Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Oct 18, 2004 (Vol. 9, #41 - Issue #497)
Stop Using Passwords Completely!?
This issue of W2Knews contains:
- EDITORS CORNER
- Stop Using Passwords Completely!?
- SunPoll: Google For The Desktop - Allow It?
- ADMIN TOOLBOX
- Admin Tools We Think You Shouldn't Be Without
- TECH BRIEFING
- The 12 Commandments of Exchange Deployments
- Eight Exchange 2003 Security Tips In 8 Minutes
- "Dog Fooding" Lessons: MS IT Group Deploys SQL Beta 2
- Restoring Deleted Or 'tombstoned' Objects In AD
- Learning Center: Kerberos
- NT/2000 RELATED NEWS
- Whoa Nellie! A Deluge Of Patches
- MS Customers Get Domain Wide Fix For JPEG Hole
- NT/2000 THIRD PARTY NEWS
- New V4.4 Double-Take Has Exciting New Features
- SANS Unveils Top 20 Security Vulnerabilities
- iHateSpam For Exchange: Unedited User Feedback
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- BOOK: Wireless Hacking: Projects for Wi-Fi Enthusiasts
Introducing: Double-Take Version 4.4! This New Version has:
Intelligent Data Compression
Management Console Server Filtering
Web Software Updates
Improved performance and scalability
Prevent Downtime and deploy Disaster Recovery in-one. Check the
new Double-Take Version 4.4 here:
Visit Double-Take for more information.
Stop Using Passwords Completely!?
Microsoft techie guys have started to blog in a big way. The very
first blog of Robert Hensing, a senior member of the PSS Security
Incident Response team, certainly does have its points. It's a
very interesting article. His claim is that it's best to stop
using passwords all together. What? Yup. What else then? OK,
I'll give you a hint, but you'll have to read his blog to get
the background why. Here is the hint, think "Pass phrase". Read
here what he means:
SunPoll: Google For The Desktop - Allow It?
Google came out today with a search engine that indexes your user's
hard disks and provides a screen very similar to the Google website.
It does not do network share search, but checks Office, Outlook,
AOL chat, and web pages previously visited. PDF's are not supported
yet but will be in the future. Google does not require registration,
but will receive periodic reports on problems with the software and
general data how a consumer uses it. This would mean data about your
users leaving the building. If you want to see how it works, check
it out at:
So now, what do you think, are you going to allow your users to
install this software? Vote here and find out what your peers are
thinking. Third column:
Quote of the week:
"The difference between theory and practice is larger in practice than
it is in theory." -- unknown.
(email me with feedback: [email protected])
Admin Tools We Think You Shouldn't Be Without
The 12 Commandments of Exchange Deployments
Rolling out an Exchange Server deployment can be a complicated task.
Need some help? SearchExchange.com contributor Brien Posey offers
a list of 12 commandments to follow when you find yourself heading
an Exchange 2000 or 2003 deployment. Find it here (free registration
may be required):
Eight Exchange 2003 Security Tips In 8 Minutes
Are you looking to firm up your Exchange server and client side
security? Then look no further than these 8 tips from a book by
David McAmis and Don Jones, "Microsoft Exchange Server 2003 Delta
Guide." Topics include SSL, Kerberos, RPC over HTTP, cross-forest
SMTP authentication, Windows rights management and S/MIME. Free
registration may be required.
"Dog Fooding" Lessons: MS IT Group Deploys SQL Beta 2
There is an interesting article at the MS PressPass site. This is
a site for journalists, and now and then they throw out a goodie
that is fun enough to spend a few minutes on. This time it's the
story of a senior internal technology architect that shares insight
Microsoft has gained from deploying and testing the latest beta
release of Microsoft SQL Server 2005 as part of the company's SAP
R/3 enterprise resource planning system. Here is the link:
Restoring Deleted Or 'tombstoned' Objects In AD
When an object is deleted from Active Directory, it is not immediately
erased but marked for future deletion. The marker used to designate
an AD object scheduled to be destroyed is called, appropriately
enough, a "tombstone." Tombstoned objects are deleted whenever the
Active Directory database is defragmented, typically twice a day,
but it's not easy to get them back. This tip tells you how (free
registration may be required).
Learning Center: Kerberos
In Greek mythology Kerberos is a three-headed dog guarding the
gates of Hades. In Microsoft terminology it's the authentication
and authorization protocol guarding access to Windows. This excerpt
from Jan De Clercq's book "W2K Server 2003 security infrastructures"
walks you through Kerberos protocol, authentication and authorization
methods. Free registration may be required.
NT/2000 RELATED NEWS
Whoa Nellie! A Deluge Of Patches
That was a bit of a shocker, a whopping 10 MS patches, and of
these, seven being qualified as critical and three as important.
"Black Tuesday", as the second Tuesday of the month is now being
called, promises a lot of work. A quick count showed over 20
vulnerabilities are being plugged by these patches. Affected are
Windows, IE, Excel and Exchange. And MS re-issued the big jpeg
hole of last month as well. Most of these are already in SP2.
Unless you have rolled out XP SP2, I guess you have your work cut
out for you... again. Which does prompt the question: "if
they knew about these for two months, how come we did not see
them earlier?" It's a mystery to me. Oh well. Talking about
SP2, here are some interesting statistics about deployment,
problems and projections:
MS Customers Get Domain Wide Fix For JPEG Hole
If you do not use SMS, finding all the applications that are
vulnerable due to the JPEG hole can be a challenge. MS released
a scan/fix tool for a full enterprise. It's called the MS04-028
Enterprise Scanning Tool. A MS spokesperson said that they
issued the new tool in response to enterprise customer feedback.
I can imagine the loud screaming and hollering about this.
The MS04-028 Enterprise Scanning Tool allows you to scan your
networks to identify potentially vulnerable machines. It will
then automatically apply the appropriate MS04-028 updates from
a share. Get it here:
THIRD PARTY NEWS
New V4.4 Double-Take Has Exciting New Features
The release of Double-Take 4.4 has a number of cool new features.
It's for sure these help increase Double-Take's lead in the
market. Below is a description of these new features along with
their benefits. The main thing really is increased scalability
and performance. These features provide for a much greater ability
to handle large environments, not only in terms of servers but
also in terms of the size of the data and the amount of data
being changed in the users' environment. If you looked at Double-
Take before but there was too much data to replicate, it's time
to revisit that now! Significant new features in V 4.4 include:
More About Intelligent Data Compression
- Intelligent Data Compression
- Email Notifications
- Management Console Server Filtering
- Web Software Updates
- Improved performance and scalability
Double-Take now allows users to choose whether they want to
compress the data being transmitted between source and target
servers and also to select the level of compression they need.
This will allow Double-Take to transmit larger amounts of data
over smaller networks while having a reduced impact on the
users' production network. By reducing the amount of bandwidth
needed to transmit data, implementation is now possible with
reduced network requirements. By default, compression is
disabled, and 3 levels of compression are available.
Built in intelligence allows Double-Take to not compress data
that will result in a negative gain in performance and/or
compression rate. With certain data, compression can actually
increase the amount of data that gets transmitted, resulting
in a greater use of bandwidth, hence a negative gain. Without
intelligence in this area, both the source and target servers
will see an impact on system performance without realizing any
gains intended by the compression. Double-Take will always
send the least amount of data possible, regardless of the
data type, and always utilize system resources in the most
efficient manner possible.
Check out the new Double-Take V4.4 here:
SANS Unveils Top 20 Security Vulnerabilities
The SANS Institute released its annual Top-20 list of Internet
security vulnerabilities. The list is compiled by looking at
the from recommendations from leading security researchers and
companies around the world. The Top-20 is really two lists of
10 most commonly exploited vulnerabilities in Windows, one for
Windows and one for Linux/Unix. Here is the list:
And if you want to scan for all of these on a regular basis,
get SNSI. It's licensed per admin (not IP) and uses a mil-spec
database with well over 3,000 vulnerabilities. This database
is kept up to date by a team of highly trained security experts.
Hundreds of system admins now use SNSI. Test it out and you'll
see why. It's only $1,495 per admin seat and a 4-star product.
The difference with freebies? Multi-platform, also scans for
popular third party tool vulnerabilities, and detailed links
and instructions to fix holes quickly. With SNSI you will not
have a false sense of security. Test it out here:
iHateSpam For Exchange: Unedited User Feedback
Thought you'd all like to see something Sunbelt received this
Time Stamp: 10/12/04 2:27PM Tuesday
"What genius software iHateSpam for Exchange
is. I have nearly TOTALLY eliminated spam
from my org. We had McAfee Spamkiller
previously and after an Exchange server HW
crash, we had to rebuild. A reinstall of SK
just didn't work and after 3 hours of tech
support our IT consultant said 'just get
"I love the white/blacklists that are in the
User folders and love that IT JUST WORKS.
"Keep up the great work. You have a GREAT
product on your hands and I wish you the
McDougall Creative Inc."
We can say no more. Try it out for yourself, there are 4,500
sites out there now running it. And get ready for integrated
anti-virus in V2.0. That code is SO COOL and is being built now.
This Week's Links We Like. Tips, Hints And Fun Stuff
PRODUCT OF THE WEEK
BOOK: Wireless Hacking: Projects for Wi-Fi Enthusiasts
Hardware Hacking is not just a slogan--it's a way of life for a
huge group of technology enthusiasts who are mechanically inclined,
but need that extra little help from a book in order to give them
the confidence to roll up their sleeves and tackle a project.
This book covers 802.11("Wi-Fi") projects. In addition, it covers
techniques for building outdoor enclosures and working with Linux
and BSD to build, deploy, and manage wireless networks. This book
includes coverage of: Wireless Hacking, Indoor/Outdoor Deployment
Considerations, Wireless Network Models, 802.11 Access Points,
802.11 Client Cards, Wireless Operating Systems, Monitoring the
Network, Low-Cost Commercial Options, Mesh Networks, Antennas and
Outdoor Enclosure Projects, Antennas, and much more. $39.95 US