- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Mar 22, 2004 (Vol. 9, #12 - Issue #468)
Your Choice Between Windows And Linux
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • Gartner: "Only 10 spam Filters Left At End 2004"
    • Visit Tech.Ed in San Diego!
    • Vote For Your Fave Tools
  2. TECH BRIEFING
    • Redmond Offers Update CD At No Charge
    • News From Microsoft Management Summit 2004
    • Ask the Expert: Exchange migration
    • WMI Script To Clean Up Worms And Virus Registry Keys
  3. NT/2000 RELATED NEWS
    • Your Choice Between Windows And Linux
    • So, How Reliable Is Tape Backup REALLY?
  4. NT/2000 THIRD PARTY NEWS
    • SNSI Adds More Vulnerability Checks
    • Fighting Spam The Wright Way; CAN-SPAM Bill Gets Low Marks
    • Why "Loss Leader" Printers Are IT Budget Hogs
    • Office XP Service Pack 3 Breaks Spam Filters (ours too)
    • Panda's WebAdmin Offers You Anywhere Access
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • BOOK: Software Forensics
  SPONSOR: iPrism
Time to renew your Web filter? If you are using Websense,
SurfControl, SmartFilter or N2H2 you may be paying too much for
a less capable Web filter. These Internet filtering tools are
less flexible, have a high false positive/negative rate, and are
higher priced than iPrism, the leading Internet filtering
appliance on the market. Don't let your IT budget get drained by
extensive ongoing maintenance costs associated with these
solutions. Discover the appliance advantage with the iPrism Web
filter and download up to 5 free tools from iPrism now!
Visit iPrism for more information.
  EDITORS CORNER

Gartner: "Only 10 spam Filters Left At End 2004"

Gartner says the enterprise spam-filtering industry will experience a dramatic vendor consolidation through the first quarter of 2005. Gartner estimates that of the approximately 40 vendors currently offering spam-filtering products or services for enterprise customers, fewer than 10 will be operating by the end of this year.

They observe it is an immature industry because of rapid changes in market dynamics. In part, Gartner analysts concluded, this is because many vendors have been unable to deliver best-of-breed functionality that is needed to fight spam. Those that do typically are small, new companies with a limited track record. Meanwhile, established vendors in markets such as antivirus, Web filtering or firewall are investing in spam-filtering, but so far have not met enterprise requirements.

"If the spam-filtering solution requires a team of administrators or heavy end-user involvement to administer and update, then it's not practical either. The strength of a spam-filtering vendor's solutions detection and management functionalities is the most important factor to consider when choosing a vendor." said Arabella Hallawell, research director at Gartner.

Gartner clients report that 60 to 75 percent of incoming e-mail is spam. Once a nuisance and storage-cost drain, spam is now a major transmitter of malicious code and fraud. "Companies must consider a vendor's core business fundamentals," Hallawell said. "A quality installed base also indicates sufficient strength to mitigate short-term vendor risks."

Music to our ears. iHateSpam Server is the best selling anti-spam solution for Exchange out there with now well over 2,700 enterprise licenses installed, from a company with a 20-year track record in system management tools, with strong financials. Get your 30 spam free days here, and evaluate V1.5 of iHateSpam now:
http://www.w2knews.com/rd/rd.cfm?id=040322ED-iHateSpamSE

Visit Tech.Ed in San Diego!

We hope you're planning to join us at Tech*Ed 2004, Microsoft's most comprehensive technical training event. Join thousands of your peers at the San Diego Convention Center, where you'll:

  • Hear Keynote Speaker Steve Ballmer, Microsoft CEO: Also confirmed are many other Guru speakers.
  • Drill down into track-specific content on topics such as Windows Infrastructure, Security, Management and Operations, Messaging and more. Plus, get answers to your toughest technical questions from speakers and industry experts.
  • Preview New Technology: The Tech?Ed 2004 Exhibit Hall will feature hundreds of new products from Microsoft and its partners. Be the first to demo new products.
  • Use the new Attendee Networking System and get a Free Tech?Ed 2004 Conference DVD. This set, previously sold for $195, includes streaming media files of all breakout sessions, sample code, demo files, and that's just for starters.
  • Enjoy the Tech?Ed 2004 Attendee Party at SeaWorld (May 27, 2004): Here's your chance to get to know your colleagues while roving the park without the crowds. Enjoy private shows and count on plenty of great food and drink, games, and prizes.
Register here:
http://www.w2knews.com/rd/rd.cfm?id=040322ED-TechEd

Vote For Your Fave Tools

There are a couple of very close races going on! Let your voice be heard in the 2004 W2Knews Target Awards:
http://www.w2knews.com/rd/rd.cfm?id=040322ED-Target

Quote of the Week:
"[(REJECT)] If you do not receive this mail. Please click above reject button" --literal copy and paste from a Korean spam I got this week. Quite entertaining.

UNDO Dept. The fave link to www.go-l.com last week was put in there without knowing this company's marketing is on the "very creative." side. Caveat emptor.

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: MILITARY STRENGTH SECURITY SCANNER
Need to close the door on hackers? But "no budget and no time" are
your biggest problems? SNSI solves this problem: a world-class
scanner that does not make a hole in your budget. Better yet,
there is a KILLER competitive upgrade price. Compare that to
other high-end scanners out there. It's easy to see why SNSI is
rapidly becoming a Security Best Seller: The exception to "you
get what you pay for". Get your eval copy here:

Visit MILITARY STRENGTH SECURITY SCANNER for more information.
  TECH BRIEFING

Redmond Offers Update CD At No Charge

Microsoft is offering an update CD for Windows 98, 98Se, Me, 2000, and XP with all the security updates through October 2003. Nice to have if you need to apply patches to a new installation, or if you have to reformat and rebuild from scratch. You can order them right here:
http://www.w2knews.com/rd/rd.cfm?id=040322TB-Update_CD

News From Microsoft Management Summit 2004

What does Microsoft senior VP Bob Muglia have to say about SUS? What is Microsoft's vision for its management software? For the answers to these questions -- and for the latest news from Microsoft Management Summit 2004 -- check out SearchWin2000.com's coverage.
http://www.w2knews.com/rd/rd.cfm?id=040322TB-MS_Summit_2004

Ask the Expert: Exchange migration

If you are planning to move off Exchange 5.5 this year, be sure to check out SearchExchange.com's answers to common migration questions from Lee Benjamin, head of the Boston Exchange Server User Group. Benjamin, who has more than 20 years in the messaging industry (including a six-year stint at Microsoft), fields queries ranging from moving mailboxes in Active Directory to renaming your Exchange server.
http://www.w2knews.com/rd/rd.cfm?id=040322TB-Exchange

WMI Script To Clean Up Worms And Virus Registry Keys

This handy WMI script can be called from your login scripts to clean up the viruses that write to the windows registry Run key. Of course, you may want to add a Reg backup line to backup the registry first. This is an example with the most recent Netsky.D worm, which was a recent category 4. (Requires free membership.)
http://www.w2knews.com/rd/rd.cfm?id=040322TB-WMI_Script

  NT/2000 RELATED NEWS

Your Choice Between Windows And Linux

A few weeks ago, W2Knews subscribers filled out a very interesting survey of the Yankee Group and W2Knews about the total cost of ownership, comparing Windows to Linux. Here is the promised Linux Windows Unix TCO Executive Summary by Laura Didio, Senior Analyst, the Yankee Group.

"Does Linux deliver significantly better performance, reliability, manageability and ultimately lower Total Cost of Ownership (TCO) and faster Return on Investment (ROI) than the rival Windows and Unix operating system platforms?

Approximately 1,000 of you responded to our survey on those questions. And you answered: Yes. And No.

Yes, corporate customers report Linux does indeed provide businesses with excellent performance, reliability, ease of use and security. No, hype notwithstanding, Linux' technical merits while first-rate, are equivalent but for the most part, not superior to Unix and Windows Server 2003.

And in large enterprises, a significant Linux deployment or total switch from Windows to Linux, would be three to four times more expensive and take three times as long to deploy as an upgrade from one version of Windows to newer Windows releases.

The instances where Linux imparts measurably improved TCO compared with Unix and Windows are in small firms with customized vertical applications or "Greenfield" networking situations.

The most surprising survey revelation: 90% of the 300 large enterprises with 10,000+ end users indicated that a significant or total switch from Windows to Linux would be prohibitively expensive, extremely complex and time consuming and not provide any tangible business gains for the organization.

The survey further found that though Linux' momentum is undeniable, the Open Source operating system will not dethrone Microsoft's Windows as the leading server vendor in the next two years. And Linux desktops will not even make a perceptible dent in the 94% market share currently held by Windows desktops between now and 2006.

Only 4 percent of Unix customers and 11 percent of Windows businesses plan to replace all of their servers with Linux. And less than 5% of organizations will replace their Windows desktops with Linux.

The overwhelming majority of the survey respondents said Linux is under evaluation. Licenses aside, Linux is most assuredly not free -- a fact that corporations now begin to realize.

Survey Highlights

Among the other survey highlights:

  • To date, most of the defections to Linux are coming at the expense of mid-range Unix systems and not Windows.
  • The lure of Linux for Unix shops is the extreme cost savings of the hardware.
  • Some 21% indicated they would migrate a portion of their Windows desktops to Linux; 15% said they will add Linux desktops but will not replace Windows and the majority -- 57% said they plan no changes to their Windows desktop environment.
  • A 54% majority of customers said they will leave their Windows servers intact; 25% reported they will migrate "a portion" of their Windows servers to Linux for specialized application tasks.
  • Red Hat is the Linux vendor of choice for 46% of corporations, followed by Novell (SuSE and Ximian) with 19%. IBM and HP are far back with 9% and 4%.
  • A 76% majority rated Linux and Unix reliability comparable.
  • The biggest area of concern for Windows 2000 and Windows 2003 customers is the amount of time spent installing security fixes and performing patch management. Security and patch management aside, the overwhelming majority of businesses -- 72% rated Windows reliability equal to Linux.
  • A majority of large enterprises with 5,000+ end users said they will not install Linux as their primary server OS in the foreseeable future because it is much more expensive and requires from 25% to 40% more Full Time Equivalent (FTE) support specialists than Windows or Unix for that matter.
  • Linux' lack of licensing indemnification is becoming more of a concern. Although 55% of businesses said it is "not a concern" 45% indicated it is an issue. That is a sharp increase from the 8% of companies who said they were concerned in 2003.

So, How Reliable Is Tape Backup REALLY?

We're doing a very interesting survey about this together with the Yankee Group. You'll get another executive summary (like the one above) after we're done. This promises to be quite revealing! Please take a few minutes and let the world know how YOUR tape backups really work (and more). You'll get the results of how everyone's experience in a coming issue:
http://www.w2knews.com/rd/rd.cfm?id=040322RN-Survey

  THIRD PARTY NEWS

SNSI Adds More Vulnerability Checks

Some people asked us: "Well, what does SNSI do more than products that use Microsoft's XML database to scan for missing patches? If I can scan missing patches for free, so why pay for SNSI?"

Good question. Here's the answer. SNSI does much more than just check for patches that aren't there. It looks at all the Windows OS flavors and scans both for patches and configuration issues. Apart from that it looks at all MS applications, but also third party apps running on Windows. Better yet, it checks multiple machines with one scan (unlike WinUpdate on individual machines one at a time), and last but not least, SNSI finds holes before there are patches and explains workarounds until patches exist.

Just check the list of recently added new vulnerabilities and you'll get the idea how thorough this database is. It's 'military-strength' security scanning. You get a world-class security scanner when you buy SNSI. Here are the most recent ones:

  • WS_FTP ASCII Directory Transfer Vulnerability
  • WinZip MIME Vulnerability
  • WFTPD Buffer Overflow Vulnerability
  • Coulomb Dialer Detected
  • Jeem Backdoor Detected
  • Netsky-D Detected
  • ZoneAlarm SMTP Processing Vulnerability
  • Adobe Acrobat Reader XFDF Vulnerability
  • SMB Client Security Signature Not Enabled
  • SMB Server Security Signature Not Enabled
  • Windows Media Services TCP Request Vulnerability (MS04-008)
  • Outlook mailto URL Vulnerability (MS04-009)
  • MSN Messenger File Request Vulnerability (MS04-010)
  • Kernel Object Attributes Not Protected - W2K
  • Symantec LiveUpdate Querying Host Vulnerability
  • BlackICE SMB Heap Overflow Vulnerability
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.

If you had not noticed yet, SNSI is by far the most powerful scanner on the market today from a price/performance perspective. Test out SNSI on one machine right away, and you can get a key for 30-days unlimited testing by asking for one (email address is on the download page after you fill out the form.)
http://www.w2knews.com/rd/rd.cfm?id=040322TP-SNSI

Fighting Spam The Wright Way; CAN-SPAM Bill Gets Low Marks

Network World has a great user story about iHateSpam Server. It starts like this and continues at the link is below:

"Don't tell Roger Wright the CAN-SPAM law is working. Wright - systems administrator for Southern Commerce Bank in Tampa Florida - and his 20 users have received 87,000 junk messages since the law went into effect January 1 and the end of February. More than 75,000 of those messages went to Wright and four others.

"Yet, thanks to iHateSpam from Sunbelt Software, only one or two reach Wright's inbox each day. Nearly all the spam is identified at Wright's Microsoft Exchange 2003 Server and deleted automatically, or put in a special folder at the client workstation.

"Wright filters all mail from 25 of the top spam domains, and creates rules to autodelete mail from others. He'd like to filter mail from free services like Hotmail and Yahoo, but too many of the bank's customers use them.

"The client flexibility is why Wright went with iHateSpam. He encourages users to create a blacklist for spam and a whitelist of known good addresses and domains. Employees use shared address books and shared calendars in Outlook and Outlook Express; names in their address books and contact lists are whitelisted automatically. Since Wright runs a Microsoft shop, he wanted a solution partner that works closely with the company, which Sunbelt Software does.

"Wright uses the iHateSpam server version, which costs him about $20 per employee, with between $5 and $7 for annual maintenance. He estimates he spends an hour or two each month scanning reports (a feature he really likes) and adjusting filters." The rest of the article is here:
http://www.w2knews.com/rd/rd.cfm?id=040322TP-Wright_Way

Get 30 spam free days here and test IHS for your Exchange server:
http://www.w2knews.com/rd/rd.cfm?id=040322TP-iHateSpamSE

Why "Loss Leader" Printers Are IT Budget Hogs

Ever lured inside for a super cheap deal? It's the same these days with printers. Laser printers are much cheaper than they used to be. Tempted to buy dozens, network them and have 'em sit everywhere? And all of a sudden, your IT budget is expanding due to soaring usage of toner and paper?

The real expense in printing, then, is not the hardware involved but the consumables that surround it. Dataquest figures show that the average cost of producing documents (paper, hardware, and ink) is equivalent to 40 percent of labor cost. So, do you know the answers to the following questions?

  • How many people are printing documents exactly and to what printers?
  • How many pages do they print each day?
  • Are they using those expensive color printers for everything they print?
  • Can you backbill departments for the stuff they use?
The results can be shocking. Buying a simple tool like Print Manager Plus could save you many budget dollars. When you open it, the Printers tab lists any printers that are configured on the print server. Limits can be assigned at the printer level, such as preventing anyone printing a document larger than 100 pages.

You can also use it to control costs on a user or group basis. You can lock down users who abuse the system or who have very heavy usage. The basic version is $798 per print server, and maintenance is roughly about $200 per year. The complete version with client billing costs $1,295 per server.
http://www.w2knews.com/rd/rd.cfm?id=040322TP-Print_Manager_Plus

Office XP Service Pack 3 Breaks Spam Filters (ours too)

Q: "I recently installed Office Service Pack 3 (SP3) and I am now getting a message regarding a program accessing email addresses in iHateSpam for Outlook. How can I get rid of this message?"

A: We have a new build that fixes this issue. You can download it at:
http://www.w2knews.com/rd/rd.cfm?id=040322TP-iHS_Update

Panda's WebAdmin Offers You Anywhere Access

We have heard of 24/7 access but Panda Software has completely taken accessibility to new levels. Their recently released WebAdmin Antivirus is a web-managed antivirus solution that is capable of providing "hands-off" protection for your entire organization's servers and workstations. Based on the most advanced antivirus and administration technology, WebAdmin instantly deploys, automatically updates, and customizes to adapt to every individual user. Now you can monitor and securely manage the antivirus on your entire IT installation, including non-networked computers or those in other offices or domains from any computer with an Internet connection and do it affordably and in style. Some of the key features include global control and web based administration over all workstations and servers, daily automatic updates, Panda Hands-Off Technology(tm) removes time-rich administrative chores, automatic installation, intelligent bandwidth management and minimum resource use. WebAdmin is the hottest thing going in antivirus solutions. You can test drive and evaluate WebAdmin free if you click here.
http://www.w2knews.com/rd/rd.cfm?id=040322TP-WebAdmin

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  PRODUCT OF THE WEEK

BOOK: Software Forensics

"Collecting Evidence from the Scene of a Digital Crime". From The Back Cover: Follow the trail. Catch the perp.

"From one of the world's foremost investigators of computer viruses comes this comprehensive tutorial on solving cyber crimes and bringing perpetrators to justice. Author Robert M. Slade's Software Forensics provides expert instruction in tracking and identifying cybercriminals. A professional security consultant to Fortune 500 companies since 1987, Rob Slade teaches you the tools and methods he uses to find the invisible 'DNA' on malicious computer code."

http://www.w2knews.com/rd/rd.cfm?id=040322PW-Software_Forensics