Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jan 26, 2004 (Vol. 9, #4 - Issue #460)
Stopping Worms: Your Seven Step Program
This issue of W2Knews contains:
- EDITORS CORNER
- TECH BRIEFING
- Stopping Worms: Your Seven Step Program
- Microsoft Updates Baseline Security Tool
- How The Democrats Were Hax0red
- Mark Minasi Explains How SUS Works
- NT/2000 RELATED NEWS
- Redmond Seeks Its Next Cash Cow, But Does Great
- Removing SPs And Hotfixes That Leave Win2K Unbootable
- NT/2000 THIRD PARTY NEWS
- Computer Security Gets Tougher For Small Companies
- Great News For iHateSpam Server Users
- iHateSpam Server 1.5 Webinar
- NEW: Recover Deleted Files Quickly
- Panda Intro's New Products
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Solve Network Performance Problems With LanHound
SPONSOR: iPrism Web Filter
Discover the Appliance Advantage with the iPrism Web Filter! One
box is all you need for a total Web filtering solution. IT
Professionals now consider using an appliance for Web filtering
the smart, efficient choice. With the iPrism appliance, there is
no additional hardware or software to purchase; everything,
including built-in reporting, is in the box. See what all the
noise is about, DOWNLOAD 5 FREE TOOLS from iPrism today.
Visit iPrism Web Filter for more information.
New 'Flavors' Of spam
Every group has their own language. The bigger the group, the
bigger the specialized vocabulary. Several professions have many
hundreds of words with specific definitions. Think Medical,
Genetics, and of course IT. Here's two new ones in our field:
"Sporn" is porn spam, and "Spim" is instant messaging spam.
You heard it (hopefully) here first. [grin] Talking about spam...
The CAN-SPAM Act is not very effective. The war on spam is
starting to look like the war on drugs. That's why Sunbelt is
happy to announce dramatically improved new versions of both
iHateSpam client and server. The new spam detection engine is
really killer. Here is just one happy camper talking about the
4.0 Client version.
"I upgraded. Today I received 38 e-mails, 4 good and 34 bad, in
twelve hours. Ver. 4 nailed every one of the 34 bad ones. It
seems to me like this new version is much more effective in
getting the junk sorted out. The old version would have trapped
probably 80% but version 4.0 got 'em all. I don't know how anyone
who uses e-mail for legitimate purposes can get along without a
good spam blocker like iHateSpam. Version 4.0 takes no
prisoners. -- John
The new Server Version 1.5 was nicknamed the 'Customer Faves'.
We included all the features that our now well over 2,500
enterprise users asked for. If you do not run it yet, you should
really try it out for 30 days. Check out all the new features
at the link below:
New Client V4.0:
New Server V1.5:
*** Come and join us for our iHateSpam Server 1.5 Webinar. Read about it in Third Party News below.
And here is the new SunPoll: With a server (event log) monitoring
tool, what would be the PRIMARY reason you would use a product
Manage server uptime
Manage server security
Vote here, rightmost column:
Quotes of the Day:
- "All I ask is a chance to prove that money can't make me happy."
- "Dogs have owners, cats have staff."
- "Practice thirty more years." -- Zen saying
(email me with feedback: [email protected])
SPONSOR: Microsoft® & Quest Software®
MAKE THE BUSINESS CASE FOR CONSOLIDATION
Disk space is cheap, but managing storage isn't.
How are you planning to tackle this growing concern?
Learn how to plan the business case for your consolidation
project. Get the hard data about consolidation projects from
Microsoft® and Quest Software®.
Download the Microsoft® & Quest Software® joint white paper and get
on the road to storage fitness.
Visit Microsoft® & Quest Software® for more information.
Stopping Worms: Your Seven Step Program
You can prevent worm infestations with a few relatively simple
measures. There are no absolutes, so you can never get 100%
secure, but this will get you close. Here goes:
A) Train end-users. Many admins have been unpleasantly surprised
by users that know just enough to be dangerous. They open up
attachments, download stuff from infected Web sites, or bring
their infected laptops in and hook it up to your clean network.
B) Anti-virus software on EVERY machine, desktop and laptops.
C) Scan your networks on a very regular basis for vulnerabilities,
with a really good database that gets updated by experts.
D) Do not hook up an unpatched system to the Internet.
E) Update and patch systems on a frequent basis. Make sure your
VPN's are safe by protecting telecommuters.
F) A Firewall between your network and the Net is a must-have
piece of your layered protection.
G) Formulate, Implement and Verify security policies. Enforce
these rules for all end-users. Get management buy-in to make
sure you get compliance.
Here are a few tools you can use for this:
Microsoft's Article: It's Time to End Information Anarchy:
Microsoft Updates Baseline Security Tool
Redmond has released a new version of its Microsoft Baseline
Security Analyzer software. Although version 1.2 of MBSA is
free, the security tool's usefulness is limited, according
to some Windows experts. MBSA Version 1.2 includes a graphical
and command line interface that can perform local or remote
scans of Windows systems. MBSA will scan for common system
misconfigurations in the following products: Windows NT 4.0,
Windows 2000, Windows XP, Windows Server 2003, (IIS), SQL
Server, IE, and Office. MBSA 1.2 will also scan for missing
security updates for the following products: NT 4.0, W2K, XP,
2K03, IIS 6.0, SQL Server, IE, ExchangeServer , and 2003,
Windows Media Player, (MDAC), MSXML, Microsoft Virtual Machine,
Commerce Server, Content Management Server, BizTalk Server,
Host Integration Server, and Office. Article at SearchWin2000:
MBSA 1.2 runs on W2K, XP and Server 2K03 and can scan those
platforms plus NT 4.0. MBSA will not scan Windows 95, Windows
98 or Windows Me. The download file, the FAQ and other resources
are available here:
How The Democrats Were Hax0red
The Boston Globe has the story about Washington's IT scene.
Republican staff members of the US Senate Judiciary Committee
infiltrated opposition computer files for a year, monitoring
secret strategy memos and periodically passing on copies to
the media, Senate officials told The Globe. From the spring of
2002 until at least April 2003, members of the GOP committee
staff exploited a computer glitch that allowed them to access
restricted Democratic communications without a password.
The actual technical issue involved is apparently one of simple
file permissions: A technician hired by the new judiciary
chairman, Patrick Leahy, Democrat of Vermont, apparently made a
mistake that allowed anyone to access newly created accounts on a
Judiciary Committee server shared by both parties -- even though
the accounts were supposed to restrict access only to those with
the right password. However, sharing the same network and servers
between the parties, and using those servers to store partisan
strategy documents, looks to me like the more fundamental
Editorial Comment: And these guys make the LAWS that dictate
Here is the story in the Globe:
Mark Minasi Explains How SUS Works
The feature article in his Jan 2004 issue is "Software Update
Service A to Z." How to set it up, where to find it, all the
Registry hacks, tips and tricks, as well as the skinny on what
works and what doesn't in Microsoft's downloadable patch manager.
I think there's things in there for both SUS novices and
battle-scarred vets! Read it at:
NT/2000 RELATED NEWS
Redmond Seeks Its Next Cash Cow, But Does Great
Network World has a good article about MS's real financial
strength. Microsoft's reputation is one of a moneymaker, but
the fact is that four of its seven business units are in the red.
To the tune of $1.6 billion in fiscal year 2003, Microsoft bled
money from its Business Solutions, Mobile and Embedded Devices,
MSN, and Home and Entertainment divisions. Their recent quarter
was very strong though, as the Wall Street Journal reported this
week. They broke their record with a 10 Billion dollar quarter.
Of course, piling up a loss of that size isn't such a big deal
when you consider Microsoft's other three units turned a combined
profit of $17.8 billion. And things actually are looking up if you
compare to 2002, when the four losers were $1.8 billion in the
Despite the losses, Microsoft's competitors recognize these
business units as slumbering giants. They are not only coddled by
a cash reserve of $51 billion but with a thirst to become
Microsoft's new growth business now that traditional cash cows -
client operating systems and the Office suite - have matured.
Removing SPs And Hotfixes That Leave Win2K Unbootable
Windows 2000, Windows XP and Windows 2003 Service Packs and
hotfixes are usually designed to fix problems, not aggravate
them. Unfortunately, some hotfix or Service Pack installations
have been known to damage a system to the point where it will not
boot correctly. Here's why - and more important - how to remedy
the problem. Another good one from the SearchWin2000 site.
THIRD PARTY NEWS
Computer Security Gets Tougher For Small Companies
The Wall Street Journal on Tues Jan 20, 2004 had a sizable article
about the fact that smaller business gets more and more exposed
to security hazards like viruses, worms and other cyberpest
infestations. They had a story of a small outfit with 160 staff
that had to shut down their network for Fri, Sat and Sun to get
rid of a nasty virus. U.S. businesses with one to 99 employees
number around 5.9 million and they are expected to spend over
US$ 86 Billion in 2004, with 2.1 Billion in security products.
Small companies' IT spending is projected to go up 10% annually
in the next 5 years, but spending on security is planned to
grown a whopping 28% over that time. That growth is driven by
more and more virus and worm attacks, and the 9-11 after effects.
More and more small businesses are now actively installing
anti-virus tools, firewalls, vulnerability scanners and spam
That means small and medium-size businesses (SMBs) have become
big targets for the 'big dawg' IT-vendors. And here is some REAL
GOOD NEWS for SMB's in the USA. Recent tax cuts currently permit
SMBs to deduct as much as $100,000 annually in fixed capital
expenditures from their taxable earnings -- up from $25,000
prior to 2003 - which should further stimulate IT investment by
US SMBs through the end of 2005. Here's the budget you needed!
SMB's usually rely on products (instead of staff) to close the
most glaring holes. Sunbelt's new Network Security Inspector
(SNSI) is just the tool if you are in this segment of the
market. Affordable security scanning with a world-class database
of vulnerabilities, and easy instructions how to close the
door on hackers! SNSI will be released this month: Jan 2004.
More info at:
Here is the marketing research as a budget source document:
Great News For iHateSpam Server Users
Just to get you up to speed, iHateSpam is now the BEST SELLING
anti-spam solution for MS Exchange. No other anti-spam tool
has sold 2,500 licenses in just 9 months.
Better yet, we have had a boatload of feature requests from
these customers, and all of these have been included into the
new Version 1.5 that is released now! So, what's new?
Have a look at the new features and upgrade now. Here's the V1.5
- New spam detection engine: We are using a brand new engine
with a dramatic increase in spam detection, (strips HTML now).
- More user control for whitelist/blacklists: Now the end user
can manage their personal whitelists and blacklist using custom
forms that are accessible in Outlook.
- Improved management of user whitelists and blacklists so users
can organize their lists better. This has the added benefit of
reducing the amount of space that whitelists and blacklists take
up on the mailserver.
- Distribution list and Public folder filtering: iHateSpam
V1.5 now has the ability to scan distribution lists and public
folders for spam content. This has been a much requested
feature since iHS SE's initial release.
- Additional enhancements to custom rules: There have been
several new features added to the custom rules engine in order to
better customize spam filtering.
- Zero Cost Upgrade For iHateSpam Server. Remember that if you
are running Exchange V5.5 or 2000, and need an anti-spam solution
in place that truly and smoothly integrates with Exchange, you
should not be punished with upgrade costs if you move platform.
That's why there is no charge for the iHateSpam Server version
when you move from E5.5 to E2K or E2K3. Just download the latest
build, plug in the key, and you are up and running.
iHateSpam Server 1.5 Webinar
Come and see our Webinar with all the new V1.5 Features! Speakers will be Alex Eckelberry, president and Greg Kras, CTO with Sunbelt Software.
Time: Tuesday, 27 Jan 2004, 1:00 PM EST
Meeting URL: http://www.w2knews.com/rd/rd.cfm?id=040126TP-Webinar
Call in at the numbers below and enter code 104764:
NEW: Recover Deleted Files Quickly
You all know the frantic calls from end users that threw a
file in the Recycle Bin, and then for good measure emptied it.
And of course they had this file sitting on the desktop and
not in their user share on the server where it gets backed up.
Aaugh! Of course their own fault. But you still get the call.
Here's a powerful, low cost tool to get these painful errors
quickly resolved and make you an instant hero. File Rescue Plus
comes in a single-user version, but also for administrators
in an 'unlimited' flavor. Check it out here, there is a demo
that allows you to undelete two files.
Panda Intro's New Products
Quietly while no one was looking ? Panda stealthily introduces
new products and enters the channel big time.
In last couple of months Panda Software has introduced a robust
and enhanced line of enterprise-wide antivirus solutions that
protect all levels of businesses and institutions from small to
large enterprise. The strength of the various Panda antivirus
products start at the gateway level with GateDefender and
continuing with specific software applications that provide a
layered solution protecting all aspects of your network
including workstations, file servers and mail servers.
Panda is becoming a major player in the increasing security
sector, due to their flexibility, free 24-7 tech support
and affordability. W2Knews recently learned that Panda is
now being actively SKUed up at Merisel and was just picked
up by Lifeboat. Distributors are showing strong interest in
carrying Panda as the AV category is one of the hottest
around and is expected to be the largest growth area in
business spending over the next couple of years. If you have
never tried Panda software before, they have reinstituted
their fabled ITatHome program which provides their award
winning Platinum 7 software to IT professional free of
charge. If you don?t believe that Panda finds viruses on
your computer that your current antivirus has not found,
try it for yourself. I know I did.
This Week's Links We Like. Tips, Hints And Fun Stuff
PRODUCT OF THE WEEK
Solve Network Performance Problems With LanHound
Sniff Fast. Sniff Easy. Sniff Cheap. What separates LANHOUND from
the pack is that it is a super affordable tool that helps you
troubleshoot NT/2000/2003 LAN, WAN or Internet segments. LANHOUND
supports switched networks and even includes three free remote
agents in the price! Use LANHOUND to hunt down broadcast storms,
analyze protocols, and monitor your network. Get the Hound.
LAN's best friend. US $743 with one year maintenance included.