- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jun 28, 2004 (Vol. 9, #26 - Issue #482)
Watch Out! XP SP2 May Break All Kinds Of Stuff
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • Have I Been Living Under A Rock Or What?
  2. TECH BRIEFING
    • Watch Out! XP SP2 May Break All Kinds Of Stuff
    • Porn Spammers Sneak By Outlook 2003
    • Small Business Storage Buying Plans: Survey Results!
  3. NT/2000 RELATED NEWS
    • Some Breathing Room For NT4 Server Users
    • Microsoft to buy Network Associates?
    • MOM Express - What's The Deal?
  4. NT/2000 THIRD PARTY NEWS
    • Upgrading Service Packs Does Not Solve Patching Dilemma
    • Network Security Inspector V1.5 (SNSI) Goes Into Beta
    • PestPatrol Corporate Edition Eval Now Removes Pests
    • Budgeting for Business Continuity
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • NEW: Enhance Security With ServerVision
  SPONSOR: PANDA'S CENTRALIZED ADMIN MAKES VIRUS PROTECTION EASY
The demands on your time and budget are enormous. Panda
EnterpriSecure and BusinesSecure deliver completely centralized,
always updated corporate virus protection. You can administer the
entire network right from your desk, install, uninstall, or update
AV on any of your machines all at once or individually. Protect your
perimeter and email communications with hassle-free, centralized
management. Test drive it yourself!
Visit PANDA'S CENTRALIZED ADMIN MAKES VIRUS PROTECTION EASY for more information.
  EDITORS CORNER

Have I Been Living Under A Rock Or What?

A W2Knews subscriber called Dave in down undah sent me a link and a whole new world opened up for me! Sheesh, this long in the business, how could I have missed it? OK, I'll reveal my ignorance to all of you, [blush] it's called the 'demoscene'. Imagine a huge underground community of young people organized into groups which compete in the art of creating realtime multimedia presentations called demos. Demos combine realtime 3D graphics, 2D effects and bitmap graphics into one fluid presentation that is synchronized to music, somewhat similar to music videos. Realtime is really the keyword here, as a demo is never just a prerendered animation. They produce AWESOME stuff! There are different groups having their own rules they play by, usually limited by size of the file. Sometimes, they are able to squeeze a whole shoot-em-up game in just 96K - unbelievable. The link below are some guys that built an engine to create these demos. Nothing to do with system admin, but everything to do with computers, graphics and tight code! Check them out here:
http://www.w2knews.com/rd/rd.cfm?id=040628ED-Demoscene

Quote this week:
"Love: A temporary insanity curable by marriage." - Ambrose Bierce, born in 1842.

PS, there will be no July 5-th issue, since that's part of the July 4-th weekend (and I don't feel like writing a newsletter on my birthday which coincidentally is the fourth. [grin])

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Why are 4,000+ Sites Running iHateSpam for Exchange?
Exchange Admins choose it for its robust spam filtering for V5.5,
2K and 2K3.
With a 95% spam detection rate right out of the box,
it will save you - the admin - time and money, and your users
will love you. A powerful, best-selling enterprise-wide spam
filter at a great price. ANNOUNCING: Anti-Virus, Content Auditing
& Filtering coming soon! Try it free for 30 days.
Visit Why are 4,000+ Sites Running iHateSpam for Exchange? for more information.
  TECH BRIEFING

Watch Out! XP SP2 May Break All Kinds Of Stuff

This release will be a milestone for sure. Redmond is pulling out all the stops to improve security, which will inevitably cause many problems, especially because SP2 takes a new approach called: "to heck with backward compatibility!" All in the name of higher security levels. You as an admin need to know in advance just what SP2 will mean for the XP boxes on your networks... Once it comes out we will create a forum to discuss it, and tabulate the problems that people encounter in their domains. TechRepublic has a good article to whet your appetite, and also see the video why XP2 SP1 is so big (270MB) down in the fave links.
http://www.w2knews.com/rd/rd.cfm?id=040628TB-SP2

Porn Spammers Sneak By Outlook 2003

Thursday June 23 I received a pure porn spam right past the Outlook junk email filter, just as I had predicted in Issue 453, Nov 24, 2003 (/?id=453).

The spammers blindsided Outlook 2003's anti-spam security by embedding pornographic images into their email, in a slightly different way than normal, and BINGO! I was invited to visit a site with porn content, and the Outlook security feature that normally tells me I need to right-click to see pictures was not working.

The product's first birthday is getting close and spammers are getting smarter and smarter. The Bayesian filter in Outlook 2003 tries to recognize unsolicited messages by examining the words used and, depending statistics calculates the probability of that email being spam. The same technology is used in the IMF but I have not yet heard if that was bypassed too.

Small Business Storage Buying Plans: Survey Results!

Here are the promised results recent SMB Storage Survey.

Today, customer storage deployments continue to be driven by both data growth as well as growing price reductions in storage systems, according to a Yankee Group-Sunbelt Software survey of 277 IT executives in June 2004. Other drivers include ongoing server consolidations as well as ease of use improvements in storage systems that have prompted increased customer purchasing. The survey also highlights that customers continue to focus on basic storage operations, including deployment of new storage networks, Network Attached Storage (NAS) and improving backup and recovery operations. Deployments of newer technologies such as archiving tools and iSCSI (IP) storage also topped the list of customers? plans for the next year, marking a significant change from previous years where both technologies were being deployed by much smaller percentages of customers.

Examining customers? current snapshot of what storage technologies they currently have deployed, network storage clearly appears to be growing in prominence. Close to 40 percent of respondents had NAS in place, and 26 percent had Storage Area Networks (SANs). A surprising number, 8.7 percent, had iSCSi (IP storage) in place as well. In the next year, NAS remained a priority with about 45 percent of respondents suggesting they will deploy NAS in the coming year. Approximately 31 percent said they will deploy SANs. And, in one of the more significant survey findings, about 22 percent suggest that they will deploy iSCSI, a growing sign that IP storage is starting to take off as a technology and alternative to traditional Fibre Channel based storage networks.

As far as storage management software, companies participating in the survey remain focused on backup/restore new deployments and upgrades. About 70 percent said they will upgrade their backup/restore software in the next year. Approximately 39 percent will deploy data replication in the next year, and 35 percent will acquire email archiving prompted by growing regulatory compliance challenges. Other interesting points include that roughly one in four respondents will purchase SAN management and database archiving tools, with slightly less deploying Storage Resource Management software.

It is also clear that disk-to-disk backup is gaining market momentum, with 63.8 percent of customers deploying disk storage systems in support of backup strategies in the next year. During this same period, respondents also appear to be reducing investment in tape libraries. Today, 84 percent of respondents use tape as part of their backup and recovery plans, but only 68 percent plan to deploy additional tape as part of their backup and recovery strategies in the next year.

The survey also asked respondents to relate some of their individual experiences in deploying and managing storage. A number of broad themes emerged, including the ongoing growth of storage over time, the continuing frustration associated with the complexity for deploying SANs, and challenges in selling investments in storage to corporate managers outside of IT. Here are a few highlighted comments:

  • "Whatever there is, is never enough, and nobody manages their files unless forced to."
  • SANs even with dual switches, paths and controllers represent a single point of failure. SANs are very expensive for just a few servers and a few terabytes of storage. Plus, they require expensive backup software add-on modules and are complex to manage, monitor and extend. I?m moving back towards cheap DAS."
  • "The problems aren?t with deploying and managing, the problems are with politics and finances."
This survey?s respondents included a mix of customers from businesses of varying sizes, with a majority (approximately 54 percent) representing companies with 250 employees or less. However, 28.7 percent also represented companies with a 1,000 or more employees. About 77 percent had less than 10TB of data under management, while 9 percent had greater than 50TB.

Jamie Gruener
Senior Analyst, Enterprise Computing and Networking
The Yankee Group

  NT/2000 RELATED NEWS

Some Breathing Room For NT4 Server Users

If you still run NT4 which is admittedly getting a bit long in the tooth (8 years), Uncle Bill decided you're getting some breathing room. If you are a large business user, you can get custom support after the standard assistance runs out at the end of 2004. Redmond said it will lower the rates it will charge for this custom service. But do not get your hopes up too high. I'm certain that only really large outfits are going to be able to afford it. Looks like this custom service lasts until end 2006. Two more years for NT, sigh.

Peter Houston, Microsoft's senior director of Windows servicing strategy said: "We have a cost of doing it, and are looking to share that cost across the customers that are interested." These lowered rates could help sites that have not upgraded yet to W2K(3). There is a bit of a catch though: if you sign up for this service, you are first required to work with Redmond to develop a migration plan.

And even then, you will not be able to fix all new vulnerabilities, some patches are not going to be available and you'll have to fall back on Redmond's programmers to find workarounds. Hmmm.

Microsoft to buy Network Associates?

This rumor has been bandied about all week. Both companies deny it. What I think is a smart stock trader spread this around and made a pretty pile of money on the fluctuations. My take, naah that's not a real deal.
http://www.w2knews.com/rd/rd.cfm?id=040628RN-MS_to_Buy

MOM Express - What's The Deal?

First impressions that were voiced did not look all that positive. The most current info I have on MOM 2005 Express is that it will monitor a maximum 10 servers. Also, if you look at its Beta, it is a significant resource hog on the servers it is monitoring. The Operator Console behaves similarly. Configuring and using is not very intuitive to say the least. However, it did have pretty pictures with a network component diagram. [grin] I have never seen a 'BIG PRODUCT' successfully made into a 'lite' one. Never. Reason? BIG products are large, powerful, unwieldy, stuffed-with-features, type of tools for the Fortune 1000. Making it into a 'lite' one is like trying to strip down a Sherman tank to use it as a dune buggy. Good luck Redmond. I see failure looming in the woodwork.

  THIRD PARTY NEWS

Upgrading Service Packs Does Not Solve Patching Dilemma

- Not all hotfixes are tested, rolled up in newer versions -

At face value, you would say that IT departments can solve their patching dilemma by simply making sure the most current service packs are deployed. Not So! While everyone can understand that admins want to streamline operations, believing that the latest service pack revisions will cover your behind isn't smart. Why?

For one, not all hotfixes are rolled into service packs, and many times admins must reinstall them after installing a service pack. Patches also require validation, since they interact with each other in ways that cannot be known without testing. Such variables include which hotfixes supercede others, which ones are prerequisites or codependent to other patches, and in what order do patches get installed. Private hotfixes are also often ignored by service packs.

To make SURE you have adequate protection, admins should continue to use independent third-party patch management solutions, like UpdateEXPERT, that utilize extensive databases to rigorously test and analyze patches before deployment. These types of independent solutions also take into account private hotfixes and relationships between patches when testing and deploying them to IT networks.

The benefit of UpdateEXPERT and similar offerings to admins is in their ability to automate the research of software updates, inventory assessment, deployment and validation of hotfixes. This means you can increase your security posture without further taxing already stretched resources and indeed streamline your patch management process.
http://www.w2knews.com/rd/rd.cfm?id=040628TP-UpdateEXPERT

Network Security Inspector V1.5 (SNSI) Goes Into Beta

Some exciting news. The SNSI V1.5 Beta was released this week. Many of us have been waiting for this version, that now has some really cool new features. It is expected to ship this July.

Highlights of what's New in V1.5:

  • IP Scanning ? Now you can scan by single IP address, specify a range or a subnet to scan.
  • Port Scanning ? See the ports that are open on the machines you scan.
  • Service Scanning ? See all the services that are running on your Windows machines.
  • Multiplatform ? SNSI can now scan Linux, Solaris, HP UX, Cisco Routers, and HP Printers.
  • New Scanning Wizard ? To make it a little easier to see what groups of machines and vulnerabilities you are using.
Prioritized vulnerability reports provide detailed and easy-to-follow instructions on how to fix holes fast, so you can focus on the most critical security issues. Configurable scans: With new easy to use scanning wizards, create your own scan or user predefined scans such as "high risk" or the "SANS top 20". Search for specific vulnerabilities by any field such as description, CVE ID and more.

Multi-platform support: Find holes in Windows, Linux, Solaris, HP UX, Cisco routers and HP printers. The easy, all-new interface has a short learning curve: point, right-click and scan.

SNSI is licensed per Administrator and lets you scan unlimited IPs! SNSI won't make a hole in your budget, so you can afford to be proactive without compromises. Scan by IP or choose machines in your Windows domains. You can also scan open ports and running services.

Remember that the current intro-price will not stay as low as it is forever, SNSI V1.5 is actually a high-end scanner that compares to products costing up to 10-20 times more.
http://www.w2knews.com/rd/rd.cfm?id=040628TP-SNSI

PestPatrol Corporate Edition Eval Now Removes Pests

The new version of Pest Patrol Corporate Edition is now out. Unlike the previous Eval copy this one will actually DELETE the pests and Adware and Spyware it finds -- as opposed to just telling you what it found like version 4.4 did. From the new Central Command Console, logged in as an Admin it WILL find and delete spyware on your network and all the clients that you may have admin access to:
http://www.w2knews.com/rd/rd.cfm?id=040628TP-PestPatrol

Budgeting for Business Continuity

At the outset of any project, you ask, "How do I justify the budget for a project that I know I need?" This article specifically discusses how to best justify the cost of implementing a disaster recovery solution.

Often when starting a disaster recovery project you are told there is no available budget. And while it is true that IT no longer benefits from the optimism of the dot.com years, it is also true that the company generally does have some money. It just isn't allocated for this project - yet.

First, you must recognize that system downtime has a cost and you need to be able to quantify this. When a server does go down, users are impacted. This impact has company-wide financial ramifications. Chances are this financial impact isn?t in the budget either.

Now it becomes clear - downtime does have a cost. Any business continuity or disaster recovery plan is simply about reducing the risks and the impact of the costs associated with outages. Suddenly, BC/DR is a cost savings measure! Think about it this way - if an operations person compared their company?s current long distance phone plan to a few identical plans that were less expensive, the operations person would be told that there is "budget" for a less expensive solution! The same ought to be true with business continuity planning.

Business continuity projects don?t start with budget, they start with understanding the existing costs and realizing how to alleviate that financial burden. With this in mind, consider the following points when appealing to management for funds:

Clearly illustrate the risk by outlining the cost of downtime at your organization. Differentiate the Recovery Time Objective (RTO) (how long until you are back online) associated with recovery from tape vs. other solutions like real-time data replication. Replication can enable you to more quickly recover from a disaster or system outage, reducing your downtime and ultimately the cost associated with it.

Consider your Recovery Point Objective (RPO) (how much data you can afford to lose) associated with recovery from tape vs. other solutions to assess your data loss tolerance. Can you afford to lose 2 minutes, 2 hours, or 2 days worth? With replication, the data you restore will be the same data you had seconds before the outage occurred.

Know the data protection laws that govern your industry such Sarbanes-Oxley, HIPAA, and SEC 17a-4. Explain what they mean to your business and where you are at risk. Remember, not all disaster recovery projects require inordinate expense. Your continuity measures should always cost less than the financial impact of the outages you are trying to protect against. This is where Double-Take shines! It was designed and positioned to have a very attractive total cost of ownership (TCO) and return on investment (ROI). Double-Take replication technologies and services allow a customer to solve various business continuity problems with a single software solution. With Double-Take, you can save dollars of outage costs by spending just pennies:
http://www.w2knews.com/rd/rd.cfm?id=040628TP-Double-Take

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  PRODUCT OF THE WEEK

NEW: Enhance Security With ServerVision

A brand new Status and Event Monitor that allows you to keep an eye on your servers and get emailed right away when the security event log shows multiple login failures. It was made to be EASY and affordable: everything you need and nothing you don't. Configuration is a snap. Running it is a breeze. Next generation product, with both MMC snap-in and Web GUI interfaces. System Admins love it. Why? It's REALLY EASY. The press loves it too. CRN Mag and eWeek just gave it great reviews. Read the review in eWeek here:
http://www.w2knews.com/rd/rd.cfm?id=040628PW-eWeek

Check ServerVision out, here:
http://www.w2knews.com/rd/rd.cfm?id=040628PW-ServerVision