Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Oct 11, 2004 (Vol. 9, #40 - Issue #496)
Microsoft Writes Back To W2Knews
This issue of W2Knews contains:
- EDITORS CORNER
- The Six Secrets Of Highly Secure Organizations
- ADMIN TOOLBOX
- Admin Tools We Think You Shouldn't Be Without
- TECH BRIEFING
- Microsoft Just Released A Server-wide ASP.NET Fix
- A New Wireless Revolution: Enter The WiMAX Zone
- AutoPilot: Must Have For Any Power User
- W2Knews and TechRepublic Join Hands
- Coincidence Or.... ?
- Checklist: Exchange Goes Down. What Do You Do?
- NT/2000 RELATED NEWS
- Microsoft Writes Back To W2Knews
- House OKs Anti-spyware Bill / Gates Makes Noise Too
- Redmond Prepares Linux Killer
- NT/2000 THIRD PARTY NEWS
- 75% Of Big Companies Have Anti-Spam Tools
- Cybercrime Gang Shootouts... On Your PC
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- SNSI Gets 4 Stars From Win IT Pro Mag!
SPONSOR: Sarbanes-Oxley Is Quickly Hitting IT -- Are You Ready?
Sarbanes-Oxley compliance has quickly rolled into the IT's lap.
Do you know SOX basics? Do you have reports and data to comply
with November 15 or December 31 deadlines? Can you replicate it
easily? Get Ecora's guide for a quick Sarbanes-Oxley overview.
Read about SOX, internal controls, corporate responsibilities,
and a best practice approach. Also learn how Ecora can help you
prove compliance to SOX IT internal controls.
Visit Sarbanes-Oxley Is Quickly Hitting IT -- Are You Ready? for more information.
The Six Secrets Of Highly Secure Organizations
CIO Magazine recently did a survey together with PriceWaterhouse.
It was a biiiig survey: 8,100 respondents from 62 countries.
They tabulated the whole thing and distilled the successful
actions that made organizations more secure than others. I'm
grabbing just the six most important points:
Points 3 and 4 you can do with SNSI. It just got 4 stars(!)
from Windows IT Pro Mag, and is still only $1,495. SNSI checks
for well over 3,000 vulnerabilities. Its next closest competitor
only checks for 300 (mostly Unix) holes. False sense of
security anyone? We have a link to this brand new review here:
- Spend 14% of your IT budget on security
- Separate Information Security from IT and merge it with physical security under CSO
- Conduct very regular penetration tests/security audits
- Prioritize and classify threats and vulnerabilities
- Define your overall security architecture
- Establish a quarterly review process, with metrics to measure your security's effectiveness.
The last SunPoll was interesting: "The market gives us spam and
spam-blocking software. The government gives us the CAN-SPAM
act. Which has been more effective?" Your answers were:
The new SunPoll: "Is there a reason to buy a software firewall
now that SP 2 has one built-in?" Vote here, rightmost column.
- The Market 94.66%
- The Government 5.33%
I have been a bit quiet about RSS recently, but that hasn't
stopped RSS spreading like wildfire. Microsoft Research recently
added RSS feeds and they are definitely my fave RSS feed for this
month. Here are their newsletter and RSS Feeds!
Quotes of the week:
"The difference between 'involvement' and 'commitment' is like
an eggs-and-ham breakfast: the chicken was 'involved' - the pig
was 'committed'." -- unknown
"I have to exercise early in the morning before my brain figures
out what I'm doing." -- unknown
(email me with feedback: [email protected])
Admin Tools We Think You Shouldn't Be Without
Microsoft Just Released A Server-wide ASP.NET Fix
The install is quick and easy. It will add an http module to the
GAC and add a reference to it in machine.config. No reboot is
required and it's almost always less than 10 seconds to install.
Since there is a change to machine.config, your In Process
session variables will be lost during the install but other than
that it's virtually seamless. It will update all version of
ASP.NET installed on the server. As with the other fix, it
should be installed on all operating systems.
A New Wireless Revolution: Enter The WiMAX Zone
A new revolution is coming down the pike: WiMAX. Why would you
want WiMAX? Well, they chose the name correctly, as it's Wi-Fi
"to the max". This new standard makes Wi-Fi look puny: 25x
broadband speed (75Mbps), and a maximum range of a whopping
30 miles. (Your mileage may vary) It goes through walls, trees,
clouds and does not need line of sight. But it isn't long
distance Wi-Fi. The two standards are not compatible, so that
means completely new hardware. If you want to use both you'd
need a WAP that supports both. The official name of this one is
802.16 and it operates below 11GHz. You can pretty much expect
a second WiMax wave starting in 2006, leading to a Billion
dollar market in 2008.
Is this tested technology? Yes, some of the big phone companies
in Europe are testing this and some wireless service providers
have WiMax networks up in New Your City and Montana. But it's
"fixed" to start with, mobile will come a lot later. Expect this
to compete with current Wi-Fi hotspots, but now you'll see a
whole city being covered with just a few of these access points,
think 2007. Don't think it's the only new standard though. There
are other people out there pushing other stuff. But WiMAX is
backed by Intel, and it has my endorsement too [grin].
AutoPilot: Must Have For Any Power User
Have a look at what Tom Shinder just sent me! "Hi Stu, just
wanted to let you know that I am playing with a trial version
of Autopilot. I do a lot of parallel stuff, like run four
virtual machines, convert A/V files, and run Word and Outlook at
the same time. Before installing Autopilot, I found that Word
was pokey, the VMs would take forever to do what I wanted them
to do, and the AV conversions would break. With Autopilot
installed, everything works smoothly, even when the processor is
pegged at 100% for hours at time. Autopilot is a must have for
any power user. Thanks!"
This is exactly the environment that AutoPilot was designed to
help, so if you have machines like this, try it out! Here is
where you get it:
AutoPilot for XP:
W2Knews and TechRepublic Join Hands
W2Knews is pleased to announce a new partnership with
TechRepublic. TechRepublic is known for their grassroots
approach to solving today's technology challenges with their
award-winning content. Thousands of technology professionals
turn to TechRepublic every day for answers to their most
challenging IT problems. Have a look at the products you can
get, sometimes with a 20%-45% discount as a W2Knews subscriber:
Coincidence Or.... ?
W2Knews subscriber Rick Boyer sent this: "Here's something
which I found amusing; I was checking out an article on another
tech site which included the following:
- Determining if you have a valid product ID -
Hopefully you already know if you're dealing with a pirated
copy of XP. But if you're unsure, a quick way to tell is to
install Service Pack 1. Shortly after releasing Windows XP,
Microsoft realized that most pirated XP installations were
using two specific VLKs, the most popular of which begins
with "FCKGW." These VLKs produce product IDs that match either
XXXXX-640-0000356-23XXX or XXXXX-640-2001765-23XXX, where X
is any number...
FCKGW?! Do you suppose this might be a political shot from
someone at Redmond? Maybe just my warped sense of humor!"
Checklist: Exchange Goes Down. What Do You Do?
Any Exchange admin worth their salt knows that failed Exchange
servers happen - and at the worst possible times. So what can
you do to minimize the pain involved in restoring messaging
data? One key is having good diagnostic and recovery tools.
Read about some essentials in this diagnostic checklist from
SearchExchange.com. Free registration may be required.
NT/2000 RELATED NEWS
Microsoft Writes Back To W2Knews
Perhaps you remember the article where I wrote that the new
Exchange Best Practices Analyzer flunked on Small Business
Server. Microsoft wrote back:
"I'm the development lead of this project and I just wanted to
respond to your item. The problem with the article on IFS was
identified fairly quickly and an update was published the same
day. We did test the product against SBS prior to shipping but
we have discovered that some of the rules were not appropriate
for such a deployment (there are also things we are not doing
correctly on a regular Exchange single server deployment).
"One of the most powerful features of the tool is our ability
to update the rules and have them get automatically downloaded
to everyone as we publish these updates (similar to how virus
scanners update their signature files). We have already posted
one update, and another is due out some time next week. We will
likely be posting these every couple of weeks, at least
initially. As long as the machine ExBPA is running on has
Internet connectivity and the auto-download feature has not
been disabled, it should be able to pick these up on startup.
"As far as feedback goes, there are two main channels that we
have provided: there is a feedback alias - [email protected]crosoft.com - that you can send bugs and feature
requests to. A tools newsgroup has also been created
(microsoft.public.exchange.tools) and you can post such issues
there. We have created a home page that contains all the
various links to information about Exchange, and there is a link
in the tool itself that will navigate to this page. There is a
link to the newsgroup on this page. The feedback alias is not as
well published and I will check into making that more visible as
"We apologize for the problems you have encountered running this
tool and I encourage you and everyone who may read this to keep
running it and help us make it better for everyone by sending us
your feedback. Yes, we are listening. Thanks."
-- Jon Avner, Exchange Support Tools Development Lead
House OKs Anti-spyware Bill / Gates Makes Noise Too
There are two chronic problems with spyware:
Ballmer stating that: "The task of trying to stay one step ahead
of virus writers and hackers will be a never-ending battle" is
good example of "spin". Microsoft will ALWAYS be one step behind
the producers of malware, per definition.
- There is BIG money in it, as opposed to viruses.
- It's a chess game, and the bad guys have white.
The government is trying to handle this too. Hmmm. The U.S.
cybersecurity czar Amit Yoran resigned abruptly last week
because of the red tape and the fact he could not get stuff
done fast enough. This does not bode well for anything coming
from Washington. You're on your own, better act upon it.
The House this week overwhelmingly (399 to 1) passed an anti-spyware bill that would outlaw surreptitious use of online
eavesdropping code. The cutesy name of the thing "Securely
Protect Yourself Against Cyber Trespass Act, or SPY ACT" tried
to prohibit the deceptive distribution or use of programs that
would give an authorized third party control over a computer or
gather information without the user's consent. The house thinks
the FTC (Federal Trade Commission) should be the enforcer of the
SPY ACT which is planned to supersede all state anti-spyware
In its current form, the SPY ACT will not make a difference
to outfits that deliver online security, diagnostics or
technical support. It also excludes code that at startup gets
authenticated or pulls automatic updates from a remote server,
and tracking cookies are also excluded. Of course any and all
government spooks are allowed to continue to use their own
It so happens that there is a similar bill in the senate with an
even more terminally cute name: "Software Principles Yielding
Better Levels Of Consumer Knowledge" You can put the acronym
together yourself. These two bills would have to be merged and
then signed by the President. And if you ask my opinion, its
effectiveness would be very similar to the Can Spam Act.
Bill Gates also started to make noise about subscription-based,
Microsoft-developed spyware last week. BillyG is the VERY LAST
person I would trust to do this right. I was laughing my a$$ off
that he had been infected with spyware. First he creates an OS
full of holes, demonstrating a glaring inability to assume the
correct security mindset, and then he complains about spyware
and comments he "needs to jump in". Better bring your scuba gear
Billy, 'cus yoah a$$ is gonna sink! It reminds me of the
following remark some one made: "The Russian mafia is also putting resources together in the fight against organized crime...."
Redmond Prepares Linux Killer
The TechWorld site has an interesting article. They started
with: "Microsoft prepares to kill Linux with different Windows
flavours". And continued with... "role-based variations of the
operating system will be cheaper and more secure". The link is
here if you want to read more:
THIRD PARTY NEWS
75% Of Big Companies Have Anti-Spam Tools
The Society for Information Management recently polled close to
250 senior IT executives from its North America membership. Of
the big ones, (more than $1 billion in revenues) 75% have
acquired antispam tools. Smaller outfits seem to do well too:
70% have solutions in place. And for good reason: last month 3
out of 4 emails were spam. The last SunPoll confirms this. But
just anti-spam is not cutting it anymore.
It's time to start thinking about integrated solutions for
message security. Microsoft calls it "message hygiene" but I
just don't like that term, in my book it's incorrect. Messaging
SECURITY is what we need: no spam, no virus, filtered content,
disclaimers, the works and all of it in one integrated and
affordable package. And the new version of iHateSpam for
Exchange is all that and more. It's expected in a few months,
and if you license it (with maintenance) before V2.0 comes out,
you will be able to get the AV option at a nominal fee. iHateSpam
for Exchange has won the most prestigious Reader's Choice award
two years in a row now, and is the best selling anti-spam
solution for Exchange. Try it out for 30 spam-free days here:
Cybercrime Gang Shootouts... On Your PC
As you know, organized cybercrime is now fully engaged in the
creation of spyware/malware. There are rival gangs and they are
now attacking each other. There is a new piece of malware out
there called Downloader.Lunii. When a user fires it up, it
attempts to delete processes and files of popular adware
programs like Powerscan and BargainBuddy.
The problem is that little Lunii is not so friendly as it may
seem. Just like other trojans, it also changes Windows configs
and tries to download files from a remote server. Yikes. Trojans
as a category do not try and replicate themselves from one
machine another, but they sit there quietly in the background,
do their best to invisible and provide a backdoor into your
This Week's Links We Like. Tips, Hints And Fun Stuff
PRODUCT OF THE WEEK
SNSI Gets 4 Stars From Win IT Pro Mag!
They said: "A fairly robust and user-friendly scanner; good for
those who are concerned with the learning curve." It scans for
more than 3,000 known holes, and is still only $1,495. Its next
closest competitor only checks for 300 (mostly Unix) holes.
False sense of security anyone? Not with SNSI! Check the eval