- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Sep 13, 2004 (Vol. 9, #36 - Issue #492)
Spyware, The New Internet Scourge?
  This issue of W2Knews™ contains:
  1. EDITORS CORNER
    • Spyware, The New Internet Scourge?
    • Security Pack Special Flying Off Shelves
  2. TECH BRIEFING
    • No More [email protected]$$w0rds!?
    • MS Extends Life Of XP SP2 Download Blocker
    • Exchange Admin 101: Downsizing databases
    • Locking Down Remote Access
  3. NT/2000 RELATED NEWS
    • Microsoft Set To Ship Virtual Server 2005
    • Messaging Survey Results Show Users Leaving Novell
    • What Is Your Certification Worth...NOW?
  4. NT/2000 THIRD PARTY NEWS
    • Spotlight: Learning Tools
    • WinXP SP2: "Needed, But Not Complete"
    • New SNSI Update Adds 26 New Vulnerabilities
  5. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  6. PRODUCT OF THE WEEK
    • Special Sunbelt Security Pack - September Only!
  SPONSOR: Panda Launches TruPrevent Technologies
Finally, unknown viruses are under control.
Panda Software?s proactive technologies, exclusive to Panda,
stop latest generation unknown worms and viruses even
before your signature files are updated! The most intelligent
technologies to combat unknown viruses and intruders.
Contact Panda Software at 877-462-6200, or visit our website.
Visit Panda Launches TruPrevent Technologies for more information.
  EDITORS CORNER

Spyware, The New Internet Scourge?

We are seeing more and more people buying specific anti-spyware point solutions, but we have not really gotten your actual feedback on this topic so we can tell everyone what the current status is about spyware. So I have two options for you. If you have just 30 seconds at the moment, go over to the SunPoll and let your system admin colleagues know how much of a problem spyware is at the moment in your domains. Here's the new SunPoll: "Today, how much of a problem is end-users' machines getting infected with spyware?"

  • No problem
  • Minor problem
  • It's happening more and more
  • Major problem
  • We are very concerned about this now and need solutions
Vote here, rightmost column:
http://www.w2knews.com/rd/rd.cfm?id=040913ED-SunPoll

But if you have 3 minutes, it would be better to surf over here and fill out this new (fast point-and-click) spyware survey. I promise to report back soon on these very interesting results in a coming issue!
http://www.w2knews.com/rd/rd.cfm?id=040913ED-Survey

Security Pack Special Flying Off Shelves

Check out the product of the week. This September-only security special that Sunbelt is running turns out to be immensely popular. No wonder when you see the savings on this deal. The retail value is $3,237.50. But the cost now is $1,868.75 and that even includes one year maintenance. Check it out here:
http://www.w2knews.com/rd/rd.cfm?id=040913ED-Security_Pack

Quote of the Week:
"There is no patch for stupidity." -- -Kevin Mitnick

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])

  SPONSOR: Disaster Recovery Is A Must-Have
The highrise just next to us flooded on the sixth floor. (photos)
It is now condemned! This shows again that Disaster Recovery (DR)
is not any luxury. You cannot afford to be without DR. You HAVE
to get your mission critical data out of the building and ideally
to another location far enough to be on another power grid.
Double-Take is the best selling DR tool. It outsells all
the other DR solutions combined, is affordable and not hard to
install and get working. You should really get Double-Take
deployed on your business critical servers:
Visit Disaster Recovery Is A Must-Have for more information.
  TECH BRIEFING

No More [email protected]$$w0rds!?

Microsoft has come out with new fingerprint reader products. There is a flash demo on their website that looks pretty cool. It shows a keyboard, a mouse with keyboard readers built in, and a separate device that reads fingerprints. Actually I have been using a similar device by U are U for two years now and they definitely are a major time saver and help a lot with keeping desktops secure. Because this is the only way a user will actually not resist locking their workstation every time they stand up for a few minutes. You can train the software that comes with the device to remember the user names and passwords for any webpage as well. Quite handy. Check it out:
http://www.w2knews.com/rd/rd.cfm?id=040913TB-Fingerprint

MS Extends Life Of XP SP2 Download Blocker

Microsoft is giving customers a little more time to test WinXP Service Pack 2 by extending the time that a download-blocking mechanism will be in effect. The tool originally was scheduled to prevent the download of XP SP2 for 120 days from Aug. 16. The company said recently that it will extend the tool's ability to block downloads until April 12, 2005. Full article at the SearchWin2000 site (free registration may be required):
http://www.w2knews.com/rd/rd.cfm?id=040913TB-XP_SP2

Exchange Admin 101: Downsizing databases

You can decrease a database's file size by defragmenting it - offline -- and reclaim lost disk space. This tip from SearchExchange.com?s Brien Posey explains how to perform the process and what to be cautious of when you do. Good one. Free registration may be required.
http://www.w2knews.com/rd/rd.cfm?id=040913TB-Exchange

Locking Down Remote Access

Remote access is a necessity for organizations having to network multiple computers across multiple locations. Get help securing remote access to Windows servers and desktops in this special report from SearchWindowsSecurity.com. Free registration may be required.
http://www.w2knews.com/rd/rd.cfm?id=040913TB-Remote_Access

  NT/2000 RELATED NEWS

Microsoft Set To Ship Virtual Server 2005

Redmond is making its first move into server virtualization. We have reported on Virtual Server already a few times, but it looks like we're really going to see the final product soon. They will release Virtual Server 2005 on Oct. 1. You can run many OS-en side by side on a single piece of hardware.

There will be two flavors: Standard ($499), and an Enterprise Edition, at $999. Redmond said the license is per physical server. You can use it for server consolidation, testing and research & development environments, moving legacy code to new machines and if you use Double-Take for Disaster Recovery, you can reduce the amount of physical machines you need for this! The fact that MS started playing in this field validates the market and they have EMC as a worthy competitor with VMware.

Keep in mind though that even though Virtual Server is relatively cheap, you still need to pay for the OS-itself including the added components you'd need for every each virtual machine... It can save hardware costs, but not necessarily any software cost.

Messaging Survey Results Show Users Leaving Novell

- Messaging Migration Trends Show Move from Novell GroupWise to Microsoft Exchange -

First, thanks to all of you that filled out the survey for Exchange Admins. Dana Gardner, Senior Analyst, Application Infrastructure and Software Platforms of the Yankee Group sent me the Executive Summary after their analysis. Here it is!

"In examining the current market for e-mail migrations, the desire to reduce platform risk has proven formative in the widespread and apparently accelerating movement from Novell GroupWise messaging systems to Microsoft Exchange Server 2000 and Microsoft Exchange Server 2003 -- especially those businesses with 2,000 seats or less.

"Since its acquisitions of Ximian open source applications and the SUSE Linux platform in 2003, Novell has been working toward a transition from NetWare, its proprietary network operating system (NOS), to an open source stack built on Linux.

"With its larger strategic shift, the ultimate direction or directions that Novell will take with messaging is less clear. GroupWise users wonder if they will need to change their platform to Linux or change their messaging applications to an open source (or Linux-supported) e-mail system, as they plan functional e-mail upgrades.

"Among the findings from an independent, web-based questionnaire survey (conducted jointly in August by the Yankee Group and Sunbelt Software, Inc.) on e-mail migration trends was that the choice of server and network platform plays a highly influential role in choosing a messaging strategy. More often than not, the choice of platform and server consolidation dictates the choice of messaging systems.

"Of the migrations tracked, they came predominantly from two areas: Microsoft (Exchange 5.5 or earlier, or MS Mail) and Novell GroupWise. The majority of non-Microsoft migrations were from GroupWise. Thirty-nine percent of the total followed a Microsoft messaging migration path, while 26% came from GroupWise. The next largest set of migrations was from 'other', at 25%. Moreover, users who have undertaken a migration from GroupWise to Exchange 2000/2003 have been typically less concerned about license acquisition and migration costs than they are about other factors, including long-term total cost of ownership, ease of administration, reducing the numbers of types of platforms, and the ability for their end users to gain intuitive access to high productivity functions, the survey shows."

Many companies, including smaller businesses, that have adopted a unified messaging approach on Exchange Server 2003 and which have moved off of GroupWise are expecting to benefit from lower total costs over a period of years, and have gained higher user productivity in the near-term as well, the Yankee Group research finds.

What Is Your Certification Worth...NOW?

FreeTechMail came out with an interesting list for network admins and what their certifications are worth at the moment. Keep in mind that this gets modified by both experience and region:

  • MCSE 2003 $ 63,500
  • MCSE 2000 $ 59,750
  • MCSA 2003 $ 45,750
  • MCSA 2000 $ 45,250
  • Cisco CCNA $ 59,770
  • CompTIA A+ $ 46,230
  • CompTIA Network+ $ 49,500
  • CompTIA Server+ $ 45,050
  • CompTIA Linux+ $ 50,000
  • Certified Novell Administrator (CNA) $ 53,270
  • Certified Wireless Network Admin (CWNA) $ 50,000
  • MS Visual Basic .Net $ 45,240
  • Security Professional with the following certifications:
    • CompTIA Security+ $ 52,050
  • Database Administrator with the following certifications:
    • Oracle 9i Certified DBA $ 70,750
    • Oracle 8i Certified DBA $ 78,500
    • MCSD 2000 $ 62,250
There is a lot of other interesting salary data over at MCPmag (soon to be Redmond Magazine) with many other certifications, and the archives of earlier similar surveys so you can compare.
http://www.w2knews.com/rd/rd.cfm?id=040913RN-Salaries
  THIRD PARTY NEWS

Spotlight: Learning Tools

Looking for a Windows security 101 class? This section of hand-picked links from around the Web offers step-by-step checklists, overviews, learning guides and books to help you start securing or hardening Windows. Definitely useful (free registration may be required):
http://www.w2knews.com/rd/rd.cfm?id=040913TP-Spotlight

WinXP SP2: "Needed, But Not Complete"

- Shortcomings mean organizations still need reliable third-party patch management solutions ?

Recent tech reports on Microsoft?s release of SP2 appear generally favorable. The new firewall associated with the release not only helps block inbound Internet traffic, but also allows users to choose which programs should receive Web traffic. While a good step in the right direction for the software giant, SP2 still leaves networks exposed in certain areas.

For one, users must understand some basic networking features to identify what Web traffic they would like to receive, such as which "port" the programs use to send and receive data. Second, while SP2 prevents viruses and worms from entering a computer, it does not inhibit bugs already residing on workstations from traveling to other machines. Network administrators should just recognize the fact that SP2 is not the "be all and end all" answer to security.

In order to maintain the highest level of security protection, enterprises and organizations must implement other programs, like the UpdateEXPERT patch management solution. Third-party offerings allow for independent identification, validation and testing of hotfixes within an entire network, ensuring full integrity of an IT system in accordance with established policies. As you well know, you cannot rely on just Microsoft for your security infrastructure.

You cannot delegate responsibility for configuring your systems and determining what updates apply to your businesses. As such, third-party patch management solutions like UpdateEXPERT will continue to play an integral role in protecting networks.
http://www.w2knews.com/rd/rd.cfm?id=040913TP-UpdateEXPERT

New SNSI Update Adds 26 New Vulnerabilities

The Sunbelt Network Security Inspector (SNSI) Version 1.5.9.0 was released September 7, 2004.

New vulnerability updates for this release include: Sixteen new Windows checks, bringing the total Win/checks to 2236
W2225 - Mozilla NSS SSLv2 Vulnerability
W2226 - Password Expiration Notice Problem - XP
W2227 - User Logon Request Problem - XP
W2228 - Credential Manager Problem - XP
W2229 - Encrypted Folder Problem - XP
W2230 - Remote Shut Down Problem - XP
W2231 - Password Change Error Message Problem - XP
W2232 - Screen Saver and Remote Shut Down Problem - XP
W2233 - Certification Authority Problem - XP
W2234 - Environment Variables Problem - XP
W2235 - Screen Saver Policy Settings Problem - XP
W2236 - Shut Down With AT Command Problem - XP
W2237 - Network Identification Wizard Problem - XP
W2238 - Password Expiration Problem - XP
W2239 - Password Prompt Problem - XP
W2240 - Disable Lock Workstation Problem - XP

Six new Linux checks, bringing the total Linux checks to 578
L579 - Pam - pam_wheel module - RH
L580 - Netscape - Multiple vulnerabilities - RH
L581 - Rsync Unsanitized Input Processing - FC1,2; MDK, Suse
L582 - Semi - Insecure temp file creation - RH
L583 - Qt - Image Library Crash - RH, FC, MDK, Suse
L584 - Multiple Security issues in Gaim - FC, Suse

Three new Solaris checks, bringing the total Solaris checks to 231
S231 - Java Directory Server ASN.1 Decoder - Solaris 9
S232 - Dtmail CLI Parameter Validation - Solaris 8-9
S233 - Apache 1.3 Vulnerabilities - Solaris 8 - 9

N33 CISCO - Malformed OSPF packets
In addition, there were improvements in the following vulnerability checks:
W1616 - latest service pack for XP
W2097 - latest RealPlayer
W1142/W1986,W1999,W2067 - Anti-Virus
H51, H91 - superseded patches

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories. To get the latest SNSI version, visit:
http://www.w2knews.com/rd/rd.cfm?id=040913TP-SNSI

  FAVE LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  PRODUCT OF THE WEEK

Special Sunbelt Security Pack - September Only!

This is a special you do not want to lose out on. Sunbelt bundled three security tools and you basically only pay for one. The retail value is $3,237.50. But the cost now is $1,868.75 and that even includes one year maintenance. You'll be surprised with the tools you find in this pack. Check it out here. It's September only though!

http://www.w2knews.com/rd/rd.cfm?id=040913PW-Security_Pack