Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Nov 22, 2004 (Vol. 9, #46 - Issue #502)
93% Of You Say: Spyware Is A Resource Killer
This issue of W2Knews contains:
- EDITORS CORNER
- Holy OS Wars
- Please Vote For Us?
- This Time We Really Lost Power
- ADMIN TOOLBOX
- Admin Tools We Think You Shouldn't Be Without
- TECH BRIEFING
- Users Visiting Porn Sites? The Price Tag is Spyware!
- Windows Firewall: Love It Or Hate It
- Learning Guide: Access Control
- The ExchMbx Command-line Tool
- NT/2000 RELATED NEWS
- Air Force To Launch Enterprise Microsoft Initiative
- NT4 And Security!
- Evaluate Microsoft Windows Update Services
- NT/2000 THIRD PARTY NEWS
- 93% Of You Say: Spyware Is A Resource Killer
- You May Have Missed It: The Security Pack Is Back!
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- BOOK: Inside the SPAM CARTEL
SPONSOR: First in True Enterprise-Ready Anti-Spyware
Spyware is the new Number one IT headache. For the enterprise,
retooled consumer anti-spyware products won't cut it. Meet
CounterSpy Enterprise. CounterSpy is a policy-based anti-spyware
tool built from the ground up for enterprise deployment and easy
centralized management. It supports AD and has a strong Admin
Console with four different ways to deploy agents. Catch a sneak
peek here and check out the recorded webcast. Then ask for a
Visit First in True Enterprise-Ready Anti-Spyware for more information.
Holy OS Wars
The controversy about Operating Systems was very well put in
perspective by subscriber Mike Boutelle and I could not agree more.
He said: "Regarding the holy wars, I think that the debates back
and forth show that it is people and processes that make the
difference, not the raw technology. You can install a good OS
badly or a bad OS well. The security of the system will always
come back to the people and the processes behind. Maybe a few
CIO's should consider that before that outsource their operation."
Please Vote For Us?
The yearly SC Magazine Awards are up again. We'd appreciate it
tremendously if you could vote for iHateSpam for Exchange here:
And for the Sunbelt Network Security Inspector at this link:
Thanks so much!
This Time We Really Lost Power
So here's a real life "Total Building Out Of Power Story". The main
600 Amp breaker panel of the building simply started to melt. Could
be age, overload or any other cause. The power was shut off at about
11am, and we tried to get everyone TS in from home, were it not for
the fact that the actual terminal server machine had died last Friday
and we had cobbled together a frankenmachine just for the few remote
people that always TS in. The local electrical guys arrived at around
1pm and worked till 6-ish to replace the whole panel. The 1-inch
thick copper wires also needed replacing so that was a lot of work.
Our battery power kicked in at 11am, and we shut down non-essential
servers to save power and keep the heat down, but the server room
was getting pretty toasty. So we brought the generator online that
we have sitting on standby (hurricane season is just over) and started
charging the batteries. They never went further down than about 80%
capacity. The website remained up all the time, and the only downtime
we had was a few minutes we needed to get the T3 powered back up.
(Note to self, get T3 on backup power too!!)
Then, the power company was supposed to show up when the electrical
guys were done, but no one showed at 7pm and we found out that Florida
Power were under the impression this was a residential building! We
started screaming, and finally they agreed to get a crew over. That
crew did not arrive until the middle of the night, and took 30 minutes
to hook up the building. And then we still needed to get all the
servers and other devices back online so some of us were here until
3am. They were awarded the famous, exclusive and 'hard to get' RED
SWINGLINE STAPLER for all their efforts. (You need to see the movie
Office Space to get this inside joke). This time we were not forced
to fail our webservers over to our backup site in Texas that we have
replicated with Double-Take.
Quote of the week:
"Live as if you were to die tomorrow. Learn as if you were to live
"When you come to a fork in the road take it"
-- Yogi Berra
(email me with feedback: [email protected])
Admin Tools We Think You Shouldn't Be Without
Users Visiting Porn Sites? The Price Tag is Spyware!
It was always suspected but now a source reported that practically
ALL porn sites (98%) use some kind of spyware to track visitors.
I do have to qualify this with the fact the source is a vendor
of spyware tools, so you need to take that into account. Porn
sites are using spyware like Data Miners, and this malware was
immediately followed by Windows Exploit Trojans.
To make things worse, 15% of the sites launch porn dialers
that will cost your organization even more by raking up costs
for long-distance phone numbers. Browser Hijacks are also used
in 95% of the cases, which are a real resource killer with their
pop-up ads and bandwidth consumption. New variants appear
constantly, and can bring and end-user's box to a standstill.
Even if the real numbers are only half of these claims, it is
still a security problem. The new CounterSpy Enterprise will
help you attack this problem!:
Windows Firewall: Love It Or Hate It
Hacking for Dummies author Kevin Beaver reviews the pros and cons
of the new Windows Firewall that shipped with XP Service Pack 2.
Just how valuable is the firewall compared to third-party products?
Beaver tells all in this SearchWindowsSecurity.com tip. Free registration may be required.
Learning Guide: Access Control
Access control technologies determine who should or should not be
allowed to access a specific resource on your network. In this
comprehensive SearchWindowsSecurity.com special report, you'll
learn how access control works and get tips for preventing
unauthorized access. Specific topics include: permissions,
security identifiers (SIDS), locking down remote administration
and error messages.
The ExchMbx Command-line Tool
Are you frustrated by the lack of a simple command-line tool to perform basic Exchange administration tasks? There's a utility that could help. Read about it on SearchExchange.com. Free registration may be required:
NT/2000 RELATED NEWS
Air Force To Launch Enterprise Microsoft Initiative
The U.S. Air Force plans to announce an enterprise wide MS software
initiative that some analysts see as a prime example of how users
can leverage their spending power to force vendors to deliver more
secure products. This is a good example of how large users can
still put the squeeze on a monopoly and get results. ComputerWorld
has the story how it will save the Force $100 Mil over six years:
NT4 And Security!
The End-of-Support Deadline that MS has announced for WinNT Server
4.0 can really affect security for a lot of outfits. Patching of the
more than two million servers that still run NT4 is going to be a
problem. The MS website states: "Windows NT Server 4.0 incident and
security related hotfix support is available through 31-Dec-2004.
Non-security related hotfix support is available only through a
custom support contract after 31-Dec-2003." You want to get this
handled before the end of the year if you can. It's upgrade time,
or moving apps to another platform or server. Here is a page on
the MS website that shows you ALL the product life cycles, and
you should make it a favorite and check this for all your MS-ware.
Evaluate Microsoft Windows Update Services
MS has opened up a website for people that want to evaluate the new
WUS (what a name!) You can read about the Open Evaluation Program
and the different options for obtaining the pre-release software.
At the page, you can complete the registration process and you
will automatically receive the files needed to install the product.
The download files are large (approximately 78.4 MB) so the download
may take considerable time to complete.
Background Intelligent Transfer Services (BITS) 2.0 beta must be
installed prior to installing WUS. BITS enables the download of
updates in the background using available network bandwidth.
BITS 2.0 beta is compatible with servers running Windows 2000
Server SP4 and above, or Windows Server 2003.
The WUS evaluation software is available in English only. It is also
intended for testing and evaluation purposes only and should not
be used for production purposes or placed in a production environment.
Here is where to get it!
THIRD PARTY NEWS
93% Of You Say: Spyware Is A Resource Killer
Well, this SunPoll shows the highest amount of agreement of ANY
SunPoll EVER. That tells you something. Spyware is really an
incredible pain in the neck. The question was: "Is Spyware
hampering the productivity of your users and sucks up your time?
And basically unanimously you said yes. We have good news.
CounterSpy Enterprise goes in beta this week and we will be able
to ship gold code before the end of the year. A system admin
colleague of yours sent me this after he had a look at the
stand-alone consumer version:
"Hello, I'm a computer technician and I downloaded the program
CounterSpy just to see if it was what it was promoted as, and
I was impressed! I do a lot of research on spyware programs, and
I'm the kind of person who never endorses a product. Well that
all changed when I decided to try out this program. This program
has restored my faith in Sunbelt software!!! I sent e-mail's to
all the techs I know, and also people at XXXXX here in Beaverton,
Oregon. This program is an asset to any company; that has concerns
about spyware. Well you witness a first." Thank You. -- Bruce A Kelly.
You can now check out the recorded webcast for the enterprise
version for all the features. Click on the link that says "recent
You May Have Missed It: The Security Pack Is Back!
Sunbelt Software decided to give system admins a real break in
September. A unique bundle of security products available for
just ONE MONTH. The problem was that this time was too short.
Many of you could not get your PO to arrive before the offer
ended. So by popular demand we brought this special back, and
added something extra: 10 copies of the brand new and hot
CounterSpy Client! This is a once-in-a-lifetime super special
"end-of-the-fourth-quarter" blowout. It's really a killer deal,
these four security tools for just $1,995.00 and that includes
a full year maintenance. Your savings are a whopping $1,441.25.
Make sure you get this bundle soon. It's a must-have for your
This Week's Links We Like. Tips, Hints And Fun Stuff
PRODUCT OF THE WEEK
BOOK: Inside the SPAM CARTEL
It's out! You may hate this spammer, but can you afford to ignore
him? "You may not know me, but it's likely you have received at
least one of the 10 to 20 million spam e-mails I send each week.
This is my story, my chance to tell the world how and why I became
one of the world's most prolific spammers. I'll take you inside
the Spam Cartel, showing real examples and techniques used to send
spam, including how e-mail addresses are obtained, spam filters
are evaded, and money is made. I want you to understand how a
spammer works and why I choose to work in one of the most hated
industries in the world." -Spammer-X.
I read this book and wrote the foreword. You want to get a copy.