Sunbelt W2Knews Electronic Newsletter
The secret of those "who always seem to know" - Over 500,000 Readers!
Mon, Oct 10, 2005 (Vol. 10, #41 - Issue #546)
Microsoft Enterprise Security Plans Take Shape
This issue of W2Knews contains:
- EDITORS CORNER
- Microsoft Confirms Next XP Service Pack
- The SunbeltBLog Made the Top 100 Blogs at CNET
- ADMIN TOOLBOX
- Admin Tools We Think You Shouldn't Be Without
- TECH BRIEFING
- Filemon and Regmon Combined
- Securing Your Active Directory Network
- An Introduction To Active Directory Federation Services
- How-To: Determine Which Ports Exchange Is Using
- Query Analyzer: 10 Tricks For Simple Querying
- NT/2000 RELATED NEWS
- Microsoft Enterprise Security Plans Take Shape
- Security Update Next Tuesday: 9 patches
- NT/2000 THIRD PARTY NEWS
- Is Spyware Endangering Your HIPAA Compliance?
- W2Knews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- PRODUCT OF THE WEEK
- CounterSpy Enterprise: DOUBLE Editor's Choice
SPONSOR: Featured White Paper Download
Featured White Paper: Stop Internet Threats at the Perimeter
For a limited time, download a new complimentary white paper
addressing the Internet risks of inappropriate content, IM and P2P.
This white paper discusses how a perimeter defense solution such
as iPrism, from St. Bernard Software, can safeguard your
organization from lawsuits and lost productivity and protect your
networks from attacks. Don't wait until your organization is
jeopardized. Download your copy today!
Visit Featured White Paper Download for more information.
Microsoft Confirms Next XP Service Pack
Microsoft has revealed plans to release a third service pack for
WinXP. It's mostly being kept in the dark and will only be released
after the shipment of Windows Vista, scheduled to be available at
the end of 2006. "Right now, Vista is our priority," Michael Burk,
product manager for Windows Vista at Microsoft, said in a statement.
"We'll have more information to share after Vista ships." But if
you want to have a sneak peek at the "unofficial SP3, check out
Ethan's great SP3 page at:
The SunbeltBLog Made the Top 100 Blogs at CNET
You may not know that Sunbelt's Prez writes a blog, sometimes
helped by some of our employees and friends. Well, get yourself
an RSS reader, and subscribe to it. There are 14 million Blogs,
but just a few are worth reading. CNET just chose Alex's blog as
one of the best around in the "Security and Threats" category:
Quotes Of The Week:
"Power attracts the corruptible, suspect all who seek it. We
should grant power over our affairs only to those who are
reluctant to wield it, and only then under conditions that
increase the reluctance." -- Frank Herbert.
"Power corrupts, but a new power supply and UPS can help."
-- Thomas W Shinder, M.D.
(email me with feedback: [email protected])
Admin Tools We Think You Shouldn't Be Without
Filemon and Regmon Combined
Admins fond of the freeware they download from Sysinternals can
look forward to a new offering shortly that combines the features
of two popular tools -- Filemon and Regmon.
The new utility, called Process Monitor, will not only merge the
features of Filemon and Regmon, but will also collect additional
event data, said Mark Russinovich, chief software architect at
Russinovich said he expects the tool to be available in "several
months." Filemon monitors and displays file system activity on a
system in real time, while Regmon is a Registry monitoring utility
that shows which applications are accessing the Registry in real
time. Sysinternals offers both tools, along with technical info
and source code relating to Windows and created by Russinovich
and Bryce Cogswell. Both are well-known Windows platform experts.
Securing Your Active Directory Network
Derek Melber investigates the security of your Active Directory
database and the objects that exist within the database. Second
in a four part series on Active Directory Network security.
An Introduction To Active Directory Federation Services
Active Directory Federation Services promises to make RADIUS
authentication for Web applications a thing of the past. In this
article Microsoft MVP Brien Posey explains how ADFS works and
what resources it will require. At SearchWindowsSecurity.com:
How-To: Determine Which Ports Exchange Is Using
Whether you are trying to secure Exchange Server or diagnose a
communications problem, it's important to know which ports Exchange
is using, and for what. This tutorial explains three different
methods for determining what ports are in use -- RPCDUMP, Netstat
and Tasklist. At SearchExchange.com
Query Analyzer: 10 Tricks For Simple Querying
Make performance improvements to SQL Server statements using SQL
Server 2000's Query Analyzer -- a tool that Microsoft excludes
from SQL Server 2005.
NT/2000 RELATED NEWS
Microsoft Enterprise Security Plans Take Shape
This week, Steve Ballmer made noises in Munich about slowly moving
into the Internet security bizz when they pre-announced a new
enterprise-class tool that does antivirus, antispyware, and in
planned future versions will detect worms and kernel rootkits.
It's called Microsoft Client Protection (MCP), and MCP will go
into a limited beta before end 2005. Full RTM is expected second
half of 2006. Details on pricing and licensing are being kept
under wraps, but it is my expectation you can count on prices
of 20-40 bucks per seat, which is in the same ballpark as the
big AV guys. And talking about these big AV guys...
Symantec filed an informal complaint with the EU related to
Microsoft's security strategy. At issue is Microsoft Windows
OneCare, which provides home PC users with antivirus, anti-spyware, and firewall defenses and updates. Symantec is claiming
that Microsoft plans on bundling OneCare with Windows Vista,
the next version of the Windows operating system. It is unclear
if the EU regulators are investigating the complaint.
So Redmond is going head-to-head with the AV community at last.
Well, they are going to have a tough time. Basically everyone
is already AV-equipped so this is a replacement market. They
will have to be a LOT better than existing AV players, and
that is going to be hard. And they cannot drop their prices
too much, as that will cause the antimonopoly lawsuits to
come out of the closet. Good luck Redmond. You are going to
need it. More about Ballmer's announcement at MS PressPass:
Security Update Next Tuesday: 9 patches
Eight security bulletins affecting Windows will be
released. The highest Maximum Severity rating for these is
Critical. Some of these updates will require a restart. These
updates will be detectable using the Microsoft Baseline Security
Analyzer (MBSA) and the Enterprise Scanning Tool (EST).
One security bulletin is affecting Windows and Exchange, and
the highest Maximum Severity rating for this is Important.
Redmond will also release an updated version of the Microsoft
Windows Malicious Software Removal Tool on Windows Update,
Microsoft Update, Windows Server Update Services and the
THIRD PARTY NEWS
Is Spyware Endangering Your HIPAA Compliance?
Hospitals and health systems across the country are working harder
than ever to improve quality and safety practices to meet new and
tougher standards set by payers, regulatory and accrediting bodies
and, of course, health care consumers. JCAHO, an especially hard
part of life within the healthcare industry, has worked to accredit
healthcare organizations since 1951 and new regulations within
JCAHO have made the process even more grueling: From 2006 on,
JCAHO surveys will occur unannounced; the healthcare industry is
already scrambling to ensure compliance so that they won't get caught
off-guard. A huge factor of JCAHO compliance relates to data
documentation and protection:
Malicious spyware applications present an ever-increasing privacy
and security threat to all companies, especially for healthcare
organizations that must keep patient information secure and confidential. Keeping your healthcare IT networks safe from spyware
that can steal personally identifiable information or patient
records is critical. With the help of a robust, best-of-breed
enterprise antispyware solution such as CounterSpy Enterprise
from Sunbelt Software, you can confidently know that your patient
and company data are protected from security breaches associated
with spyware while continuing to reinforce your ongoing security
initiatives that help you meet HIPAA requirements.
Please read the datasheet at the link below and feel free to call
or write us with any questions you might have.
This Week's Links We Like. Tips, Hints And Fun Stuff
PRODUCT OF THE WEEK
CounterSpy Enterprise: DOUBLE Editor's Choice
Windows IT Pro Readers' and Editor's Choice: "CounterSpy Enterprise is tops with our readers and got the best marks for Rookie of the
Year and Best Spyware Blocker." -- Windows IT Pro September 2005
Network World Editor's Choice: "CounterSpy Enterprise earned top
marks for its impressive spyware detection and removal, best
reporting functionality and all-around excellent performance."
-- Network Computing September 2005.
Need we say more? Test it: