- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, May 23, 2005 (Vol. 10, #21 - Issue #526)
Before Your Fire The Company Geek
  This issue of W2Knews™ contains:
    • Vote For Your Fave Tools: 2005 Target Awards!
    • Before Your Fire The Company Geek
    • Detecting And Removing Rootkits in Windows
    • Admin Tools We Think You Shouldn't Be Without
    • Spyware Costs Plague Small/Medium Business
    • Step-by-Step Guide: Ensuring SQL Server Data Integrity
    • E-mail Archiving Strategies: When Deleting Is Not An Option
    • Why You Should Create A 'Crash Reporting' Policy
    • How To Google Hack Windows Servers
    • Microsoft OneCare Not For The Enterprise
    • Windows Server Roadmap Gets An Update
    • Windows Small Business Server 2003 SP1 Now Available
    • How Spyware Caused $25,000 In Cost
    • What Are We Cutting From The Budget?
  6. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • The Ultimate Job Security Tool: Double-Take
  SPONSOR: What Causes 30% of HelpDesk Calls?
"It started as an annoyance and now it's becoming a crisis," --
Brian Burke
, an analyst and research manager of Internet security
at IDC. IDC estimates that spyware represents 30% of all help
desk calls today. CounterSpy Enterprise V1.5 gives you control
over spyware via a centralized admin console, excellent reporting,
and REAL-TIME protection against dozens of categories of spyware.
~ CounterSpy has the best spyware database in the industry. ~
Visit What Causes 30% of HelpDesk Calls? for more information.

Vote For Your Fave Tools: 2005 Target Awards!

Show your colleagues which tool you like best for the job. The W2Knews 2005 Target Awards are the ultimate shortlist of system admins fave tools. We kept a close eye on the forums, market and new versions last year and these tools are the leading ones in each category. Saves a lot of time to check out this list. While you are there, vote for your faves! Voting closes May 31st, so you only have about a week left.

Before Your Fire The Company Geek

A very interesting posting on Slashdot this week. The comments at the bottom are even more fun to read. It starts like this:

"An anonymous reader writes "A new 'insider threat' survey by the US Secret Service and Carnegie Mellon University finds that 82 percent of people who hack their company 'exhibited unusual behavior in the workplace prior to carrying out their activities.' A somewhat amusing write-up at washingtonpost.com points to a bunch of more interesting gems hidden deep in the study, including:

'Almost all - 96 percent - of the insiders were men, and 30 percent of them had previously been arrested, including arrests for violent offenses (18 percent), alcohol or drug-related offenses (11 percent), and non-financial-fraud related theft offenses (11 percent).' The blog post also notes that 86 percent held technical positions at the companies: '...if you're going to fire someone (particularly company geeks who have the motive, means and access to inflict pain on your computer systems) make double sure you cut off their e-mail and network access at the same time you hand them their walking papers.' Fun comments at the slashdot site:

Detecting And Removing Rootkits in Windows

You can now watch this webcast at any time you please. It's definitely interesting. This is the link:

Quotes Of The Week:
"Puritanism: The haunting fear that someone, somewhere may be happy." -- H.L. Mencken, writer, editor, and critic.
"4 out of 3 people have trouble with fractions" -- Anonymous
"Never be afraid to try something new. Remember: amateurs built the ark; professionals built the Titanic. -- Anonymous

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])


Admin Tools We Think You Shouldn't Be Without


Spyware Costs Plague Small/Medium Business

The SearchSMB site has a good story about spyware costs. If you are looking for an antispyware app, and need ammo for your PO, this article has a lot of stuff you can use! They started out like this:

"Think spyware is a scourge on PCs? Small and midsized businesses are increasingly falling victim to the insidious software, paying the price in lost time and productivity, according to analysts.

Bryan Cave LLP, a law firm based in St. Louis with more than 800 lawyers globally and approximately $450 million in revenue, runs a sophisticated IT operation -- with a sophisticated spyware problem and a lack of options in the SMB space.

"Spyware is a huge problem, and it has immediate financial impact," said John Alber, partner, who oversees the firm's client technology group. Bryan Cave has upped its efforts to stop spyware before it comes in, but this has proved difficult. "One of our problems has been that there are no truly enterprise applications for spyware prevention. There are a number for the personal market, but those are only just becoming enterprise scale. Even the best of them let things slip by, so you have you to go in manually and ferret them out," Alber said. [Editor's Note: Apparently he has not heard of CounterSpy Enterprise yet]

"It started as an annoyance and now it's becoming a crisis," said Brian Burke, an analyst and research manager of Internet security at IDC. IDC estimates that spyware represents 30% of all help desk calls today. And there is more good stuff here. Strong recommendation on this article:

See what spyware is sitting on your systems:

Step-by-Step Guide: Ensuring SQL Server Data Integrity

SQL Server ensures the integrity of your data -- up to a point. It can't protect you from inept handling of transactions or breaking internal referential integrity -- two of many things that can ruin the quality of your data. In this guide, Serdar Yegulalp delves beyond good database maintenance habits and tells how to protect data through programming, bounds checking and other areas that are often overlooked. Over at SearchSQLServer.com

E-mail Archiving Strategies: When Deleting Is Not An Option

Whether you are driven by legislation, litigation or the sheer volume of e-mail clogging users' mailboxes, e-mail archiving and backup and recovery are fast becoming mission-critical issues. In this webcast, Mark Diamond, CEO and president of the consulting company Contoural Inc., Los Altos, Calif., explains what companies need to know about message archiving-- and why they need to know it. Free registration may be required. (SearchExchange.com)

Why You Should Create A 'Crash Reporting' Policy

Windows Error Reporting has been around for a while, but in some instances you may want to opt out of it. (SearchWinSystems.com)

How To Google Hack Windows Servers

Have you ever tried Googling public-facing Windows servers for "hidden" files and sensitive information? You may be shocked to learn just how much you can find. In a new series of tips, Kevin Beaver explains why you must Google Windows servers before a bad guy Googles them first. SearchWindowsSecurity.com


Microsoft OneCare Not For The Enterprise

eWEEK asked several analysts what they thought about Redmond's OnceCare announcement

"A lot of the interesting features in OneCare make no sense for large enterprise departments. Businesses aren't interested in file backup or parental controls, so I can't know where this market is," said John Pescatore, research director for Internet security at Gartner Inc.

This is a consumer grade offering. By year-end, we believe Microsoft will add some management features for mid-sized businesses. This is not something a large enterprise would even consider until the end of 2007. Even then, we haven't seen any value there for large enterprise to outsource desktop security," Pescatore added.

"Enterprise customers everywhere know that you have to wait until version 3 or version 3.5 of a Microsoft product before putting buying plans in place." The whole article is at eWEEK's site:

Windows Server Roadmap Gets An Update

The Windows Server Roadmap is a useful document on Redmond's site with approximate ETA guidance. It was updated this month. Windows Server Update Services, W2K3 "R2" and a longhorn beta remain on tap for this year, according to the schedule.

In 2006, you will see beta 2 of Longhorn Server, and guess what? MS has committed to SP2 for W2K3 in 2006. Remember that SP1 took nearly two years to hatch. In the mean time, they have begun posting enormous amounts of data on W2K3 R2 as it is in beta now. You can check it out here:

Windows Small Business Server 2003 SP1 Now Available

As I announced earlier, SP1 for SBS 2003 has now arrived after they released W2K3 SP1. The SBS version builds on the SP1 release for Windows Server 2003, but is tuned more specifically to the overall capabilities of SBS and introduces some additional features in this really neat product. In addition to Windows Server 2003 SP1, you now get:

  • Exchange 2003 SP1
  • Windows Sharepoint Services SP1
  • Outlook 2003 SP1
  • and Windows XP SP2

The premium edition also gets ISA Server 2004 which is a really great product and SQL Server 2000 Service Pack 4. Pick up SP1:


How Spyware Caused $25,000 In Cost

This is a story from a consultant using CounterSpy. For sure very interesting reading. ;-)

"Stu, Wanted to fill you in on a big CS success story.

"I have a customer with 2 locations in different states connected via a T1. They have 3 users who use their accounting software. This one lady was using it via the WAN link and having all kinds of problems. She is the CFO and had problems working with the app.

"She would enter and invoice, get and error msg "Lock Table Full", reboot, repeat cycle. Needless to say when you have 100s of invoices to post that is an exceedingly painful cycle to go through. They had replaced her laptop, rewired her connection, spent hours on the phone with tech support, run AdAware, Spybot, McAfee 8.0i, Stinger, NAV, Trend and who knows what else. They were using a very old version of that application that was known to have this Lock Table Full issue. So they spent several thousands of $$$ sending me to the remote site to spend an entire weekend upgrading them to the latest version. They were 10 years worth of updates behind. The upgrading took a very long time and I used to be a Registered Consultant so they wanted me to personally do the conversions.

"Within 2 days the same user reported the same problem. [email protected]!!! So or router/firewall guy got permission to monitor their network traffic. One day her PC started flooding their outbound WAN traffic. Needless to say her accounting app started to show the same problems again. So I was sent down to find out what was going on. I uninstalled AdAware and Spybot and installed the demo of CounterSpy. It took CS 1.5 hours to scan her laptop but it found: 52 pieces of spyware, 188 infected files and over 1900 infected registry keys. Once her laptop was cleaned she had no problems.

"Five days later I get a call from their network admin. SAME [email protected] PROBLEM AGAIN!!! I was like - 'what the heck is going on here'. Went down to her office (we are in the same office building). Guess what? She had uninstalled CS because she didn't like all the popups when she would attempt to install all her "free" Internet downloads. Groan.

"I reinstalled CS, rescanned and re-cleaned her laptop, this time with instructions she was NOT to uninstall CS again. She has now gone over a month without problems. So you could honestly say this one infected laptop cost them well over $25,000 because of spyware and related crapware. One new laptop, 2 wipes and reloads, one financial accounting application upgrade, one year of support contract for it, router and firewall monitoring at $150 per hour, 3 full days of upgrading and data conversion, plus travel, plus hotel, plus food, plus plus plus!

"And a free demo copy of CS fixed all the problems. Of course, we are now installing CSE on both sides of the WAN. So the demo of CS more than paid for itself. Thought you would want to know this whole sordid mess. You most ardent supporter here in Arkansas" -- Name withheld to protect the guilty CFO. [grin]

Check out what CounterSpy can find on your PC for 15 days:

And a full 30 day eval of CounterSpy Enterprise is here:

What Are We Cutting From The Budget?

If your budgets are under pressure, print management is a necessity. What is Print Management? Why would you manage printing? Good questions in a corporate environment where expenses soar, budgets get cut and your user's printing needs are ignored for the good of the bottom line. But more and more printing costs are becoming a major concern.

Printing was cheap and easy when there were just black and white simple line printers around, but the technologies in printing have come a long way. The push to upgrade to color printers is huge, and when your basic toner cartridge on a color printer goes up in price 3 to 5 times you start to see the office expenses budget skyrocket. Paper also was a negligible expense, but since the introduction to color and being able to print photographs, transparencies and other specialized output, the price of paper has also increased expenses.

So let's summarize this, printer technology has jumped leaps and bounds in the last 10 years. The hardware is smaller, faster, cheaper, and you can print color. So the market had to compensate in other places like the price of toner, paper, services, etc... More over, there is a major "but". While the technology has jumped far ahead, the management of these systems has not.

Walk into any small business, school, corporation or government office and you will see boxes under each printer. What's in these? Scrap paper? No! It is not just scrap paper. Those boxes also contain valuable Toner, Help Desk time, IT Administrator time, and many other service expenditures. Hence the ballooning costs.

The paperless office (Digital Age) to a certain extent works. But we still want to print and we can print on-demand! We print E-mail, Websites, Office Documents, Child's Book Report, Resumes, Photographs, Transparencies, Posters, Books, and on and on.

The average company may be only dimly aware or completely unaware of this expenditure. Most of them needlessly throw away money, and resources that could be better spent. Recently a survey which was done on IT Managers at 954 organizations around the world, found the biggest problem with their printing networks was:

  1. Printing Waste (56%)
  2. Inability to Do Accounting for Printing (41%)

Print Manager Plus does a great job of cutting costs related to printers. The product is easy to install and easy to use. It is a solution that every Administrator with tight budgets should have installed on their network. The product is very flexible and can be installed on a small peer to peer network or a large server enterprise infrastructure. The product is fairly priced and starts at $795.00 per print server for the Standard edition and $1,295.00 for the Client Billing edition with large discounts for Academic and non-profit institutions. A fully functional 30-day evaluation can be downloaded here:


This Week's Links We Like. Tips, Hints And Fun Stuff


The Ultimate Job Security Tool: Double-Take

For those admins wanting their file servers to be available again within minutes of a crisis, Double-Take is the most popular tool. Double-Take has over 50,000 licenses in production, including 12,000 on Exchange, 10,000 licenses on SQL, and nearly 10 years of protecting Windows servers since 1996. This makes Double-Take the undisputed leader in protecting Microsoft environments for high-availability and disaster recovery in-one: 30-day eval at: