- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Feb 21, 2005 (Vol. 10, #8 - Issue #513)
Gates: Consumer Antispyware Free But Enterprise Will Cost
  This issue of W2Knews™ contains:
    • Spyware's Real, but is Anti-Spyware a Fraud?
    • WebCast: Spyware in the Enterprise: Problem & Solution
    • Make 10 Amazon Bucks If You Qualify
    • Admin Tools We Think You Shouldn't Be Without
    • Gates: Consumer Antispyware Free But Enterprise Will Cost
    • Virtual Machines Conquer Space
    • Mobile Internet Tools for Network Administrators
    • Learning Center: Password Hardening Tips
    • Announcing MBSA 2.0 Beta
    • Get Ready For The 64-Bit Wave
    • CounterSpy Enterprise Chosen As The #1 Antispyware Product
    • New iHateSpam for Exchange V1.6 ROCKS!
    • SNSI Adds A Multitude Of New Vulnerabilities!
  6. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • Centralized, Enterprise Antispyware Takes Off
  SPONSOR: The World's #1 Disk Defragmenter
Raxco Software's PerfectDisk® is the world's #1 disk
PC and Redmond Magazines' Editors' and Readers'
Choice. The first defragmenter certified by Microsoft for Windows
2000/2003, and the only defragmenter using a peer-to-peer
architecture for console control and ease of enterprise
management. Full integration with Active Directory. Single pass
defragmentation, single pass free space consolidation, and
patented optimization. Don't settle for yesterday's technology.
Get PerfectDisk today and save 25%...Proven. Tested. Microsoft
Visit The World's #1 Disk Defragmenter for more information.

Spyware's Real, but is Anti-Spyware a Fraud?

We've heard this controversial opinion recently: "Spyware is real, but these antispyware tools are a fraud and should be part of antivirus tools."

Well, I understand the viewpoint, but there's a bit more to it ;-) Sunbelt looked at this space back in the early days, and figured we would pass on the area because we thought it was only a matter of time before Symantec et al came out with something.

Well, in the end, the AV guys didn't get it. McAfee's product is a poor showing in virtually all the tests, and Symantec, while boasting of new technology, doesn't have anything shipping and we doubt what they will be shipping will be anything near the current state of the art. Microsoft which already owns AV code and will come out with it end 2005, acquired additional specialized AS-technology on top of their very good AV-code. You have to assume they did some homework before they came to that decision.

The truth is, it's incredibly hard work to get rid of spyware. We have a bunch of researchers, a whole posse of coders working on this stuff, PLUS the benefit of the entire Microsoft AS research team. Yet although we have been acing many lab tests, we are still lucky to get more than 90% removal. Spyware is NOT the same as viruses made by pimple-faced hackers trying to prove their dubious manhood. There are hundreds of millions of dollars to be made in spyware/adware as opposed to viruses. Here's some proof of that:

On top of all that, all the antispyware vendors get legal notices. So what happens? You get things like Lavasoft recently mysteriously dropping detection of WhenU. Why? Who knows, probably a legal threat scared them. See this link:

The reality is, the AV guys have a huge amount of catching up to do. And they have a different mindset, they look at this as a signature problem. The spyware battles loom epic--the scale of what one has to tackle is far beyond what the AV guys can do at the moment. They have no idea how hard this really is.

In short, you need a dedicated, centralized antispyware solution if you REALLY want to get rid of this malware in your network. CounterSpy Enterprise was recently compared to the few other enterprise tools out there and came out as Number One. There is a link to the review on the CounterSpy page:

WebCast: Spyware in the Enterprise: Problem & Solution

When: February 24, 2005
9:00AM - 10:00AM Pacific Time (US & Canada)
12:00PM - 1:00PM Eastern Time (US & Canada)

"In 2003, Gartner warned clients that spyware would be the next wave of costly attacks against PCs and spyware did hit in a big way in 2004," says John Pescatore, analyst with Garter, Inc.

"Many of our clients report that spyware is the cause of 30 per cent of their helpdesk calls and often requires in-person IT support to remove the spyware or re-image the PC. Gartner believes that spyware prevention must be integrated with anti-virus and personal firewall protections to be effective in the long run," he adds.

You're invited to this complimentary seminar, covering the business topic of spyware in the enterprise-delivered via web conferencing from Microsoft Office Live Meeting and Sunbelt Software. All you need is a web browser and a phone. We hope you'll join us. To register please visit:

Make 10 Amazon Bucks If You Qualify

Survey.com are currently conducting a survey among workstation users and purchasers about their experience with workstations from major vendors (esp. HP and IBM). If you are workstation user, OR are involved in purchasing/recommending workstations at your company - this is a survey for you! To thank you for completing the survey, the first 100 qualified respondents will receive a $10 Amazon.com certificate. Survey open to US and UK residents only. Click here to take the survey:

Quote Of The Week:
"There is only one satisfying way to boot a computer." -- J. H. Goldfuss

Warm regards,
Stu Sjouwerman
(email me with feedback: [email protected])


Admin Tools We Think You Shouldn't Be Without


Gates: Consumer Antispyware Free But Enterprise Will Cost

At the RSA security show in San Francisco this week, all eyes were on Gates and what he had to say about security. BillG announced more technology and investments to improve security to the tune of $2 billion (!) a year on security R&D, which is about 30% their total R&D budget. Hmmm. Some ROI.

Best news was that Internet Explorer will be upgraded to V7.0 (see what a bit of Firefox competition does?) and that consumer antispyware will be free. About time!! He announced an MS-antivirus product before the end of the year, it will also be integrated in the Sybari product they will sell, and that there will be a managed antispyware solution from Microsoft which will be part of a paid solution.

It's not known how that will be delivered, perhaps as part of SMS, could be part of WUS, and/or could be deployed by AD and GPO's in some (licensed) way. It's all still pretty murky until MS decides what it wants to do.

The result of this is that the stand-alone consumer third party antispyware vendors will either slowly go away, or quickly add features and create better value so that they can compete with "free". The enterprise antispyware players were dancing in the streets, as it will be easy to compete with MS and come out with additional features and a better "value proposition" to use BillG's own terms.

Here's the Microsoft press release clearly stating that antispyware for the business community is a paid solution:

Virtual Machines Conquer Space

Virtual machines offer an effective way of carving up a single physical system to make it appear and work like multiple systems. In today's underutilized Windows server environments, this is a real boon. Good article at SearchWin2000:

Mobile Internet Tools for Network Administrators

MyNetworkInfo.com launched a new website that provides free mobile Internet tools. This new website delivers valuable troubleshooting tools for IT pros on the go. MyNetworkInfo.com provides tools such as PING, IP Lookup, HTTP Status Check, IP WhoIs, Domain WhoIs, and SMTP Check. Additionally, the website provides you with your current IP address which can be a valuable troubleshooting tool.

Network Admins can use MyNetworkInfo.com from any HTML capable mobile device such as a Cell Phone, PDA, or RIM Blackberry. MyNetworkInfo.com is powered by iAdmin Mobile, a secure mobile suite for enterprise server and network administration. Visit MyNetworkInfo.com online at:

Learning Center: Password Hardening Tips

Strong password practices are key to keeping Windows systems secure. These quick tips offer advice on everything from policy setup and enforcement to password creation and storage. At the SearchWindowsSecurity site:


Announcing MBSA 2.0 Beta

Redmond is asking for your input on their beta security scanner. This is what they said: "Please help us improve the quality of the next version of the Microsoft Baseline Security Analyzer. We are currently accepting nominations into the MBSA 2.0 beta program. Customers can nominate themselves for the beta. They will need to log on to the system using their Microsoft .NET Passport and a guest ID of "MBSA20" and then complete the survey. Microsoft will contact customers who are selected for the private beta directly; those not selected will automatically be notified of the public beta at the end of March.

Get Ready For The 64-Bit Wave

You may be aware of Microsoft Watch. It is written by Mary Jo Foley for Ziff Davis and it's a really good website and e-zine. You can subscribe here if you want:

She found a weblog of a Microsoft employee talking about 64-bit Windows, and it's pretty interesting. Here's his blog:


CounterSpy Enterprise Chosen As The #1 Antispyware Product

As you might be interested in CounterSpy Enterprise, we thought you'd be happy to get some objective test information for your bosses about the serious contenders in this space. This week, eWEEK published their review of three Enterprise Class anti-spyware products. CounterSpy Enterprise clearly won the comparison, with the reviewer stating the following:

"CounterSpy is the most affordable and richly featured product we reviewed. Sunbelt's CounterSpy Enterprise provides the best mix of management, reporting and cleaning capabilities we've seen, at the most affordable price. With its CounterSpy Enterprise solution, Sunbelt exhibits its experience in designing enterprise-class software."

"Sunbelt's anti-spyware products have the advantage of leveraging multiple spyware research teams that identify spyware strains and create detection and cleaning routines. In addition to its own researchers, Sunbelt receives definitions from Microsoft researchers because of a previous licensing agreement with Giant Company Software Inc.'s Giant AntiSpyware. This advantage became apparent while cleaning our test systems, as CounterSpy Enterprise narrowly bested Webroot Spy Sweeper by leaving the fewest spyware traces (as detected in a mop-up scan)."

"CounterSpy Enterprise has the best reporting tools we've seen by far, offering a wide array of high-level and heavily detailed reports that can be organized by date ranges." You can see the review here:
And here is CounterSpy Enterprise itself, with specs and download:

New iHateSpam for Exchange V1.6 ROCKS!

Users of the new versions sent us Rave Reports:

"We have been using IHS SE 1.6 for about a week now and I feel compelled to tell you that this is one fantastic software. The seamless integration of the Cloudmark engine has made this product a marvelous and efficient tool. Kudos would fall short of what should be said. The best part is that IHS SE has essential features, such as group policies, reporting and client side customizable white and black lists, not found on Cloudmark's own anti-spam offerings. My opinion is that IHS SE 1.6 is the best server base anti-spam engine. Period. Congratulations guys, you are on top and should do very well with it. -- Mike

"I'm sure you've been offered other testimonials for 1.6, but let me know if you want something in writing. I've been doing this for 14 years and I've really never been happier with a software upgrade, especially a free one. -- Ali

Now, this new engine has pushed back the "ninja" project back a bit, but we expect it to arrive in Q2. (Ninja will have anti-spam, anti-virus and a host of other plug-in modules that customers need and want.) Ask us about the future of iHateSpam for Exchange if you need more data. Get the new V1.6 version here:

SNSI Adds A Multitude Of New Vulnerabilities!

The vulnerability updates for this release include the new holes that Microsoft recently announced on Black Tuesday. There are 22 (!) new Windows checks, bringing the total Windows checks to 2411:

  • 26 new Linux checks, bringing the total to 733
  • 3 new Solaris checks, bringing the total to 272
  • 2 new HP-UX checks, bringing the total to 112

SNSI is a high-end Vulnerability Assessment tool but you can license it per Admin-seat: a potential savings of tens of thousands of dollars. A tool you cannot afford not to run if you have a network of any size. 30-day Eval here:


This Week's Links We Like. Tips, Hints And Fun Stuff


Centralized, Enterprise Antispyware Takes Off

For the enterprise, retooled consumer anti-spyware products won't cut it. Meet CounterSpy Enterprise: the ONLY antispyware product that gets threat database updates from THREE sources: our own spyware research team, YOU via Sunbelt's ThreatNet? and from Microsoft. CounterSpy is a policy-based anti-spyware tool built from the ground up for enterprise deployment and easy centralized management. It supports AD and has a strong Centralized Admin Console with many different ways to deploy agents. Now running in more than 400 production sites. Recently tested as the #1 anti- spyware solution!