- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Mar 31, 2003 (Vol. 8, #13 - Issue #419)
No Patch For NT To Plug New Hole
  This issue of W2Knews™ contains:
    • Need To Save Budget? Boost Server Consolidation
    • New W2Knews Refer-A-Friend Campaign
    • 'Critical' Update Now Denies Domain Logins
    • First Take On New MS Systems Initiative (DSI)
    • Fix A Major "Gotcha"
    • No Patch For NT To Plug New Hole
    • Lawyers Predict More Lawsuits For Security Breaches
    • Dell Fires First Printer War Salvo
    • Replication For Business Continuity: Webinar April 9-th
    • "iHateSpam Saved Me An Immense Amount Of Time"
    • PestPatrol Corporate Edition Available!
    • Consolidating Servers? You need Secure Copy
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • The Ultimate Job Security Tool
  SPONSOR: Quest Software
Who's Helping You Migrate to Exchange 2000?
Don't let an Exchange migration disrupt your business! Ease your
Active Directory and Exchange 2000 anxiety by putting our field-
proven methods and tools to use. Download our technical brief,
Migrating to Exchange 2000 Using FastLane Migrator, and get a
clear grasp on the typical migration scenarios and best practices
for migrating an entire organization to Exchange 2000, using our
industry-leading tool.
Visit Quest Software for more information.

Need To Save Budget? Boost Server Consolidation

A recent IT Manager conference in Las Vegas shows that Server and data center consolidation appears to be picking up speed. The main reason is the new hunt for big savings. In September last year we asked you if server consolidation was becoming a priority. And now, 6 months later, we are asking you the same question, to see if there is a change in this move to less, but beefier servers. So here is the new SunPoll:

Is server consolidation becoming a priority?

  • We have no plans to consolidate servers
  • We're considering consolidation now
  • We're already trying to consolidate as much as we can
Vote here, leftmost column:
You can see the results in real-time, right after you vote.

New W2Knews Refer-A-Friend Campaign

We've got a spectacular prize for this quarter's campaign. It's the Netsurfer Chair! Know a colleague that does not get W2Knews? Refer him as a subscriber and the both of you have a chance to win this piece of ultimate Internet furniture. Click below, complete your profile and refer a friend!

Have your friends use the link below to subscribe to W2Knews if they aren't already a member:

Quote of the day:
- Texas saying: "When in doubt, empty the magazine"

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: ScriptLogic
Cut Your Help Desk Support Calls by 50%
"Every once in a while a product comes along that just seems to get
the pieces right, providing both simplicity and power. ScriptLogic
fits the bill on both counts." - MCP Magazine
  • Logon, logoff and shutdown scripting
  • Install/update software packages
  • Create Outlook mail profiles
  • Create/remove shortcuts
  • Enforce security policies
    .... And Much More
  • Fully functional 45 day DOWNLOAD
    Free Born to Network T-shirt offer is available to US residents only.
    Visit ScriptLogic for more information.

    'Critical' Update Now Denies Domain Logins

    Just as a heads-up, I'm relaying a bit from an email a W2Knews subscriber just sent me this week. It shows you need to TEST, TEST, TEST any hotfix that you get alerted about. Here's the ugly detail: "Windows just made me install some "critical" updates, after which I could not reboot"

    The patch (security bulletin MS03-007), is incompatible with 12 software fixes for W2K issued by Microsoft's Product Support Services (PSS) between December 2001 and February 2002. Users running any of those fixes won't be able to reboot their W2K machines after applying the "critical" patch, according to a revised version of Microsoft's bulletin issued Tuesday.

    If you run W2K SP2, verify the version of a file called "n t o s k r n l . e x e" on your system before applying the patch. Versions of this file from 5.0.2195.4797 up to and including 5.0.2195.4928 were distributed by PSS and are not compatible with the patch.

    If you have an incompatible file on your system, contact MS PSS before applying the patch. If the patch is installed on a system with the incompatible file, the machine will fail on the first reboot and will have to be recovered using the W2K recovery console.

    First Take On New MS Systems Initiative (DSI)

    The AnalystViews site has a good article about MS' new future vision to make your applications "operationally aware". In describing this real-time infrastructure, Microsoft joins HP, IBM and Sun that have similar initiatives.

    It starts out like this. (Link to full article at the end.)

    "On 13 March 2003, Microsoft announced its Dynamic Systems Initiative (DSI), a real-time infrastructure strategy to improve simplicity, automation and flexibility in Windows environments.

    Microsoft differentiates its vision with a focus on Windows developers. In DSI, improving the dynamic, self-management characteristics of a service comes from designing, developing and deploying applications with operations, manageability, service definitions and topologies, security policies, and service-level characteristics kept in mind throughout the process. Microsoft calls this design schema the System Definition Model (SDM).

    In addition, DSI shifts the focus on Windows from a "one application/one operating system/one server" mentality toward virtualization ? characterized by mixed workloads within a single operating-system image, dynamic hard partitions, virtual machines, virtual storage, metadirectory services for virtual identity management and rapid image deployment. In Windows Server 2003, Microsoft will deliver the Windows System Resource Manager, an effective tool for managing resources between two applications (but it doesn't eliminate the application collision issue). Microsoft will also deliver Automated Deployment Services ? a tool to rapidly install images in a large number of servers (like blades) and make them operational ? and virtual storage enhancements." More at:

    Fix A Major "Gotcha"

    NTFS technology has improved considerably over the years. The downside is that even though the newer versions are backward compatible with pre-existing ones, there are some things that older operating systems cannot do with the newer versions. You might wind up doing some major damage to your security setup, ACLs or permissions unless you take this into consideration. Good lil' tip at the searchwin2000 site:

      NT/2000 RELATED NEWS

    No Patch For NT To Plug New Hole

    MS just this Wednesday warned everyone about an important new hole involving the Remote Procedure Call (RPC) protocol in NT, W2K and XP. The hole can allow a denial-of-service attack, and is Hole #10 this year.

    And here comes the 'interesting' bit. They made a patch available for W2K and XP, but not for NT. They claimed "architectural issues" and instead, provided a workaround. Hmmmm. This causes one to pause for a moment and ask oneself, is this the so called "shot before the bow"? (a warning originating from naval warfare that worse is going to come if you do not change course or comply). Could MS be reminding us in a not-so-gentle way we need to upgrade to W2K, or W2K3 that has just gone gold and was sent to mass manufacturing?

    I have included a link to the bulletin below. They said servers on an intranet were the most likely to be vulnerable to the attack. Redmond further said that responsible network security practices should prevent the vulnerability from being open on Internet servers. "Best practices recommend blocking all TCP/IP ports that are not actually being used," they said. "For this reason, most machines attached to the Internet should have port 135 blocked. RPC over TCP is not intended to be used in hostile environments such as the Internet." Here is the link:

    Lawyers Predict More Lawsuits For Security Breaches

    Security Wire Digest is an e-mail newsletter by Information Security magazine. They came out with an article that I thought you should share with your managers in the IT department. I'm quoting a short bit here:

    "Legal experts say a spattering of downstream liability lawsuits are setting the stage for a wave of cyberattack victims trying to recoup their losses through litigation.

    Few victims have brought legal action against companies that facilitate --wittingly or not-- worm outbreaks, distributed denial-of-service (DDoS) attacks or security breaches. However, attorney Marc Zwillinger says such cases are harbingers for a new class of lawsuits that will seek court remedies for IT security problems.

    As regulations, such as the financial industry's Gramm-Leach-Bliley Act (GLBA) and health care's Health Insurance Portability and Accountability Act (HIPAA) go into effect, the requirement to have adequate security could open some currently unregulated industries to lawsuits.

    "Once those duties come into effect, there will be lawsuits," says Zwillinger, an attorney with Sonnenschein, Nath and Rosenthal in Washington D.C.

    Observers say lawsuits will escalate in scope as victims seek compensation from enterprises used as middlemen in attacks, ISPs that don't ensure their users' security and software vendors that market insecure applications.

    Finding a liable party may not make a difference, Zwillinger says. If a victim can identify a few dozen potential contributors to its security breach, it could file lawsuits against all and exact settlements based on the negative publicity.

    "We'll likely see an increase in court mediation given the expanding pools of victims and the unwillingness of government to pass laws or regulations," says Richard Harris, a VP and research director at Gartner Group."

    Link to the best selling tool to patch your networks and prevent this:

    Dell Fires First Printer War Salvo

    They said they would do it, and then they did it. The attack on HP has started. Dell announced the first four models in its long-expected entry into the printer market. They will compete with low prices, and improved performance. Dell also promoted their Ink and Toner Management System. It displays ink or toner levels on the status windows of every print job and prompts users to order replacement cartridges.

    The first four machines include two personal printers and two workgroup printers. The Dell Personal All-in-One Printer A940, with a scanner, copier, fax software and color printing will cost $139. The Dell Personal Laser Printer P1500 costs $289. The Dell Workgroup Laser Printers are higher volume printers. A non-networked version, the S2500, costs $499. A networked version, the S2500n, costs $839.

    "We plan to improve the customer experience of purchasing printers and replacement ink or toner by delivering the same value, attention to service and industry-leading products as Dell has over the past 18 years," Tim Peters, vice president and general manager, Dell Imaging and Printing, said in a statement.

    And if you are looking to handle the last major area of uncontrolled network expense, check out Print Manager Plus:


    Replication For Business Continuity: Webinar April 9-th

    The IT community agrees; ensuring company longevity, data must be stored in multiple locations. Double-Take is helping many companies -- just like yours -- implement business continuity plans centered on data replication. Learn more by attending a unique first webinar hosted by Sunbelt Software, about replication for business continuity April 9-th 11:30 Eastern Standard Time. Put this in your planner!

    Topic: Business Continuity
    Time: Wed, 9 Apr 2003, 11:30 AM Eastern Daylight Time (EDT)
    Duration: 60 minutes
    Meeting URL (Address):

    To add this meeting to your Outlook calendar, click the following URL or enter it in your browser:

    (This URL works for Internet Explorer users with Outlook 2000 or later.)


    1. Click the following Meeting URL or enter it in your browser:
      Or alternatively, use the following URL:
    2. On the "Enter Meeting" page that appears, supply this information if requested:
      Your Name: (enter your name)
      Meeting ID: Business Continuity
      Meeting Key: 880000
      Conference Center Name: sunbelt
      and then click the ENTER button at the bottom of the page.
    To get to the audio for this presentation:
    Telephone Conference Call Information:
    International 302-709-8433
    USA 1-800-416-4956
    Passcode 104764#

    See you there!

    "iHateSpam Saved Me An Immense Amount Of Time"

    "I lost my personal work station two weeks ago whilst trying to do an ill-fated hardware update. I finally got it working again a couple of days ago. Although I scanned my e-mail for important messages using internet mail, by the time that the computer was working again I had accumulated over 900 e-mails, most of which were spam. After reinstalling Outlook and iHateSpam, I downloaded all of my e-mail from the server. iHateSpam did an outstanding job of separating the spam from the legitimate e-mail and saved me an immense amount of time. It's a very good product!!

    Also, I had lost the registration info and had to call your customer service. They were able to help me with alacrity and pleasantness. Altogether, a very positive Sunbelt experience."

    Try the client version and you'll see how well the server version will perform:

    PestPatrol Corporate Edition Available!

    Visit our new Sunbelt PestPatrol web page specifically designed to help users learn how PestPatrol works in the network environment. You will find lots of useful information including screen shots, white pages, and system requirements. Download a Corporate Edition Eval and order the product from Sunbelt:

    Consolidating Servers? You need Secure Copy

    Powerful NTFS File Copying. Secure Copy permits seamless migration, allowing you to copy files and directories on NTFS partitions while keeping the security intact, creating shares, and migrating local groups. All of this functionality is available in an easy to use GUI, which keeps you updated on copy progress, as well as any errors that may occur.

    Secure Copy also includes functionality such as differential copying, full command line support, saving multiple jobs, and scheduling jobs to run after hours:


    This Week's Links We Like. Tips, Hints And Fun Stuff

  • Wired mag's wish list for gadgets in 2013:

  • http://www.w2knews.com/rd/rd.cfm?id=030331FA-Gadgets
  • Bill Sanders, a happy W2Knews reader, wrote the Shakespearean Insult Generator which we now host for people that just made a mistake [grin]:

  • http://www.w2knews.com/rd/rd.cfm?id=030331FA-Shakespearean
  • Playing Poker with Korea. Warning, this is a "geopolitics" article:

  • http://www.w2knews.com/rd/rd.cfm?id=030331FA-Poker
  • Good posters at tripwire with known hacking attack patterns:

  • http://www.w2knews.com/rd/rd.cfm?id=030331FA-Posters

    The Ultimate Job Security Tool

    Your mission is to keep your servers up and running. The old rule was 'no one gets fired for buying IBM'. The new rule is 'no one gets fired for buying Double-Take'. This combination of High Availability and Disaster Recovery in-one sells more than all its competition combined. Double-Take is even W2K Datacenter Certified. This is the accepted, tried-and-tested way to prevent downtime, and best of breed in its field. Comes with mainframe quality tech support.