- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Oct 13, 2003 (Vol. 8, #41 - Issue #447)
Ballmer Vows: Better Windows Security
  This issue of W2Knews™ contains:
    • September 2003 Best Selling Tools
    • SG Cowen Data Networking Research; Your Help is Needed!
    • Who Saved MP3.com?
    • Ballmer Vows: Better Windows Security
    • Small Business Server Guru Comments On New Release
    • The Problems Of Bayesian Filtering At The Server Level
    • Latest List Of Top Vulnerabilities
    • LanHound Comes To The Rescue
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Exam 70-290: Managing and Maintaining WinServer 2003
  SPONSOR: ScriptLogic
NEW Desktop Authority from ScriptLogic Corporation
Desktop Authority is a new robust software solution from ScriptLogic
Corporation. Proactive administration features found in ScriptLogic
Enterprise have been integrated with browser-based interactive
management and real-time remote control of Windows desktops.
Secure browser based interactive desktop management
Real-time remote control and data transfer from any Microsoft
Windows desktop
Access desktops and files remotely without additional client-
side software  ...And Much More
Check out the new product and DOWNLOAD a 45 day trial version.
Visit ScriptLogic for more information.

September 2003 Best Selling Tools

It's always interesting to know what your colleagues are buying. So here are the sales figures of September, which was a "Highest Ever" month in revenues. Here are the winners, and this time around, I decided to also include the relative percentages, so you can see the performance per product. Note: we got one major order for UpdateExpert from a large USA defense organization (September is the end of their fiscal year), so this caused that product to be the winner by far! The fact there were a slew of worms and attacks recently, made a lot of people decide to fully automate their patching procedures.

  1. UpdateExpert: 39.49%
  2. Double Take: 24.91%
  3. iHateSpam Server: 15.68%
  4. ScriptLogic: 3.29%
  5. Sunbelt Remote Admin: 2.28%
  6. iHateSpam Client: 1.98%
  7. Prism Pack: 1.77%
  8. LanHound: 1.64%
  9. Active Administrator: 1.02%
  10. SecureIIS: 0.99%
Want to give one a test drive? You'll find them all here:

Quotes Of The Day:

"You take the work seriously, but not take yourself seriously. You keep that in mind and you'll do well the rest of your life".
- Clint Eastwood.

"Any sufficiently advanced technology is indistinguishable from magic."
- Arthur C. Clarke

Warm regards,
Stu Sjouwerman
(email me with feedback: [email protected])

  SPONSOR: DoubleTake
Are your servers protected? Disaster Recovery is #1 priority!
This means you have to have a tested plan and reliable tools in
place for the moment your site goes down. DOUBLE-TAKE is that tool.
Sold more than all other High-Availability tools combined. It is
even certified for W2K Datacenter. No other HA tool is. How it
works? "Server A goes down--Server B takes over". Get the eval
copy here, this is your ultimate job-security.
Visit DoubleTake for more information.

SG Cowen Data Networking Research; Your Help is Needed!

This week, if you are a high level/management IT pro in the USA, you'll get a $10 Amazon gift cert if you are within the first 100 qualified respondees.

SG Cowen is currently conducting a very important piece of research surveying high-level technology professionals and CFOs about current and future data networking trends. They are particularly interested in your thoughts and opinions. Apart from the Amazon Gift Cert, you will be eligible to receive a copy of the survey results. That alone is worth the time doing this survey. It took me 7 minutes myself.

Who Saved MP3.com?

Steve Cox sent this to me, and I thought it was funny enough to "print" it, since it is a good lesson for all of us that maintain Windows servers and websites. Here goes:

"Something happened on the Net today that might be of interest to your readers. In short, I am the guy that saved MP3.com, or at least their website.

I am MP3.com artist, Voice of Golden Eagle (mp3.com/voge). When I went to my artist site URL this morning, I saw one of the infamous VeriSign redirects instead of my music, complete with the dreaded message, "We didn't find: "artists.mp3s.com" There is no Web site at this address."


Further investigation showed that MP3.com was almost entirely broken. While the front page (mp3.com) was still there, any link that went to their MP3S.com 'sub-domain' was non functional. That meant the music charts and ALL streaming music services were down! A problem affecting literally thousands of independent artists who use MP3.com as their Web presence.

A quick check of the domain whois database showed the root cause of the problem... MP3.com had allowed their MP3S.com sub-domain to expire on September 23rd and had not yet renewed! A multi- million dollar web presence was stopped dead over a $35 renewal fee.

As an artist being directly affected by this breakdown my next actions were clear. I picked up the phone and called Network Solutions customer support. Within minutes I used my own credit card to purchase a one year renewal for the MP3S.com domain.

So now I wait along with thousands of other artists for the switch to flip and turn us all back on; a process that can take 24 to 48 hours as the new routing instructions propagate across the Web. But as I wait I smile, thinking about how the Net's 'Premiere Music Streaming Service' had to be rescued by... me!"


Ballmer Vows: Better Windows Security

It's all over the news. There is even a sizable article in the Wall Street Journal about it. The MS CEO promises that they really will improve security. Steve positioned it as important as the antitrust fight and the original move to the Internet in the nineties.

He acknowledged that the patching process is inconsistent, and that the sheer volume of vulnerabilities is overwhelming. The biggest news is that the existing MS patching tools are going to be reduced to just one. Patches will be smaller, have rollback features, and will be more predictable, and there will be a dedicated website for security.

It also looks like they will improve their firewall technology, and they are looking at memory locking technology to prevent buffer overflows. The SearchWin2000 site has some more goodies that they are working on, not the least the fact that security support will be extended until June 2004 for W2K SP2 and NT WS SP4. More here:

Small Business Server Guru Comments On New Release

SBS author Harry Brelsford ("SMB Consulting Best Practices") and founder of the SMB Nation conference series (www.smbnation.com) commented on the October 9th release of Windows Small Business Server 2003 at the Microsoft Worldwide Partners Conference (WWPC) in New Orleans, (edited by yours truly).

  • The two versions of SBS 2003 appropriately segment the small business space by doing the "greatest good for the great number of small businesses." The vast majority of small businesses will benefit most by saving money and purchasing the SBS 2003 standard edition at $599 with its capable networking infrastructure. More mature small business will gladly pay $1,499 for the premium edition of SBS 2003 to add database and ISA Server 2000 functionality.
  • This release builds on the stability that SBS found in the 2000 time frame. But it adds the "mobile worker paradigm" with the Remote Web Workplace, the client computer support concept with a revamped client computer setup routine (over the wire, no diskette, exploits Group Policy Objects)
  • The SBS 2003 release is all about business. Technical gains are incremental at this point, with an exception being security, for which SBS 2003 has many security enhancements such as the Security Best Practices link from the To Do List.
SBS 2003 gives a lot more to the MBAs than the MCSEs of the world. Window SharePoint Services, with its collaborative and basic document management capabilities, will be an MBA's dream come true in terms of helping small businesses manage workflow, recast business operations, and as Microsoft sez "...do more with less..." A lot of people are going to upgrade, because of the following:

Brelsford's SBS 2003 Killer Applications List:

  1. Remote Web Workplace (so workers can WIFI into machine at work from Starbucks!) and other mobility improvements
  2. Windows SharePoint Services (with CompanyWeb and basic document management)
  3. Simplified setup (faster, fewer screens, more straight forward)
  4. Client Computer Setup and Support Improvements (e.g. no setup diskette)
  5. Network Notebook Documentation (at end of each SBS wizard)
  6. It uses Windows Server 2003 as underlying OS
  7. Licensing improvements (online, user and device mode)
  8. Outlook Web Access 2003 looks and feels like real fat Outlook client
  9. Automatic creation of Company public folder and contact object
  10. Slices bread and makes espresso
Looks like we have a winner here with this new version.

The Problems Of Bayesian Filtering At The Server Level

Some companies tout they have bayesian spam filtering at the server level. We started looking at it, and came to the conclusion that it's a bit murky. Why? Well, Bayesian was originally created for the email end-user. It needs to be -taught- what spam is. Kinda sorta a bit of an expert system, to a limited degree. You will already see the problem with this. One man's spam is another man's treasure. If you want to do Bayesian filtering at the server, to make sure that the false positives aren't going to skyrocket, you would have to start using CPU for EACH user, to determine what -they- think is spam or not. Doing that at the server is going to be quite resource intensive, if not completely prohibitive use of the CPU. So, if a company claims they do Bayesian filtering, that may very well be marketing hype that you need to actually investigate thoroughly, since it might be a limited filtering implementation that hardly merits the name "Bayesian"... Caveat Emptor.

Latest List Of Top Vulnerabilities

This list is a living document, and consists of the Top 10 for Windows and a Top 10 for Unix/Linux. The SANS Institute publishes this list since 2000, along with government agencies from the United States, the United Kingdom and Canada. For Windows, IIS is still the top red flag, but there are many other good ones, like SQL, IE, MDAC and WSH. Have a look at the SANS list below. If you are in the market for a security scanner, you'll be interested to know a new tool will be announced shortly, with a great licensing scheme. If you want to secure IIS right away, there is a good utility called SecureIIS you should check out:

Link to SANS:

Link to SecureIIS:

LanHound Comes To The Rescue

Just have a look at this customer success story:

"We love LanHound! It have become an essential tool for myself and it is so much easier to use and diagnose network problems. It has recently help us locate a couple of viruses. Thanks for your help!" -- Francisco Garcia.

Check out the eval over here. It supports Switched LANs and comes with three additional agents at no charge, so you can monitor segments.


This Week's Links We Like. Tips, Hints And Fun Stuff

  • Automated Plane. I wonder what OS it's running under... [grin] We may "slashdot" this site, so the name of this file is autoplane mpeg so you might be able to find it some where else.

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-Autoplane
  • What's next, network your bed?

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-Whats_Next
  • A "Verbose" File Not Found message. Cute.

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-Not_Found
  • Cigarette Lighter Add-on To Your PC.

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-Cigarette
  • I used to be a VMS-guy before Windows. Some one turned a VAX (that used to run VMS) into a Wet Bar. Fun and Blasphemy at the same time!

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-Wet_Bar
  • Possibly the coolest guy on the Internet. Theodore Gray. He's got the periodic table, for real. Click on the Tables Image.

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-Periodic_Table
  • General Motors's VP R&D claims zero-emission fuel cell vehicles (FCV) will eventually make gasoline-electric hybrids obsolete:

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-FCV
  • American artist paints a Rock in Rural Iowa after 9-11.

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-9-11_Art
  • Mark Minasi Q&A Session: NT 4.0 -- Hold 'em or fold 'em?

  • http://www.w2knews.com/rd/rd.cfm?id=031013FA-Minasi

    Exam 70-290: Managing and Maintaining WinServer 2003

    The Shinders have done it again! A great MCSA/MCSE study guide for Exam 70-290: Managing and Maintaining a Windows Server 2003 Environment. I have a copy and it looks great. The DVD provides a virtual classroom and the book includes web-testing at no charge, plus step-by-step exercises.

    This is a "Stu's Warmly Recommended". Check it out at Amazon.com.