Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 11, #10 - Mar 6, 2006 - Issue #566
Seven Vista Flavors? NO NO NO NO NO NO NO

    • Sunbelt Forum Subscriber Expresses Gratitude
    • More On Trashing Your LAN
    • Quote of the Week
    • Admin Tools We Think You Shouldn't Be Without
    • Will Vista Mean Victory In The War On Rootkits?
    • Windows Features You Can Live Without
    • Windows Installer Cleanup Utility Kills Apps
    • Exchange 12 Only On 64 Bit: Good or Bad?
    • Seven Vista Flavors? NO NO NO NO NO NO NO
    • Wanted: Beta Testers For Sunbelt Messaging Ninja
    • What's New In CounterSpy Enterprise V2.0?
  6. WServerNews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. WServerNews - PRODUCT OF THE WEEK
    • Just Something FUN: Microsoft Research Steps It Up
Block Unproductive Browsing And Costly File Downloads
Kerio WinRoute Firewall with OrangeWeb Filter will block
access to up to 72 categories of web content on a per-user
basis. Most IT managers have enough problems to deal with
without worrying about where users are surfing on the web.
The Orange Web Filter's biggest-in-class database has over
60 million URLs which Kerio WinRoute Firewall can block or
log access to. Continues...


Sunbelt Forum Subscriber Expresses Gratitude

I received the following email this week and wanted to share it with you. It made me a very happy camper. There is no better recommendation than this one as an invitation to the free Exchange forum we host:

"Thanks Stu Sjouwerman

I recently helped a friend get a SysAdmin job here Redmond. That event got me thinking about how so many things in my life have been a result of my joining the Sunbelt-software Exchange list. To list a few, being a Techwriter this will of course be a bulleted list:
  • 3 out of the last 4 jobs that I have held came from people I met because of this list; APCS in Florida, Dell, and now Microsoft
  • My wife and I were introduced to each other through a friend that I met via this list
  • I meet the MVPS and became a part of that program at Microsoft because of my level of community involvement that this list helped me to start
  • I attribute a great deal of what I know about technology to learning from, and trying to help fix other people?s problems on lists such as this
  • Some of my closest friends from all over the world were introduced to me by people that I met on the sunbelt list, For example, the WL and WLKM
  • A large number of my travels and trip destinations can be attributed to going to places to meet people who have become friends through this online community
  • One of the greatest things for me has been the opportunities that I've been given to give back to the community, helping people solve problems, find jobs, move places, meet new people, and much more.
The single event of joining and becoming involved in this list has been one of the greatest influences shaping my life over the past 9 years. Stu, I don?t know if you realize the impact on people's lives you have had by hosting the list's that your company hosts. I can say that from my world it has made a significant impact. I for one am very grateful, and just wanted to, yet again, say thank you for all that you have done for all of us. Thank you very much Stu Sjouwerman" -- Kevin Miller, Exchange team, Microsoft.

Wow, many thanks Kev! I'm blown away.

For other WSN subscribers that want to experience this, here's where you can subscribe to the Exchange List:

More On Trashing Your LAN

You guys definitely gave me good feedback on that one. Many of you came back with responses like: "BP has the right idea. I was at ground zero when one of Canada's five major chartered banks got tagged by the Slammer virus. EVERY server in the org was wiped and re-imaged--and this is an outfit with 60000+ employees! By doing what BP is attempting you make a breach gain the bad guys just ONE machine, not thousands."

Quote of the Week

"If everything seems under control, you're just not going fast enough." -? Mario Andretti

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Tools We Think You Shouldn't Be Without

Must Have Freeware. AD Web Search App + GAL Self Service. Get your Free download at the namescape site here:

Need to prevent downtime on your Exchange Servers? No other tool has as many HA/DR licenses sold as Double-Take! Check out the eval:

RootKit Detection. If you do not have it yet, you need it. This site (The Sysinternals Freeware) has bunches of free programs:

Recently a company bought an unlimited LanHound license for almost 300 sites because they really liked how it helped troubleshoot LANS. It's also Windows IT Pro Reader's Choice 2005!


Will Vista Mean Victory In The War On Rootkits?

Planned security features in Vista aim to eliminate rootkits in the Windows enterprise. Second in a two-part series. Rootkits are driving Dan Kaminsky crazy. Kaminsky, a security analyst who runs DoxPara Research, an independent research firm, spends a good deal of time opining about rootkits on the firm's Web site. In a recent interview, he was even more animated about why rootkits are ruining lives. "We are computer people," he said. "We tell people their lives will be better by using computers. Rootkits and spyware destroy that experience."

Kaminsky is not alone in his frustration. Rootkits have become a hot topic in IT security. And Windows, the most popular operating system, is a favorite target of the hackers.

One bright light for Kaminsky is Vista, Microsoft's next desktop operating system. "Vista is really trying hard to address this," he said "They are going to be cryptographically signing everything in the core of the OS."

Kaminsky is referring to a new policy in Vista that will require digital signatures on all kernel mode software running the OS on x64 bit-based computer systems. All unsigned drivers will be blocked. The idea is that blocking will stop the spread of rootkits and other malicious programs. Technical background at

Windows Features You Can Live Without

The security risk associated with some convenient Windows features often outweighs the reward. Windows hardening expert Jonathan Hassell looks at some of these features and explains how to secure them. At the site. The next article explains how to do part of this.

Windows Installer Cleanup Utility Kills Apps

How *do* you get rid of an application that Windows won't let you uninstall? Use the Windows Installer Cleanup utility, which is included with Windows Server 2003 as part of the Windows Support Tools. This is actually a very useful article at SearchWinSystems:


Exchange 12 Only On 64 Bit: Good or Bad?

There's been a discussion raging about this. There are a lot of people that hate it, and a lot that say hey no big deal, we are going to 64 bit anyway. Paul Thurrott of the WindowsITPro site has some very sane observations and I share his perspective:

"My gut feeling is that a 32-bit Exchange 12 version wouldn't provide the consolidation and performance benefits needed for such an important upgrade, and by limiting the server to x64, Microsoft can overcome this problem."

And here is why, there are good technical reasons for this, but the main one is RAM. "At issue, of course, is memory: 32-bit systems can access only 4GB of RAM, and Exchange 12 needs more than that for larger installations."

And keep in mind that when you have bit the bullet and go to x64, you are going to be able to do some serious server consolidation! You can only get your hands on the current Beta 1 release via a small and limited beta program. The next one will be open to the public, so you can get your hot little hands on it. Better start making noise about budget for a 64-bit test server! Redmond still expects to ship Exchange 12 in late 2006 or early 2007.

Seven Vista Flavors? NO NO NO NO NO NO NO

Subscriber Nick Meyer from Grande Prairie Canada wrote me, and I agree wholeheartedly... :

"On the Vista front, I told MS at a Technet briefing in the fall when we heard rumors of 7 SKU's that as technicians the answer is NO NO NO NO NO NO NO. I was surprised that 700+ people gave me a standing ovation for that! It is too darn complicated--"Oh sorry, you bought Vista home, no you can't do remote desktop."; "No, you needed to buy Media Center edition to use that swanky new remote control you bought off the shelf"; "How the heck do you turn off Simple File Sharing--oh you can only do that with Vista Pro, darn"

"Somebody once called it the "unixification" of Windows. When Vista hits shelves you'll have a bunch of Windows 2000 Server flavors, Server 2003 flavors, W2K Pro, XP Home and Pro, couple of Media Center 200x's and SEVEN?! flavors of Vista. NO NO NO NO NO NO NO NO!"

"Make it a configuration wizard, like SBS has. Want to change from home to pro? Run a wizard, poof. Added the necessary TV-in/out card and want Media Center? Run the wizard, poof. And make EVERYTHING one price, too. I am *so* tired of not being able to buy ANYTHING off the shelf because they're ALL loaded with XP Home 'cause it is a hundred bucks cheaper..."


Wanted: Beta Testers For Sunbelt Messaging Ninja

We have been running Ninja in-house since November last year (as per the 'eat your own dogfood' rule). We have had a handful of sites running it in closed beta for a few months. One University site is already running the AV module in a production environment to protect 13,000 mailboxes, and now it's ready for public beta so YOU can get your hot little hands on it now!

If you have an Exchange server you are able to use for testing, and want easy to use, powerful, fully integrated, policy-based antispam, antivirus and world-class attachment filtering, send an email to [email protected] In the subject say NINJA BETA and we will send you instructions for download and the beta forum where we will discuss your test results. For Ninja specs:

What's New In CounterSpy Enterprise V2.0?

Here is what CSE 2.0 is going to bring with it's release. We expect it May '06:

Deployment Wizard Improvements:
  • Ability to run pre and post install actions
  • (Ability to be configured by Support as well)
Performance and Scalability:
  • Support up to 5000 Agents on a single server basic server (over 5x perf increase)
  • Performance monitors at key locations in the Services
  • New Threat Engine (lower memory footprint)
  • New Active Protection
    • Blocks changes from happening
    • Reduced CPU time
    • Allows admin to specify custom "allowed" active protection items
    • Allows admin to specify custom "blocked" active protection items
  • Incremental threat definition updates
  • Persist some UI config and grid settings
  • UI Enhancements to Agents Grid
  • Massive speed increases when managing agents and viewing history
  • UI changes for new AP settings, simplified configuration
  • Display version threat was added/changed in database
  • New database layout so that custom reports could be written directly from the database
  • Allow user to export to HTML
  • Large increase in speed of reports
  • Fix reports for new schema
Find out how many machines in your network are infected by using the free SCAN AND REMOVE (the current version 1.5 works great) and get the new V2.0 in a few months!

WServerNews 'FAVE' LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff


Just Something FUN: Microsoft Research Steps It Up

Do you have one of those wildly popular Dance Dance Revolution dance pads at home? Ever think of using it to do e-mail? That could happen if a technology demonstration at Microsoft on Tuesday escapes into the wild. Read more at the ENTMag site: