit and 64-bit editions and will support 64-way multiprocessing systems.
  • Windows Server 2003 Enterprise Edition: For large enterprises as well as small and medium-size businesses to develop, deliver, and secure applications, Web services, and infrastructure -- high reliability, performance, and superior business value. Enterprise Edition will be available in 32-bit and 64-bit editions.
  • Windows Server 2003 Standard Edition: A multipurpose network operating system for the everyday needs of organizations of all sizes -- especially small businesses and workgroups. It offers secure Internet connectivity, allowing centralized desktop application deployment and supporting file and printer sharing.
  • Windows Server 2003 Web Edition: A new product within the Windows operating systems that will provide both Web serving and hosting. Designed to be used primarily as an Internet Information Server 6.0 Web server, it provides a platform for rapidly developing and deploying XML Web services and apps".
And as a last comment, you can expect add-ons like Share-Point, Digital Rights Management, and "Greenwich" (basically instant messaging for the enterprise) later this year.

Microsoft released a beta of Greenwich this week. It is Redmond's most serious attempt to squash AOL's instant messenger, not to forget IBM's and Yahoo's. Greenwich includes stuff like security features, user-authentication tools and allows data sharing, video and voice. Redmond figures a corporate market the size of business e-mail. Well, don't count on that. But do count on another support headache.


U.S. Companies Don't Invest Properly In Disaster Recovery

ComputerWorld came out with a fairly astounding article about the results of recent Dataquest research results about companies not investing in disaster recovery. They started it like this: This is great ammo for you to finally get HA and DR budget.

" U.S.-led war in Iraq that could spawn new terrorist attacks in the U.S. could be less than two weeks away, but that hasn't prompted many companies in the U.S. to invest adequately in disaster recovery, according to a new study released today by Dataquest Inc.

The study, "Investment Decisions: Preparing for Organizational Disasters," warns that unless companies invest immediately in disaster preparedness planning, as many as one in three could lose critical data or operational capability if a disaster occurred.

IT managers from 205 end-user companies representing eight vertical industries in the U.S., including government, aren't investing appropriately in disaster plans because they don't have the money to reach their required readiness levels," said Tony Adams, principal analyst in Dataquest's IT services group. "Budget constraints are forcing an average of 40% of respondents to rely on a best guess to determine potential risk rather than obtaining formal assessments, which would be too costly," he said.

"Organizations may have researched and prepared a disaster recovery plan, but the data shows that only a fraction have involved themselves in contingency planning for external events that might impact their capability to perform their business operations," the study concludes.

"Losing data that affects business operations is avoidable and unacceptable, so CEOs and COOs must make it their priority, otherwise, "the markets will punish any company who drops the ball", said Keast. The full article is here:

And here is an affordable solution for 'HA-and-DR-in-one'. Double-Take announced record, 100% sales growth in 2002. During the year they added more than 900 new customers, bringing the total number of deployed licenses of its replication products to more than 20,000.

Reshape AD Without The Pain

Aelita Software this week introduced the first software ever that provides automated tools for reshaping Microsoft's rigid Active Directory.

The company is first to market and introduce Enterprise Migration Manager (EMM), which allows users to combine different Active Directory architectures or spilt one directory into several directories. Whether your changing world dictates simple "Pruning & Grafting" or more extensive Active Directory redesign, Aelita Enterprise Migration Manager offers a pretty compelling solution to your restructuring needs. Enterprise Migration Manager is all you need to restructure AD in a constantly mutating corporate environment.

Even before its "official" announcement, the first article has appeared announcing EMM to the world. This article, in Network World Fusion, includes quotes from beta user Scott Elia at Community General Hospital, as well as from John Enck of Gartner.

For article on EMM, click the link below:

For additional Product Information on EMM, click the link below:

Retina's Version 4.9.75 checks for Big Sendmail Hole

Some sources are claiming that Sendmail is the most popular email server platform, comprising up to 75% of all mail servers in existence today. A worm for this hole could be really, really bad. This check available in V4.9.75 could be of interest to a lot of people. After installing the evaluation or if you already are using Retina run the Auto Update to get the latest signatures, as always! Here is the eval:

Powerful New Version Of Event Archiver: V4.0!

Any comprehensive network security policy needs to provide for routine event log preservation and consolidation. Preserving your event logs is important because it provides you with accountability during an audit (in order to meet HIPAA, government, or financial sector requirements), as well as allowing those logs to be readily submittable to law enforcement after an intrusion event.

On the other hand, consolidation of that data into a central database is equally as important, as it allows you to quickly filter out certain types of information and perform cross-computer analysis to spot trends.

Unfortunately, the heterogeneous nature of some networks (multiple domains, LANs and WANs) makes it difficult to design an effect strategy for event log preservation and consolidation. Bandwidth may be scarce on certain network segments, yet ample on other segments. In addition, firewalls may complicate the ability of an organization to routinely pull log data from machines in a de-militarized zone or other restricted environment.

Event Archiver 4.0 has been designed with these challenges in mind. Building on the strength of its predecessor, Event Archiver 3, version 4.0 now has many new features that make it well-suited for the preservation and collection of event logs in networks of all types and sizes. In LAN environments, Event Archiver can be setup as a dedicated, client-free collector that archives and manipulates log data remotely. In WAN and DMZ settings, you can use Event Archiver as an autonomous collector that self-collects log data from itself and pushes that data over firewalls using the FTP or ODBC ports you want it to use.

We encourage you to try out Event Archiver 4.0 in your environment, and see how its flexible configurations and automation can reduce your workload. Here are some of the newest features available in version 4:

The hourly scheduling option lets you repeatedly archive logs every 1, 2, 4, 6, 12 hour(s). The selected days scheduling option lets you archive logs at a certain time on specific days of the week - Mon, Wed, Fri, for example.

A new "Always Archive When Full" global option is available. When set, Event Archiver will always archive event logs that are about to fill up, regardless of their other primary schedule, such as weekly archiving.

EVT files and comma-delimited text files can be automatically compressed before they are moved to and stored on a central file server.

EVT files and comma-delimited text files can be transported via FTP to any file server in any part of your network, regardless of logical network boundaries or firewall restrictions.

Event Archiver 4.x has been tested directly against Oracle 9i databases, allowing you to create Oracle-compatible tables in certain schemas and tablespaces automatically. This further complements the already native support for Microsoft Access and Microsoft SQL Server.

Event Archiver 4.x now ships with a failed archiving manager, which automatically attempts to retry partially failed archives, that can arise when database servers become unavailable or a central file server is taken offline. Administrators can manage the failed archives inside the Event Archiver Control Panel.

Event Archiver 4.x can be set up to notify an administrator when a warning or error is encountered while performing an archiving operation. All that is required to enable this option is a recipient email address and a valid SMTP server through which to relay.

Event Archiver 4.x also ships with a batch file importer tool, allowing you to import old, saved EVT files or orphaned EVT files en masse into a database whenever necessary.

Check this tool out. Evaluation version available at:

Windows eBooks: Get Dozens of Free Books from the Industry's Top Authors!

Realtimepublishers is bringing quality eBooks to IT readers for free. Written by the industry's top authors and published online in "real-time," as they're written, these books provide the most up-to-date information available. Each book is sponsored by a leading vendor, however, they aren't marketing brochures or white papers - they're information-packed learning tools. Microsoft, Citrix, and NetIQ are among the current sponsors with titles ranging from Windows security to Group Policy. Browse current eBooks or learn about upcoming titles at:


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Did you know MS has an anti-coercion policy..? And it seems one can violate the anti-coercion policy using Outlook2001 for the Mac:

  • http://www.w2knews.com/rd/rd.cfm?id=030310FA-Microsoft
  • The things you encounter when you work on the Helpdesk of a major computer manufacturer: "Stupid Computer Tricks":

  • http://www.w2knews.com/rd/rd.cfm?id=030310FA-HelpDesk_Tricks
  • Enter to win a TabletPC. MS gives away one of these puppies every day it looks like:

  • http://www.w2knews.com/rd/rd.cfm?id=030310FA-TabletPC
  • Nigerian Money Scammer being "scammed" himself. Long... but good for a laugh:

  • http://www.w2knews.com/rd/rd.cfm?id=030310FA-Money_Scam
  • BBC News reported that the Net speed record was smashed:

  • http://www.w2knews.com/rd/rd.cfm?id=030310FA-Net_Speed

    SPECIAL OPS: Host And Network Security For MS, Unix and Oracle

    This book is designed to be the "one-stop shop" for security engineers who want all their information in one place. Content includes the newest vulnerabilities and exploits, assessment methodologies, host review guides, secure baselines, and case studies to bring it all together. Several security experts offer guidance on both technical and strategic subjects. Erik Pace Birkholz (CISSP, MCSE) is a Principal Consultant and Lead Instructor for Foundstone, Inc. Since 1995, Erik has performed internal security assessments, penetration tests, host security reviews, Web application assessments, and security training around the world. Erik is a contributing author of four of the six books in the international best selling series, Hacking Exposed, Network Security Secrets and Solutions.