Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 11, #13 - Mar 27, 2006 - Issue #569
Microsoft Will Solve The Spyware Problem? Not.

    • Hackers Use Trojan To Target Bank Customers
    • Microsoft Will Solve The Spyware Problem? Not.
    • Quotes of the Week
    • Admin Tools We Think You Shouldn't Be Without
    • Licensed? Vista in November. Not Licensed? Next Year!
    • How OpenOffice 2.0 Stacks up Against Microsoft Office
    • Securing The Internal Windows Network
    • A Primer On Exchange .PST files
    • Laptops Prove Weakest Link In Data Security
    • CounterSpy Enterprise Cuts Network Traffic 75%
    • NSI Re-Brands Company to Double-Take Software
  6. WServerNews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - PRODUCT OF THE WEEK
    • Sunbelt Network Security Inspector; Priced Per Admin
Turn a Windows PC into an ICSA Labs-certified gateway firewall

If you are thinking about a flexible firewall solution that
can adapt to your ever-changing needs, think Kerio WinRoute
Firewall. This ICSA Labs-certified network firewall for
Windows 2000, XP and 2003 will turn your Windows PC into a
secure firewall on par with the industry heavy-weights.
You can assign granular access rights to different users and
use Active Directory for user management. Continues...


Hackers Use Trojan To Target Bank Customers

Hackers are infesting thousands of computers worldwide with a sophisticated Trojan program designed to steal bank account and other sensitive information from compromised computers. What sets MetaFisher apart from the hundreds of other similar Trojan programs is the sophistication of the command-and-control servers used to control it, said Eric Sites, Sunbelt's vice president of R&D.

Sunbelt is running a Q2 special: Buy CounterSpy Enterprise for the office, and we match 1:1 for each of your employees at home, who will get CounterSpy Consumer for free which will provide a powerful deterrent to these kinds of Trojans. More on the hacking story at ComputerWorld:

Microsoft Will Solve The Spyware Problem? Not.

ZDNet's editor Richard Stiennon blogged on this topic, and made five very good points which I will quote, and provide a link to the full blog entry:
  1. "Microsoft has not even come close to demonstrating that they can stay ahead of the curve when it comes to fighting malware.
  2. "They were two years late in introducing Windows Anti-spyware beta and that program still recommends that you ignore the most insidious adware on your computer."
  3. "One can only assume that this lack of judgement and lack of concern for end user safety and security will carry over to Vista Defender."
  4. "Vista will not gain significant market share for at least three years. I read somewhere that over 50% of enterprise has not upgraded to XP yet!"
  5. And the last thing he remarked: "What is this 'spam is just an annoyance?' Did Microsoft make spam go away as well?" [grin]

Quotes of the Week

"Nothing contributes so much to tranquilizing the mind as a steady purpose - a point on which the soul may fix its intellectual eye." -- Mary Wollstonecraft Shelley
"The universal brotherhood of man is our most precious possession." -- Mark Twain

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Tools We Think You Shouldn't Be Without

This page has a whole SLEW of little known Microsoft security tools that you definitely need to check out. Very useful stuff on one page:

Extend Active Directory to Unix/Linux/Mac to enable single sign-on, set global password policies. Free white paper.

Reduce the size of your PST files with PSTcompress. Download a free trial now from the Groupware website!!

Must Have Freeware. AD Web Search App + GAL Self Service. Free download at the NameScape Site:


Licensed? Vista in November. Not Licensed? Next Year!

Microsoft customers with Enterprise agreements will get Vista bits in November. Everyone else will have to wait until January. And actually, everyone seems to shrug it off with "so what?". Outside of Microsoft and a few hardware vendors, nobody cares. And really, they are right. The Vista timeline has been pushed back so many times it's hard to keep track of. More over, if it's not really done, don't ship it. You have to put principle before profit, and from what I hear, 60% of the code for the consumer version has to be rewritten. Ballmer decided to make some changes in the management of that group, from my perspective more to signal to the MS employees that it's "deliver on time or else", as fresh on the heels of a delay in broad availability of Vista, Microsoft confirmed late Thursday that it is also pushing the mainstream launch of Office 2007 to next year.

As a point of interest, here is a condensed version of Vista's history:
  • December 31, 2002 -- Some analysts wonder if "Longhorn," will be late and possibly even die before it ever ships.
  • October 2003 -- Redmond talks about "WinFS," basically a database driven file system to make search easier.
  • March 29, 2004 -- BillG says they will release Longhorn "alpha" to partners and developers later in 2004.
  • Aug. 30, 2004 -- Redmond announces Longhorn ships second half '06, but without WinFS.
  • April 25, 2005 -- BillG shows Longhorn and its new GUI, based on underlying Avalon graphics technology.
  • July 24, 2005 -- "Windows Vista" is officially released. Redmond marketing has done its work and named the beast.
  • July 27, 2005 -- "beta" of Vista ships to 500,000 testers
  • September 2005 -- Redmond announces Vista support from 30 software developers, and pledged a cool one hundred Mil to marketing it.
  • Feb. 10, 2006 -- The U.S. Justice Department says companies have lodged complained about the Vista OS.
  • March 21, 2006 -- Redmond delays consumer Vista until January 2007 - March, 2006 -- Microsoft revealed that it will spend $500 million marketing Vista and Office 2007.

How OpenOffice 2.0 Stacks up Against Microsoft Office

Author Robin Miller compares OpenOffice 2.0 and Microsoft Office in this interview at SearchWinIT and calls for the OS community to deliver personable, usable training for new OO and OSS users. Useful article if you need to do due diligence for another year of paying Redmond for maintenance fees:

Securing The Internal Windows Network

Hardening your network from the outside world is a good idea, but don't forget to watch out for internal threats. Security testing expert Kevin Beaver provides a testing to-do list for securing your Windows network from within. At SearchWindowsSecurity

A Primer On Exchange .PST files

From repairing and recovering to searching and storing, this collection of tips, tools and expert advice will help you take control of the pesky personal store (.PST) files that are still a necessary evil for many Exchange Server shops. At


Laptops Prove Weakest Link In Data Security

The Wall Street Journal reported Friday March 24th that corporations spend billions of dollars on security systems to protect confidential information, but they are discovering there's a weak link: the lowly laptop.

Just this week, Boston-based mutual-fund giant Fidelity Investments disclosed that one of its laptop computers was stolen, and with it, the personal information, including Social Security numbers, of 196,000 current and former Hewlett-Packard Co. employees. The theft is the latest in a string of high-profile security breaches tied to laptops involving such companies as Ameriprise Financial Inc., Boeing Co. and Verizon Communications Inc. The Privacy Rights Clearinghouse, a San Diego, Calif., consumer group, lists 27 cases in which laptops containing sensitive personal information were lost or stolen from companies, government agencies and other institutions in the past 13 months.

Of course we system admins know this well. But management needs to learn that lesson too! I'd point your bosses to the article, and ask for budget to equip laptops with full disk encryption, AV, Firewalls, and stand-alone antispyware. Here is the article in WSJ, but you need to have a subscription to get in:


CounterSpy Enterprise Cuts Network Traffic 75%

This is a real testimonial I received this week.

"Thank you very much. As much as CSE rocks - you guys ROCK!!! :) After the first 60 PCs were seen in CSE I initiated a deep scan. Within 3 minutes of the scan starting outbound Internet traffic dropped by 2/3! After 68 agents were deploys and the default noon quick scan ran, traffic dropped by 75%. SWEET. The final packet info was:
  • 740 packets per second before CSE deep scan was run
  • 7 packets per second after all CSE scans completed My customer only has a 768K pipe and 740 PPS killed the connection AND fried their Sonicwall firewall.
"Last but not least, all the PCs here had the following products installed on them: AdAware, Spybot, MS AntiSpyware, PestPatrol Corp Edition, and InoculateIT. So CSE cleaned up a big mess after all these products had been "used" on the network." -- Carl Webster.

Try out for yourself how much network traffic you can kill with:

NSI Re-Brands Company to Double-Take Software

March 22, 2006 ?NSI Software, Inc. (NSIŽ) today announced the company will now be doing business as Double-TakeŽ Software. The name Double-Take Software was chosen because Double-Take is well known in the industry as an innovative and superior product for accessible data protection for Microsoft Windows applications.

"The move to Double-Take Software makes sense because we have a vast customer-base who know and love Double-Take," said Dean Goodermote, CEO, Double-Take Software. "Doing business as Double- Take Software represents the beginning of a new era."

Double-Take Software also recently moved headquarters to South- borough, MA. CEO, Dean Goodermote, who joined the company last year, and top level executives are based in the Boston area. The Double-Take Software re-branding effort and headquarters move to MA will take effect immediately. 30-day eval here:

WServerNews 'FAVE' LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff.


Sunbelt Network Security Inspector; Priced Per Admin

Windows IT Pro Magazine readers chose SNSI as their Best Vulnerability Scanner in the September 2005 issue. Earlier reviews gave SNSI got 4 out of 5 stars, and they said: "Excellent vulnerability descriptions and remediation instructions; low cost... user-friendly."

Unlike other high end scanners, SNSI is licensed by Admin, not IP. That means you are getting a very robust scanner, with a military- strength (literally) vulnerability database for very little money. Try it out on a machine in -your- network! :