- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jan 26, 2004 (Vol. 9, #4 - Issue #460)
Stopping Worms: Your Seven Step Program
  This issue of W2Knews™ contains:
    • New 'Flavors' Of spam
    • Stopping Worms: Your Seven Step Program
    • Microsoft Updates Baseline Security Tool
    • How The Democrats Were Hax0red
    • Mark Minasi Explains How SUS Works
    • Redmond Seeks Its Next Cash Cow, But Does Great
    • Removing SPs And Hotfixes That Leave Win2K Unbootable
    • Computer Security Gets Tougher For Small Companies
    • Great News For iHateSpam Server Users
    • iHateSpam Server 1.5 Webinar
    • NEW: Recover Deleted Files Quickly
    • Panda Intro's New Products
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Solve Network Performance Problems With LanHound
  SPONSOR: iPrism Web Filter
Discover the Appliance Advantage with the iPrism Web Filter! One
box is all you need for a total Web filtering solution. IT
Professionals now consider using an appliance for Web filtering
the smart, efficient choice. With the iPrism appliance, there is
no additional hardware or software to purchase; everything,
including built-in reporting, is in the box. See what all the
noise is about, DOWNLOAD 5 FREE TOOLS from iPrism today.
Visit iPrism Web Filter for more information.

New 'Flavors' Of spam

Every group has their own language. The bigger the group, the bigger the specialized vocabulary. Several professions have many hundreds of words with specific definitions. Think Medical, Genetics, and of course IT. Here's two new ones in our field: "Sporn" is porn spam, and "Spim" is instant messaging spam. You heard it (hopefully) here first. [grin] Talking about spam...

The CAN-SPAM Act is not very effective. The war on spam is starting to look like the war on drugs. That's why Sunbelt is happy to announce dramatically improved new versions of both iHateSpam client and server. The new spam detection engine is really killer. Here is just one happy camper talking about the 4.0 Client version.

"I upgraded. Today I received 38 e-mails, 4 good and 34 bad, in twelve hours. Ver. 4 nailed every one of the 34 bad ones. It seems to me like this new version is much more effective in getting the junk sorted out. The old version would have trapped probably 80% but version 4.0 got 'em all. I don't know how anyone who uses e-mail for legitimate purposes can get along without a good spam blocker like iHateSpam. Version 4.0 takes no prisoners. -- John

The new Server Version 1.5 was nicknamed the 'Customer Faves'. We included all the features that our now well over 2,500 enterprise users asked for. If you do not run it yet, you should really try it out for 30 days. Check out all the new features at the link below:

New Client V4.0:

New Server V1.5:
*** Come and join us for our iHateSpam Server 1.5 Webinar. Read about it in Third Party News below.

And here is the new SunPoll: With a server (event log) monitoring tool, what would be the PRIMARY reason you would use a product like this?

  • Manage server uptime
  • Manage server security

    Vote here, rightmost column:

    Quotes of the Day:
    - "All I ask is a chance to prove that money can't make me happy."
    - "Dogs have owners, cats have staff."
    - "Practice thirty more years." -- Zen saying

    Warm regards,
    Stu Sjouwerman (email me with feedback: [email protected])

  •   SPONSOR: Microsoft® & Quest Software®

    Disk space is cheap, but managing storage isn't.
    How are you planning to tackle this growing concern?
    Learn how to plan the business case for your consolidation
    project. Get the hard data about consolidation projects from
    Microsoft® and Quest Software®.

    Download the Microsoft® & Quest Software® joint white paper and get
    on the road to storage fitness.
    Visit Microsoft® & Quest Software® for more information.


    Stopping Worms: Your Seven Step Program

    You can prevent worm infestations with a few relatively simple measures. There are no absolutes, so you can never get 100% secure, but this will get you close. Here goes:

    A) Train end-users. Many admins have been unpleasantly surprised by users that know just enough to be dangerous. They open up attachments, download stuff from infected Web sites, or bring their infected laptops in and hook it up to your clean network.

    B) Anti-virus software on EVERY machine, desktop and laptops.

    C) Scan your networks on a very regular basis for vulnerabilities, with a really good database that gets updated by experts.

    D) Do not hook up an unpatched system to the Internet.

    E) Update and patch systems on a frequent basis. Make sure your VPN's are safe by protecting telecommuters.

    F) A Firewall between your network and the Net is a must-have piece of your layered protection.

    G) Formulate, Implement and Verify security policies. Enforce these rules for all end-users. Get management buy-in to make sure you get compliance.

    Here are a few tools you can use for this:

    Microsoft's Article: It's Time to End Information Anarchy:

    Microsoft Updates Baseline Security Tool

    Redmond has released a new version of its Microsoft Baseline Security Analyzer software. Although version 1.2 of MBSA is free, the security tool's usefulness is limited, according to some Windows experts. MBSA Version 1.2 includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA will scan for common system misconfigurations in the following products: Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, (IIS), SQL Server, IE, and Office. MBSA 1.2 will also scan for missing security updates for the following products: NT 4.0, W2K, XP, 2K03, IIS 6.0, SQL Server, IE, ExchangeServer , and 2003, Windows Media Player, (MDAC), MSXML, Microsoft Virtual Machine, Commerce Server, Content Management Server, BizTalk Server, Host Integration Server, and Office. Article at SearchWin2000:

    MBSA 1.2 runs on W2K, XP and Server 2K03 and can scan those platforms plus NT 4.0. MBSA will not scan Windows 95, Windows 98 or Windows Me. The download file, the FAQ and other resources are available here:

    How The Democrats Were Hax0red

    The Boston Globe has the story about Washington's IT scene. Republican staff members of the US Senate Judiciary Committee infiltrated opposition computer files for a year, monitoring secret strategy memos and periodically passing on copies to the media, Senate officials told The Globe. From the spring of 2002 until at least April 2003, members of the GOP committee staff exploited a computer glitch that allowed them to access restricted Democratic communications without a password.

    The actual technical issue involved is apparently one of simple file permissions: A technician hired by the new judiciary chairman, Patrick Leahy, Democrat of Vermont, apparently made a mistake that allowed anyone to access newly created accounts on a Judiciary Committee server shared by both parties -- even though the accounts were supposed to restrict access only to those with the right password. However, sharing the same network and servers between the parties, and using those servers to store partisan strategy documents, looks to me like the more fundamental security problem.

    Editorial Comment: And these guys make the LAWS that dictate technology usage??!!

    Here is the story in the Globe:

    Mark Minasi Explains How SUS Works

    The feature article in his Jan 2004 issue is "Software Update Service A to Z." How to set it up, where to find it, all the Registry hacks, tips and tricks, as well as the skinny on what works and what doesn't in Microsoft's downloadable patch manager. I think there's things in there for both SUS novices and battle-scarred vets! Read it at:

      NT/2000 RELATED NEWS

    Redmond Seeks Its Next Cash Cow, But Does Great

    Network World has a good article about MS's real financial strength. Microsoft's reputation is one of a moneymaker, but the fact is that four of its seven business units are in the red. To the tune of $1.6 billion in fiscal year 2003, Microsoft bled money from its Business Solutions, Mobile and Embedded Devices, MSN, and Home and Entertainment divisions. Their recent quarter was very strong though, as the Wall Street Journal reported this week. They broke their record with a 10 Billion dollar quarter.

    Of course, piling up a loss of that size isn't such a big deal when you consider Microsoft's other three units turned a combined profit of $17.8 billion. And things actually are looking up if you compare to 2002, when the four losers were $1.8 billion in the red.

    Despite the losses, Microsoft's competitors recognize these business units as slumbering giants. They are not only coddled by a cash reserve of $51 billion but with a thirst to become Microsoft's new growth business now that traditional cash cows - client operating systems and the Office suite - have matured. More at:

    Removing SPs And Hotfixes That Leave Win2K Unbootable

    Windows 2000, Windows XP and Windows 2003 Service Packs and hotfixes are usually designed to fix problems, not aggravate them. Unfortunately, some hotfix or Service Pack installations have been known to damage a system to the point where it will not boot correctly. Here's why - and more important - how to remedy the problem. Another good one from the SearchWin2000 site.


    Computer Security Gets Tougher For Small Companies

    The Wall Street Journal on Tues Jan 20, 2004 had a sizable article about the fact that smaller business gets more and more exposed to security hazards like viruses, worms and other cyberpest infestations. They had a story of a small outfit with 160 staff that had to shut down their network for Fri, Sat and Sun to get rid of a nasty virus. U.S. businesses with one to 99 employees number around 5.9 million and they are expected to spend over US$ 86 Billion in 2004, with 2.1 Billion in security products.

    Small companies' IT spending is projected to go up 10% annually in the next 5 years, but spending on security is planned to grown a whopping 28% over that time. That growth is driven by more and more virus and worm attacks, and the 9-11 after effects. More and more small businesses are now actively installing anti-virus tools, firewalls, vulnerability scanners and spam filters.

    That means small and medium-size businesses (SMBs) have become big targets for the 'big dawg' IT-vendors. And here is some REAL GOOD NEWS for SMB's in the USA. Recent tax cuts currently permit SMBs to deduct as much as $100,000 annually in fixed capital expenditures from their taxable earnings -- up from $25,000 prior to 2003 - which should further stimulate IT investment by US SMBs through the end of 2005. Here's the budget you needed!

    SMB's usually rely on products (instead of staff) to close the most glaring holes. Sunbelt's new Network Security Inspector (SNSI) is just the tool if you are in this segment of the market. Affordable security scanning with a world-class database of vulnerabilities, and easy instructions how to close the door on hackers! SNSI will be released this month: Jan 2004.

    More info at:

    Here is the marketing research as a budget source document:

    Great News For iHateSpam Server Users

    Just to get you up to speed, iHateSpam is now the BEST SELLING anti-spam solution for MS Exchange. No other anti-spam tool has sold 2,500 licenses in just 9 months.

    Better yet, we have had a boatload of feature requests from these customers, and all of these have been included into the new Version 1.5 that is released now! So, what's new?

    1. New spam detection engine: We are using a brand new engine with a dramatic increase in spam detection, (strips HTML now).

    2. More user control for whitelist/blacklists: Now the end user can manage their personal whitelists and blacklist using custom forms that are accessible in Outlook.

    3. Improved management of user whitelists and blacklists so users can organize their lists better. This has the added benefit of reducing the amount of space that whitelists and blacklists take up on the mailserver.

    4. Distribution list and Public folder filtering: iHateSpam V1.5 now has the ability to scan distribution lists and public folders for spam content. This has been a much requested feature since iHS SE's initial release.

    5. Additional enhancements to custom rules: There have been several new features added to the custom rules engine in order to better customize spam filtering.

    6. Zero Cost Upgrade For iHateSpam Server. Remember that if you are running Exchange V5.5 or 2000, and need an anti-spam solution in place that truly and smoothly integrates with Exchange, you should not be punished with upgrade costs if you move platform. That's why there is no charge for the iHateSpam Server version when you move from E5.5 to E2K or E2K3. Just download the latest build, plug in the key, and you are up and running.
    Have a look at the new features and upgrade now. Here's the V1.5 specs list.

    iHateSpam Server 1.5 Webinar

    Come and see our Webinar with all the new V1.5 Features! Speakers will be Alex Eckelberry, president and Greg Kras, CTO with Sunbelt Software.

    Time: Tuesday, 27 Jan 2004, 1:00 PM EST
    Meeting URL: http://www.w2knews.com/rd/rd.cfm?id=040126TP-Webinar

    Call in at the numbers below and enter code 104764:
    800-416-4956 USA
    888-633-2105 Canada
    302-709-8433 International

    NEW: Recover Deleted Files Quickly

    You all know the frantic calls from end users that threw a file in the Recycle Bin, and then for good measure emptied it. And of course they had this file sitting on the desktop and not in their user share on the server where it gets backed up. Aaugh! Of course their own fault. But you still get the call.

    Here's a powerful, low cost tool to get these painful errors quickly resolved and make you an instant hero. File Rescue Plus comes in a single-user version, but also for administrators in an 'unlimited' flavor. Check it out here, there is a demo that allows you to undelete two files.

    Panda Intro's New Products

    Quietly while no one was looking ? Panda stealthily introduces new products and enters the channel big time.

    In last couple of months Panda Software has introduced a robust and enhanced line of enterprise-wide antivirus solutions that protect all levels of businesses and institutions from small to large enterprise. The strength of the various Panda antivirus products start at the gateway level with GateDefender and continuing with specific software applications that provide a layered solution protecting all aspects of your network including workstations, file servers and mail servers.

    Panda is becoming a major player in the increasing security sector, due to their flexibility, free 24-7 tech support and affordability. W2Knews recently learned that Panda is now being actively SKUed up at Merisel and was just picked up by Lifeboat. Distributors are showing strong interest in carrying Panda as the AV category is one of the hottest around and is expected to be the largest growth area in business spending over the next couple of years. If you have never tried Panda software before, they have reinstituted their fabled ITatHome program which provides their award winning Platinum 7 software to IT professional free of charge. If you don?t believe that Panda finds viruses on your computer that your current antivirus has not found, try it for yourself. I know I did.


    This Week's Links We Like. Tips, Hints And Fun Stuff


    Solve Network Performance Problems With LanHound

    Sniff Fast. Sniff Easy. Sniff Cheap. What separates LANHOUND from the pack is that it is a super affordable tool that helps you troubleshoot NT/2000/2003 LAN, WAN or Internet segments. LANHOUND supports switched networks and even includes three free remote agents in the price! Use LANHOUND to hunt down broadcast storms, analyze protocols, and monitor your network. Get the Hound. LAN's best friend. US $743 with one year maintenance included.