- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Aug 9, 2004 (Vol. 9, #31 - Issue #487)
WinXP SP2 Released to Manufacturing
  This issue of W2Knews™ contains:
    • I Fell Into The Assumption Trap
    • WinXP SP2 Released to Manufacturing
    • IMF Reviewed: You Get What You Pay For
    • One Year Later, IT Prepares For Next Disaster
    • New Anti-Spyware Law May Not Work (just like CAN-SPAM)
    • Redmond: "WinXP SP2 Will Break Our CRM"
    • Gates: "We'll Make Security Our Forte"
    • When The Lights Go Out: Exchange Disaster Recovery
    • Terminal Services Learning Guide
    • Getting Ready To Renew MS Licensing?
    • The Latest Security Holes Update
    • Internet Business Disruptions Benchmark Report
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Still Using Software for Web Filtering?
  SPONSOR: Is Your Event Log Manager Too Hard To Use?
You know you need one. Downtime is not an option. But is your
current event manager a pain in the rear? Difficult to set up?
Difficult to use? Way too expensive? You should consider the
competitive upgrade to ServerVision. Here is a user quote: "It
seems to be an impressive product. It has much of the functionality
we've been drooling over in MS Operations Manager, but less expensive
and much easier to get going." Ask Your Rep or Reseller for the
competitive upgrade offer. You'll be very pleasantly surprised.
Visit Is Your Event Log Manager Too Hard To Use? for more information.

I Fell Into The Assumption Trap

Can't believe I did it, apparently even I can have blonde moments. [grin] Here is the story. For years I wrote W2Knews in MS Word. But there is often a lot of cut and paste involved, and I want to deliver a clean copy to our webteam without strange characters. So after writing and spell checking in Word, I always transferred to Notepad to get rid of extraneous characters that cause problems in HTML. Over time while doing copy/paste operations, I resorted to dumping everything into Notepad before copying into Word. I got tired of that, and a few months ago just decided to swap things around and write the whole thing in Notepad instead, and run the spell check in Word afterward. All fine and dandy up to now. Guess where I kept the notepad files though? On the desktop, assuming that since I saw a synch action going on every day, that my desktop was backed up to the file server. And you guessed it. I was testing a new beta of some product and it wiped out my desktop. Including the w2knews.txt that I had worked on all week. Major OOPS, as there was no backup to the network share, and my profile was not roaming either. The only way I could get back about 10 hours worth of work was FileRescue Plus. It saved my butt literally. This little tool is worth having lying around. [sigh of relief]. There is a special running for it I just found out. Unlimited Roaming Admin License for only $499. And I will save my txt files to my network share, which of course does get backed up! Check FileRescue Plus out here:

WinXP SP2 Released to Manufacturing

August 6, Redmond officially released SP2 to Manufacturing. During the worldwide rollout of Service Pack 2, they will localize the software in 25 languages over the next two months and distribute it to computer manufacturers, enterprise customers and consumers through downloads, retail installation, free CDs and on new PCs. If you run WinXP on your admin workstation you can simply turn on the Automatic Updates feature in Windows XP. Customers with Automatic Updates enabled will receive the latest security updates for Windows XP, along with updated installation software that will optimize the download of Service Pack 2 and all future updates to WinXP.

The timing for customers to receive the Service Pack 2 download through Automatic Updates depends on a number of factors, including the customer?s Internet usage, location, language and the level of Internet demand for SP2. Automatic Updates uses spare Internet capacity to progressively download updates without interfering with daily PC use. Microsoft expects to distribute SP2 to approximately 100 million PCs through Automatic Updates over the next two months. Automatic Updates is easy to turn on in Windows XP. You might want to issue an edict to your end users though to NOT DO THIS until all apps have been tested.

The installation package of the final version of Service Pack 2 has just been released to the beta testers on the Windows Beta Website and is available for download now. The file name is WindowsXP-KB835935-SP2-ENU.exe. The self extracting compressed file weighs at 266.01 MB. The new Windows XP Service Pack 2 (SP2) Support Center is here:

They got Virtual Server 2005 to Manufacturing as well. A good thing. Talking about goodies, expect the XBOX 2 in time for this Christmas.

The quote of the week (for a change) are some definitions I ran across:
"Hack": A clever solution to an interesting problem.
"SCUI": A scalable user interface, the latest rage among UI researchers.

Warm Regards,
Stu Sjouwerman (email me with feedback: [email protected])

What?s the price of inadequate AV protection? If your Anti-Virus
protection isn't completely secure, you could be headed for trouble.
Don't guess whether your anti-virus protection is working... just
take the free Active Scan test and see for yourself. Then call Panda
Software and ask about our competitive upgrade. Start your free
ActiveScan test here!
Visit PANDA ANTIVIRUS SOFTWARE for more information.

IMF Reviewed: You Get What You Pay For

Bill Boswell is the Exchange Guru of Microsoft Certified Professional Magazine (soon to be Redmond Magazine). He torture tested the new Intelligent Mail Filter that MS threw into Exchange 2003 and he wasn't impressed. I have quoted a few lines and you can read the whole article at their website. Here goes:

"I'm accustomed to using a trainable Bayesian filter for my personal mail and I found the inability to train the IMF to be a significant disadvantage. This means that an SCL 4 message containing the text "Happy with your current proportions? Look at http://v-a-r-o-o-m.com." will continue to reach a user's mailbox, day after day, until the next update to the IMF database. To get that update, you must go to Microsoft's update site, which requires planning and additional configuration. Compare this to third-party products where the database updates happen transparently and automatically.

Also, I was disappointed at the large numbers of spam messages that must get through the gateway to the user's mailboxes to avoid false positives. Several third-party products make use of thumbprints and rapid database updates to identify spam that otherwise would evade a strict Bayesian filter."

My additional comment on this is that the updates of this filter are not something Redmond announced would be regular. More like "We don't know when the next one will be" kinda deal. You can read the full article here:

If you are in the market for an email security application, have another look at iHateSpam for Exchange. The current version kicks butt, and the new incarnation we are working on will include anti-virus and you are going to be able to plug in modules that do content filtering, content auditing, disclaimers, archiving and more. Watch out NetIQ, Sybari, GFI and all the others! If you get iHateSpam for Exchange now, you will be able to get all these extras at a nominal price when they come out.

One Year Later, IT Prepares For Next Disaster

As the one-year anniversary of last August's blackout in the Northeast approaches, IT managers said they have made both big and small changes to their business continuity plans after absorbing the lessons of the power outage. GOOD article in ComputerWorld! No reason to repeat all of it here, so just go to the link and check it out. It's got great examples if you are looking for ammo to get budget to create your High Availability / Disaster Recovery environment with a tool like Double-Take.

New Anti-Spyware Law May Not Work (just like CAN-SPAM)

President Bush signed a new federal law into life this July 15-th. This new anti-spyware law increases the identity theft penalties. There is a problem though. Consumer groups warn that this new law may do little the deter criminals using spyware.

It is called the Identity Theft Penalty Enhancement Act and it imposes a 2-year sentence on those convicted of stealing personal identities while committing crimes like wire fraud (using the Internet for their nasty deeds). Critics claim that the law only addresses part of the problem. ID-theft is currently the fastest growing crime in the USA.

It's a well known fact that punishment does not deter crime, (we still have criminals don't we?) and additionally, the FBI and the Secret Service do not have the resources to go after these crimes. The FTC has received 460,000 ID-theft complaints in 2003 but the study they did showed that about 10 million people (!) has been the victim of ID-theft. Victims often don't find about it for months, giving the thief time to do the damage and hurt your credit. A lot of the evidence shows that it's Russian Mafia that causes part of these crimes. The amount of spyware nearly doubled from the first to the second quarters of 2004.


Redmond: "WinXP SP2 Will Break Our CRM"

Told you so. Now even MS admits it. SP2 will break their very own CRM application! They disclosed this fact in a posting on their Download Center. The warning was that installing the SP2 will cause disruptions for their CRM users, and also prevent the CRM Outlook client V1.2 from running correctly. Both need several manual configuration workarounds to operate properly.

It's no news of course. Redmond has warned during the beta that SP2 may break or disrupt existing apps unless workarounds are put in place. That's true for websites too by the way! Here is info on the MSDN site about the security repercussions of SP2.

Gates: "We'll Make Security Our Forte"

Network World reported on it, and many other media picked up the story as well. Gates claimed that security will come to be seen as a Microsoft strength. Gates raised the bar significantly last week when he talked to financial analysts. He said they will transform security "from a concern for us into something that's a significant, unique asset as well as a business opportunity."

Gates specifically mentioned security advances coming in WinXP SP2 and the next version of W2K3 (code-named R2), and the new versions of System Management Server (SMS), Microsoft Operations Manager and Internet Security and Acceleration Server.

Gates said Microsoft would pick up the pace of software innovation during the next 12 months, but cautioned that corporate development would be slower than it would for consumer products. He said that business customers "want very clear guidance on how they isolate their networks so they won't be subject to attacks. They want to understand how to update, which updates to flow through very rapidly, which ones can wait longer and go through a complex testing cycle. They want to understand how to move away from passwords to smart-card or biometric systems that will secure their corporate information in a much better way."

The SUS and WUS patching tools are scheduled to ship summer next year, as well as a server OS for 64-bit Extended Systems that run on AMD and Intel processors, and a server version for high-performance computing. Also expected is the shipment of System Center 2005. Gates actually acknowledged that system monitoring and creating group names and authorizations is too complex and would get easier.

Well, here is a ServerVision user quote: "It is seems to be an impressive product. It has much of the functionality we've been drooling over in MS Operations Manager, but less expensive and much easier to get going." ServerVision is also able to do security risk profile checking and notifies you when security patches relevant to your server are available.

When The Lights Go Out: Exchange Disaster Recovery

Microsoft Exchange is a large and complicated system, so when there's a disaster, numerous things can go wrong on many levels. A good deal of how well you recover from an unexpected disaster hinges on whether or not you have backup measures in place, and how extensive they are. Learn about Exchange's basic built-in disaster recovery tools and methods in this two-part series from SearchExchange.com. Combine these with Double-Take and you are well covered for the inevitable downtime. (Free registration may be required.)

Terminal Services Learning Guide

I found a great resource that I wasn't aware of until now. This SearchWin2000.com guide introduces you to Terminal Services and explains best practices for planning, installing and administering your Terminal Server. You'll find troubleshooting help, expert advice, articles, tutorials, tips, tools, white papers and more to pump up your knowledge of Terminal Services quickly. (Free registration may be required.)

Getting Ready To Renew MS Licensing?

Is your organization getting ready to renew its MS licensing agreement or purchase a new agreement? Can you afford it? What kind of deal can you get? What questions should you ask your reseller or Microsoft sales representative? Get the answers with the Microsoft Licensing Report. We've just added a new update to the original report which includes all the latest revisions, enhancements and details on special Microsoft product, reseller and training partner promotions.


The Latest Security Holes Update

A whole new slew of holes are available for criminals to take advantage of. Check out the latest release of SNSI and the checks that were added. The low intro-price of $949 ends Sept 30, so we strongly recommend getting your copy of SNSI while you can still get a 'Hummer for the price of a Hyundai'.

New vulnerability updates for this release include:
Six new Linux checks, bringing the total Linux checks to 573
L568 - AbiWord - Security Fix - FC1,2
L569 - IPSEC Tools - Non-Authentication - FC2/RH
L570 - Subversion - Memory and Heap Vulnerabilities - FC1,2
L571 - Sound eXchange - WAV file handling - RH/FC1,2
L572 - Kernel 2.6.6 - Multiple Vulnerabilities - FC2
L573 - Cups Non-Encryption Vulnerability Linux: FC2

Four new Windows checks, bringing the total Windows checks to 2220
W2217 - LM Hashes Exist - W2K
W2218 - IE Navigation Method Vulnerability (MS04-025)
W2219 - IE BMP File Vulnerability (MS04-025)
W2220 - IE GIF File Vulnerability (MS04-025)

Two new Solaris checks, bringing the total Solaris checks to 228
S227 - Calendar Server Proxy Authentication Failures - Solaris 9
S228 - Apache Header Parsing - Solaris

One new HP-UX check, bringing the total HP-UX checks to 92
H92 - CIFS Samba Name Mangling Defect - HP-UX 11

In addition, there were improvements in the following vulnerability checks:

W1142/W1986/W1999/W2067 - Anti-Virus Signatures

L564 - DHCP Multi hostnames - SuSe/Mandrake/FC2
L537 - Libpng - RH9/RHE/Mandrake/Fedora C2 (versions 1.0 & 1.2)
L567 - Samba - SWAT administration service
L570 - Fedora: 2,1 - Subversion Heap overflow vulnerability
L546 - CVS - Red Hat/Mandrake/Fedora C1 C2
L547 - Squid - NTLM authentication/Fedora C1 C2
L549 - Squirrelmail - SQL injection/Cross-site scripting Fedora C1 C2

Red Hat 7.2 progeny checks
L306, L451, L472, L481, L482, L484, L489, L491,L501, L502, L505, L509, L510, L511, L512, L513, L534, L535, L536, L537, L538, L543, L546, L548, L550, L551, L553, L565, L566

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.

To get the latest SNSI version, visit:

Internet Business Disruptions Benchmark Report

The Aberdeen Group just published a report you can get at no cost (you do have to register) that goes into great depth on worms, viruses, scripts, and other Internet-security-related problems. I'm quoting the Aberdeen website for the next 3 paragraphs:

"These are causing an average of $2 million in revenue losses annually from disrupted business operations. However, this average belies an underlying reality that larger enterprises, especially the Global 5000 businesses operating from many geographically dispersed locations, are experiencing even larger revenue losses.

"When combined with a huge increase of businesses using the Internet for customer sales and service operations (75% of businesses), it comes as no surprise that most firms (82%) are aggressively pursuing a strategy based on avoidance and prevention to overcome Internet business disruptions.

"The Internet Business Disruptions Benchmark Report offers organizations insight into the strategies that their peers are planning to implement to overcome Internet business disruptions. This research report contains a competitive framework to provide actionable insight into the relationship between business pressures, actions, capabilities, and enablers, as well as performance metrics that users say are critical to benchmarking their success."

It's 31 pages and I had a look at it. Worth to register and read if you need budget ammo. Here goes:


This Week's Links We Like. Tips, Hints And Fun Stuff


Still Using Software for Web Filtering?

Software filters like Websense and SurfControl can't give you the ease of use and low maintenance that you'll get from iPrism, the leading Internet filtering appliance. Whether you are switching to an appliance or choosing one from the start, iPrism's low cost and powerful features are the perfect fit for any network. Switch to iPrism today and you can qualify for an extra year of Web filtering free! Download FREE Web filtering tools now.