- Sign-up Now!
 - Current Issue
 - Edit Your Profile/Unsubscribe

Subscribe | Media Kit | About Us | All Issues | Subscriber Feedback | Contact Us | Privacy Statement
Sunbelt W2Knews™ Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Oct 10, 2005 (Vol. 10, #41 - Issue #546)
Microsoft Enterprise Security Plans Take Shape
  This issue of W2Knews™ contains:
    • Microsoft Confirms Next XP Service Pack
    • The SunbeltBLog Made the Top 100 Blogs at CNET
    • Admin Tools We Think You Shouldn't Be Without
    • Filemon and Regmon Combined
    • Securing Your Active Directory Network
    • An Introduction To Active Directory Federation Services
    • How-To: Determine Which Ports Exchange Is Using
    • Query Analyzer: 10 Tricks For Simple Querying
    • Microsoft Enterprise Security Plans Take Shape
    • Security Update Next Tuesday: 9 patches
    • Is Spyware Endangering Your HIPAA Compliance?
  6. W2Knews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
    • CounterSpy Enterprise: DOUBLE Editor's Choice
  SPONSOR: Featured White Paper Download
Featured White Paper: Stop Internet Threats at the Perimeter
For a limited time, download a new complimentary white paper
addressing the Internet risks of inappropriate content, IM and P2P.
This white paper discusses how a perimeter defense solution such
as iPrism, from St. Bernard Software, can safeguard your
organization from lawsuits and lost productivity and protect your
networks from attacks. Don't wait until your organization is
jeopardized. Download your copy today!
Visit Featured White Paper Download for more information.

Microsoft Confirms Next XP Service Pack

Microsoft has revealed plans to release a third service pack for WinXP. It's mostly being kept in the dark and will only be released after the shipment of Windows Vista, scheduled to be available at the end of 2006. "Right now, Vista is our priority," Michael Burk, product manager for Windows Vista at Microsoft, said in a statement. "We'll have more information to share after Vista ships." But if you want to have a sneak peek at the "unofficial SP3, check out Ethan's great SP3 page at:

The SunbeltBLog Made the Top 100 Blogs at CNET

You may not know that Sunbelt's Prez writes a blog, sometimes helped by some of our employees and friends. Well, get yourself an RSS reader, and subscribe to it. There are 14 million Blogs, but just a few are worth reading. CNET just chose Alex's blog as one of the best around in the "Security and Threats" category:

Quotes Of The Week:
"Power attracts the corruptible, suspect all who seek it. We should grant power over our affairs only to those who are reluctant to wield it, and only then under conditions that increase the reluctance." -- Frank Herbert.
"Power corrupts, but a new power supply and UPS can help." -- Thomas W Shinder, M.D.

Warm regards,
Stu Sjouwerman (email me with feedback: [email protected])


Admin Tools We Think You Shouldn't Be Without


Filemon and Regmon Combined

Admins fond of the freeware they download from Sysinternals can look forward to a new offering shortly that combines the features of two popular tools -- Filemon and Regmon.

The new utility, called Process Monitor, will not only merge the features of Filemon and Regmon, but will also collect additional event data, said Mark Russinovich, chief software architect at Sysinternals.

Russinovich said he expects the tool to be available in "several months." Filemon monitors and displays file system activity on a system in real time, while Regmon is a Registry monitoring utility that shows which applications are accessing the Registry in real time. Sysinternals offers both tools, along with technical info and source code relating to Windows and created by Russinovich and Bryce Cogswell. Both are well-known Windows platform experts.

Securing Your Active Directory Network

Derek Melber investigates the security of your Active Directory database and the objects that exist within the database. Second in a four part series on Active Directory Network security.

An Introduction To Active Directory Federation Services

Active Directory Federation Services promises to make RADIUS authentication for Web applications a thing of the past. In this article Microsoft MVP Brien Posey explains how ADFS works and what resources it will require. At SearchWindowsSecurity.com:

How-To: Determine Which Ports Exchange Is Using

Whether you are trying to secure Exchange Server or diagnose a communications problem, it's important to know which ports Exchange is using, and for what. This tutorial explains three different methods for determining what ports are in use -- RPCDUMP, Netstat and Tasklist. At SearchExchange.com

Query Analyzer: 10 Tricks For Simple Querying

Make performance improvements to SQL Server statements using SQL Server 2000's Query Analyzer -- a tool that Microsoft excludes from SQL Server 2005.


Microsoft Enterprise Security Plans Take Shape

This week, Steve Ballmer made noises in Munich about slowly moving into the Internet security bizz when they pre-announced a new enterprise-class tool that does antivirus, antispyware, and in planned future versions will detect worms and kernel rootkits.

It's called Microsoft Client Protection (MCP), and MCP will go into a limited beta before end 2005. Full RTM is expected second half of 2006. Details on pricing and licensing are being kept under wraps, but it is my expectation you can count on prices of 20-40 bucks per seat, which is in the same ballpark as the big AV guys. And talking about these big AV guys...

Symantec filed an informal complaint with the EU related to Microsoft's security strategy. At issue is Microsoft Windows OneCare, which provides home PC users with antivirus, anti-spyware, and firewall defenses and updates. Symantec is claiming that Microsoft plans on bundling OneCare with Windows Vista, the next version of the Windows operating system. It is unclear if the EU regulators are investigating the complaint.

So Redmond is going head-to-head with the AV community at last. Well, they are going to have a tough time. Basically everyone is already AV-equipped so this is a replacement market. They will have to be a LOT better than existing AV players, and that is going to be hard. And they cannot drop their prices too much, as that will cause the antimonopoly lawsuits to come out of the closet. Good luck Redmond. You are going to need it. More about Ballmer's announcement at MS PressPass:

Security Update Next Tuesday: 9 patches

Eight security bulletins affecting Windows will be released. The highest Maximum Severity rating for these is Critical. Some of these updates will require a restart. These updates will be detectable using the Microsoft Baseline Security Analyzer (MBSA) and the Enterprise Scanning Tool (EST). One security bulletin is affecting Windows and Exchange, and the highest Maximum Severity rating for this is Important. Redmond will also release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center.


Is Spyware Endangering Your HIPAA Compliance?

Hospitals and health systems across the country are working harder than ever to improve quality and safety practices to meet new and tougher standards set by payers, regulatory and accrediting bodies and, of course, health care consumers. JCAHO, an especially hard part of life within the healthcare industry, has worked to accredit healthcare organizations since 1951 and new regulations within JCAHO have made the process even more grueling: From 2006 on, JCAHO surveys will occur unannounced; the healthcare industry is already scrambling to ensure compliance so that they won't get caught off-guard. A huge factor of JCAHO compliance relates to data documentation and protection:

Malicious spyware applications present an ever-increasing privacy and security threat to all companies, especially for healthcare organizations that must keep patient information secure and confidential. Keeping your healthcare IT networks safe from spyware that can steal personally identifiable information or patient records is critical. With the help of a robust, best-of-breed enterprise antispyware solution such as CounterSpy Enterprise from Sunbelt Software, you can confidently know that your patient and company data are protected from security breaches associated with spyware while continuing to reinforce your ongoing security initiatives that help you meet HIPAA requirements.

Please read the datasheet at the link below and feel free to call or write us with any questions you might have.


This Week's Links We Like. Tips, Hints And Fun Stuff


CounterSpy Enterprise: DOUBLE Editor's Choice

Windows IT Pro Readers' and Editor's Choice: "CounterSpy Enterprise is tops with our readers and got the best marks for Rookie of the Year and Best Spyware Blocker." -- Windows IT Pro September 2005

Network World Editor's Choice: "CounterSpy Enterprise earned top marks for its impressive spyware detection and removal, best reporting functionality and all-around excellent performance." -- Network Computing September 2005.

Need we say more? Test it: