Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Sep 6, 2004 (Vol. 9, #35 - Issue #491)
Spyware Can Foul Up SP2 Deployment
This issue of W2Knews contains:
- EDITORS CORNER
- A Royal Pain In The Posterior
- More Cool Display Technology
- Happy Birthday Internet
- TECH BRIEFING
- Spyware Can Foul Up SP2 Deployment
- Apache Rejects Sender ID Proposal
- NT/2000 RELATED NEWS
- No WinFS For LongHorn
- Get Your Network Hacked In 10 Easy Steps
- Download: Scripting Defrag in Windows Server 2003
- Information Leakage Through Hidden Word Data
- NT/2000 THIRD PARTY NEWS
- Special 'September 2004 Only' Offer: Security Pack
- What's New In iHateSpam Version 2.0?
- "All Other Server Monitors Are Hard To Use"
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- Special Sunbelt Security Pack
SPONSOR: Disaster Recovery Is Now A Must-Have
But there are still a lot of questions about DR, here are a few:
- What is the difference between synchronization and replication?
- Does DOUBLE-TAKE replicate the entire file when it is changed?
- Are changes applied to the target server immediately?
- Can replicated data on the target be accessed by users?
- Will DOUBLE-TAKE replicate encrypted files?
And many more. We have an FAQ in PDF for you here (no registration!)
Visit Disaster Recovery Is Now A Must-Have for more information.
A Royal Pain In The Posterior
Lots of stuff happening these days. Spyware is getting to be a
royal pain in the posterior. I have spoken personally to about
twenty system admins this week about this topic. The picture
isn't pretty and getting worse. Machines are getting slow, and
sometimes bog down to a point that they get completely unusable
and need to be rebuilt. More over, organized cybercrime is using
worms, viruses and hybrids of these combined with spyware to
invade companies. Microsoft also warns against it, see the
More Cool Display Technology
Danny Lee sent me this: Hey Guys! I always enjoy reading your
articles... But reading "Something Ultracool at MS-Research"
makes me think you haven't visited the IO2 website. These guys
are creating displays out of thin air! Not just displays, but
INTERACTIVE displays. Check out the videos of their technology.
He's right, now THAT'S Ultra-cool, and for sale now.
Happy Birthday Internet
The Net, a project that will be an eternal work in progress,
turned 35 this past Sunday. It was born at UCLA where someone
joined two computers with a 15-foot cable. It mutated into 5
nodes some months later. Look at what we have now! And it's
only V1.0. Internet V2 is on the way.
Quotes of the Week:
"There are seldom technical solutions to behavioral problems" -- Ed Crowley
I got inspired and added one of my own: "There are never medical solutions to behavioral problems" -- Stu Sjouwerman
(email me with feedback: [email protected])
SPONSOR: Panda Launches TruPrevent Technologies
Finally, unknown viruses are under control.
Panda Software?s proactive technologies, exclusive to Panda,
stop latest generation unknown worms and viruses even
before your signature files are updated! The most intelligent
technologies to combat unknown viruses and intruders.
Contact Panda Software at 877-462-6200, or visit our website.
Visit Panda Launches TruPrevent Technologies for more information.
Spyware Can Foul Up SP2 Deployment
SP2 is all about security. But SP2 itself cannot do much if a
machine is already polluted with spyware -- and that shows to
be a problem in some cases. Redmond is warning XP users to
clean their systems and remove spyware before downloading SP2.
Barry Goff, a MS group product manager, said some spyware could
cause computers to freeze up upon installation of the update.
There are many categories of spyware, depending on who you talk
to. It often comes as an unwanted parasite with file-sharing
programs, starts tracking behavior and then triggers pop-up ads.
And that's only one relatively harmless category of at least
There are several freeware and for-pay products on the market to
clean systems and remove these pests. Redmond recommends that
you clean workstations of spyware and make backups before turning
on the SP2 auto update feature. IDC estimates that by now, about
260 million copies of WinXP have been sold.
In a corporate environment, spyware is rapidly replacing spam
as 'Headache Numero Uno'. It's still early days for spyware
removal tools. The freeware is not enterprise ready, and the
first generation commercial products available for the enterprise
have their roots visibly in end-user products, for instance none
of them support Active Directory. Anti-virus vendors are trying
to muscle in on this market, but their code was not specifically
written to remove spyware and it shows. Their performance cannot
stand in the shadow of dedicated tools that were built as anti-spyware from the get go. These early days, the best solution
available is PestPatrol Corporate Edition:
Apache Rejects Sender ID Proposal
Netcraft News reported that the Apache Project has rejected
the Sender ID proposal for e-mail user authentication, saying
the terms of Microsoft's license for the underlying technology
makes it incompatible with open source software. The decision
illustrates how anti-spam efforts have become the latest
battleground between the open source community and Microsoft.
Apache's decision, outlined in a letter to the Internet Engineering
Task Force (IETF), culminates weeks of discussion among the IETF,
Microsoft and open source advocates over whether Sender ID
could work as a standard framework for anti-spam measures.
"The current Microsoft Royalty-Free Sender ID Patent License
Agreement terms are a barrier to any (Apache) project which
wants to implement Sender ID," Apache chairman Greg Stein said
in the letter. "We believe the current license is generally
incompatible with open source, contrary to the practice of
open Internet standards, and specifically incompatible with
the Apache License 2.0. Therefore, we will not implement or
deploy Sender ID under the current license terms."
The full article is at the NetCraft site:
NT/2000 RELATED NEWS
No WinFS For LongHorn
The Microsoft Watch site (a good one I might add) reported that
Redmond announced that it is cutting some of its planned Longhorn
features in order to get the desktop version of the product out
the door by 2006. The Windows File System (WinFS) ? technology
that was set to simplify information storage and retrieval ?
won't make it into the final, shipping versions of Longhorn
client, company officials confirmed. WinFS also won't be part
of Longhorn server, the server complement of Longhorn that is
still due out in 2007, as Microsoft announced earlier this year.
Company officials said they were not sure when and via what
version of Windows Microsoft ultimately will make WinFS available.
Microsoft has talked about Blackcomb versions of Windows as the
next major follow-ons to Longhorn. But they aren't expected to
ship until the end of this decade. The full article is here:
And here is a full interview with Gates, going into the nitty
Get Your Network Hacked In 10 Easy Steps
Worms are considered a major security problem today, but Microsoft
security expert Jesper Johansson says you may be overlooking a
bigger problem -- the damage a single hacker can do inside your
network. Read how to avoid 10 common mistakes in this article
from SearchWindowsSecurity.com. Free registration may be required.
And when you are done reading it, check out this tool that
scans for many of these errors:
Download: Scripting Defrag in Windows Server 2003
Expert Greg Ramsey shares a handy script he uses to enumerate
all local hard drives and to check each one sequentially to
see if it needs to be defragmented. If the total percent
fragmentation is greater than 10%, then Defrag is automatically
run. All information is written to the event log. You can
download this script from the searchWindowsSecurity.com site. Free registration may be required.
Information Leakage Through Hidden Word Data
The www.user-agent.org download site has a document called
"Scalable Exploitation of, and Responses to Information Leakage
Through Hidden Data in Published Documents" If you go here,
it sits at the last of the list as a PDF document (word_docs.pdf). Some very
interesting data in there. It was written by Simon Byers, he's
at ATT Research. The document is dated 2003/04/03, and the
abstract reads as follows:
"In considering the leakage of information through hidden text
mechanisms in commonly used information interchange formats we
demonstrate how to automate and scale the search for hidden data
in Word documents. The combination of this scaling with typical
behaviour patterns of Word users and the default settings of
the Word program leads to an uncomfortable state of affairs for
Word users concerned about information security. We discuss some
countermeasures employable by users and note more general
consequences of these effects."
Check the PDF out here:
THIRD PARTY NEWS
Special 'September 2004 Only' Offer: Security Pack
Sunbelt Software decided to give system admins a real break. A
unique bundle of security products available for just ONE MONTH.
Your PO has to arrive before 12 midnight September 30-th. This
is a once-in-a-lifetime super special "end-of-the-third-quarter"
blowout. It's really a killer deal, these three security tools
have a retail value of $3,237.50, but are now $1,868.75 and that
even includes one year maintenance. Make sure you get this bundle
soon. It's a must-have for your security toolkit. You'll be
surprised with the tools you find in this pack. Check it out!
What's New In iHateSpam Version 2.0?
The development team here at Sunbelt is going "pedal to the metal"
on the new incarnation of iHateSpam for Exchange. It's a new
architecture that allows us to build all kinds of interesting
plug-ins that you need. We'll come out late Q4 with excellent
anti-spam filtering, but also integrated anti-virus. Since we
will do way more than just spam, we're going to change the name
Plug-ins for anti-virus, content filtering, content auditing,
disclaimers, server-based auto-replies, and more exciting stuff
that I cannot talk about yet will come out in stages after we
release the V 2.0 code. Pricing will be extremely competitive,
so if you are looking for a full-featured message security
solution for your Exchange server, get iHateSpam for Exchange
now and benefit from this upgrade path. Got any ideas for
features you would like to see? Send them to me.
If your maintenance contract is valid, your upgrade from the
current version to V2.0 (includes the anti-spam plugin) will be
gratis. If you want to add AV, we will make this available
to existing customers at extremely attractive pricing. So good
that you're going to have to really look at replacing your
current solution! Have a good suggestion for a new name for this
product? Email me and if your name gets chosen, we'll award you
a $100 Amazon gift cert. Here is your link to the current V1.5
30-day full eval of iHateSpam for Exchange. Get it now, and
benefit from the upgrade path.
"All Other Server Monitors Are Hard To Use"
There is some very good news. Monitoring system health and
keeping servers secure has become even easier and more
affordable than ever. ServerVision has started selling fast,
and the recent price decrease has made it a real no-brainer.
For just 50 bucks per machine you have a next-generation
monitor that does event logs, uptime, alerts and whole host
of other things: easy to afford, easy to set up and easy to
use! You should really try ServerVision now, you will be
very pleasantly surprised. It's now possible to just throw
out that hard-to-use monitor you have, and replace it with
This Week's Links We Like. Tips, Hints And Fun Stuff
PRODUCT OF THE WEEK
Special Sunbelt Security Pack
This is a special you do not want to lose out on. Sunbelt bundled
three security tools and you basically only pay for one. The
retail value is $3,237.50. But the cost now is $1,868.75 and
that even includes one year maintenance. You'll be surprised with
the tools you find in this pack. Check it out here. It's September