Vol. 11, #6 - Feb 3, 2006 - Issue #562
Disaster Recovery for Virtual Systems
- EDITORS CORNER
- Best-of-Breed or Security Suite?
- More On Legal-Driven Updates
- Disaster Recovery for Virtual Systems
- Quotes of the Week
- ADMIN TOOLBOX
- Admin Tools We Think You Shouldn't Be Without
- TECH BRIEFING
- Product Licensing Tool Not For U.S. Only Anymore
- Step-by-step Guide: Blocking IM and P2P
- Vista Security Will Drive Adoption, Allchin Says
- A Primer On DNS and MX Records
- WINDOWS SERVER NEWS
- VMware To Make Server Product Free
- Microsoft Refines Vista Timeline
- Finally: Windows Server 2003 "R2" Ships
- MCTS Exams Now Available
- WINDOWS SERVER THIRD PARTY NEWS
- Sunbelt Transitions ServerVision to Aldebaran
- Check Out All Those New Vulnerabilities...
- WServerNews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - PRODUCT OF THE WEEK
- Notepad++, A New Editor For System Admins
Kerio WinRoute Firewall: VPN simplified. Again.
Secure remote access to the network seems like a solved problem
but when it comes to managing VPNs, IT admins usually have to
choose between an overpriced, over-complicated package or an
under-performing low cost option. Kerio WinRoute Firewall turns
a regular Windows PC into a powerful SSL-based VPN Server in
minutes. Moreover, it integrates with Active Directory and costs
less than $40 per user. Continues...
Best-of-Breed or Security Suite?
We have a superfast, 5-click, 30 second survey for you! Here is
the question: "For Security Products for the desktop, would you
prefer a Suite from one of the major vendors, or do you prefer to
select your own best-of-breed modules?" I will report in the next
issue what the results are:
More On Legal-Driven Updates
A WSN reader asked more about the legal background of this
"lawyer-mandated" upgrade. Mary Jo Foley from Microsoft-Watch
wrote more about it here:
Here is a reference to the court?s judgment:
Disaster Recovery for Virtual Systems
NSI Software just announced new Double-Take for Virtual Systems!
That means Double-Take's data protection, replication and failover
will be available for virtualized server environments.
Lots of sites are increasing virtual servers, using technology such
as EMC's VMWare and Microsoft Virtual Server 2005 R2. Double-Take
for Virtual Systems will be available in Feb' 06.
DT has configuration options for a virtualized target, source or
both, and delivers both DR and HA for virtualized machines. One
license for DT for Virtual Systems supports up to five virtualized
machines, as long as they're all running on the same host. It also
provides both WAN and LAN support and in terms of VMWare support,
will run ESX and (now free!) GSX servers.
DT for Virtual Systems completes the functionality you need to
either protect data within a virtual machine, or use it on the host
itself to replicate those virtual disks to an outside location.
Result? Simplified recovery of VM's! You can also monitor and
fail your VM's over from one virtual host to another in the event
of an outage.
More over, when you have a VM as the target, DT for Virtual Systems
can perform many-to-one failover from physical to virtual machines
running on a virtual host. This is a MAJOR money saver...
Quotes of the Week
"The beginning of wisdom is a definition of terms."
"It is an extra dividend when you like the girl you've fallen
in love with." -? Clark Gable
Product Licensing Tool Not For U.S. Only Anymore
Remember that tool that Redmond created to help you with licensing
and pricing data that I talked about earlier? Well, there is a
new version. Redmond said it expanded the thing (it's called
Product Licensing Advisor), so you can plug in data about a
configuration and get a rough idea of the cost. It now also
includes data if you do not live in the U.S. Get it at:
Step-by-step Guide: Blocking IM and P2P
In the wrong hands, IM and P2P file sharing can be too much of
a risk for your organization. There are many ways to block this
traffic, but some are more elegant -- with fewer adverse effects
-- than others. Serdar Yegulalp details the process in this
step-by-step guide over at SearchWindowsSecurity.com
Vista Security Will Drive Adoption, Allchin Says
Will Vista's security features be enough to make IT managers
speed up their migration cycle? It might, but it also might make
them test the software for that much longer. Interview with Jim
at the SearchWin2000 site:
A Primer On DNS and MX Records
One of the major factors that help an e-mail message reach its
intended recipient is a Mail Exchanger DNS record -- better known
as an MX record. This four-part tutorial explains what MX records
are and how they work. It then describes how to create an MX
record and Host record on your own DNS server. Over at the
||WINDOWS SERVER NEWS
VMware To Make Server Product Free
CNET Reported that VMware, an EMC subsidiary whose software lets
multiple operating systems run on the same computer, is expected
to announce next week that it will begin giving away one of its
key products for free.
The company sells three core products, VMware Workstation, GSX
Server and ESX Server, but competition is on the horizon in a
market VMware once had to itself. On Monday, however, the company
is expected to announce it will give away GSX for free, sources
familiar with the plan said.
GSX runs on a "host" Windows or Linux operating system and then
lets "guest" operating systems run atop it in compartments called
virtual machines. The higher-end ESX product, in contrast, needs
no host and runs below the operating system layer.
Microsoft Refines Vista Timeline
Paul Thurrott, News Editor, of WindowsITPro reported that in an
interview with Microsoft co-president Jim Allchin last week, he
was told that the software giant was dispensing with traditional
development milestones such as Beta 2 and Release Candidate 1
(RC1) for Windows Vista and will instead mark the remainder of
that OS's development schedule with Community Technical Preview
These CTP builds will come out every month or two, and each will
typically improve on the previous CTP build in fairly dramatic
ways. Since launching the first Vista CTP build in September 2005,
Microsoft has shipped CTPs to testers in October and December.
You can read the entire Jim Allchin interview on the SuperSite
for Windows: Jim Allchin Talks Windows Vista
Finally: Windows Server 2003 "R2" Ships
Microsoft made Windows Server 2003 R2 generally available
yesterday to users and partners and will make it available in
the near future to volume licensing customers with Software
Assurance maintenance contracts.
In addition, Microsoft released Service Pack 2 for Internet
Security and Acceleration (ISA) Server 2004 along with updates
to its Simple SAN storage initiative, both of which work in
conjunction with R2. Microsoft is also using R2 as the launching
pad for new licensing for virtualization software that took
effect Dec. 1.
Windows Server 2003 R2, which ships in x64 and x86 versions,
is built on Windows Server 2003 SP1 and is the first R2
release of the server operating system since Microsoft
initiated a release cycle in May 2004 that called for a
major operating system upgrade every four years, with a
lesser ?R2? release in between. More at ComputerWorld:
MCTS Exams Now Available
New-generation MCP certifications step out of the shadows with
general release of three new MCP exams for SQL Server 2005 and
Visual Studio 2005. By Michael Domingo:
||WINDOWS SERVER THIRD PARTY NEWS
Sunbelt Transitions ServerVision to Aldebaran
Clearwater, FL ? February 1, 2006 ? Sunbelt Software, a leading
provider of Windows security solutions, today announced that
support and ongoing development for its award-winning server
management product, ServerVision(r), will be assumed by the
product?s original developer, Aldebaran Systems Ltd.
All customers under maintenance contracts will continue to
receive product support and product updates through Aldebaran.
ServerVision users will be asked to perform a simple no-charge
upgrade to Aldebaran ServerAssist, which is an enhanced version
of ServerVision. All of existing customized settings and policies
will be automatically migrated to the new version.
Aldebaran will offer customers of Sunbelt ServerVision the
opportunity to purchase maintenance at a discounted price
through March 31st, 2006.
The transition is effective February 1, 2006. Sunbelt will
honor any existing quoted purchases for ServerVision through
What ServerVision customers should do:
Customers under existing maintenance plans for ServerVision should
go to www.serverassist.com for more information. After confirmation
of their existing ownership, they will receive instructions on
downloading ServerAssist, with a new registration key.
About Aldebaran Systems:
Aldebaran Systems was formed in September 1995 to provide software
development services to small to medium sized organizations and
now focuses on delivering world-class server management technology
through its main product, ServerAssist. The company?s website is:
Check Out All Those New Vulnerabilities...
SNSI has been updated with a new vulnerability database. Ouch,
you would think coders have gotten the message about security.
To update from within the SNSI console, select Settings, enter
your full registration key and click on Check Now button. New
vulnerability updates for this release include:
L1074 TkCVS TkDiff temp file overwrite - MDV
L1075 Koffice multiple heap-based overflows - MDV
L1077 Cups multiple heap-based overflows - MDV
L1078 Tetex multiple heap-based overflows - MDV
L1079 KDEGraphics multiple heap-based overflows - MDV
L1080 Wine GDI escape WMF error - MDV
L1081 Hylafax fsxrcvd notify input error - MDV
L1082 ClamAV UPX vulnerability - MDV
W2704 Oracle Database Server Vulnerabilities (Jan 2006) - Windows
W2705 Oracle Application Server Vulnerabilities (Jan 2006) - Windows
W2706 Oracle Collaboration Suite Vulnerabilities (Jan 2006) - Windows
W2707 Oracle E-Business Suite Vulnerabilities (Jan 2006) - Windows
Vendor Superseded Patches, Packages, or Signatures
W1142,W1986,W1999,W2067 - Anti-Virus Signatures
H30 Wu-ftpd Local Directory Escape - HP-UX 11
H51 VirtualVault Apache mod_ssl, mod_proxy - HP-UX 11.04 (VVOS)
H88 VirtualVault Apache Vulnerability - HP-UX 11.04
H91 Apache/OpenSSL Temp File Handling - HP-UX 11
H113 Apache SSL ciphersuite bypass - HP-UX 11
H114 OpenView NNM Vulnerability HP-UX 11
L1061 Ethereal OSPF Dissector vulnerability - MDV, RHE
S292 (Banner:) Oracle Database Server - Solaris
S356 (Banner:) Oracle Application Server Multiple Vulnerabilities
S357 (Banner:) Oracle E-Business and Application Suite
S359 (Banner:) Oracle Collaboration Suite Multiple Vulnerabilities
Added Support for More OS versions
L1070 Apache - Multiple vulnerabilities - RHE, MDV
L1071 Mod_Auth_Pgsql - format string flaws - RHE, MDV
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE)
list of computer incidents. It also contains the latest SANS/FBI
top 20 vulnerability list. SNSI also uses the latest CERT, CIAC
Microsoft and FedCIRC (Department of Homeland Security) advisories.
To get the latest SNSI eval version, visit:
||WServerNews - PRODUCT OF THE WEEK
Notepad++, A New Editor For System Admins
Serdar Yegulalp, Contributor at SearchWinSystems dug up a gem of
an open source editor for you guys. Notepad++ was built around the
powerful Scintilla editing component -- itself also open source --
which can be freely reused in any number of other similar projects.
Notepad++ supports several programming languages running under the
Windows environment. Many of the source code editor's features are
aimed at systems administrators and programmers. It does stuff like:
Syntax Highlighting and Syntax Folding, Auto-completion, Multi-View,
Macro recording and playback and too many other functions to mention: