- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Nov 22, 2004 (Vol. 9, #46 - Issue #502)
93% Of You Say: Spyware Is A Resource Killer
  This issue of W2Knews™ contains:
    • Holy OS Wars
    • Please Vote For Us?
    • This Time We Really Lost Power
    • Admin Tools We Think You Shouldn't Be Without
    • Users Visiting Porn Sites? The Price Tag is Spyware!
    • Windows Firewall: Love It Or Hate It
    • Learning Guide: Access Control
    • The ExchMbx Command-line Tool
    • Air Force To Launch Enterprise Microsoft Initiative
    • NT4 And Security!
    • Evaluate Microsoft Windows Update Services
    • 93% Of You Say: Spyware Is A Resource Killer
    • You May Have Missed It: The Security Pack Is Back!
  6. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • BOOK: Inside the SPAM CARTEL
  SPONSOR: First in True Enterprise-Ready Anti-Spyware
Spyware is the new Number one IT headache. For the enterprise,
retooled consumer anti-spyware products won't cut it. Meet
CounterSpy Enterprise.
CounterSpy is a policy-based anti-spyware
tool built from the ground up for enterprise deployment and easy
centralized management. It supports AD and has a strong Admin
Console with four different ways to deploy agents. Catch a sneak
peek here and check out the recorded webcast. Then ask for a
Visit First in True Enterprise-Ready Anti-Spyware for more information.

Holy OS Wars

The controversy about Operating Systems was very well put in perspective by subscriber Mike Boutelle and I could not agree more. He said: "Regarding the holy wars, I think that the debates back and forth show that it is people and processes that make the difference, not the raw technology. You can install a good OS badly or a bad OS well. The security of the system will always come back to the people and the processes behind. Maybe a few CIO's should consider that before that outsource their operation."

Please Vote For Us?

The yearly SC Magazine Awards are up again. We'd appreciate it tremendously if you could vote for iHateSpam for Exchange here:

And for the Sunbelt Network Security Inspector at this link:

Thanks so much!

This Time We Really Lost Power

So here's a real life "Total Building Out Of Power Story". The main 600 Amp breaker panel of the building simply started to melt. Could be age, overload or any other cause. The power was shut off at about 11am, and we tried to get everyone TS in from home, were it not for the fact that the actual terminal server machine had died last Friday and we had cobbled together a frankenmachine just for the few remote people that always TS in. The local electrical guys arrived at around 1pm and worked till 6-ish to replace the whole panel. The 1-inch thick copper wires also needed replacing so that was a lot of work.

Our battery power kicked in at 11am, and we shut down non-essential servers to save power and keep the heat down, but the server room was getting pretty toasty. So we brought the generator online that we have sitting on standby (hurricane season is just over) and started charging the batteries. They never went further down than about 80% capacity. The website remained up all the time, and the only downtime we had was a few minutes we needed to get the T3 powered back up. (Note to self, get T3 on backup power too!!)

Then, the power company was supposed to show up when the electrical guys were done, but no one showed at 7pm and we found out that Florida Power were under the impression this was a residential building! We started screaming, and finally they agreed to get a crew over. That crew did not arrive until the middle of the night, and took 30 minutes to hook up the building. And then we still needed to get all the servers and other devices back online so some of us were here until 3am. They were awarded the famous, exclusive and 'hard to get' RED SWINGLINE STAPLER for all their efforts. (You need to see the movie Office Space to get this inside joke). This time we were not forced to fail our webservers over to our backup site in Texas that we have replicated with Double-Take.

Quote of the week:
"Live as if you were to die tomorrow. Learn as if you were to live forever."
-- Ghandi
"When you come to a fork in the road take it"
-- Yogi Berra

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])


Admin Tools We Think You Shouldn't Be Without


Users Visiting Porn Sites? The Price Tag is Spyware!

It was always suspected but now a source reported that practically ALL porn sites (98%) use some kind of spyware to track visitors. I do have to qualify this with the fact the source is a vendor of spyware tools, so you need to take that into account. Porn sites are using spyware like Data Miners, and this malware was immediately followed by Windows Exploit Trojans.

To make things worse, 15% of the sites launch porn dialers that will cost your organization even more by raking up costs for long-distance phone numbers. Browser Hijacks are also used in 95% of the cases, which are a real resource killer with their pop-up ads and bandwidth consumption. New variants appear constantly, and can bring and end-user's box to a standstill. Even if the real numbers are only half of these claims, it is still a security problem. The new CounterSpy Enterprise will help you attack this problem!:

Windows Firewall: Love It Or Hate It

Hacking for Dummies author Kevin Beaver reviews the pros and cons of the new Windows Firewall that shipped with XP Service Pack 2. Just how valuable is the firewall compared to third-party products? Beaver tells all in this SearchWindowsSecurity.com tip. Free registration may be required.

Learning Guide: Access Control

Access control technologies determine who should or should not be allowed to access a specific resource on your network. In this comprehensive SearchWindowsSecurity.com special report, you'll learn how access control works and get tips for preventing unauthorized access. Specific topics include: permissions, security identifiers (SIDS), locking down remote administration and error messages.

The ExchMbx Command-line Tool

Are you frustrated by the lack of a simple command-line tool to perform basic Exchange administration tasks? There's a utility that could help. Read about it on SearchExchange.com. Free registration may be required:


Air Force To Launch Enterprise Microsoft Initiative

The U.S. Air Force plans to announce an enterprise wide MS software initiative that some analysts see as a prime example of how users can leverage their spending power to force vendors to deliver more secure products. This is a good example of how large users can still put the squeeze on a monopoly and get results. ComputerWorld has the story how it will save the Force $100 Mil over six years:

NT4 And Security!

The End-of-Support Deadline that MS has announced for WinNT Server 4.0 can really affect security for a lot of outfits. Patching of the more than two million servers that still run NT4 is going to be a problem. The MS website states: "Windows NT Server 4.0 incident and security related hotfix support is available through 31-Dec-2004. Non-security related hotfix support is available only through a custom support contract after 31-Dec-2003." You want to get this handled before the end of the year if you can. It's upgrade time, or moving apps to another platform or server. Here is a page on the MS website that shows you ALL the product life cycles, and you should make it a favorite and check this for all your MS-ware.

Evaluate Microsoft Windows Update Services

MS has opened up a website for people that want to evaluate the new WUS (what a name!) You can read about the Open Evaluation Program and the different options for obtaining the pre-release software.

At the page, you can complete the registration process and you will automatically receive the files needed to install the product. The download files are large (approximately 78.4 MB) so the download may take considerable time to complete.

Background Intelligent Transfer Services (BITS) 2.0 beta must be installed prior to installing WUS. BITS enables the download of updates in the background using available network bandwidth. BITS 2.0 beta is compatible with servers running Windows 2000 Server SP4 and above, or Windows Server 2003.

The WUS evaluation software is available in English only. It is also intended for testing and evaluation purposes only and should not be used for production purposes or placed in a production environment. Here is where to get it!


93% Of You Say: Spyware Is A Resource Killer

Well, this SunPoll shows the highest amount of agreement of ANY SunPoll EVER. That tells you something. Spyware is really an incredible pain in the neck. The question was: "Is Spyware hampering the productivity of your users and sucks up your time? And basically unanimously you said yes. We have good news. CounterSpy Enterprise goes in beta this week and we will be able to ship gold code before the end of the year. A system admin colleague of yours sent me this after he had a look at the stand-alone consumer version:

"Hello, I'm a computer technician and I downloaded the program CounterSpy just to see if it was what it was promoted as, and I was impressed! I do a lot of research on spyware programs, and I'm the kind of person who never endorses a product. Well that all changed when I decided to try out this program. This program has restored my faith in Sunbelt software!!! I sent e-mail's to all the techs I know, and also people at XXXXX here in Beaverton, Oregon. This program is an asset to any company; that has concerns about spyware. Well you witness a first." Thank You. -- Bruce A Kelly.

You can now check out the recorded webcast for the enterprise version for all the features. Click on the link that says "recent LiveOffice demo".

You May Have Missed It: The Security Pack Is Back!

Sunbelt Software decided to give system admins a real break in September. A unique bundle of security products available for just ONE MONTH. The problem was that this time was too short. Many of you could not get your PO to arrive before the offer ended. So by popular demand we brought this special back, and added something extra: 10 copies of the brand new and hot CounterSpy Client! This is a once-in-a-lifetime super special "end-of-the-fourth-quarter" blowout. It's really a killer deal, these four security tools for just $1,995.00 and that includes a full year maintenance. Your savings are a whopping $1,441.25. Make sure you get this bundle soon. It's a must-have for your security toolkit.


This Week's Links We Like. Tips, Hints And Fun Stuff



It's out! You may hate this spammer, but can you afford to ignore him? "You may not know me, but it's likely you have received at least one of the 10 to 20 million spam e-mails I send each week. This is my story, my chance to tell the world how and why I became one of the world's most prolific spammers. I'll take you inside the Spam Cartel, showing real examples and techniques used to send spam, including how e-mail addresses are obtained, spam filters are evaded, and money is made. I want you to understand how a spammer works and why I choose to work in one of the most hated industries in the world." -Spammer-X.

I read this book and wrote the foreword. You want to get a copy.