Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Jun 28, 2004 (Vol. 9, #26 - Issue #482)
Watch Out! XP SP2 May Break All Kinds Of Stuff
This issue of W2Knews contains:
- EDITORS CORNER
- Have I Been Living Under A Rock Or What?
- TECH BRIEFING
- Watch Out! XP SP2 May Break All Kinds Of Stuff
- Porn Spammers Sneak By Outlook 2003
- Small Business Storage Buying Plans: Survey Results!
- NT/2000 RELATED NEWS
- Some Breathing Room For NT4 Server Users
- Microsoft to buy Network Associates?
- MOM Express - What's The Deal?
- NT/2000 THIRD PARTY NEWS
- Upgrading Service Packs Does Not Solve Patching Dilemma
- Network Security Inspector V1.5 (SNSI) Goes Into Beta
- PestPatrol Corporate Edition Eval Now Removes Pests
- Budgeting for Business Continuity
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- NEW: Enhance Security With ServerVision
SPONSOR: PANDA'S CENTRALIZED ADMIN MAKES VIRUS PROTECTION EASY
The demands on your time and budget are enormous. Panda
EnterpriSecure and BusinesSecure deliver completely centralized,
always updated corporate virus protection. You can administer the
entire network right from your desk, install, uninstall, or update
AV on any of your machines all at once or individually. Protect your
perimeter and email communications with hassle-free, centralized
management. Test drive it yourself!
Visit PANDA'S CENTRALIZED ADMIN MAKES VIRUS PROTECTION EASY for more information.
Have I Been Living Under A Rock Or What?
A W2Knews subscriber called Dave in down undah sent me a link
and a whole new world opened up for me! Sheesh, this long in the
business, how could I have missed it? OK, I'll reveal my ignorance
to all of you, [blush] it's called the 'demoscene'. Imagine a huge
underground community of young people organized into groups which
compete in the art of creating realtime multimedia presentations
called demos. Demos combine realtime 3D graphics, 2D effects and
bitmap graphics into one fluid presentation that is synchronized
to music, somewhat similar to music videos. Realtime is really
the keyword here, as a demo is never just a prerendered animation.
They produce AWESOME stuff! There are different groups having
their own rules they play by, usually limited by size of the file.
Sometimes, they are able to squeeze a whole shoot-em-up game in
just 96K - unbelievable. The link below are some guys that built
an engine to create these demos. Nothing to do with system admin,
but everything to do with computers, graphics and tight code! Check
them out here:
Quote this week:
"Love: A temporary insanity curable by marriage." - Ambrose Bierce,
born in 1842.
PS, there will be no July 5-th issue, since that's part of the
July 4-th weekend (and I don't feel like writing a newsletter on
my birthday which coincidentally is the fourth. [grin])
(email me with feedback: [email protected])
SPONSOR: Why are 4,000+ Sites Running iHateSpam for Exchange?
Exchange Admins choose it for its robust spam filtering for V5.5,
2K and 2K3. With a 95% spam detection rate right out of the box,
it will save you - the admin - time and money, and your users
will love you. A powerful, best-selling enterprise-wide spam
filter at a great price. ANNOUNCING: Anti-Virus, Content Auditing
& Filtering coming soon! Try it free for 30 days.
Visit Why are 4,000+ Sites Running iHateSpam for Exchange? for more information.
Watch Out! XP SP2 May Break All Kinds Of Stuff
This release will be a milestone for sure. Redmond is pulling out
all the stops to improve security, which will inevitably cause
many problems, especially because SP2 takes a new approach called:
"to heck with backward compatibility!" All in the name of higher
security levels. You as an admin need to know in advance just what
SP2 will mean for the XP boxes on your networks... Once it comes
out we will create a forum to discuss it, and tabulate the problems
that people encounter in their domains. TechRepublic has a good
article to whet your appetite, and also see the video why XP2 SP1
is so big (270MB) down in the fave links.
Porn Spammers Sneak By Outlook 2003
Thursday June 23 I received a pure porn spam right past the
Outlook junk email filter, just as I had predicted in Issue 453,
Nov 24, 2003 (/?id=453).
The spammers blindsided Outlook 2003's anti-spam security by
embedding pornographic images into their email, in a slightly
different way than normal, and BINGO! I was invited to visit
a site with porn content, and the Outlook security feature that
normally tells me I need to right-click to see pictures was
The product's first birthday is getting close and spammers are
getting smarter and smarter. The Bayesian filter in Outlook 2003
tries to recognize unsolicited messages by examining the words
used and, depending statistics calculates the probability of
that email being spam. The same technology is used in the IMF
but I have not yet heard if that was bypassed too.
Small Business Storage Buying Plans: Survey Results!
Here are the promised results recent SMB Storage Survey.
Today, customer storage deployments continue to be driven by both
data growth as well as growing price reductions in storage systems,
according to a Yankee Group-Sunbelt Software survey of 277 IT
executives in June 2004. Other drivers include ongoing server
consolidations as well as ease of use improvements in storage
systems that have prompted increased customer purchasing. The
survey also highlights that customers continue to focus on basic
storage operations, including deployment of new storage networks,
Network Attached Storage (NAS) and improving backup and recovery
operations. Deployments of newer technologies such as archiving
tools and iSCSI (IP) storage also topped the list of customers?
plans for the next year, marking a significant change from previous
years where both technologies were being deployed by much smaller
percentages of customers.
Examining customers? current snapshot of what storage technologies
they currently have deployed, network storage clearly appears
to be growing in prominence. Close to 40 percent of respondents
had NAS in place, and 26 percent had Storage Area Networks (SANs).
A surprising number, 8.7 percent, had iSCSi (IP storage) in place
as well. In the next year, NAS remained a priority with about
45 percent of respondents suggesting they will deploy NAS in
the coming year. Approximately 31 percent said they will deploy
SANs. And, in one of the more significant survey findings, about
22 percent suggest that they will deploy iSCSI, a growing sign
that IP storage is starting to take off as a technology and
alternative to traditional Fibre Channel based storage networks.
As far as storage management software, companies participating
in the survey remain focused on backup/restore new deployments
and upgrades. About 70 percent said they will upgrade their
backup/restore software in the next year. Approximately 39
percent will deploy data replication in the next year, and 35
percent will acquire email archiving prompted by growing regulatory
compliance challenges. Other interesting points include that
roughly one in four respondents will purchase SAN management and
database archiving tools, with slightly less deploying Storage
Resource Management software.
It is also clear that disk-to-disk backup is gaining market
momentum, with 63.8 percent of customers deploying disk storage
systems in support of backup strategies in the next year. During
this same period, respondents also appear to be reducing investment
in tape libraries. Today, 84 percent of respondents use tape as
part of their backup and recovery plans, but only 68 percent plan
to deploy additional tape as part of their backup and recovery
strategies in the next year.
The survey also asked respondents to relate some of their individual
experiences in deploying and managing storage. A number of broad
themes emerged, including the ongoing growth of storage over time,
the continuing frustration associated with the complexity for
deploying SANs, and challenges in selling investments in storage
to corporate managers outside of IT. Here are a few highlighted
This survey?s respondents included a mix of customers from
businesses of varying sizes, with a majority (approximately 54
percent) representing companies with 250 employees or less.
However, 28.7 percent also represented companies with a 1,000
or more employees. About 77 percent had less than 10TB of
data under management, while 9 percent had greater than 50TB.
- "Whatever there is, is never enough, and nobody manages their
files unless forced to."
- SANs even with dual switches, paths and controllers represent a
single point of failure. SANs are very expensive for just a few
servers and a few terabytes of storage. Plus, they require expensive
backup software add-on modules and are complex to manage, monitor
and extend. I?m moving back towards cheap DAS."
- "The problems aren?t with deploying and managing, the problems
are with politics and finances."
Senior Analyst, Enterprise Computing and Networking
The Yankee Group
NT/2000 RELATED NEWS
Some Breathing Room For NT4 Server Users
If you still run NT4 which is admittedly getting a bit long in the
tooth (8 years), Uncle Bill decided you're getting some breathing
room. If you are a large business user, you can get custom support
after the standard assistance runs out at the end of 2004. Redmond
said it will lower the rates it will charge for this custom service.
But do not get your hopes up too high. I'm certain that only really
large outfits are going to be able to afford it. Looks like this
custom service lasts until end 2006. Two more years for NT, sigh.
Peter Houston, Microsoft's senior director of Windows servicing
strategy said: "We have a cost of doing it, and are looking to share
that cost across the customers that are interested." These lowered
rates could help sites that have not upgraded yet to W2K(3). There
is a bit of a catch though: if you sign up for this service, you are
first required to work with Redmond to develop a migration plan.
And even then, you will not be able to fix all new vulnerabilities,
some patches are not going to be available and you'll have to fall
back on Redmond's programmers to find workarounds. Hmmm.
Microsoft to buy Network Associates?
This rumor has been bandied about all week. Both companies deny
it. What I think is a smart stock trader spread this around and
made a pretty pile of money on the fluctuations. My take, naah
that's not a real deal.
MOM Express - What's The Deal?
First impressions that were voiced did not look all that positive.
The most current info I have on MOM 2005 Express is that it will
monitor a maximum 10 servers. Also, if you look at its Beta, it
is a significant resource hog on the servers it is monitoring.
The Operator Console behaves similarly. Configuring and using is
not very intuitive to say the least. However, it did have pretty
pictures with a network component diagram. [grin] I have never
seen a 'BIG PRODUCT' successfully made into a 'lite' one. Never.
Reason? BIG products are large, powerful, unwieldy, stuffed-with-features, type of tools for the Fortune 1000. Making it into a
'lite' one is like trying to strip down a Sherman tank to use it
as a dune buggy. Good luck Redmond. I see failure looming in
THIRD PARTY NEWS
Upgrading Service Packs Does Not Solve Patching Dilemma
- Not all hotfixes are tested, rolled up in newer versions -
At face value, you would say that IT departments can solve their
patching dilemma by simply making sure the most current service
packs are deployed. Not So! While everyone can understand that
admins want to streamline operations, believing that the latest
service pack revisions will cover your behind isn't smart. Why?
For one, not all hotfixes are rolled into service packs, and
many times admins must reinstall them after installing a service
pack. Patches also require validation, since they interact with
each other in ways that cannot be known without testing. Such
variables include which hotfixes supercede others, which ones
are prerequisites or codependent to other patches, and in what
order do patches get installed. Private hotfixes are also often
ignored by service packs.
To make SURE you have adequate protection, admins should continue
to use independent third-party patch management solutions, like
UpdateEXPERT, that utilize extensive databases to rigorously test
and analyze patches before deployment. These types of independent
solutions also take into account private hotfixes and relationships
between patches when testing and deploying them to IT networks.
The benefit of UpdateEXPERT and similar offerings to admins
is in their ability to automate the research of software updates,
inventory assessment, deployment and validation of hotfixes. This
means you can increase your security posture without further
taxing already stretched resources and indeed streamline your
patch management process.
Network Security Inspector V1.5 (SNSI) Goes Into Beta
Some exciting news. The SNSI V1.5 Beta was released this week.
Many of us have been waiting for this version, that now has some
really cool new features. It is expected to ship this July.
Highlights of what's New in V1.5:
Prioritized vulnerability reports provide detailed and easy-to-follow
instructions on how to fix holes fast, so you can focus on the most
critical security issues. Configurable scans: With new easy to use
scanning wizards, create your own scan or user predefined scans such
as "high risk" or the "SANS top 20". Search for specific vulnerabilities
by any field such as description, CVE ID and more.
- IP Scanning ? Now you can scan by single IP address, specify a range or a subnet to scan.
- Port Scanning ? See the ports that are open on the machines you scan.
- Service Scanning ? See all the services that are running on your Windows machines.
- Multiplatform ? SNSI can now scan Linux, Solaris, HP UX, Cisco Routers, and HP Printers.
- New Scanning Wizard ? To make it a little easier to see what groups of machines and vulnerabilities you are using.
Multi-platform support: Find holes in Windows, Linux, Solaris, HP
UX, Cisco routers and HP printers. The easy, all-new interface has
a short learning curve: point, right-click and scan.
SNSI is licensed per Administrator and lets you scan unlimited IPs!
SNSI won't make a hole in your budget, so you can afford to be
proactive without compromises. Scan by IP or choose machines in
your Windows domains. You can also scan open ports and running
Remember that the current intro-price will not stay as low as it
is forever, SNSI V1.5 is actually a high-end scanner that compares
to products costing up to 10-20 times more.
PestPatrol Corporate Edition Eval Now Removes Pests
The new version of Pest Patrol Corporate Edition is now out.
Unlike the previous Eval copy this one will actually DELETE the
pests and Adware and Spyware it finds -- as opposed to just
telling you what it found like version 4.4 did. From the new
Central Command Console, logged in as an Admin it WILL find
and delete spyware on your network and all the clients that
you may have admin access to:
Budgeting for Business Continuity
At the outset of any project, you ask, "How do I justify the budget
for a project that I know I need?" This article specifically
discusses how to best justify the cost of implementing a disaster
Often when starting a disaster recovery project you are told there
is no available budget. And while it is true that IT no longer
benefits from the optimism of the dot.com years, it is also true
that the company generally does have some money. It just isn't
allocated for this project - yet.
First, you must recognize that system downtime has a cost and you
need to be able to quantify this. When a server does go down,
users are impacted. This impact has company-wide financial
ramifications. Chances are this financial impact isn?t in the
Now it becomes clear - downtime does have a cost. Any business
continuity or disaster recovery plan is simply about reducing
the risks and the impact of the costs associated with outages.
Suddenly, BC/DR is a cost savings measure! Think about it this
way - if an operations person compared their company?s current
long distance phone plan to a few identical plans that were
less expensive, the operations person would be told that there
is "budget" for a less expensive solution! The same ought to be
true with business continuity planning.
Business continuity projects don?t start with budget, they start
with understanding the existing costs and realizing how to alleviate
that financial burden. With this in mind, consider the following
points when appealing to management for funds:
Clearly illustrate the risk by outlining the cost of downtime at
your organization. Differentiate the Recovery Time Objective (RTO)
(how long until you are back online) associated with recovery
from tape vs. other solutions like real-time data replication.
Replication can enable you to more quickly recover from a disaster
or system outage, reducing your downtime and ultimately the cost
associated with it.
Consider your Recovery Point Objective (RPO) (how much data you
can afford to lose) associated with recovery from tape vs. other
solutions to assess your data loss tolerance. Can you afford to
lose 2 minutes, 2 hours, or 2 days worth? With replication, the
data you restore will be the same data you had seconds before
the outage occurred.
Know the data protection laws that govern your industry such
Sarbanes-Oxley, HIPAA, and SEC 17a-4. Explain what they mean to
your business and where you are at risk. Remember, not all disaster
recovery projects require inordinate expense. Your continuity
measures should always cost less than the financial impact of the
outages you are trying to protect against. This is where Double-Take
shines! It was designed and positioned to have a very attractive
total cost of ownership (TCO) and return on investment (ROI).
Double-Take replication technologies and services allow a customer
to solve various business continuity problems with a single
software solution. With Double-Take, you can save dollars of
outage costs by spending just pennies:
This Week's Links We Like. Tips, Hints And Fun Stuff
PRODUCT OF THE WEEK
NEW: Enhance Security With ServerVision
A brand new Status and Event Monitor that allows you to keep an
eye on your servers and get emailed right away when the security
event log shows multiple login failures. It was made to be EASY
and affordable: everything you need and nothing you don't.
Configuration is a snap. Running it is a breeze. Next generation
product, with both MMC snap-in and Web GUI interfaces. System
Admins love it. Why? It's REALLY EASY. The press loves it too.
CRN Mag and eWeek just gave it great reviews. Read the review in
Check ServerVision out, here: