Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Aug 9, 2004 (Vol. 9, #31 - Issue #487)
WinXP SP2 Released to Manufacturing
This issue of W2Knews contains:
- EDITORS CORNER
- I Fell Into The Assumption Trap
- WinXP SP2 Released to Manufacturing
- TECH BRIEFING
- IMF Reviewed: You Get What You Pay For
- One Year Later, IT Prepares For Next Disaster
- New Anti-Spyware Law May Not Work (just like CAN-SPAM)
- NT/2000 RELATED NEWS
- Redmond: "WinXP SP2 Will Break Our CRM"
- Gates: "We'll Make Security Our Forte"
- When The Lights Go Out: Exchange Disaster Recovery
- Terminal Services Learning Guide
- Getting Ready To Renew MS Licensing?
- NT/2000 THIRD PARTY NEWS
- The Latest Security Holes Update
- Internet Business Disruptions Benchmark Report
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Still Using Software for Web Filtering?
SPONSOR: Is Your Event Log Manager Too Hard To Use?
You know you need one. Downtime is not an option. But is your
current event manager a pain in the rear? Difficult to set up?
Difficult to use? Way too expensive? You should consider the
competitive upgrade to ServerVision. Here is a user quote: "It
seems to be an impressive product. It has much of the functionality
we've been drooling over in MS Operations Manager, but less expensive
and much easier to get going." Ask Your Rep or Reseller for the
competitive upgrade offer. You'll be very pleasantly surprised.
Visit Is Your Event Log Manager Too Hard To Use? for more information.
I Fell Into The Assumption Trap
Can't believe I did it, apparently even I can have blonde moments.
[grin] Here is the story. For years I wrote W2Knews in MS Word. But
there is often a lot of cut and paste involved, and I want to deliver
a clean copy to our webteam without strange characters. So after
writing and spell checking in Word, I always transferred to Notepad
to get rid of extraneous characters that cause problems in HTML.
Over time while doing copy/paste operations, I resorted to dumping
everything into Notepad before copying into Word. I got tired of
that, and a few months ago just decided to swap things around and
write the whole thing in Notepad instead, and run the spell check
in Word afterward. All fine and dandy up to now. Guess where I
kept the notepad files though? On the desktop, assuming that
since I saw a synch action going on every day, that my desktop
was backed up to the file server. And you guessed it. I was testing
a new beta of some product and it wiped out my desktop. Including
the w2knews.txt that I had worked on all week. Major OOPS, as there
was no backup to the network share, and my profile was not roaming
either. The only way I could get back about 10 hours worth of work
was FileRescue Plus. It saved my butt literally. This little tool
is worth having lying around. [sigh of relief]. There is a special
running for it I just found out. Unlimited Roaming Admin License
for only $499. And I will save my txt files to my network share,
which of course does get backed up! Check FileRescue Plus out here:
WinXP SP2 Released to Manufacturing
August 6, Redmond officially released SP2 to Manufacturing.
During the worldwide rollout of Service Pack 2, they will
localize the software in 25 languages over the next two months
and distribute it to computer manufacturers, enterprise
customers and consumers through downloads, retail installation,
free CDs and on new PCs. If you run WinXP on your admin workstation you can simply turn on the Automatic Updates feature
in Windows XP. Customers with Automatic Updates enabled will
receive the latest security updates for Windows XP, along with
updated installation software that will optimize the download
of Service Pack 2 and all future updates to WinXP.
The timing for customers to receive the Service Pack 2 download
through Automatic Updates depends on a number of factors,
including the customer?s Internet usage, location, language
and the level of Internet demand for SP2. Automatic Updates
uses spare Internet capacity to progressively download updates
without interfering with daily PC use. Microsoft expects to
distribute SP2 to approximately 100 million PCs through Automatic
Updates over the next two months. Automatic Updates is easy to
turn on in Windows XP. You might want to issue an edict to your
end users though to NOT DO THIS until all apps have been tested.
The installation package of the final version of Service Pack 2 has just been released to the beta testers on the Windows Beta Website and is available for download now. The file name is WindowsXP-KB835935-SP2-ENU.exe. The self extracting compressed file weighs at 266.01 MB. The new Windows XP Service Pack 2 (SP2) Support Center is here:
They got Virtual Server 2005 to Manufacturing as well. A good
thing. Talking about goodies, expect the XBOX 2 in time for this
The quote of the week (for a change) are some definitions I ran
"Hack": A clever solution to an interesting problem.
"SCUI": A scalable user interface, the latest rage among UI researchers.
(email me with feedback: [email protected])
SPONSOR: PANDA ANTIVIRUS SOFTWARE
What?s the price of inadequate AV protection? If your Anti-Virus
protection isn't completely secure, you could be headed for trouble.
Don't guess whether your anti-virus protection is working... just
take the free Active Scan test and see for yourself. Then call Panda
Software and ask about our competitive upgrade. Start your free
ActiveScan test here!
Visit PANDA ANTIVIRUS SOFTWARE for more information.
IMF Reviewed: You Get What You Pay For
Bill Boswell is the Exchange Guru of Microsoft Certified Professional
Magazine (soon to be Redmond Magazine). He torture tested the new
Intelligent Mail Filter that MS threw into Exchange 2003 and he
wasn't impressed. I have quoted a few lines and you can read the
whole article at their website. Here goes:
"I'm accustomed to using a trainable Bayesian filter for my personal
mail and I found the inability to train the IMF to be a significant
disadvantage. This means that an SCL 4 message containing the text
"Happy with your current proportions? Look at http://v-a-r-o-o-m.com."
will continue to reach a user's mailbox, day after day, until the
next update to the IMF database. To get that update, you must go to
Microsoft's update site, which requires planning and additional
configuration. Compare this to third-party products where the database
updates happen transparently and automatically.
Also, I was disappointed at the large numbers of spam messages that
must get through the gateway to the user's mailboxes to avoid false
positives. Several third-party products make use of thumbprints and
rapid database updates to identify spam that otherwise would evade
a strict Bayesian filter."
My additional comment on this is that the updates of this filter
are not something Redmond announced would be regular. More like
"We don't know when the next one will be" kinda deal. You can read
the full article here:
If you are in the market for an email security application, have
another look at iHateSpam for Exchange. The current version kicks
butt, and the new incarnation we are working on will include anti-virus and you are going to be able to plug in modules that do
content filtering, content auditing, disclaimers, archiving and
more. Watch out NetIQ, Sybari, GFI and all the others! If you
get iHateSpam for Exchange now, you will be able to get all these
extras at a nominal price when they come out.
One Year Later, IT Prepares For Next Disaster
As the one-year anniversary of last August's blackout in the
Northeast approaches, IT managers said they have made both big
and small changes to their business continuity plans after absorbing
the lessons of the power outage. GOOD article in ComputerWorld!
No reason to repeat all of it here, so just go to the link and
check it out. It's got great examples if you are looking for
ammo to get budget to create your High Availability / Disaster
Recovery environment with a tool like Double-Take.
New Anti-Spyware Law May Not Work (just like CAN-SPAM)
President Bush signed a new federal law into life this July 15-th.
This new anti-spyware law increases the identity theft penalties.
There is a problem though. Consumer groups warn that this new law
may do little the deter criminals using spyware.
It is called the Identity Theft Penalty Enhancement Act and it
imposes a 2-year sentence on those convicted of stealing personal
identities while committing crimes like wire fraud (using the
Internet for their nasty deeds). Critics claim that the law
only addresses part of the problem. ID-theft is currently the
fastest growing crime in the USA.
It's a well known fact that punishment does not deter crime,
(we still have criminals don't we?) and additionally, the FBI
and the Secret Service do not have the resources to go after
these crimes. The FTC has received 460,000 ID-theft complaints
in 2003 but the study they did showed that about 10 million
people (!) has been the victim of ID-theft. Victims often don't
find about it for months, giving the thief time to do the damage
and hurt your credit. A lot of the evidence shows that it's
Russian Mafia that causes part of these crimes. The amount of
spyware nearly doubled from the first to the second quarters
NT/2000 RELATED NEWS
Redmond: "WinXP SP2 Will Break Our CRM"
Told you so. Now even MS admits it. SP2 will break their very
own CRM application! They disclosed this fact in a posting on
their Download Center. The warning was that installing the SP2
will cause disruptions for their CRM users, and also prevent
the CRM Outlook client V1.2 from running correctly. Both need
several manual configuration workarounds to operate properly.
It's no news of course. Redmond has warned during the beta
that SP2 may break or disrupt existing apps unless workarounds
are put in place. That's true for websites too by the way!
Here is info on the MSDN site about the security repercussions
Gates: "We'll Make Security Our Forte"
Network World reported on it, and many other media picked up
the story as well. Gates claimed that security will come to be
seen as a Microsoft strength. Gates raised the bar significantly
last week when he talked to financial analysts. He said they
will transform security "from a concern for us into something that's
a significant, unique asset as well as a business opportunity."
Gates specifically mentioned security advances coming in WinXP SP2
and the next version of W2K3 (code-named R2), and the new versions
of System Management Server (SMS), Microsoft Operations Manager
and Internet Security and Acceleration Server.
Gates said Microsoft would pick up the pace of software innovation
during the next 12 months, but cautioned that corporate development
would be slower than it would for consumer products. He said that
business customers "want very clear guidance on how they isolate
their networks so they won't be subject to attacks. They want to
understand how to update, which updates to flow through very
rapidly, which ones can wait longer and go through a complex
testing cycle. They want to understand how to move away from
passwords to smart-card or biometric systems that will secure
their corporate information in a much better way."
The SUS and WUS patching tools are scheduled to ship summer next
year, as well as a server OS for 64-bit Extended Systems that run
on AMD and Intel processors, and a server version for high-performance computing. Also expected is the shipment of System
Center 2005. Gates actually acknowledged that system monitoring
and creating group names and authorizations is too complex and
would get easier.
Well, here is a ServerVision user quote: "It is seems to be an
impressive product. It has much of the functionality we've been
drooling over in MS Operations Manager, but less expensive and
much easier to get going." ServerVision is also able to do
security risk profile checking and notifies you when security
patches relevant to your server are available.
When The Lights Go Out: Exchange Disaster Recovery
Microsoft Exchange is a large and complicated system, so when
there's a disaster, numerous things can go wrong on many levels.
A good deal of how well you recover from an unexpected disaster
hinges on whether or not you have backup measures in place, and
how extensive they are. Learn about Exchange's basic built-in
disaster recovery tools and methods in this two-part series
from SearchExchange.com. Combine these with Double-Take and you
are well covered for the inevitable downtime. (Free registration
may be required.)
Terminal Services Learning Guide
I found a great resource that I wasn't aware of until now.
This SearchWin2000.com guide introduces you to Terminal Services
and explains best practices for planning, installing and
administering your Terminal Server. You'll find troubleshooting
help, expert advice, articles, tutorials, tips, tools, white
papers and more to pump up your knowledge of Terminal Services
quickly. (Free registration may be required.)
Getting Ready To Renew MS Licensing?
Is your organization getting ready to renew its MS licensing
agreement or purchase a new agreement? Can you afford it? What
kind of deal can you get? What questions should you ask your
reseller or Microsoft sales representative? Get the answers with
the Microsoft Licensing Report. We've just added a new update to
the original report which includes all the latest revisions,
enhancements and details on special Microsoft product, reseller
and training partner promotions.
THIRD PARTY NEWS
The Latest Security Holes Update
A whole new slew of holes are available for criminals to take
advantage of. Check out the latest release of SNSI and the checks
that were added. The low intro-price of $949 ends Sept 30, so we
strongly recommend getting your copy of SNSI while you can still
get a 'Hummer for the price of a Hyundai'.
New vulnerability updates for this release include:
Six new Linux checks, bringing the total Linux checks to 573
L568 - AbiWord - Security Fix - FC1,2
L569 - IPSEC Tools - Non-Authentication - FC2/RH
L570 - Subversion - Memory and Heap Vulnerabilities - FC1,2
L571 - Sound eXchange - WAV file handling - RH/FC1,2
L572 - Kernel 2.6.6 - Multiple Vulnerabilities - FC2
L573 - Cups Non-Encryption Vulnerability Linux: FC2
Four new Windows checks, bringing the total Windows checks to 2220
W2217 - LM Hashes Exist - W2K
W2218 - IE Navigation Method Vulnerability (MS04-025)
W2219 - IE BMP File Vulnerability (MS04-025)
W2220 - IE GIF File Vulnerability (MS04-025)
Two new Solaris checks, bringing the total Solaris checks to 228
S227 - Calendar Server Proxy Authentication Failures - Solaris 9
S228 - Apache Header Parsing - Solaris
One new HP-UX check, bringing the total HP-UX checks to 92
H92 - CIFS Samba Name Mangling Defect - HP-UX 11
In addition, there were improvements in the following vulnerability
W1142/W1986/W1999/W2067 - Anti-Virus Signatures
L564 - DHCP Multi hostnames - SuSe/Mandrake/FC2
L537 - Libpng - RH9/RHE/Mandrake/Fedora C2 (versions 1.0 & 1.2)
L567 - Samba - SWAT administration service
L570 - Fedora: 2,1 - Subversion Heap overflow vulnerability
L546 - CVS - Red Hat/Mandrake/Fedora C1 C2
L547 - Squid - NTLM authentication/Fedora C1 C2
L549 - Squirrelmail - SQL injection/Cross-site scripting Fedora C1 C2
Red Hat 7.2 progeny checks
L306, L451, L472, L481, L482, L484, L489, L491,L501, L502, L505, L509,
L510, L511, L512, L513, L534, L535, L536, L537, L538, L543, L546,
L548, L550, L551, L553, L565, L566
SNSI uses the latest Mitre Common Vulnerabilities and Exposures
(CVE) list of computer incidents. It also contains the latest
SANS/FBI top 20 vulnerability list. SNSI also uses the latest
CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security)
To get the latest SNSI version, visit:
Internet Business Disruptions Benchmark Report
The Aberdeen Group just published a report you can get at no
cost (you do have to register) that goes into great depth on
worms, viruses, scripts, and other Internet-security-related
problems. I'm quoting the Aberdeen website for the next 3
"These are causing an average of $2 million in revenue
losses annually from disrupted business operations. However, this
average belies an underlying reality that larger enterprises,
especially the Global 5000 businesses operating from many
geographically dispersed locations, are experiencing even larger
"When combined with a huge increase of businesses using the
Internet for customer sales and service operations (75% of
businesses), it comes as no surprise that most firms (82%) are
aggressively pursuing a strategy based on avoidance and
prevention to overcome Internet business disruptions.
"The Internet Business Disruptions Benchmark Report offers
organizations insight into the strategies that their peers are
planning to implement to overcome Internet business disruptions.
This research report contains a competitive framework to provide
actionable insight into the relationship between business
pressures, actions, capabilities, and enablers, as well as
performance metrics that users say are critical to benchmarking
It's 31 pages and I had a look at it. Worth to register and read if you need budget ammo. Here goes:
This Week's Links We Like. Tips, Hints And Fun Stuff
PRODUCT OF THE WEEK
Still Using Software for Web Filtering?
Software filters like Websense and SurfControl can't give you the
ease of use and low maintenance that you'll get from iPrism, the
leading Internet filtering appliance. Whether you are switching
to an appliance or choosing one from the start, iPrism's low cost
and powerful features are the perfect fit for any network. Switch
to iPrism today and you can qualify for an extra year of Web
filtering free! Download FREE Web filtering tools now.