- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Sep 15, 2003 (Vol. 8, #37 - Issue #443)
Season of Fury
  This issue of W2Knews™ contains:
    • September 11 Anniversary: Cyberattacks and Hurricanes?
    • Another Major Security Bulletin
    • ISA/VPN Deployment Kit Available
    • Server 2003 Provides Two Deployment Methods, But Which Should You Choose?
    • Far East Governments Creating Alternative Operating System?
    • Windows Storage Server 2003 is Released
    • Will There Be An Interim SP for XP?
    • California Law Mandating Security Could Go National
    • iHateSpam Server WON!
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • SPECIAL Q3 OFFER: LanHound
  SPONSOR: DoubleTake
Are your servers protected? Disaster Recovery is #1 priority!
This means you have to have a tested plan and reliable tools in
place for the moment your site goes down. DOUBLE-TAKE is that tool.
Sold more than all other High-Availability tools combined. It is
even certified for W2K Datacenter. No other HA tool is. How it
works? "Server A goes down--Server B takes over". Get the eval
copy here, this is your ultimate job-security.

Visit DoubleTake for more information.

September 11 Anniversary: Cyberattacks and Hurricanes?

As the anniversary of the September 11 terrorist attacks approached, warnings came from security experts that the date could be a trigger for the release of new viruses and the launch of full scale cyberattacks on U.S. systems. Well, obviously nothing happened, and the media made the environment seem more dangerous (again) than it really is . Here are some examples:

CNN reported two new viruses that contain references to September 11, masquerading as emails and photos commemorating the event. One, called Neroma, can delete files on the computers it infects and propagates by emailing itself to addresses in the Outlook Express address book. Another, Vote.K, can also delete files. As if the real viruses weren't enough, a number of virus hoaxes are also making the rounds, such as the one that makes reference to a non-existent virus called WTC Survivor:

Federal Computer Week conducted a survey, results of which were published by USA Today on September 2, showing that about half of Americans are worried about the possibility of terrorist attacks on important network infrastructures, such as those on which the banking industry and electrical grids depend. The survey was done prior to the recent electrical blackout and the problems that occurred due to the Blaster worm, so it's safe to say that the percentage might have increased since then.

And then to make things even more happy, the hurricane season is in full swing, and we have the first perfect storm called Isabel raging through the Atlantic. It's a true beaut of a monster Category 5, moving toward South East Coast. It will probably never make the land, but... How can you prepare for events such as these? Just because we made it through the 11th without a massive attack, that doesn't mean the network can't be brought down at any time - anyone from dedicated terrorists to kids writing viruses "just for fun" could cause irreparable damage to your data. Sure, you've got backups (you do have current backups, right?), but how much time and money will be lost before you're able to restore everything? That's assuming you can restore it at all. If your backups are stored on site, a flood, fire or tornado will destroy them along with the original data, so you're out of luck unless you've taken the extra step of storing your backups offsite or backing up across the WAN to remote location.

That's the beauty of replication software like DoubleTake. Data is copied in real time, so there is no gap of hours after its creation before data is protected. Failover is so seamless that most of those using the affected network might not even know anything has happened, because the data on the source server is automatically replicated to the target server, which takes over if the source server fails for any reason. By placing the source and target servers in different physical locations, you can even ensure that the show (and your business) will go on even if a physical disaster destroys the source server and the building in which it is located. Peace of mind doesn't get any better than that.

I used to have an open mind but my brains kept falling out.
- Steven Wright

Warm regards,

Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: ScriptLogic
NEW ScriptLogic Version 5.0 Now Available
Reduce help desk support calls by 50%, simplify desktop administration,
eliminate redundant tasks and reduce other time-consuming activities
- without writing or debugging a single line of code!
  • NEW - Supports Windows Server 2003, Office 2003, Outlook 2003
  • NEW - Enhanced performance NEW - Multi-threaded and COM
  • NEW - 'Friendly' labels for network drives...And Much More
  • Check out all the new features and DOWNLOAD a 45 day trial verison.

    Visit ScriptLogic for more information.

    Another Major Security Bulletin

    This week, Microsoft announced three new Remote Procedure Call (RPC) related vulnerabilities in Windows business-class operating systems (NT 4.0, Windows 2000, XP and Server 2003). These are similar to the exploit used by the Blaster worm and can result in a buffer overrun in the RPCSS service. The new vulnerabilities can allow an attacker to execute code on the attacked system or be used to create Denial of Service (DoS) attacks. An attacker could potentially view, modify or delete data, install programs, or perform administrative tasks on the system. The severity rating for this group of exploits is critical.

    Many of those who put off patching the vulnerability used by Blaster learned the hard way to take these announcements seriously, so we recommend that you hurry to download and apply the new patch.

    ISA/VPN Deployment Kit Available

    Microsoft's firewall and web caching server, ISA, is becoming a popular security solution in small, medium and enterprise-level businesses because it integrates so well with Microsoft operating systems and server applications. At the same time, virtual private networking has become the number one way for these companies to provide secure connectivity to their networks by employees who work from home or on the road. Thus, one of the first questions that comes up when a company is considering deploying ISA firewalls is "do ISA and VPN play well together?" The answer is yes - if you know how to properly configure both.

    Until recently, there has been no definitive source of documentation that administrators could rely upon to ensure that their deployments would work. Tom Shinder's ISA Server VPN Deployment Kit changes all that, providing a compilation of 30 documents that address almost every aspect of installing and configuring an ISA firewall/VPN Server or VPN Gateway. The kit contains detailed screenshots to guide you through the process and answers the most commonly encountered questions and issues that arise in conjunction with ISA/VPN deployment. It's available for download on the isaserver.org web site at:

    Server 2003 Provides Two Deployment Methods, But Which Should You Choose?

    Deploying Microsoft operating systems and applications to "bare metal" computers can be time consuming for IT professionals in large organizations, and some type of automated process is a must. Windows Server 2003 gives you not one but two ways to do this: the familiar Remote Installation Services (RIS) that was introduced with Windows 2000, and the new Automated Deployment Services (ADS). Which one you choose depends on your particular deployment situation, as the two are not interchangeable. For example, ADS doesn't support the deployment of client operating systems, only servers, while RIS can be used to deploy desktop machines.

    For a detailed discussion of the differences to help you evaluate which solution is best for you, see:

      NT/2000 RELATED NEWS

    Far East Governments Creating Alternative Operating System?

    Paul Thurrott's WinInfo site reported this week that several far eastern governments, including China and Japan, are funding the creation of an open source OS to serve as an alternative to Windows. Japan has allocated $85.5 million for the effort and the ministers of trade for the participating countries are expected to get together later this month to move forward with the plan. This raises a lot of questions over whether governments should be in the software business, and what the impact will be on Microsoft's sales in those areas.

    Windows Storage Server 2003 is Released

    Yet another new Windows server version was released this week: the latest incarnation of WSS, Microsoft's dedicated Network Attached Storage (NAS) file server solution that now integrates better with Storage Area Networks (SANs) and supports Volume Shadow Copy Services, which is one of the most exciting new features in Windows Server 2003. WSS 2003 also includes a web based interface to make it easier for administrators to manage storage devices. Check out the other improvements and new features on the WSS web site.

    Will There Be An Interim SP for XP?

    Several sources reported this week that Microsoft plans to put out an interim service pack release for Windows XP in the near future, which would contain a "rollup" of a number of security fixes that have been released, making it more convenient for users to apply them all in one fell swoop. There have been rumors of such a release going around for several weeks, and the interim SP still hasn't been officially confirmed by Microsoft, but Microsoft-watch.com reports that an invitation has been sent to beta testers.


    California Law Mandating Security Could Go National

    California recently sent a strong message to businesses nationwide, "Beef up your network security...or else!" Effective July 1, The Database Security Breach Notification Act requires prompt notification when databases containing Social Security numbers or similar information are breached. Because the act includes any enterprise transacting business in the state, practically every business in the country needs to take heed.

    Now, Sen. Dianne Feinstein (D-Calif.) has introduced a bill in the U.S. Senate based on the California law. If passed, the bill would require prompt notification of breaches. It establishes fines of up to $5,000 per violation, which means for each individual victim, or $25,000 per day for each breach as long as the violation persists. Regardless of the outcome, the trend is clear. Businesses large and small, including yours, can suffer serious financial and market consequences if customer's data is compromised. For some companies, the results could be disastrous.

    One of the greatest threats to data security is spyware. These programs sneak onto your network, collect data, then send it to other parties anxious to use it for their own ends. You know what happens then. They use the data themselves, sell it to others, or make it public. The theft might not be known for days, weeks, or even months. Even with firewalls, anti virus software, and intrusion detection systems in place, spyware is free to enter your network and steal information without sounding any alarms. Right now, every desktop on your network is an open door to a hacker with spyware.

    The only way to stop spyware is with anti spyware. PestPatrol is the leading anti spyware software on the market. It detects spyware, adware, browser helper objects, hacker tools, even commercial cookies. PestPatrol works with your firewalls and anti virus software to protect your system from intrusion. The risks, as well as the consequences, are greater than ever. You need to make sure you own your data, not some hacker. Download the PestPatrol eval version for small business or corporate users and find out who's watching you.

    iHateSpam Server WON!

    Windows .Net Magazine, one of the preeminent magazines for our business, just gave us two stellar awards for our corporate anti-spam solution, iHateSpam Server. We won Best New Product and Best AntiSpam tool in their Reader's Choice awards!

    Best New Product:

    Best Messaging Products / Antispam Tool:

    And more kudos: VAR Business listed Sunbelt as one of the top 10 ISVs (ISV means Independent Software Vendor). We're up there with some pretty good company, so it's a wonderful compliment:

    You can check out iHateSpam Server here:


    This Week's Links We Like. Tips, Hints And Fun Stuff

  • Really cool new toy:

  • http://www.w2knews.com/rd/rd.cfm?id=030915FA-Aquada
  • Love aviation photos?:

  • http://www.w2knews.com/rd/rd.cfm?id=030915FA-Aviation
  • Complete Dictionary of Tongue Twisters:

  • http://www.w2knews.com/rd/rd.cfm?id=030915FA-Twisters
  • For Space Travelers Only:

  • http://www.w2knews.com/rd/rd.cfm?id=030915FA-Space
  • What Song was Number One on This Day in 1977?:

  • http://www.w2knews.com/rd/rd.cfm?id=030915FA-Today
  • Name that Candy Bar:

  • http://www.w2knews.com/rd/rd.cfm?id=030915FA-Candy
  • Flattery will get you on the Web:

  • http://www.w2knews.com/rd/rd.cfm?id=030915FA-Flattery

    SPECIAL Q3 OFFER: LanHound

    This is a great new sniffer-type product, for almost one fifth of
    the cost of similar products. It supports switched networks and
    comes with three free agents. WOW.

    SPECIAL Q3 OFFER: The normal price for LanHound is $595 for user
    with three agents. But if you buy in the third quarter 2003, you'll
    get an extra 2 remote agents thrown in for a total of 5 remote agents.
    Single remote agents are $149 each so this allows you to monitor
    five segments. Killer deal: Get The Hound.