Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Sep 22, 2003 (Vol. 8, #38 - Issue #444)
How Much Are You Worth... Today?
This issue of W2Knews contains:
- EDITORS CORNER
- How Much Are You Worth... Today?
- TECH BRIEFING
- Learning Guide: Planning And Designing Your Active Directory
- Survey: Security Falling As Priority?
- NT/2000 RELATED NEWS
- SUS Can Now Handle Service Packs
- What Do The Analysts Say About MS Storage Server 2003?
- Windows Small Business Server RTMs
- What's Happening With MS The Coming Year?
- NT/2000 THIRD PARTY NEWS
- Sunbelt RADMIN Wins Remote Management Award
- Patch Application Causes Fail-Over To Fail
- PestPatrol Endorses Proposed Anti-Spyware Legislation
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- World?s smallest USB Drive
FREE eBook on Application Packaging and Migration
InstallShield presents "The Administrator Shortcut Guide? to
Software Packaging for Desktop Migrations", a compact resource
loaded with tips for making your migration project a success.
The eBook discusses migration standards, package documentation,
conflict elimination, and more. Download Chapters 1 and 2 today!
Visit InstallShield for more information.
How Much Are You Worth... Today?
Currently, the unemployment among IT people is at the highest level
in many years: 6%. That means shrinking salaries, bonuses that are
not as high as usual, IT budgets that are flatter than normal, and
you might be wondering how much you are worth... today.
Well, InfoWorld recently did a survey over almost 3,000 IT people,
and the average raise is only about 1 to 5 percent. Bonuses were
slashed by 12.5 percent. Taking ALL IT salaries together, the
average this year is $84,312 but last year it was $87,385. (In
2001 it was $85,626.)
So now, how about you? As a comparison, the mean of senior
management salary is about 110K. The mean middle management is
82K, and mean staff pay is 70K. LAN/Network management's average
is at the moment $79,674. Network Administrators are at 68K. Keep
in mind though that this does fluctuate quite a lot per region.
For instance CA and NY pay is higher, and southeast is lower. But
it gives you a pretty good idea.
The trick at the moment is do more with less staff. Add to that
the challenge of keeping your networks secure, and you see that
things are not "all roses" at the moment. The cost of tools you
use is also getting more and more important. The more you can
save in that department, the more is left for your own pay.
So here is a survey we have regarding security tools, and scanners
in particular. Spend 2 minutes (max) to fill this one out? We'll
report on the results next week!
QUOTE OF THE DAY:
If at first you don't succeed, skydiving isn't for you.
NEW COINED WORD:
"Patchlet" - one of the many little patches that
go on top of the patches like those from Microsoft to fix the
security problems. (contributed by John Citron)
(email me with feedback: [email protected])
eEye Releases Updated Free RPC DCOM Vulnerability Scanner
eEye announced the immediate availability of a Retina® RPC
Vulnerability Scanner to scan for and detect this newly discovered
RPC flaw. This tool is based on eEye?s award-winning Retina® Network
Security Scanner and is being made available for free to assist
IT administrators in their efforts to quickly remediate this hole.
Visit eEye for more information.
Learning Guide: Planning And Designing Your Active Directory
SearchWin2000?s new Active Directory Learning Guide will bring you up
to speed quickly on this important Windows technology. The guide is
comprised of a mix of definitions, tips, hints, Ask the Expert answers,
technical article, featured topics and webcasts, all divided into five
user-friendly sections: AD basics, planning, migration, deployment
and resources. Recommended!
Survey: Security Falling As Priority?
Security Wire Digest reported that fewer companies describe security
as a "high" priority today than did so three years ago, according to
a worldwide survey conducted by Computing magazine. This is definitely
odd, seeing the recent developments in world events.
Some 59 percent of 2,500 IT executives and admins identified security
as a top priority, versus 71 percent of companies surveyed in 2000.
More than a third of businesses said they had suffered breaches causing
financial loss, 10 percent said those intrusions cost them more than
$100,000. The average breach cost a company just under $50,000.
The report found that many businesses keep breaches a secret, with
26 percent saying they didn't make attacks public. Just 12 percent
of those who reported breaches went first to law enforcement authorities.
The most common problems were garden-variety worms and Trojans, making
up some 45 percent of known attacks.
Gartner VP John Pescatore says enterprises face "permanently raised risk
levels" given the number of risks from hackers, terrorists and insiders.
Despite the risks, "security is still not an automatic sell to the people
at the top of a company," he adds. The full report is for sale ($195.00)
NT/2000 RELATED NEWS
SUS Can Now Handle Service Packs
This week, Redmond said system admins can now use Software Update
Services to deploy service packs. In the past, you had to use a
separate management system, such as SMS, to get the packs deployed.
MS also said that the new version of SUS 1.0 with SP1 applied, will
do more than just service pack deployment. It will also roll out
Windows XP SP1, W2K SP4 and future service packs for W2K, XP and
Windows Server 2003. Look for SUS V2.0 before the end of 2003. You
still need to approve these patches before they get rolled out
of course. MS has been listening to the market it seems. This has
been one of the most requested features, seen the recent spate of
Keep in mind though, that if you do not run you own SUS server in-house, the bandwidth is going to skyrocket if you point straight
to the MS site for downloads. These SP's are mammoth. Another
comment is that it's still early days for SUS. For instance it
does not support things like separate patch sets on the same server
and differentiate between these sets in the Group Policy Objects.
Want to have a look at it? Follow the link to the SUS client at
the bottom of this page:
What Do The Analysts Say About MS Storage Server 2003?
Last week we reported that Microsoft officially launched its Storage
Server 2003 operating system at the Storage Decisions show in Chicago.
The biggest change is that Microsoft has integrated file and print
support into the product, currently a much larger market opportunity
than network-attached storage (NAS), and one that Network Appliance
doesn't address. The Analyst Views site has some good background
on this, so you can make strategic decisions.
At the same show in Chicago, EMC's promised new NetWin 200 Windows-powered NAS devices was shown, the first system from EMC to use
Microsoft software. EMC was one of four OEMs at the event, although
10 OEMs in total are supporting the new OS, with an eleventh in
the pipeline. A number of independent software vendors (ISVs),
including Computer Associates and Veritas, have also signed up.
Windows Small Business Server RTMs
ENTMag reported that Microsoft hit the key development milestone for
the final piece in its six-month-long rollout of Windows Server 2003
on Tuesday with the release to manufacturing of Windows Small Business
Server 2003. From a marketing perspective, MS made three significant
changes to Small Business Server for the 2003 version: it split the
product into two editions, made the lower-end version much less
expensive compared to the 2000 generation, and beefed up the size
of company that can use the product. Read more at:
What's Happening With MS The Coming Year?
Mary Jo Foley is one of the MS-gurus of Ziff Davis. She watches MS
full time and writes a (paid) newsletter about it, (I'm on it).
They just came out with a one-year calendar designed to keep track
of key MS-related events. It lists major shows, product launches,
and other events. You can check out the very first one here:
And if you want to subscribe to Microsoft Watch, here is a free
2-week subscription page (recommended):
THIRD PARTY NEWS
Sunbelt RADMIN Wins Remote Management Award
Penton Media's Windows & .NET Magazine announced that Sunbelt
Remote Administrator was selected a winner in the Remote Management
Tool category of the Windows & .NET Magazine Readers' Choice Awards.
Readers selected Sunbelt Remote Administrator (Radmin) as Best Remote
Management Tool from a large field of contenders. The product drew
accolades from readers for its ease of use, solid performance, and
minuscule memory requirement.
Radmin lets administrators view and control multiple remote desktops
and securely transfer files. Windows 2000 and Windows NT user-level
security provides authentication, or you can use Radmin's challenge-response password authentication method. You can encrypt all remote
activity with 128-bit strong encryption and randomly generated keys.
An IP filter option allows remote access from authorized IP numbers
Radmin supports TCP/IP and also runs as a service. The product's
features include the ability to log users on and off remotely, shut
down and restart systems remotely, send Ctrl+Alt+Del access to a
system through Telnet, and passively view a remote system.
Patch Application Causes Fail-Over To Fail
This story is one that illustrates you need to TEST, TEST, and TEST
any patches you apply on mission critical systems. The culprit was
was RPCSS_MS03-039 from Microsoft KB824146. This was a story sent
to us by a W2Knews subscriber.
"I'm just warning you about a potential serious problem if you are
using Legato's Co-Standby Server. While attempting to patch our
pair of Co-Standby servers, the failover was used to apply the
patch to one unit, and then fail back to then apply to the first
server. The failover process crashed in process, wiping out our
failover configuration database, leaving some users on one (inactive)
Exchange server, and the others connected to the active one. But
Active Directory refused to let us update the Exchange pointers to
redirect the users to the active Exchange server, thus we were down
and out until we were able to get Legato to respond to a down system
(which was well over an hour), and then to repair the problem. Repair
required entirely rebuilding the failover configuration and partition
mirrors, so our supposedly failproof Exchange system was down for
over six hours."
Editor's comment: Thanks for the feedback. We can learn from our
own mistakes, but learning from some one else's experience prevents
more downtime! You do want to protect against viruses, because
those critters can get replicated too!
PestPatrol Endorses Proposed Anti-Spyware Legislation
PestPatrol, the leading developer of security software to detect and
eliminate spyware, adware, trojans and hacker tools from corporate
networks and home PCs, today announced its support of the Safeguard
Against Privacy Invasions Act (SPI) H.R. 2929 being introduced by
U.S. Representative Mary Bono (R.-Calif.) and being considered by
the Committee on Energy and Commerce in the U.S. House of Represen-
"The favorable reaction to this new legislation has been immensely
gratifying, and we appreciate the assistance and technical expertise
we have received from the PestPatrol team," said Representative Bono.
"Computer users throughout the U.S. are clearly very concerned about
online privacy issues, so we are introducing this legislation in an
attempt to return some control to individuals over their personal
PestPatrol considers spyware to be software intended to aid an
unauthorized person in causing a computer, outside the knowledge
of the computer?s user or owner, to transmit private information.
The proposed legislation will require people using spyware to
inform computer users of their intent to install the invasive
software and to obtain permission before loading it onto users?
"This legislation will prove to be a real eye opener to the public
at large. The growth of spyware in the last two years has been
significant," said Ben Wright, Chief Legal Counsel, PestPatrol.
"Making home users aware of this problem continues to be an uphill
battle. An act like this is badly needed so that both home users
and employees can privately access the Internet without getting
spied on. PestPatrol strongly supports this legislation." Check
out the corporate edition here:
This Week's Links We Like. Tips, Hints And Fun Stuff
Site for the promo of a small Ford car in the UK. Click on
highlights, and then view Clip #1. Devilishly funny. Not for
The IO2 interactive heliodisplay, generates non-physical mid-air
video allowing people or objects to move through the image.
The A-Word-A-Day site is a great way to increase your vocabulary.
The price of Worm Invasions. Ammo to get budget for tools!
If you are in IT, you need a TIVO. And if you don't or don't want
to, here is a great PC Equivalent.
Restoring backups overnight? Here is some "rocket fuel coffee"...
Want to know what is available about yourself online in public
records? Astounding amounts of data, some for pay, some free.
Check these sites:
The Peace One Day Site - 21st September 2003. 'There is one thing
stronger than all the armies in the world; and that is an idea
whose time has come.' -Victor Hugo (1802-1885)
PRODUCT OF THE WEEK
World?s smallest USB Drive
The 128MB USB Drive Intelligent Stick[tm]. I got me one of these
things, probably the most useful little computer thing I ever
bought, it's PUNY. It's really 128 megs...I have scanned all my
taxes, and every valuable document I ever had, and put 'em all
on there. It comes with a hard plastic wallet card so it fits in
your wallet and is protected. Plug it into your computer, transfer
files, give it to your accountant and let them print off the stuff
they need for your tax return. My whole life in my wallet (I have
never lost a wallet) and anyone with an XP or Win2k or Linux box
can open it without drivers--plug it in, print, take it out, done.
And there is still 110 megs left on mine.
If you want to protect your data, you can get a copy of DriveCrypt
and keep the stuff encrypted in case you ever did lose it. That
way it would be unreadable except by you. Pretty cool. Drive specs:
DriveCrypt specs over here: