- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jun 23, 2003 (Vol. 8, #25 - Issue #431)
New Service Packs: When?
  This issue of W2Knews™ contains:
    • Mark Minasi Announces His AD Design Help Service
    • Exchange 5.5 Support: Get It While It Lasts?
    • One Liability Of Outsourced Junk Email Filtering
    • SearchWin2000.com's Most Excellent Top 10 Tips
    • New Service Packs: When?
    • Sunbelt / Yankee Group Security Survey Results
    • Is Junk Email Endangering Your Job?
    • UK School Budget Cuts - Here's One Way to Cope
    • Double-Take: "Winner of Security Mag 2003 Best Buy Award"
    • Bug Bear.B Hits Stanford U
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • DMZ's for Enterprise Networks
CIO eBook for Managing and Securing the Enterprise
Register now for the FREE eBook, "The CIO's Executive Guide to
Managing and Securing the Enterprise," brought to you by NetIQ
and Realtimepublishers.com. Topics covered include: Top 10 Corporate
Manageability Policies; Top 10 Overlooked Vulnerabilities; Top 10
Corporate Security Breaches.
Visit NetIQ for more information.

Wondering Why Your [email protected] Is Increasing?

Well, I was just sent this email, of course unsolicited.

"Hi, just wondering if you wanted to trade email lists. I have 52 million GIs, 21 million AOLs, 7 million Hotmails and 12 million MSN. I will trade any of these lists for equal quality / quantity. Let me know , I can begin uploading immediately."

Not sure what GI means, but this is likely smaller ISP's. In other words, [email protected] are trading lists like mad, and once your email address is tagged as 'live', man you've had it.

The brand new Sunbelt / Yankee Security survey shows (see the NT/2000 Related News Section) that [email protected] has now surpassed software viruses as the Number 1 source of unwanted network intrusions.

You are invited to the following Webinar to learn more about [email protected] Server and how it helps you control junk email and fight its negative effects on productivity and security. Presentation by Sunbelt President Alex Eckelberry and CTO Greg Kras.

Time: Wed, 25 Jun 2003, 1:00 PM Eastern Daylight Time (EDT)
Meeting URL (Address):
Audio Information: USA (800)-416-4956/CANADA (888)-633-2105
ENTER CODE 104764 [Alternate dial-in: 302-709-8433]

To add this meeting to your Outlook 2000 calendar, click the following URL or enter it in your browser:

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Quest Software
You've implemented AD and you want to take advantage of Group
Policy to automatically manage servers and workstations, but
its complexity is discouraging. Don't spend the next year
testing GPOs and learning from your mistakes - download
'Bulletproof Your Windows 2000 Network with Group Policy', an
expert white paper by renowned Windows/AD guru Darren Mar-Elia,
and put best practices to work for you today.
Visit Quest Software for more information.

Mark Minasi Announces His AD Design Help Service

He wrote this in his latest newsletter: "It's been three and half years since Windows 2000 came out and only about half of the NT 4 domains have upgraded ... what's going on? In my experience people are upgrading slowly for several reasons: insufficient funds, or insufficient people to do it, or just plain uncertainty. A couple of months ago I realized that many people have an AD plan almost done ... but they'd like someone to look it over before they make the Big Jump. So I started offering an AD design service and it's keeping me pretty busy. Find out more at:

Exchange 5.5 Support: Get It While It Lasts?

I just found an interesting article in the ENT Special Report on Exchange 2003. I'm quoting the first paragraph so you can see why I liked it. "Under whelmed by the feature set of Exchange Server 2003? There's still a bogeyman that could push you, the entrenched Exchange 5.5 user, to make the move to the new version of Exchange: The probability that Microsoft will phase out support for the aging messaging system by the end of 2003". Here is the whole article:

One Liability Of Outsourced Junk Email Filtering

I just looked over an ad from an outfit that provides an outsourced junk email filter. They quarantine it on their own servers, and then provide you with a web interface where YOU have to wade thru all the junk to see if there are any false positives. I'm sorry, but that is just a -stupid- way to do it, costing you more time instead of less. [email protected] Server Edition is now deployed in almost 300 production environments, in less than two months. And your admin colleagues are raving about it. Try it out on your own servers, but do not be surprised that your users will start screaming bloody murder after 30 days when the trial ends! [grin] (Oh, we'll come out with a version for V5.5 -and- a Gateway version soon):

SearchWin2000.com's Most Excellent Top 10 Tips

What's the most excellent piece of advice you received this year? Check out SearchWin2000.com's most popular technical tips in this week's featured topic. They have a 'hall of fame' and will even show you how to write a tip so you can be eligible to win a really cool prize:


New Service Packs: When?

W2Knews prides itself to always be the place where you "hear it first". Here are our predictions for new service packs so you can start planning your testing and deployment. Here goes:

Windows 2000 SP4. Is currently in Beta, so I would say you have a pretty good chance of seeing this in the coming quarter.

Windows XP SP2. This one is ready to go Beta any time now, and apart from bug fixes they are potentially planning adding more features too, so think Q4, 2003.

Windows 2003 SP1. The Beta 1 is rumored to be this summer, and they usually are on time. Meaning you'd likely see W2K3 SP1 in Q4 this year. And remember, TEST, TEST, TEST before you deploy!

Sunbelt / Yankee Group Security Survey Results

Here is the Executive Summary of the June 2003 security survey that Sunbelt did with the Yankee Group. So, how are you and your organization comparing to your peers? Let's have a look:

"Corporations are evenly divided over their security spending, the number of hacks into their corporate network and the mechanisms they use to defend their data.

The most dismaying, though not surprising survey result is that [email protected] has now surpassed software viruses as the Number 1 source of unwanted network intrusions.

Those are the results of the latest joint Sunbelt Software, Inc. / Yankee Group poll of 400 network professionals on security trends and spending. Among the top survey highlights:

  • Security spending will remain static at almost half of all corporate enterprises. Some 46% of respondents said they would spend approximately the same amount on security products and services in 2003 as they did in 2002.
  • However, 41% of those polled indicated they would increase the amount of monies spent on security.
  • Just over half ? 51% of businesses indicated their organizations had experienced a security breach in the last 12 months; and 49% said they had not.
  • Software viruses and worms remain the chief source of actual network hacks. Of the 51% of companies that reported a security breach, viruses were the chief culprits with 46%.
  • External hacks were far more prevalent than internal hacks. According to the survey 16% of organizations said they experienced an external hack compared to just four percent (4%) that said a corporate employee hacked the network. Additionally, two percent (2%) of companies indicated they were hacked by ex-employees.
  • An overwhelming 82% of organizations said [email protected] has hit them. By comparison, 74% of businesses that said their firm had been hit by computer viruses.
  • About one-quarter of all businesses ? 24% have been victimized by a denial of service (DoS) attack.
  • Some 10% of companies reported their Web sites were hacked.
  • And in a disturbing trend, 11% of companies indicated there was unauthorized use or modification of company data. And another two percent (2%) of the respondents said hackers stole their customers' data.
Overall, there were few surprises in the survey. A majority of customers indicated that security is a high priority for their firms. But it is equally clear that the protracted economic downturn is affecting corporate spending. Of the 41% of businesses that said they'll up their spending on security products, over half ? 53% said the increases would amount to 10% or less. Only nine percent (9%) of the 41% that will increase security budgets will spend 30% or more on securing their networks. The capital expenditure monies just aren't there.

As expected Windows 2000 Server is the primary server operating system for nearly two-thirds or 63% of organizations and Windows 2000 Pro is the primary desktop OS among 57% of businesses. The survey revealed that Windows XP is gaining traction on the desktop; 21% of those polled said XP is now their chief corporate client OS. Just over one percent (1%) indicated that Linux is their firm's primary OS, though a higher percentage ? approximately 14% said they have some Linux desktops in the organization.

Some 11% of companies say that the legacy Windows 98 remains their primary client environment, despite the Windows 9x platform's well-publicized security vulnerabilities.

At the same time though, it is clear that companies do recognize and are acting on the importance of corporate computer security. Only 13% of organizations polled said they would decrease spending on security products in the coming year. And in 75% of the cases, the security budget cuts will be 10% or less.

The survey provided strong indications that [email protected] is more than just a pop-up nuisance for corporate employees. IT administrators and C-level executives indicated that [email protected] is impacting network operations in a variety of ways. Nearly three-quarters of organizations reported that [email protected] is having a noticeable impact on bandwidth utilization and causing network efficiency to decline and taxing the organization's storage systems. And approximately one-quarter of the respondents said they are concerned that [email protected] may make the business vulnerable to lawsuits in the future.


Is Junk Email Endangering Your Job?

A subscriber sent this question:

"Regarding your calculations of the cost of lost productivity due to [email protected], it is a good idea, but you should also take into account the cost of losing one's employment because of the p0rn images that show up on one's screen with e-mail preview browsers such as Microsoft Outlook. I am a technology teacher in a K-9 school where my computer screen in my office cubicle is visible from several directions to students and teachers passing by. Although we have tried [name omitted] and [name omitted] [email protected] software, neither one seems able to block more than half of it. I live in constant fear of having to defend myself should these images from [email protected] show up in front of passers by. And, of course, the rumors students would then pass around would be impossible to defend against. Trying to be secretive when viewing my mail, by shielding or blocking the view of my screen, would just raise suspicions and do as much damage. I wonder if there is any legal recourse against a [email protected] who sends p0rn [email protected] to addresses located at an elementary school?"

Answer: Thanks for the feedback. There are several ways to handle this. First of all, turning off the preview section is possible, but a pain in the neck. (The new version Outlook 2003 automatically blocks images in the preview pane). But apart from that, a more fail-safe way to handle this problem would be to discuss this issue upfront with anyone involved, install [email protected] so you can rightfully (and legally) claim that you have taken reasonable precautions, AND have your finger hovering over the delete button in case something slips through (which it inevitably will).

Regarding legal recourse? Unfortunately: Legal Schmegal. This stuff gets sent (often) from [email protected], and/or with forged headers, and a multitude of other ways to obfuscate the source. And which school has the resources to file and follow up on lawsuits? Filtering [email protected] as it comes in is of course only second best, but for the moment a workable and pragmatic solution. Try [email protected] Server. Here are some results from a customer:

One week ago I downloaded [email protected], and the product has been great! I have tracked it's performance:

  • 638 emails received, 545 Quarantined
  • Of the 545 quarantined, 6 were "mistakes"
  • Of the 93 Approved, 7 were "mistakes"
  • Of the 13 "mistakes", 5 were not mistakes because they quarantined internet newsletters, etc. that I want. (The only "false negative" was an email received from a hotmail account, with a "suspect" email address). These "non-mistakes" were easily resolved for the future. The remaining 8 mistakes were easily dealt with.
You can see how much I needed your program. [email protected] is GREAT! -- Ken Bowlby. Eval here:

UK School Budget Cuts - Here's One Way to Cope

Worldwide, there is a crisis of budget funding in education. For example in the UK, schools have to cut budgets by up to 1 percent despite earlier plans. "Schools have just got their funding for the new year and many have had a big increase in funding, but also a big increase in costs. For many the costs outweigh the funding," one UK expert said.

Education funding continues to be a difficult area. Print Manager Plus is a way to handle budget cuts or squeezes. Approximately 1,000 schools in the UK are using Print Manager Plus to ease the budget crunch. And many businesses also see the benefits of printer cost control.

Print Manager Plus actually saves budget money because it allows the administrator to see or audit how much printing is being done by each person or student, how much it costs, how much is unneeded or wasted and is the tool to control the problem. Most organizations find they can save money equivalent to the cost of Print Manager Plus in a few weeks, and that savings keeps accumulating into the future. For more information, download the free version, and find out at no charge how much Print Manager Plus will save you:

Double-Take: "Winner of Security Mag 2003 Best Buy Award"

Double-Take has been reviewed for the SC Magazine June 2003 issue, and the product did very well. It was awarded an overall 5 Star rating and the SC Best Buy award with a verdict of "..very useful and complete data recovery system..." Sold more than all other High-Availability tools combined. It is even certified for W2K Datacenter. No other HA tool is. How does it work? "Server A goes down--Server B takes over". Get the eval copy here, this is your ultimate job-security:

Bug Bear.B Hits Stanford U

Two weeks ago, the latest version of the Bug bear worm shut down the e-mail system at Stanford University for nine hours - story at:

Why did Bug Bear.B take down Stanford University, a fully-defended campus? Simple: their virus service wasn't updated quickly enough for this fast-moving virus.

I can't stress it enough: you need multiple vendors in your security stack! Leave it to a single AV vendor and you're asking for trouble. No one's perfect: take out insurance now.

Lately I've been discussing European virus lab Panda Software because they update extremely fast with incremental silent updates which makes them great insurance. They have a useful Layered Security white paper. Click here to download it:

To make up your own mind, take them up on their free software for IT Professionals - that's a full year of AV plus firewall for your home use. This will be our last mention of this freebie for a while ... so click now on:

Take out insurance today - avoid network shutdowns, big and small.


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Mark Minasi's "HALP" forums are a pretty good resource. Check 'em out!

  • http://www.w2knews.com/rd/rd.cfm?id=030623FA-Minasi_Forum
  • Here is a pretty weird clock made out of digital cable. . .

  • http://www.w2knews.com/rd/rd.cfm?id=030623FA-Clock
  • Oooh. Fun! A German simulation that allows you to create your own traffic jams. Thanks to Mike Elgan's list for this one and the digital clock one:

  • http://www.w2knews.com/rd/rd.cfm?id=030623FA-Traffic_Jam
  • Finally. An intelligent vacuum cleaner. Just what I needed:

  • http://www.w2knews.com/rd/rd.cfm?id=030623FA-Vacuum
  • Forbes magazine has a good article and a great slide show on the cost of [email protected] See it here:

  • http://www.w2knews.com/rd/rd.cfm?id=030623FA-Forbes
  • Security Notes: IDS vendors fire back at Gartner:

  • http://www.w2knews.com/rd/rd.cfm?id=030623FA-Security
  • Tired of being bombarded with corporate bull$#!= terminology? Here is a Word add-in that filters this stuff out:

  • http://www.w2knews.com/rd/rd.cfm?id=030623FA-Filter
  • ThinkGeek has another hysterically funny product for sale:

  • http://www.w2knews.com/rd/rd.cfm?id=030623FA-ThinkGeek

    DMZ's for Enterprise Networks

    This is a pretty good book about the so called Demilitarized Zones you need to have to secure your networks. From the back cover: "After reading Building DMZs for Enterprise Networks you will understand how to design, plan, implement, maintain, secure, and test a DMZ segment using a variety of technologies. This one-of-a-kind book by best-selling authors Robert Shimonski and Dr. Thomas W. Shinder will teach you DMZ design principles and show you how to configure the hardware that makes up DMZs, securely populate the DMZs with systems and services, and implement security on a DMZ. Another Syngress book that comes "Warmly Recommended":