1. EDITORS CORNER
   • The State Of Your Security
2. TECH BRIEFING
   • Delegate And Celebrate
   • Microsoft Creates New Group To Clean Its Coding Act
   • Don't You Hate It When This Happens...
3. NT/2000 RELATED NEWS
   • MS Blinks: Overhauls Licensing 6.0
   • "Legal Beat"
4. NT/2000 THIRD PARTY NEWS
   • The Sickness: Spam Filling Up Your Blackberry Devices
   • New Flaw Detected in Windows Media Services
   • The Press Loves The Hound
   • Lower Your Windows Storage TCO
5. W2Knews 'FAVE' LINKS
   • This Week's Links We Like. Tips, Hints And Fun Stuff
6. PRODUCT OF THE WEEK
   • Amazon Gives Away iHateSpam Client At No Charge

The State Of Your Security

First, the results of last week's SunPoll that I promised. The question was: Describe the impact of Microsoft's Trustworthy Security initiative on your firm. Some people tried to make it look more negative by voting many times, but we deleted double votes. The final results are here, and you can see that MS still has some ways to go with this:

• None. It's all hype: 28%
• Some, we're happy that Microsoft is doing it but not sure if it will really help: 17%
• Positive. This is a good first step and we feel Microsoft software is somewhat more secure: 21%
• Very positive. It has restored / increased our confidence in the security of Microsoft products: 10%
• Unsure. We applaud Microsoft's efforts but believe the hackers will continue to wreak havoc: 24%

Well, we have another survey for you. This time we'll go into more specifics regarding MS Security. The results will be made public very shortly, and you are invited to (of course anonymously) voice your opinion and experience of the current state of Security. It is going to be extremely interesting to see if there is any significant improvement in this area! This survey is going to take just a few minutes, as this one is practically all 'point-and-click"!

Here you go:
http://www.w2knews.com/rd/rd.cfm?id=030602ED-Survey

Quotes of The Day:

• The fellow who blows his own horn the loudest is probably in the biggest fog.
• Computer programmers never die... they just byte the dust.
• Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.

Delegate And Celebrate

One solid benefit of Windows 2000 and Windows Server 2003 Active Directory domains over all previous Windows network directory services is the ability to delegate administrative authority over individual object attributes. No longer must you grant a user administrative group membership to grant them single-purpose administrative-level capabilities. That means that a small department head, for example, can administer the PCs in his department (an engineering group, perhaps) without having admin privileges, and without getting access to PCs in other departments. Here is the full tip:
http://www.w2knews.com/rd/rd.cfm?id=030602TB-Admin_Rights

Microsoft Creates New Group To Clean Its Coding Act

InfoWorld just came out with an article that is interesting and related to our Security Focus this issue. Redmond is expanding its security business unit with a group that will establish new software development processes and create tools for its coders so that future Microsoft products will have fewer security flaws, a Microsoft executive said.

"The new Security Engineering Strategy team will look at security across all Microsoft product lines, with the ultimate goal being that customers will take security for granted in Microsoft products," Steve Lipner, the recently named director of Security Engineering Strategy at Microsoft, said in an interview on Wednesday. For the full story:
http://www.w2knews.com/rd/rd.cfm?id=030602TB-Microsoft

Don't You Hate It When This Happens...

XADM: The recipient update service does not work in an environment that contains more than 800 domain controllers. Here is the MS Knowledge Base article:
http://www.w2knews.com/rd/rd.cfm?id=030602TB-XADM

MS Blinks: Overhauls Licensing 6.0

By Laura DiDio
Senior Analyst
The Yankee Group
Boston, Mass.

"The longest road in the world is the road to redemption."

It's rare that corporations or individuals get a second chance to make a good first impression. Particularly when the first impression was one of the biggest business blunders the high tech industry has witnessed in recent years.

But Microsoft is attempting to do just that. The Redmond, Wash. software giant is hoping that the sweeping changes it introduced this week to its highly controversial and heretofore-unpopular Licensing 6.0 Plan will ease the resentment and restore confidence.

The most striking changes are in the Software Assurance Plan. So are these changes real or cosmetic? Microsoft is for real on this issue.

The changes to Software Assurance make the plan more economical and provide tangible and immediate business value to small, mid-sized and large enterprises. Microsoft has not yet announced any price rollbacks. The company's new plan provides a corporate cornucopia of free services and training. The Yankee Group estimates these freebies are worth from $8,000 to $10,000 for small businesses with as few as 100 users to hundreds of thousands and even millions to very large enterprises with 100,000+ end users.

What Customers Now Receive with Software Assurance

So what do you actually get? The giveaways include:

• Free Home Use Rights for Information Worker products such as Microsoft Office, Visio, FrontPage, Publisher, etc. This is a return to the free Home Use rights that existed until Microsoft changed the rules and began charging for it about five years ago. So for example, a corporation that purchases volume license copies of Microsoft packages for its work environment will now be legally in compliance if their employees take the software home and install it on their personal desktops.
• An Employee Purchase plan. Corporate employees can now purchase software at hefty discounts.
• Free TechNet Web-based support. Businesses that buy a Licensing 6.0 Open Value or Enterprise Agreement will get access to the TechNet Online Concierge Chat which, depending on the Terms and Conditions of your contract, will allow you a specified number of free, Web-based technical support incidents. However, customers should not confuse this with a full hour, two hour or unlimited technical support services with a Microsoft Premier support specialist. But you will have immediate technical support access and interaction. And that in itself is a big boon.
• Elearning training
• Free Training Vouchers for Microsoft Certified Training Education Center (CTEC): Customers will get vouchers worth $300-$400 in training coupons to get certified on a variety of Microsoft desktop software platforms. Server products are not presently included in this giveaway. Instead, Microsoft will provide Web-based customer support for Standard Server edition products and telephone support for the higher priced Enterprise Edition products. Simply put, Enterprise Edition customers pay more and they get more. The Enterprise corporations can call for live support during business hours. And they also get the aforementioned free access to the TechNet's Concierge Chat service. Server customers will also gain access to managed news groups and TechNet, plus receive regular CDs with technical support. TechNet subscriptions currently cost $900.
• Ability to "Pay as You Go" for Hot Fixes: Currently Microsoft has a five-year support cycle. Corporations that want support or special hot fixes beyond that time can get support extended for an additional two years when they purchase Software Assurance. To sweeten the deal, Microsoft will not charge your business until you actually need and use the support. So there's no liability attached. If you don't use it, you don't pay.

Corporations screamed with one near universal negative voice that their costs would increase by an average of 20% to 30%. Adding fuel to the fire: Microsoft's timing couldn't have been worse. The new Licensing scheme launched just as the industry was plunging into the worst and most protracted downturn in its history. Certainly Microsoft had no way of knowing that.

In fairness, in the months following the user outcry, Microsoft responded by pushing back the initial launch date from October 1, 2001 to February 28 and finally to August 2nd. Microsoft hoped the delay would quell user anger.

More time elapsed. User anger did not diminish. The economy did not rebound. And the threat from Linux loomed.

The most recent joint Yankee Group/Sunbelt Software, Inc. April 2003 survey of 1,000 IT managers worldwide, indicated that thus far, about 28% of Microsoft's installed base has migrated to Licensing 6.0 Plan and another 42% exercised their option last year to renew their existing Licensing 5.0 agreements. Microsoft revenues increased by 31% late last fall and 26% of that rise was directly attributable to Licensing 6.0 upgrades. But in the last two fiscal quarters, the Licensing revenues declined. Microsoft wisely took note and responded with the wide-ranging changes to the plan.

In April, with little fanfare, Microsoft introduced a slew of other licensing improvement options. All were aimed at delivering flexibility, more value for the money and restoring customer confidence in the Microsoft brand. They include:

• A user Client Access License. Prior to this only per device CALs were available. This added option is more cost effective for businesses with a large contingent of multiple, remote or traveling users. It will allow them to access the server from multiple devices. Corporations still have the option of purchasing device CALs or User CALs -- or both when appropriate.
• An External Connector Option: This option is aimed at corporations that want to allow their business partners, suppliers and customers to have access to the corporate network. Before this only an Internet Connector License was available and this license only covered the corporation's internal users.
• Per Processor Licensing Improvements: The new plan requires that customer's license only those processors that are accessible to the operating system copies upon which the Server software runs. Corporations many now also install and run any number of copies of the Server software on the processors that have been licensed for that Server software (i.e. Microsoft Windows Server, Microsoft Exchange Server, Microsoft SQL Server 2000, Microsoft BizTalk Server 2002 and Microsoft Security and Acceleration Server 2000). The real value here is that customers many install multiple copies of the Server software under one license. This is a viable alternative to a concurrent licensing scheme.

"Legal Beat"

It's a term in journalism that when some one writes about a certain area like law, they "cover the legal beat". So here is a small update about the status of the industry. As you know, in IT a healthy and ferocious marketing warfare is being fought daily. Lawsuits are part and parcel of this marketing warfare. You could say that a lawsuit is the equivalent of a 1,500 pound bomb dropped on the competitor's headquarters. So here are two short legal beat items:

Recently SCO dropped one of these on IBM, claiming IBM violated their Unix copyrights with its use of Linux. Now Novell claims that the SCO group has no rights to do this, and that Novell owns the key rights to Unix! Novell also wants SCO to stop with its claims that Linux developers "stole" Unix code. The Open Source community takes a sigh of relief and SCO's stock drops like a brick. The lawyers are having a field day again!

The Sickness: Spam Filling Up Your Blackberry Devices

The Cure: iHateSpam Server Edition. (This is a letter sent to us by some one who recently installed it. It's unchanged):

"Digital Infrastructure, Inc. is a 3rd Party IT Service Company located in Los Angeles, CA. Most of our Clients are Professionals, ranging from Doctors and Dentists to Lawyers and Accountants. We service businesses as large as the Culver City Unified School District and as small as the single computer retail store. For communication, our Technical Staff relies heavily on the use of email, specifically the Blackberry two-way pager-like device.

The Blackberry Enterprise Server (BES) works by picking up any message delivered to a User's In-Box (Exchange) and then delivers the message to that User's device. Unfortunately, the included desktop BES software has very minimal filtering capabilities. Additionally, spam filters that work after a message has already been delivered to a User's In-Box serve no purpose as the BES has already delivered the message to the User's device. That is why it was absolutely necessary for our organization to filter spam at the highest level ? before it even reaches a User's In-Box. iHateSpam Server Edition for MS Exchange 2000 does exactly that.

Installing the iHateSpam Server Edition (iHSSE) on our Exch2k Server was painless and we were impressed that the process did not require a reboot. The iHSSE has a familiar looking Management Console (MMC) and the spam filter (policy) is pretty much ready to go out-of-the-box. The system works by checking incoming messages against its own database of known spam-like messages and then either Quarantines the messages or delivers them to the In-Box. Users of Outlook and the OWA (Outlook Web Access Client) will find a new folder in their folder tree called "Spam", with subfolders for tracking Blacklists (message-types that are known spam), Whitelists (message-types that you wish to receive) and Quarantine (message-types filtered out of your wanted messages). Through Exchange, iHSSE automatically adds a User's Contact list to the Whitelist and permits email sent from Contacts to pass through.

Blackberry Users in our organization report "almost no spam" delivered, a far cry from the hundreds of unwanted messages previously received. In addition, because federal guidelines regarding HIPAA (Health Insurance Portability and Accountability Act) compliance affects a large number of our Clients, most are now installing their own Exchange Servers to guard the privacy of the patients/clients that communicate via email. Along with the standard software package that we include with every computer network installation, such as Symantec Corporate Anti-Virus for Servers and Workstations, Symantec Anti-Virus for Exchange, Executive Diskeeper 7, etc., we are now proud to make iHSSE part of that package. It is best of breed and if you require assistance, Sunbelt's Support Staff is quick, courteous and knowledgeable. I've even started to use my Blackberry again."

Sincerely,
Scott Goldman, President
Digital Infrastructure, Inc

Check iHateSpam Server Edition out at:
http://www.w2knews.com/rd/rd.cfm?id=030602TP-iHateSpam_Server

New Flaw Detected in Windows Media Services

A flaw was detected this past week in the ISAPI extension for MS Windows Media Services. Although Microsoft has incorrectly listed the vulnerability as a denial of service (DOS) issue, experts at eEye Digital Security have notified Microsoft that the vulnerability is actually a Buffer Overflow issue. The hole results from an unchecked buffer in the nsiislog.d l l file used for logging. In an attack scenario, a specially crafted request is sent to the server, the logging file will attempt to write a larger buffer than is possible ? causing Microsoft's IIS service to fail.

To protect your Microsoft web server against this new hole, as well as other known and unknown attacks, SecureIIS automatically prevents the Windows Media Services buffer overflow ? even on unpatched servers.

As an aside, and not related to this article, I do have a few security related questions for you, just as reminders: Have you really purged every default password from everything on your LAN? When did you last check for any unauthorized 'Net connections that bypass the firewall? Did you remove any unneeded services from all your servers? And how about your annual security audit?

SecureIIS operates within Microsoft's IIS to actively inspect all incoming requests at each stage of data processing and prevent potentially harmful network traffic ? whether encrypted or unencrypted ? from penetrating your servers. In protecting against the Windows Media Services vulnerability, SecureIIS checks the lengths of supplied buffers and drops the connection if it exceeds the maximum size allotted. In this manner, SecureIIS protects web servers from this class of attack. With new holes being discovered everyday, like the Cross-Site Scripting (CSS) vulnerability posted recently - you need keep your web servers protected. Download a free trial version of SecureIIS Web Server Protection here:
http://www.w2knews.com/rd/rd.cfm?id=030602TP-SecureIIS

The Press Loves The Hound

eWEEK just wrote about LanHound, I'm just quoting a bit here: "LanHound, cuts the cost of basic protocol analysis and network monitoring-especially for switched LANs-in a commercial-grade product. The cost to capture and analyze network protocols such as TCP/IP, NetBEUI, IPX/SPX and AppleTalk on switched networks can be high, since vendors often charge for each remote segment or switch port. Typical protocol analyzers can start at $1,000, plus $395 per remote agent. LanHound, which includes three remote agents for $595, could greatly reduce the cost to monitor and analyze network traffic across multiple segments."

"That pricing will make a big difference," said beta tester Erik Goldoff, systems manager at The HoneyBaked Ham Co., in Norcross, Ga. "You are talking a factor of 10 cheaper. With LanHound, it just starts monitoring the network and shows where the protocol distribution is [and] what the network statistics are." LanHound displays statistics in charts and bar graphs and lets users set alarms that trigger a packet capture to aid trouble-shooting. Here is the article:
http://www.w2knews.com/rd/rd.cfm?id=030602TP-eWEEK

And here is the download so you can see it for yourself:
http://www.w2knews.com/rd/rd.cfm?id=030602TP-LanHound

Lower Your Windows Storage TCO

This Week's Links We Like. Tips, Hints And Fun Stuff

Amazon Gives Away iHateSpam Client At No Charge

Just so that you know, Amazon.com is running a special, and literally gives away the full boxed client version of iHateSpam. Actually, when you send in the rebate coupon you actually make a dollar. But this offer ENDS JUNE 14, so you have to be quick to benefit from it. We created a link to the rebate coupon on this page. Print it, fill it out, and send it in. A great gift for either yourself or some one who hates spam. Be quick: