Vol. 11, #13 - Mar 27, 2006 - Issue #569
Microsoft Will Solve The Spyware Problem? Not.
- EDITORS CORNER
- Hackers Use Trojan To Target Bank Customers
- Microsoft Will Solve The Spyware Problem? Not.
- Quotes of the Week
- ADMIN TOOLBOX
- Admin Tools We Think You Shouldn't Be Without
- TECH BRIEFING
- Licensed? Vista in November. Not Licensed? Next Year!
- How OpenOffice 2.0 Stacks up Against Microsoft Office
- Securing The Internal Windows Network
- A Primer On Exchange .PST files
- WINDOWS SERVER NEWS
- Laptops Prove Weakest Link In Data Security
- WINDOWS SERVER THIRD PARTY NEWS
- CounterSpy Enterprise Cuts Network Traffic 75%
- NSI Re-Brands Company to Double-Take Software
- WServerNews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - PRODUCT OF THE WEEK
- Sunbelt Network Security Inspector; Priced Per Admin
Turn a Windows PC into an ICSA Labs-certified gateway firewall
If you are thinking about a flexible firewall solution that
can adapt to your ever-changing needs, think Kerio WinRoute
Firewall. This ICSA Labs-certified network firewall for
Windows 2000, XP and 2003 will turn your Windows PC into a
secure firewall on par with the industry heavy-weights.
You can assign granular access rights to different users and
use Active Directory for user management. Continues...
Hackers Use Trojan To Target Bank Customers
Hackers are infesting thousands of computers worldwide with a
sophisticated Trojan program designed to steal bank account and
other sensitive information from compromised computers. What sets
MetaFisher apart from the hundreds of other similar Trojan programs
is the sophistication of the command-and-control servers used to
control it, said Eric Sites, Sunbelt's vice president of R&D.
Sunbelt is running a Q2 special: Buy CounterSpy Enterprise for
the office, and we match 1:1 for each of your employees at home,
who will get CounterSpy Consumer for free which will provide a
powerful deterrent to these kinds of Trojans. More on the hacking
story at ComputerWorld:
Microsoft Will Solve The Spyware Problem? Not.
ZDNet's editor Richard Stiennon blogged on this topic, and made
five very good points which I will quote, and provide a link
to the full blog entry:
- "Microsoft has not even come close to demonstrating that they
can stay ahead of the curve when it comes to fighting malware.
- "They were two years late in introducing Windows Anti-spyware
beta and that program still recommends that you ignore the
most insidious adware on your computer."
- "One can only assume that this lack of judgement and lack of
concern for end user safety and security will carry over to
- "Vista will not gain significant market share for at least three
years. I read somewhere that over 50% of enterprise has not upgraded
to XP yet!"
- And the last thing he remarked: "What is this 'spam is just an
annoyance?' Did Microsoft make spam go away as well?" [grin]
Quotes of the Week
"Nothing contributes so much to tranquilizing the mind as a steady
purpose - a point on which the soul may fix its intellectual eye."
-- Mary Wollstonecraft Shelley
"The universal brotherhood of man is our most precious possession."
-- Mark Twain
Licensed? Vista in November. Not Licensed? Next Year!
Microsoft customers with Enterprise agreements will get Vista bits
in November. Everyone else will have to wait until January. And
actually, everyone seems to shrug it off with "so what?". Outside
of Microsoft and a few hardware vendors, nobody cares. And really,
they are right. The Vista timeline has been pushed back so many
times it's hard to keep track of. More over, if it's not really
done, don't ship it. You have to put principle before profit,
and from what I hear, 60% of the code for the consumer version
has to be rewritten. Ballmer decided to make some changes in the
management of that group, from my perspective more to signal to
the MS employees that it's "deliver on time or else", as fresh on
the heels of a delay in broad availability of Vista, Microsoft
confirmed late Thursday that it is also pushing the mainstream
launch of Office 2007 to next year.
As a point of interest, here is a condensed version of Vista's
- December 31, 2002 -- Some analysts wonder if "Longhorn," will
be late and possibly even die before it ever ships.
- October 2003 -- Redmond talks about "WinFS," basically a database
driven file system to make search easier.
- March 29, 2004 -- BillG says they will release Longhorn "alpha"
to partners and developers later in 2004.
- Aug. 30, 2004 -- Redmond announces Longhorn ships second half '06,
but without WinFS.
- April 25, 2005 -- BillG shows Longhorn and its new GUI, based on
underlying Avalon graphics technology.
- July 24, 2005 -- "Windows Vista" is officially released. Redmond
marketing has done its work and named the beast.
- July 27, 2005 -- "beta" of Vista ships to 500,000 testers
- September 2005 -- Redmond announces Vista support from 30 software
developers, and pledged a cool one hundred Mil to marketing it.
- Feb. 10, 2006 -- The U.S. Justice Department says companies have
lodged complained about the Vista OS.
- March 21, 2006 -- Redmond delays consumer Vista until January 2007
- March, 2006 -- Microsoft revealed that it will spend $500 million
marketing Vista and Office 2007.
How OpenOffice 2.0 Stacks up Against Microsoft Office
Author Robin Miller compares OpenOffice 2.0 and Microsoft Office
in this interview at SearchWinIT and calls for the OS community
to deliver personable, usable training for new OO and OSS users.
Useful article if you need to do due diligence for another year
of paying Redmond for maintenance fees:
Securing The Internal Windows Network
Hardening your network from the outside world is a good idea, but
don't forget to watch out for internal threats. Security testing
expert Kevin Beaver provides a testing to-do list for securing
your Windows network from within. At SearchWindowsSecurity
A Primer On Exchange .PST files
From repairing and recovering to searching and storing, this collection
of tips, tools and expert advice will help you take control of the
pesky personal store (.PST) files that are still a necessary evil
for many Exchange Server shops. At SearchExchange.com:
||WINDOWS SERVER NEWS
Laptops Prove Weakest Link In Data Security
The Wall Street Journal reported Friday March 24th that corporations
spend billions of dollars on security systems to protect confidential
information, but they are discovering there's a weak link: the lowly
Just this week, Boston-based mutual-fund giant Fidelity Investments
disclosed that one of its laptop computers was stolen, and with it,
the personal information, including Social Security numbers, of
196,000 current and former Hewlett-Packard Co. employees. The theft
is the latest in a string of high-profile security breaches tied to
laptops involving such companies as Ameriprise Financial Inc., Boeing
Co. and Verizon Communications Inc. The Privacy Rights Clearinghouse,
a San Diego, Calif., consumer group, lists 27 cases in which laptops
containing sensitive personal information were lost or stolen from
companies, government agencies and other institutions in the past
Of course we system admins know this well. But management needs to
learn that lesson too! I'd point your bosses to the article, and
ask for budget to equip laptops with full disk encryption, AV,
Firewalls, and stand-alone antispyware. Here is the article in WSJ,
but you need to have a subscription to get in:
||WINDOWS SERVER THIRD PARTY NEWS
CounterSpy Enterprise Cuts Network Traffic 75%
This is a real testimonial I received this week.
"Thank you very much. As much as CSE rocks - you guys ROCK!!! :)
After the first 60 PCs were seen in CSE I initiated a deep scan.
Within 3 minutes of the scan starting outbound Internet traffic
dropped by 2/3! After 68 agents were deploys and the default noon
quick scan ran, traffic dropped by 75%. SWEET. The final packet
"Last but not least, all the PCs here had the following products
installed on them: AdAware, Spybot, MS AntiSpyware, PestPatrol Corp
Edition, and InoculateIT. So CSE cleaned up a big mess after all
these products had been "used" on the network." -- Carl Webster.
- 740 packets per second before CSE deep scan was run
- 7 packets per second after all CSE scans completed
My customer only has a 768K pipe and 740 PPS killed the connection
AND fried their Sonicwall firewall.
Try out for yourself how much network traffic you can kill with:
NSI Re-Brands Company to Double-Take Software
March 22, 2006 ?NSI Software, Inc. (NSIŽ) today announced the
company will now be doing business as Double-TakeŽ Software. The
name Double-Take Software was chosen because Double-Take is well
known in the industry as an innovative and superior product for
accessible data protection for Microsoft Windows applications.
"The move to Double-Take Software makes sense because we have a
vast customer-base who know and love Double-Take," said Dean
Goodermote, CEO, Double-Take Software. "Doing business as Double-
Take Software represents the beginning of a new era."
Double-Take Software also recently moved headquarters to South-
borough, MA. CEO, Dean Goodermote, who joined the company last
year, and top level executives are based in the Boston area.
The Double-Take Software re-branding effort and headquarters
move to MA will take effect immediately. 30-day eval here:
||WServerNews - PRODUCT OF THE WEEK
Sunbelt Network Security Inspector; Priced Per Admin
Windows IT Pro Magazine readers chose SNSI as their Best Vulnerability
Scanner in the September 2005 issue. Earlier reviews gave SNSI got
4 out of 5 stars, and they said: "Excellent vulnerability descriptions
and remediation instructions; low cost... user-friendly."
Unlike other high end scanners, SNSI is licensed by Admin, not IP.
That means you are getting a very robust scanner, with a military-
strength (literally) vulnerability database for very little money.
Try it out on a machine in -your- network! :