1. EDITORS CORNER
   • How Much Does [email protected] Cost Your Organization?
2. TECH BRIEFING
   • How To Revoke Delegated Admin Authority
   • The Web's Best Windows Resource
3. NT/2000 RELATED NEWS
   • ADAM And Perhaps Now EVE?
   • SARS Spooks MS Out Of Toronto
   • MS Moves Into Anti-Virus Market
4. NT/2000 THIRD PARTY NEWS
   • More About Earthquake-proof Server Cabinets
   • [email protected] Will Cost Business $20.5 Billion This Year
   • Need A Network Sniffer? Get The Hound
   • Microsoft releases Mobile Admin Pack for W2K3
   • Is One Of Your Users An Unwitting [email protected]?
   • Double-Take: "Winner of Security Mag 2003 Best Buy Award"
5. W2Knews 'FAVE' LINKS
   • This Week's Links We Like. Tips, Hints And Fun Stuff
6. PRODUCT OF THE WEEK
   • Amazon iHateSpam Give-away Special Ends JUNE 14

How Much Does [email protected] Cost Your Organization?

All kinds of reports are swirling about the Net, done by analysts that push out reports with billions of dollars in expected damages caused by junk email. Usually those reports sound wildly overstated, and I have included one in the "third party section below".

So, we got interested to find out for ourselves, for a relatively small outfit like ours, with 80 staff and average 10-20 [email protected] per employee per day what the REAL cost was in lost time. Of course you cannot put a number on the irritation factor, so we left that out. And how many seconds does it take to delete [email protected]? Pretty fast but when you receive it at the office you'll spend perhaps 3 seconds to make sure it's not a false positive. This "what-if" was kinda fun, so we decided to write some code and automate it. To keep things simple, we left out the cost caused by the admin time lost, Exchange servers being used, storage consumption, and network bandwidth losses. This ROI calculator just takes lost time into account.

And we added a line at the end, with how long it would take for our favorite junk email filter to pay back for itself. [grin] Sometimes these kinds of vendor provided ROI calculators are skewed, and you cannot really trust them. This one is completely correct though. You can test that by entering the value "1" in each field and see that the calculation is on the up-and-up. So here you go, try it out for your own organization!

http://www.w2knews.com/rd/rd.cfm?id=030616ED-iHateSpam_ROI

How To Revoke Delegated Admin Authority

Roberta Bragg, MCSE, CISSP and contributing editor for MCP Magazine, wrote this little article for SecurityWatch that I copy with grateful acknowledgement. She's got a good point and a great hint.

"Ever struggle with the delegation of administrative tasks? Ever use ACLs on AD to provide help desk workers the ability to reset passwords and reset locked accounts? For years we've been complaining about the lack of documentation on the meaning of all of those object permissions in AD. Well, it feels like Christmas because Microsoft will soon deliver on a promise to provide a full accounting of these permissions as they concern administrative roles. Look for full disclosure in an upcoming Microsoft Certified Professional Magazine column. Meanwhile, would you like a tool that will revoke delegated administrative authority? Keep your eye out for dsrevoke. Since it was at TechEd, can its posting to Microsoft's download site be too far off?"

The Web's Best Windows Resource

ADAM And Perhaps Now EVE?

One of our subscribers, Ashley Gittins from Australia sent me this comment (firmly tongue-in-cheek) about the stand alone AD version MS is coming out with. Here goes this prime example of techie-humor:

"Hi Stu, I've done a bit of navel-gazing over MS's new release of a lightweight AD product:

Apart from seeming like an odd decision to offer a watered down alternative to their core AD product, I'm now wondering when they will announce a new product for providing radius authentication (auth), specifically for supporting wireless clients. I say this for several reasons.

1. They don't (to my knowledge) have an offering to provide 802.11i auth methods via RADIUS
2. MS has long been pushing the tablet platform, for which wireless is the obvious connectivity choice
3. MS have been pushing security as their primary focus for a bit now, so if they are serious they need to address the tablet market's security needs
4. Kerberos was dropped as the auth method of choice for 802.11 improvements in favor of RADIUS (MS's AD uses an abomination of Kerberos)
5. They created a product called ADAM.

1. In several months, Microsoft will release a product called "Enhanced Verification Extension", EVE.
2. ADAM and EVE will provide "integrated, first-generation deployment support for wireless networks".
3. They *might* support ADAM and EVE running on embedded systems for use in access points or router-in-a-box solutions (Kerberos was dropped from 802.11 enhancements because of the difficulties in implementing it in firmware, to my knowledge RADIUS is significantly simpler).
4. By giving a cheap "in" for AD, they will be able to migrate ADAM users into Win2k's AD with migration tools
5. EVE will work with AD, but the simple solution will be to use ADAM until your directory needs expand. This means they lock people into using AD (courtesy of EVE), instead of potentially losing them to some other RADIUS implementation, which might make it difficult to recapture them later."

SARS Spooks MS Out Of Toronto

The Canadian MS partners are very unhappy with MS bailing out of Toronto and moving the Canadian MS Partner Event to New Orleans. Guess how many Canadian MS partners will show up in The Big Easy? Right.

MS Moves Into Anti-Virus Market

They just announced they acquired the antivirus engine and virus signatures developed by Romanian antivirus vendor GeCAD Software. MS's jump into this space was long expected. Jonathan Perera, a manager in Microsoft's security business unit, said that MS would not continue to develop GeCAD software, currently sold as RAV AntiVirus.

MS will add GeCAD's engineers to its development team and they will work to enhance security in all of its Windows products as part of its Trustworthy Computing initiative. The AV technology will be a fee-based add-on to Windows, they claim. But what this looks like is that the code will be lumped into the Windows code base, and you have to pay a subscription to get the AV signatures.

More About Earthquake-proof Server Cabinets

A subscriber sent me this about definitely sturdy cabinets with a really cool technology built into them:

In the demonstration installation, I walked up to a bank of (empty) cabinets, grabbed it with my hand and moved it around horizontally. All signal and power connections come in from the ceiling on pigtails that have enough slack to cover the range of motion of the ISO-Base system. Imagine the building deflecting +/- 1 foot horizontally in an earthquake and, due to the inertia provided by the mass of the cabinets and equipment, the cabinets hardly move at all.

The technology:
http://www.w2knews.com/rd/rd.cfm?id=030616TP-Technology

How they look:
http://www.w2knews.com/rd/rd.cfm?id=030616TP-Appearance

[email protected] Will Cost Business $20.5 Billion This Year

This is a short article of the VNU (Europe) website, but the press release has been repeated on many, many news sites all over the place.

Cost of dealing with junk mail will rise tenfold by 2007, predicts research. Dealing with [email protected] emails will cost companies $20.5bn this year, a figure set to rocket to $198bn by 2007, according to researchers.

Analyst company Radicati Group warned that a company of 10,000 users with no [email protected] protection will spend an average of $49 per mailbox per year processing [email protected] messages in 2003. With prices for [email protected] solutions starting at $15 to $20 per user, ignoring the problem is hard to justify, it said. The research firm's study, [email protected] Market Trends, 2003-2007, said: "A 10,000-user company, running Microsoft Exchange 2000, is deploying an average of five messaging servers just to process [email protected] in 2003, out of a total of 21 messaging servers. "By 2007, if nothing is done to stop [email protected], this will spiral to 25 servers processing [email protected], out of a total of 50 messaging servers." The study concluded that 94 per cent of companies consider [email protected] to be a very serious problem, but 43 per cent still do not have a formal [email protected] policy in place.

Although tough legislation may bring mild relief to the market, [email protected] are not likely to cease their activity, and companies should be ready to combat innovative [email protected] tricks with more sophisticated technology as well as better user education, the analyst said. This means a growing demand for [email protected] products. Revenues for [email protected] vendors and outsourcers are expected to approach $653m this year, growing to over $2.4bn by 2007, according to the study.
http://www.w2knews.com/rd/rd.cfm?id=030616TP-Study

Want to calculate out what the 'lost time' cost is for your outfit?
http://www.w2knews.com/rd/rd.cfm?id=030616TP-iHateSpam_ROI

Need A Network Sniffer? Get The Hound

Here is some one who recently tested it:

"I just finished the evaluation for the LanHound, and I have to tell you that I am quite impressed. Definitely, this is a great tool to work with, very easy to setup and extremely versatile. This is the first tool I saw in this category, that combines so much functionality for so less money. The most positive impression comes from the Statistics, Triggers and Alarms. Very useful, especially in these times when IT teams shrunk down a lot, and the Net Admin's are overwhelmed.

"What can I say, great stuff and excellent price. I already talked to my boss and now I am waiting for some money to be added to my budget. Meantime, I will strongly recommend it to all my colleagues and business related peers. Thank you for the opportunity, and if I am lucky enough, I will be back soon." -- Lucian
http://www.w2knews.com/rd/rd.cfm?id=030616TP-LanHound

Microsoft releases Mobile Admin Pack for W2K3

Sonicadmin was selected by MS as the best systems administration tool for their mobile package. The Pack is designed to give admins everything they need to access and manage their server(s) in one complete remote access solution. The Mobile Admin Pack offers an admin secure access to Windows Server 2003 by simply using a Pocket PC handheld (with sonicadmin) to remotely perform critical server management tasks anytime, from virtually anywhere.

Microsoft's new Mobile Admin Pack is a Windows Server 2003 promo bundle that will be available to select Microsoft customers in the US and will include a Dell Axim X5 300 Mhz Pocket PC, a D-Link Wireless 2.4 GHz Compact Flash Adapter for PDAs, and the Sonic Mobility 2.8 Microsoft Mobile Admin Pack.

The Microsoft Mobile Admin Pack is available at a special Windows Server 2003 launch promotional price of just $159 (a $962 value) for select Microsoft US Medium Business customers that have acquired Windows Server 2003 on a Microsoft Volume License. It will be limited to the first 1,000 participants. Just want to do this on your own Pocket PC? Here you go:
http://www.w2knews.com/rd/rd.cfm?id=030616TP-sonicadmin

Is One Of Your Users An Unwitting [email protected]?

Is one of your users helping to send thousands, maybe even tens of thousands of ads over the Net for low interest mortgages or ?

In the past two years, more than 200,000 computers worldwide have been hijacked without the owner's knowledge and are being used to forward [email protected], according to AOL and other ISP's. And each day thousands of additional PCs are compromised at companies, institutions, and homes with high-speed Internet connections.

Case in point- Late last year, AOL traced the origin of a flood of [email protected] to the computer network of the Flint Hills School, a prep academy in Oakton, Va. The culprits were not students or teachers. A hacker, still unknown, had exploited a software vulnerability to use the school's computers to relay [email protected] while hiding the e-mail's true origins.

The Flint Hills School is not an isolated incident. [email protected] are constantly finding new ways to beat Internet providers' measures to stop them. Many mass e-mailers have adopted a new strategy to avoid the blockades by aggressively bouncing messages off the computers of unaware third parties.

Mostly, [email protected] are exploiting security holes in existing software. But increasingly they are covertly installing a type of spyware that hijacks your computer to forward emails without your knowledge. Most users do not see much effect when their computer has been co-opted. Surfing the Web from the victimized computer may be slower than usual, but that's not always easy to detect. The only way most users become aware of such hijackings is when they receive calls or e-mail from their ISP warning that [email protected] was traced to their machines.

[email protected] fighters say that some software is too easy to exploit and should be fixed. Moreover, technical precautions can be implemented to safeguard networks. Patch Management is essential to prevent known vulnerabilities from being exploited. And anti-spyware software should be installed on your network to detect the presence of these programs that hijack your resources and invade your privacy. PestPatrol anti-spyware has a Network Version available You can download an eval version here:
http://www.w2knews.com/rd/rd.cfm?id=030616TP-PestPatrol_Corp

Double-Take: "Winner of Security Mag 2003 Best Buy Award"

This Week's Links We Like. Tips, Hints And Fun Stuff

Amazon iHateSpam Give-away Special Ends JUNE 14

Time is running out. Amazon.com is running a special and literally gives away the full boxed client version of iHateSpam. Actually, when you send in the rebate coupon you even make a buck. But this offer ENDS this Saturday JUNE 14, so you have to be quick to benefit from it. We created a link to the rebate coupon on this page. Print it, fill it out, and send it in. A great gift for either yourself or some one else who hates [email protected] Be quick: