Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jun 2, 2003 (Vol. 8, #22 - Issue #428)
The State Of Your Security
This issue of W2Knews contains:
- EDITORS CORNER
- The State Of Your Security
- TECH BRIEFING
- Delegate And Celebrate
- Microsoft Creates New Group To Clean Its Coding Act
- Don't You Hate It When This Happens...
- NT/2000 RELATED NEWS
- MS Blinks: Overhauls Licensing 6.0
- "Legal Beat"
- NT/2000 THIRD PARTY NEWS
- The Sickness: Spam Filling Up Your Blackberry Devices
- New Flaw Detected in Windows Media Services
- The Press Loves The Hound
- Lower Your Windows Storage TCO
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Amazon Gives Away iHateSpam Client At No Charge
SPONSOR: You Deserve Complimentary Protection At Home!
Tired of spending up to $50 on AV and firewall licenses every year
for each machine in your home? Qualify on our industry perks program
and never pay again! (Cover all of your home machines too ? for no charge.)
You'll get Panda Software's professional AV + firewall, the one that catches
More Viruses, Faster?, even on machines you thought were protected!
(Limited time, US-only program for qualified entrants only.)
Visit You Deserve Complimentary Protection At Home! for more information.
The State Of Your Security
First, the results of last week's SunPoll that I promised. The
question was: Describe the impact of Microsoft's Trustworthy
Security initiative on your firm. Some people tried to make it
look more negative by voting many times, but we deleted double
votes. The final results are here, and you can see that MS
still has some ways to go with this:
So now, let's go into a little more detail about security.
You are all familiar with the Yankee Group I think. They are
one of the most influential Industry Analysts around, (in the
same league as for instance Gartner). Yankee and Sunbelt do
regular surveys on Microsoft related issues. Last year, we
surveyed Licensing 6.0 and three days after the Press Release,
when the results came out, MS decided to push the Licensing
6.0 implementation day back for 6 months.
- None. It's all hype: 28%
- Some, we're happy that Microsoft is doing it but not
sure if it will really help: 17%
- Positive. This is a good first step and we feel Microsoft
software is somewhat more secure: 21%
- Very positive. It has restored / increased our confidence
in the security of Microsoft products: 10%
- Unsure. We applaud Microsoft's efforts but believe the
hackers will continue to wreak havoc: 24%
Well, we have another survey for you. This time we'll go into
more specifics regarding MS Security. The results will be made
public very shortly, and you are invited to (of course anonymously)
voice your opinion and experience of the current state of
Security. It is going to be extremely interesting to see if
there is any significant improvement in this area! This survey
is going to take just a few minutes, as this one is practically
Here you go:
Quotes of The Day:
- The fellow who blows his own horn the loudest is probably
in the biggest fog.
- Computer programmers never die... they just byte the dust.
- Only two things are infinite, the universe and human
stupidity, and I'm not sure about the former.
(email me with feedback: [email protected])
NO COST CIO eBook for Managing and Securing the Enterprise -
Need in-depth best practices for systems and security management?
Register now for the complimentary ebook, "From Chaos to Control:
The CIO's Executive Guide to Managing and Securing the Enterprise,"
brought to you by NetIQ and Realtimepublishers.com. Topics covered
include: Top 10 Corporate Manageability Policies; Top 10 Overlooked
Vulnerabilities; Top 10 Corporate Security Breaches.
Visit NetIQ for more information.
Delegate And Celebrate
One solid benefit of Windows 2000 and Windows Server 2003 Active
Directory domains over all previous Windows network directory
services is the ability to delegate administrative authority over
individual object attributes. No longer must you grant a user
administrative group membership to grant them single-purpose
administrative-level capabilities. That means that a small
department head, for example, can administer the PCs in his
department (an engineering group, perhaps) without having admin
privileges, and without getting access to PCs in other departments.
Here is the full tip:
Microsoft Creates New Group To Clean Its Coding Act
InfoWorld just came out with an article that is interesting and
related to our Security Focus this issue. Redmond is expanding
its security business unit with a group that will establish new
software development processes and create tools for its coders
so that future Microsoft products will have fewer security flaws,
a Microsoft executive said.
"The new Security Engineering Strategy team will look at security
across all Microsoft product lines, with the ultimate goal being
that customers will take security for granted in Microsoft products,"
Steve Lipner, the recently named director of Security Engineering
Strategy at Microsoft, said in an interview on Wednesday. For the
Don't You Hate It When This Happens...
XADM: The recipient update service does not work in an environment
that contains more than 800 domain controllers. Here is the MS
Knowledge Base article:
A change to Microsoft's tape backup feature makes file backup
tapes created with Windows Server 2003 incompatible with previous
versions, like W2K and XP. They are working on a fix...
NT/2000 RELATED NEWS
MS Blinks: Overhauls Licensing 6.0
By Laura DiDio
The Yankee Group
"The longest road in the world is the road to redemption."
It's rare that corporations or individuals get a second chance to
make a good first impression. Particularly when the first impression
was one of the biggest business blunders the high tech industry
has witnessed in recent years.
But Microsoft is attempting to do just that. The Redmond, Wash.
software giant is hoping that the sweeping changes it introduced
this week to its highly controversial and heretofore-unpopular
Licensing 6.0 Plan will ease the resentment and restore confidence.
The most striking changes are in the Software Assurance Plan. So
are these changes real or cosmetic? Microsoft is for real on this
The changes to Software Assurance make the plan more economical
and provide tangible and immediate business value to small, mid-sized and large enterprises. Microsoft has not yet announced any price rollbacks. The company's new plan provides a corporate cornucopia of free services and training. The Yankee Group estimates these freebies are worth from $8,000 to $10,000 for
small businesses with as few as 100 users to hundreds of thousands
and even millions to very large enterprises with 100,000+ end users.
What Customers Now Receive with Software Assurance
So what do you actually get? The giveaways include:
Licensing 6.0 Background
- Free Home Use Rights for Information Worker products such as
Microsoft Office, Visio, FrontPage, Publisher, etc. This is a
return to the free Home Use rights that existed until Microsoft
changed the rules and began charging for it about five years ago.
So for example, a corporation that purchases volume license
copies of Microsoft packages for its work environment will now
be legally in compliance if their employees take the software
home and install it on their personal desktops.
- An Employee Purchase plan. Corporate employees can now purchase
software at hefty discounts.
- Free TechNet Web-based support. Businesses that buy a Licensing
6.0 Open Value or Enterprise Agreement will get access to the
TechNet Online Concierge Chat which, depending on the Terms and
Conditions of your contract, will allow you a specified number
of free, Web-based technical support incidents. However, customers
should not confuse this with a full hour, two hour or unlimited
technical support services with a Microsoft Premier support
specialist. But you will have immediate technical support access
and interaction. And that in itself is a big boon.
- Elearning training
- Free Training Vouchers for Microsoft Certified Training Education
Center (CTEC): Customers will get vouchers worth $300-$400 in
training coupons to get certified on a variety of Microsoft desktop software platforms. Server products are not presently included in this giveaway. Instead, Microsoft will provide Web-based customer support for Standard Server edition products and telephone support for the higher priced Enterprise Edition products. Simply put, Enterprise Edition customers pay more and they get more. The Enterprise corporations can call for live support during business hours. And they also get the aforementioned free access to the TechNet's Concierge Chat service. Server customers will also gain access to managed news groups and TechNet, plus receive regular CDs with technical support. TechNet subscriptions
currently cost $900.
- Ability to "Pay as You Go" for Hot Fixes: Currently Microsoft
has a five-year support cycle. Corporations that want support
or special hot fixes beyond that time can get support extended
for an additional two years when they purchase Software Assurance.
To sweeten the deal, Microsoft will not charge your business
until you actually need and use the support. So there's no liability attached. If you don't use it, you don't pay.
As we all know, Microsoft first unveiled the plan in May 2001. It
favored those companies that were on a regular two and three year
upgrade cycle. It also introduced the concept of an Enterprise Subscription License, a licensing leasing plan and a new upgrade and
maintenance program called Software Assurance. Additionally, the
Licensing 6.0 Plan removed many of the most popular and economical
software "bundles" and replaced them instead with an "a la carte"
Corporations screamed with one near universal negative voice that
their costs would increase by an average of 20% to 30%. Adding fuel
to the fire: Microsoft's timing couldn't have been worse. The new
Licensing scheme launched just as the industry was plunging into
the worst and most protracted downturn in its history. Certainly
Microsoft had no way of knowing that.
In fairness, in the months following the user outcry, Microsoft
responded by pushing back the initial launch date from October 1,
2001 to February 28 and finally to August 2nd. Microsoft hoped
the delay would quell user anger.
More time elapsed. User anger did not diminish. The economy did
not rebound. And the threat from Linux loomed.
The most recent joint Yankee Group/Sunbelt Software, Inc. April
2003 survey of 1,000 IT managers worldwide, indicated that thus
far, about 28% of Microsoft's installed base has migrated to
Licensing 6.0 Plan and another 42% exercised their option last
year to renew their existing Licensing 5.0 agreements. Microsoft
revenues increased by 31% late last fall and 26% of that rise was
directly attributable to Licensing 6.0 upgrades. But in the last
two fiscal quarters, the Licensing revenues declined. Microsoft
wisely took note and responded with the wide-ranging changes to
In April, with little fanfare, Microsoft introduced a slew of other
licensing improvement options. All were aimed at delivering flexibility, more value for the money and restoring customer confidence in the Microsoft brand. They include:
So will the revamped Microsoft Licensing 6.0 changes to Software
Assurance and the new flexible options restore your confidence in
Microsoft and assuage outrage and resentment? Time will tell. And
it won't happen overnight. Microsoft is making a concerted effort
to work with you, its customers. Now is a good time to contact
your sales representatives or resellers and talk to them about how
you can get a better deal. You'll never have a better chance to get
a better Return on Investment.
- A user Client Access License. Prior to this only per device CALs
were available. This added option is more cost effective for
businesses with a large contingent of multiple, remote or traveling users. It will allow them to access the server from multiple
devices. Corporations still have the option of purchasing device
CALs or User CALs -- or both when appropriate.
- An External Connector Option: This option is aimed at corporations that want to allow their business partners, suppliers
and customers to have access to the corporate network. Before
this only an Internet Connector License was available and this
license only covered the corporation's internal users.
- Per Processor Licensing Improvements: The new plan requires that
customer's license only those processors that are accessible to
the operating system copies upon which the Server software runs.
Corporations many now also install and run any number of copies
of the Server software on the processors that have been licensed
for that Server software (i.e. Microsoft Windows Server, Microsoft
Exchange Server, Microsoft SQL Server 2000, Microsoft BizTalk
Server 2002 and Microsoft Security and Acceleration Server 2000).
The real value here is that customers many install multiple copies
of the Server software under one license. This is a viable alternative to a concurrent licensing scheme.
It's a term in journalism that when some one writes about a
certain area like law, they "cover the legal beat". So here is
a small update about the status of the industry. As you know,
in IT a healthy and ferocious marketing warfare is being fought
daily. Lawsuits are part and parcel of this marketing warfare.
You could say that a lawsuit is the equivalent of a 1,500 pound
bomb dropped on the competitor's headquarters. So here are two
short legal beat items:
Recently SCO dropped one of these on IBM, claiming IBM violated
their Unix copyrights with its use of Linux. Now Novell claims
that the SCO group has no rights to do this, and that Novell
owns the key rights to Unix! Novell also wants SCO to stop with
its claims that Linux developers "stole" Unix code. The Open
Source community takes a sigh of relief and SCO's stock drops
like a brick. The lawyers are having a field day again!
MS is going to pay AOL/Netscape the sizable sum of $750 million
to settle their private antitrust case about the old Netscape
browser. Remember Netscape sued MS for alleged anticompetitive
practices to leverage the Windows monopoly to help launch IE?
Well, they settled and decided to collaborate on a wide range of
Internet, digital media and instant messaging technologies. MS
will grant AOL a royalty-free, seven year license for Internet
Explorer. That makes IE now the DEFAULT browser for the whole
industry, except for a few of us that like Mozilla or Opera
better. MS is going to open up the kimono regarding IE so that
AOL can better interface with it. The result of this settlement
will be some kind of industry standard emerging for digital
media distribution now that the browser war has finally ended.
THIRD PARTY NEWS
The Sickness: Spam Filling Up Your Blackberry Devices
The Cure: iHateSpam Server Edition. (This is a letter sent to
us by some one who recently installed it. It's unchanged):
"Digital Infrastructure, Inc. is a 3rd Party IT Service Company
located in Los Angeles, CA. Most of our Clients are Professionals,
ranging from Doctors and Dentists to Lawyers and Accountants. We
service businesses as large as the Culver City Unified School
District and as small as the single computer retail store. For
communication, our Technical Staff relies heavily on the use of
email, specifically the Blackberry two-way pager-like device.
The Blackberry Enterprise Server (BES) works by picking up any
message delivered to a User's In-Box (Exchange) and then delivers
the message to that User's device. Unfortunately, the included
desktop BES software has very minimal filtering capabilities.
Additionally, spam filters that work after a message has already
been delivered to a User's In-Box serve no purpose as the BES
has already delivered the message to the User's device. That
is why it was absolutely necessary for our organization to filter
spam at the highest level ? before it even reaches a User's In-Box.
iHateSpam Server Edition for MS Exchange 2000 does exactly that.
Installing the iHateSpam Server Edition (iHSSE) on our Exch2k
Server was painless and we were impressed that the process did
not require a reboot. The iHSSE has a familiar looking Management
Console (MMC) and the spam filter (policy) is pretty much ready
to go out-of-the-box. The system works by checking incoming
messages against its own database of known spam-like messages
and then either Quarantines the messages or delivers them to
the In-Box. Users of Outlook and the OWA (Outlook Web Access
Client) will find a new folder in their folder tree called "Spam",
with subfolders for tracking Blacklists (message-types that
are known spam), Whitelists (message-types that you wish to
receive) and Quarantine (message-types filtered out of your
wanted messages). Through Exchange, iHSSE automatically adds
a User's Contact list to the Whitelist and permits email sent
from Contacts to pass through.
Blackberry Users in our organization report "almost no spam"
delivered, a far cry from the hundreds of unwanted messages
previously received. In addition, because federal guidelines
regarding HIPAA (Health Insurance Portability and Accountability
Act) compliance affects a large number of our Clients, most are
now installing their own Exchange Servers to guard the privacy
of the patients/clients that communicate via email. Along with
the standard software package that we include with every computer
network installation, such as Symantec Corporate Anti-Virus for
Servers and Workstations, Symantec Anti-Virus for Exchange,
Executive Diskeeper 7, etc., we are now proud to make iHSSE
part of that package. It is best of breed and if you require
assistance, Sunbelt's Support Staff is quick, courteous and
knowledgeable. I've even started to use my Blackberry again."
Scott Goldman, President
Digital Infrastructure, Inc
Check iHateSpam Server Edition out at:
New Flaw Detected in Windows Media Services
A flaw was detected this past week in the ISAPI extension for MS
Windows Media Services. Although Microsoft has incorrectly listed
the vulnerability as a denial of service (DOS) issue, experts at
eEye Digital Security have notified Microsoft that the vulnerability
is actually a Buffer Overflow issue. The hole results from an
unchecked buffer in the nsiislog.d l l file used for logging. In
an attack scenario, a specially crafted request is sent to the
server, the logging file will attempt to write a larger buffer
than is possible ? causing Microsoft's IIS service to fail.
To protect your Microsoft web server against this new hole, as
well as other known and unknown attacks, SecureIIS automatically
prevents the Windows Media Services buffer overflow ? even on
As an aside, and not related to this article, I do have a few
security related questions for you, just as reminders: Have you
really purged every default password from everything on your LAN?
When did you last check for any unauthorized 'Net connections
that bypass the firewall? Did you remove any unneeded services
from all your servers? And how about your annual security audit?
SecureIIS operates within Microsoft's IIS to actively inspect
all incoming requests at each stage of data processing and prevent
potentially harmful network traffic ? whether encrypted or
unencrypted ? from penetrating your servers. In protecting against
the Windows Media Services vulnerability, SecureIIS checks the
lengths of supplied buffers and drops the connection if it
exceeds the maximum size allotted. In this manner, SecureIIS
protects web servers from this class of attack. With new holes
being discovered everyday, like the Cross-Site Scripting (CSS)
vulnerability posted recently - you need keep your web servers
protected. Download a free trial version of SecureIIS Web
Server Protection here:
The Press Loves The Hound
eWEEK just wrote about LanHound, I'm just quoting a bit here:
"LanHound, cuts the cost of basic protocol analysis and network
monitoring-especially for switched LANs-in a commercial-grade
product. The cost to capture and analyze network protocols such
as TCP/IP, NetBEUI, IPX/SPX and AppleTalk on switched networks
can be high, since vendors often charge for each remote segment
or switch port. Typical protocol analyzers can start at $1,000,
plus $395 per remote agent. LanHound, which includes three remote
agents for $595, could greatly reduce the cost to monitor and
analyze network traffic across multiple segments."
"That pricing will make a big difference," said beta tester Erik
Goldoff, systems manager at The HoneyBaked Ham Co., in Norcross,
Ga. "You are talking a factor of 10 cheaper. With LanHound, it
just starts monitoring the network and shows where the protocol
distribution is [and] what the network statistics are." LanHound
displays statistics in charts and bar graphs and lets users set
alarms that trigger a packet capture to aid trouble-shooting.
Here is the article:
And here is the download so you can see it for yourself:
Lower Your Windows Storage TCO
How much could you save *right now* by eliminating junk and
duplicate data? Do you want to plan more effectively for server
consolidation or storage deployments? Get out of reactive mode!
Register for your NO COST Windows Storage Utilization Review
and get answers before you spend another cent. Forecast storage
demands and delay new storage expenses until you're really ready
to purchase. The Storage Review is a limited time offer, so
This Week's Links We Like. Tips, Hints And Fun Stuff
Why the Open Source Community thinks the SCO vs. IBM lawsuit is
Planning to protect your servers for an earthquake? Check out these cabinets!
The NCSA clustered 65 PlayStation 2's together running Linux using
a fast HP switch:
Very cool little self-balancing robot. Cute!
And which product does everyone choose for disaster recovery and
high availability "in-one"?
Alan Turing Home Page. The enigmatic founder of computer science:
Been "Comp-axed"? (laid off from Compaq or another hardware vendor?)
This site is a free community resource, to network with each other
to find employment:
PRODUCT OF THE WEEK
Amazon Gives Away iHateSpam Client At No Charge
Just so that you know, Amazon.com is running a special, and
literally gives away the full boxed client version of iHateSpam.
Actually, when you send in the rebate coupon you actually make a dollar. But this offer ENDS JUNE 14, so you have to be quick
to benefit from it. We created a link to the rebate coupon on
this page. Print it, fill it out, and send it in. A great gift
for either yourself or some one who hates spam. Be quick: