B Drive Can Come Alive in Pre-Windows 2003 Systems, Too
A couple of weeks ago, we wrote about Windows Server 2003's
ability to assign the B drive letter through the graphical
interface. A reader wrote to remind us that, although you can't
use the GUI to do it, you can substitute B: for a local drive
path in pre-Windows 2003 systems by using SUBST or the handy
freeware program NTSUBST. Here's what our reader has to say:
"I use this technique on my users' machines to give them easier
access to their "My Documents" folders.
NTSUBST B: "%USERPROFILE%\My Documents"
is used in their login script.
As a matter of practice I strongly encourage my users to root
all work files under "My Documents". Our backup procedures back
up only the %USERPROFILE% directory on a regular basis. If they
obey policy this is all that needs to be backed up. The problem
is that we have a number of legacy applications that do not take
well to long (> 8 characters) file/folder names, spaces in
file/folder names, or long total path lengths (> 64 characters).
Furthermore, because these are ancient (or sometimes just poorly
written) programs, they also have no concept of the modern
Windows file shell object. Accessing "My Documents" must be done
through an actual path (i.e. C:\Documents and
Settings\username\My Documents). Not only is this littered with
long names and spaces but it also has consumed 48 characters and
we aren't even into the user's personal folder structure where
the actual work files are stored.
By using NTSUBST I can let them work from a short and simple B:\
whenever they're using these legacy applications and still
comply with my policies for filesystem structure.
The truly wonderful thing about using B: is that I know this
letter is not otherwise in use. I built all the machines so I
know none of them have a 2nd floppy drive and it isn't possible
to do anything else with B:. Any other letter would have the
potential for conflict with either physical drives or mapped
You can download a copy of NTSUBST here:
Does Microsoft Feel your (Licensing) Pain?
Microsoft's various licensing programs have been the object of
much weeping and wailing and gnashing of teeth - just trying to
understand what you legally can or can't do under the licenses
sometimes seems next to impossible, and when you do figure out
the terms and conditions, you're likely to be unhappy about
them. A year ago, the Software Assurance Licensing 6.0 for
corporate volume users entered the scene, and many of the
affected customers complained long and loudly about the
new "annuity-based" licensing scheme.
Now it seems Microsoft heard their cries and has been trying to
make things better by talking to (and better yet, listening to)
their enterprise and mid-size customer base and making some
changes to the volume licensing contracts. Maybe there's hope
You can read more about software assurance on Microsoft's web
Is Your Buffer Overflowing?
A W2KNews reader wrote last week to ask that we give a little
background on what a buffer overflow is and how it is used to
enable virus or Trojan attacks. To fully understand how these
attacks work, you need some programming knowledge, but here's
the short form: A buffer is a holding place in memory where data
is stored temporarily. It's created by the programmer so that
different processes that operate at different speeds can work
together without one impeding the operation of the others. The
program will allocate a specified amount of memory for the
buffer. If a process tries to put more data in the buffer than
is allocated, you get an overflow. When that happens, the extra
data can overwrite data in other buffers that are adjacent in
memory to the overflowing one. If the adjacent area in memory is
one that holds program instructions, the extra data can
overwrite the instructions with new ones.
Buffer overflows can be intentionally created by hackers, who
include in the extra data code that provides malicious
instructions to the computer that's the target of the attack.
Our reader also asked why this type of error is so prevalent in
Microsoft products. Actually, buffer overflow vulnerability is
not limited to Windows or any specific platform. The real
culprit is the C programming language. UNIX and Linux are also
subject to buffer overflows and thus to attacks that exploit
them. In fact, a Google search on "buffer overflow attacks"
turns up numerous articles related to non-Microsoft operating
systems. One of the first famous attacks that used a buffer
overflow (of the UNIX service called "finger") was the Internet
Worm of 1988. For more info on the evolution of buffer
This Week's Worm is "So Big"
August has been a big month for viruses, worms and
other "malware," and this week is no exception. The Sobig worm
isn't new, but a variant (Sobig.F, the sixth recorded version)
has earned the moniker of "fastest spreading e-mail virus ever"
since its release a few days ago. Even companies and individuals
with heavy-duty filtering and virus checking implemented are
seeing its effects. For a complete list of the subject lines and
attachment files associated with this virus, see Symantec's web
site. The worm is another of those that propagates by sending
itself to the addresses in the infected computer's address books
and other files. The good news is that the worm is supposed to
deactivate on September 10th. The bad news is that it affects
all Windows systems (except 3.x) and because of the sheer number
of infections reported, Symantec has upgraded it from a Category
2 to a Category 3 threat.
Symantec's security response can be found here: