- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Sep 22, 2003 (Vol. 8, #38 - Issue #444)
How Much Are You Worth... Today?
  This issue of W2Knews™ contains:
    • How Much Are You Worth... Today?
    • Learning Guide: Planning And Designing Your Active Directory
    • Survey: Security Falling As Priority?
    • SUS Can Now Handle Service Packs
    • What Do The Analysts Say About MS Storage Server 2003?
    • Windows Small Business Server RTMs
    • What's Happening With MS The Coming Year?
    • Sunbelt RADMIN Wins Remote Management Award
    • Patch Application Causes Fail-Over To Fail
    • PestPatrol Endorses Proposed Anti-Spyware Legislation
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • World?s smallest USB Drive
  SPONSOR: InstallShield
FREE eBook on Application Packaging and Migration
InstallShield presents "The Administrator Shortcut Guide? to
Software Packaging for Desktop Migrations", a compact resource
loaded with tips for making your migration project a success.
The eBook discusses migration standards, package documentation,
conflict elimination, and more. Download Chapters 1 and 2 today!
Visit InstallShield for more information.

How Much Are You Worth... Today?

Currently, the unemployment among IT people is at the highest level in many years: 6%. That means shrinking salaries, bonuses that are not as high as usual, IT budgets that are flatter than normal, and you might be wondering how much you are worth... today.

Well, InfoWorld recently did a survey over almost 3,000 IT people, and the average raise is only about 1 to 5 percent. Bonuses were slashed by 12.5 percent. Taking ALL IT salaries together, the average this year is $84,312 but last year it was $87,385. (In 2001 it was $85,626.)

So now, how about you? As a comparison, the mean of senior management salary is about 110K. The mean middle management is 82K, and mean staff pay is 70K. LAN/Network management's average is at the moment $79,674. Network Administrators are at 68K. Keep in mind though that this does fluctuate quite a lot per region. For instance CA and NY pay is higher, and southeast is lower. But it gives you a pretty good idea.

The trick at the moment is do more with less staff. Add to that the challenge of keeping your networks secure, and you see that things are not "all roses" at the moment. The cost of tools you use is also getting more and more important. The more you can save in that department, the more is left for your own pay.

So here is a survey we have regarding security tools, and scanners in particular. Spend 2 minutes (max) to fill this one out? We'll report on the results next week!

If at first you don't succeed, skydiving isn't for you.

"Patchlet" - one of the many little patches that go on top of the patches like those from Microsoft to fix the security problems. (contributed by John Citron)

Warm regards,

Stu Sjouwerman (email me with feedback: [email protected])

eEye Releases Updated Free RPC DCOM Vulnerability Scanner
eEye announced the immediate availability of a Retina® RPC
Vulnerability Scanner to scan for and detect this newly discovered
RPC flaw. This tool is based on eEye?s award-winning Retina® Network
Security Scanner and is being made available for free to assist
IT administrators in their efforts to quickly remediate this hole.
Visit eEye for more information.

Learning Guide: Planning And Designing Your Active Directory

SearchWin2000?s new Active Directory Learning Guide will bring you up to speed quickly on this important Windows technology. The guide is comprised of a mix of definitions, tips, hints, Ask the Expert answers, technical article, featured topics and webcasts, all divided into five user-friendly sections: AD basics, planning, migration, deployment and resources. Recommended!

Survey: Security Falling As Priority?

Security Wire Digest reported that fewer companies describe security as a "high" priority today than did so three years ago, according to a worldwide survey conducted by Computing magazine. This is definitely odd, seeing the recent developments in world events.

Some 59 percent of 2,500 IT executives and admins identified security as a top priority, versus 71 percent of companies surveyed in 2000. More than a third of businesses said they had suffered breaches causing financial loss, 10 percent said those intrusions cost them more than $100,000. The average breach cost a company just under $50,000.

The report found that many businesses keep breaches a secret, with 26 percent saying they didn't make attacks public. Just 12 percent of those who reported breaches went first to law enforcement authorities. The most common problems were garden-variety worms and Trojans, making up some 45 percent of known attacks.

Gartner VP John Pescatore says enterprises face "permanently raised risk levels" given the number of risks from hackers, terrorists and insiders. Despite the risks, "security is still not an automatic sell to the people at the top of a company," he adds. The full report is for sale ($195.00) at InformationWeek.


SUS Can Now Handle Service Packs

This week, Redmond said system admins can now use Software Update Services to deploy service packs. In the past, you had to use a separate management system, such as SMS, to get the packs deployed.

MS also said that the new version of SUS 1.0 with SP1 applied, will do more than just service pack deployment. It will also roll out Windows XP SP1, W2K SP4 and future service packs for W2K, XP and Windows Server 2003. Look for SUS V2.0 before the end of 2003. You still need to approve these patches before they get rolled out of course. MS has been listening to the market it seems. This has been one of the most requested features, seen the recent spate of worms.

Keep in mind though, that if you do not run you own SUS server in-house, the bandwidth is going to skyrocket if you point straight to the MS site for downloads. These SP's are mammoth. Another comment is that it's still early days for SUS. For instance it does not support things like separate patch sets on the same server and differentiate between these sets in the Group Policy Objects. Want to have a look at it? Follow the link to the SUS client at the bottom of this page:

What Do The Analysts Say About MS Storage Server 2003?

Last week we reported that Microsoft officially launched its Storage Server 2003 operating system at the Storage Decisions show in Chicago. The biggest change is that Microsoft has integrated file and print support into the product, currently a much larger market opportunity than network-attached storage (NAS), and one that Network Appliance doesn't address. The Analyst Views site has some good background on this, so you can make strategic decisions.

At the same show in Chicago, EMC's promised new NetWin 200 Windows-powered NAS devices was shown, the first system from EMC to use Microsoft software. EMC was one of four OEMs at the event, although 10 OEMs in total are supporting the new OS, with an eleventh in the pipeline. A number of independent software vendors (ISVs), including Computer Associates and Veritas, have also signed up. More at:

Windows Small Business Server RTMs

ENTMag reported that Microsoft hit the key development milestone for the final piece in its six-month-long rollout of Windows Server 2003 on Tuesday with the release to manufacturing of Windows Small Business Server 2003. From a marketing perspective, MS made three significant changes to Small Business Server for the 2003 version: it split the product into two editions, made the lower-end version much less expensive compared to the 2000 generation, and beefed up the size of company that can use the product. Read more at:

What's Happening With MS The Coming Year?

Mary Jo Foley is one of the MS-gurus of Ziff Davis. She watches MS full time and writes a (paid) newsletter about it, (I'm on it). They just came out with a one-year calendar designed to keep track of key MS-related events. It lists major shows, product launches, and other events. You can check out the very first one here:

And if you want to subscribe to Microsoft Watch, here is a free 2-week subscription page (recommended):


Sunbelt RADMIN Wins Remote Management Award

Penton Media's Windows & .NET Magazine announced that Sunbelt Remote Administrator was selected a winner in the Remote Management Tool category of the Windows & .NET Magazine Readers' Choice Awards.

Readers selected Sunbelt Remote Administrator (Radmin) as Best Remote Management Tool from a large field of contenders. The product drew accolades from readers for its ease of use, solid performance, and minuscule memory requirement.

Radmin lets administrators view and control multiple remote desktops and securely transfer files. Windows 2000 and Windows NT user-level security provides authentication, or you can use Radmin's challenge-response password authentication method. You can encrypt all remote activity with 128-bit strong encryption and randomly generated keys. An IP filter option allows remote access from authorized IP numbers or subnets.

Radmin supports TCP/IP and also runs as a service. The product's features include the ability to log users on and off remotely, shut down and restart systems remotely, send Ctrl+Alt+Del access to a system through Telnet, and passively view a remote system.

The Award:

The Product:

Patch Application Causes Fail-Over To Fail

This story is one that illustrates you need to TEST, TEST, and TEST any patches you apply on mission critical systems. The culprit was was RPCSS_MS03-039 from Microsoft KB824146. This was a story sent to us by a W2Knews subscriber.

"I'm just warning you about a potential serious problem if you are using Legato's Co-Standby Server. While attempting to patch our pair of Co-Standby servers, the failover was used to apply the patch to one unit, and then fail back to then apply to the first server. The failover process crashed in process, wiping out our failover configuration database, leaving some users on one (inactive) Exchange server, and the others connected to the active one. But Active Directory refused to let us update the Exchange pointers to redirect the users to the active Exchange server, thus we were down and out until we were able to get Legato to respond to a down system (which was well over an hour), and then to repair the problem. Repair required entirely rebuilding the failover configuration and partition mirrors, so our supposedly failproof Exchange system was down for over six hours."

Editor's comment: Thanks for the feedback. We can learn from our own mistakes, but learning from some one else's experience prevents more downtime! You do want to protect against viruses, because those critters can get replicated too!

PestPatrol Endorses Proposed Anti-Spyware Legislation

PestPatrol, the leading developer of security software to detect and eliminate spyware, adware, trojans and hacker tools from corporate networks and home PCs, today announced its support of the Safeguard Against Privacy Invasions Act (SPI) H.R. 2929 being introduced by U.S. Representative Mary Bono (R.-Calif.) and being considered by the Committee on Energy and Commerce in the U.S. House of Represen- tatives.

"The favorable reaction to this new legislation has been immensely gratifying, and we appreciate the assistance and technical expertise we have received from the PestPatrol team," said Representative Bono. "Computer users throughout the U.S. are clearly very concerned about online privacy issues, so we are introducing this legislation in an attempt to return some control to individuals over their personal information."

PestPatrol considers spyware to be software intended to aid an unauthorized person in causing a computer, outside the knowledge of the computer?s user or owner, to transmit private information. The proposed legislation will require people using spyware to inform computer users of their intent to install the invasive software and to obtain permission before loading it onto users? computers.

"This legislation will prove to be a real eye opener to the public at large. The growth of spyware in the last two years has been significant," said Ben Wright, Chief Legal Counsel, PestPatrol. "Making home users aware of this problem continues to be an uphill battle. An act like this is badly needed so that both home users and employees can privately access the Internet without getting spied on. PestPatrol strongly supports this legislation." Check out the corporate edition here:


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Site for the promo of a small Ford car in the UK. Click on highlights, and then view Clip #1. Devilishly funny. Not for animal lovers.

  • http://www.w2knews.com/rd/rd.cfm?id=030922FA-Ford_Car
  • The IO2 interactive heliodisplay, generates non-physical mid-air video allowing people or objects to move through the image.

  • http://www.w2knews.com/rd/rd.cfm?id=030922FA-IO2
  • The A-Word-A-Day site is a great way to increase your vocabulary.

  • http://www.w2knews.com/rd/rd.cfm?id=030922FA-AWAD
  • The price of Worm Invasions. Ammo to get budget for tools!

  • http://www.w2knews.com/rd/rd.cfm?id=030922FA-Worm
  • If you are in IT, you need a TIVO. And if you don't or don't want to, here is a great PC Equivalent.

  • http://www.w2knews.com/rd/rd.cfm?id=030922FA-PVR
  • Restoring backups overnight? Here is some "rocket fuel coffee"...

  • http://www.w2knews.com/rd/rd.cfm?id=030922FA-Coffee
  • Want to know what is available about yourself online in public records? Astounding amounts of data, some for pay, some free. Check these sites:

  • http://www.w2knews.com/rd/rd.cfm?id=030922FA-Search_Systems
  • The Peace One Day Site - 21st September 2003. 'There is one thing stronger than all the armies in the world; and that is an idea whose time has come.' -Victor Hugo (1802-1885)

  • http://www.w2knews.com/rd/rd.cfm?id=030922FA-PeaceOneDay

    World?s smallest USB Drive

    The 128MB USB Drive Intelligent Stick[tm]. I got me one of these things, probably the most useful little computer thing I ever bought, it's PUNY. It's really 128 megs...I have scanned all my taxes, and every valuable document I ever had, and put 'em all on there. It comes with a hard plastic wallet card so it fits in your wallet and is protected. Plug it into your computer, transfer files, give it to your accountant and let them print off the stuff they need for your tax return. My whole life in my wallet (I have never lost a wallet) and anyone with an XP or Win2k or Linux box can open it without drivers--plug it in, print, take it out, done. And there is still 110 megs left on mine.

    If you want to protect your data, you can get a copy of DriveCrypt and keep the stuff encrypted in case you ever did lose it. That way it would be unreadable except by you. Pretty cool. Drive specs:

    DriveCrypt specs over here: