Vol. 11, #14 - Apr 3, 2006 - Issue #570
Moved Up In The World
- EDITORS CORNER
- Sunbelt Software Moved Up In The World
- Sunbelt April Seminars
- Quotes of the Week
- ADMIN TOOLBOX
- Admin Tools We Think You Shouldn't Be Without
- TECH BRIEFING
- Windows Vista Doubles Group Policy's Potential
- How To Create Your Own MSI File To Deploy Apps
- Step-by-Step Guide: Plan migration To SQL Server 2005
- Phishing Exposed
- CastleCops and Sunbelt Are Gutting Phishers
- Hack To Speed Up Security Scans
- WINDOWS SERVER NEWS
- Virtual Server Service Pack Skates into 2007
- MBSA 1.2 Support Yanked? Not Yet!
- EU Warns Microsoft Over Vista Features
- What's New in ISA Server 2006
- WINDOWS SERVER THIRD PARTY NEWS
- Interview: What Is New In CounterSpy V2.0?
- Data Protection Strategies for Virtualization
- Altiris Came Up With Some Cool Technology!
- WServerNews 'FAVE' LINKS
- This Week's Links We Like. Tips, Hints And Fun Stuff
- WServerNews - PRODUCT OF THE WEEK
- How To Get Free AV on Exchange: Participate In Ninja Beta
How Much of Your Network Traffic Is Caused By Spyware?
A customer told us: "Thank you very much. After the first 60 PCs
were seen in CSE I initiated a deep scan. Within 3 minutes of the
scan starting outbound Internet traffic dropped by 2/3! After 68
agents were deploys and the default noon quick scan ran, traffic
dropped by 75%. SWEET." Try out for yourself how much network
traffic you can kill with CounterSpy Enterprise:
Sunbelt Software Moved Up In The World
You might be glad to know that your fave supplier has new, higher
and larger premises, right next door from where we were. Our old
digs were getting a bit tight (we were really bursting out the
seams) so we grabbed a few floors in the building next door for our
team of 120, and since we are the anchor tenant now, we were able
to put our name on the building. Please note that our new address
is now 33 N Garden Avenue in Clearwater, FL. (That's the Tampa Bay
area on the west coast.) Want to see the new building, and the new
address? Check it out at the "we moved" page:
And here is our new view from the twelfth (top) floor!!:
Sunbelt April Seminars
We?d like to invite you to attend the following seminars that we
are hosting in April:
"Winning the War on the Spyware Battlefield" - Join renowned spyware
researcher and Sunbelt's Director of Malware Research, Eric Howes,
for an engaging discussion on the scope of the spyware problem.
Hosted at the Microsoft office in Washington DC on Tuesday, April 25th.
"What Every IT Manager Should Know About Protecting Microsoft Exchange
and Centralized Backup" ? Join Sunbelt and Double-Take Software as
we discuss strategies for implementing high availability, remote
availability and offsite disaster recovery solutions for Exchange
and other mission critical applications using Double-Take.
Hosted at the Microsoft office in Los Angeles, CA on Thursday,
April 20th. Register here:
Hosted at the Microsoft office in Columbus, OH on Tuesday,
April 25th. Register here:
Quotes of the Week
"Be not afraid of greatness: some men are born great, some achieve
greatness and some have greatness thrust upon them."
-- William Shakespeare
"The chief obstacle to the progress of the human race is the
human race." -- Don Marquis
Windows Vista Doubles Group Policy's Potential
The next version of Windows doubles the number of Group Policy
settings from roughly 1,500 to about 3,000. Most of them are
security related. It will pay off to read this article at the
How To Create Your Own MSI File To Deploy Apps
Deploying an app across an organization via Group Policy settings
is easy if the app has an installer in MSI format. But if it doesn't,
try creating your own MSI file. At SearchWinSystems
Step-by-Step Guide: Plan migration To SQL Server 2005
Before upgrading to SQL Server 2005, you must determine which
components you need to upgrade and what steps to take to get there.
Edgewood Solutions' Jeremy Kadlec reviews your migration options.
Useful, especially from a budgeting perspective!
A must read for administrators responsible for system security,
this collection of 10 tips from "Phishing Exposed," will teach you
how to prepare for and defend against phishers and spammers. To
begin, you'll discover how the e-mail delivery process works,
including how phishers and spammers take advantage of weaknesses
in SMTP design to manipulate and forge e-mail headers and settings.
You'll also explore how phishers and spammers use open relays and
proxy servers to cover their tracks, as well as tools and techniques
they use to harvest e-mail addresses, bypass spam filters and send
bulk mail to your users. At the SearchExchange site:
CastleCops and Sunbelt Are Gutting Phishers
The nascent Phishing Incident Reporting and Termination project
sponsored by CastleCops and Sunbelt Software encourages people
to report phishing attempts so they can be tracked down and
terminated. It was all over the press. Here is one article:
Hack To Speed Up Security Scans
Have you ever wondered how you can save some time when performing
your security scans? Well, if you use Windows XP for security
testing, there's a hack that might buy you some time. Learn more
in this step-by-step guide! (login required)
||WINDOWS SERVER NEWS
Virtual Server Service Pack Skates into 2007
Microsoft confirmed this week that Service Pack 1 for Virtual
Server 2005 R2 will arrive in early 2007 instead of late this
year, although the company says it doesn't categorize the change
as a "slip." Instead, according to a spokesperson, Microsoft is
merely able to be more precise about a delivery date as it gets
closer to testing the update. Read more at ENTMag:
MBSA 1.2 Support Yanked? Not Yet!
Redmond extended support for MBSA for a while longer. They planned
to end support for version 1.2 of the Microsoft Baseline Security
Analyzer last Friday. But Doug Neal, program manager at Microsoft,
said in an interview that they will extend it for a while.
"The decision was based on a lot of customer feedback we received
that said removing support at this time would create a gap in
security update detection for Microsoft products," he said. The
decision to extend support was made on Monday, he added.
Redmond was pushing MBSA 2.0 upgrades, but that version does not
support some Microsoft products like Office 2000, MSN Messenger
and MS Works. MBSA 1.2 is popular with more than 3 million scans
per week. The difference between MBSA 1.2 and 2.0? The scan engine.
The original is based on the Shavlik code. V2.0 is MS home brew.
EU Warns Microsoft Over Vista Features
The European Commission said it has competition worries about
Microsoft's new Vista operating system, another antitrust concern
the software giant must answer in Europe. Article at ComputerWorld:
What's New in ISA Server 2006
The Directions on Microsoft site had a interesting little summary
about ISA Server. "Internet Security and Acceleration (ISA) Server
2006, now in beta, adds modest improvements that ease admin and
boost versatility, but a major overhaul awaits the arrival of
Windows 'Longhorn' Server in 2007.
Although ISA Server 2006 does not carry the "R2" moniker used by
some Microsoft servers, such as Windows Server 2003 R2, to denote
minor releases, ISA Server 2006 is nevertheless a minor release.
It has not undergone any major architectural changes, the user
interface has few changes, and it contains only small improvements
over ISA Server 2004. These new features are unlikely to win over
customers that previously dismissed ISA Server, and existing
customers without Software Assurance (SA) are unlikely to see
enough incremental value to pay for the new release. However,
for customers with SA, the upgrade process should be relatively
quick and painless and they may benefit from some of the new
features. Furthermore, there should be no compatibility problems
with third-party ISA Server add-ins and utilities such as EMC's
Rainfinity load-balancing and failover software.
In addition to the improvements and new features Microsoft added
recently to ISA Server 2004 in Service Pack 2, such as better
caching of patches client PCs request from Windows Update or
Microsoft Update Web sites (see "ISA Server SP2 Adds Features" on
page 10 of the Mar. 2006 Update), ISA Server 2006 incorporates
numerous small changes that generally ease administrative tasks,
add flexibility, and increase the number of specialized situations
ISA Server can handle, such as supporting smart card or RSA token
authentication methods." Source:
||WINDOWS SERVER THIRD PARTY NEWS
Interview: What Is New In CounterSpy V2.0?
We asked our CounterSpy Consumer Product Manager Phil Owens about
the new version that we expect in the second quarter of 2006:
Q1: With Spyware now the major form of malicious software, what has
Sunbelt done to further its R&D to stay ahead, and cope with this
ever increasing menace?
A1: Sunbelt takes research and development seriously. Over the last
year, the Sunbelt Malware Research Team has grown exponentially to
include renowned researchers in the antispyware and malware fields.
In January, Sunbelt appointed leading expert, Eric Howes, to Director
of Malware Research where he is responsible for leading the research
initiatives that ensure CounterSpy?s threat database is top-notch
and effective at detecting and stopping the latest spyware and
malware threats. Also in January, antivirus rockstar Joe Wells was
appointed to Chief Scientist to help develop new scanning and
removal technologies to help combat and stay one step ahead of the
new and complex forms of malicious software that are being developed.
Q2: What are the major improvements in V2 over V1.5?
A2: Five points:
Q3: Users are grappling with the length of time it takes to scan,
has this been improved?
- Sunbelt has rewritten CounterSpy?s scanning engine to be more
accurate in its detection and removal of spyware and also utilizes
less computing power on your PC, which allows you to do other things
on your PC during a scan.
- CounterSpy?s real-time protection - Active Protection - has been
completely revamped to be more proactive in not allowing malware
to infest a machine ? in other words, spyware will be stopped before
it can even install on your PC.
- CounterSpy?s spyware definition updates have been changed to allow
for smaller incremental updates. What this means is that when new
spyware definitions are available, CounterSpy will only download
the definitions that have been added or changed. This will make
downloads as much as 10 minutes faster on a dialup connection.
- Users will be allowed to do Full System Scan and Removal even
if logged in with limited user privileges ? so if you have multiple
users on your PC, for example, you?ve created a limited user ID for
your spouse, and you are the Admin, your spouse will still be able
to run a scan and delete any spyware detected.
- Some minor enhancements include: New Scheduling Options and
better usability around Active Protection.
A3: Quick Scan has improved dramatically, however full system scan
still takes about the same amount of time, but with enhancements
listed above, you are able to work within other applications
while scanning takes place.
Q4: Will Version 2 allow users to more easily control settings?
A4: Three points:
Q5: Is there any change in V2 on how cookies are handled?
- Sunbelt has created various best practices for Active Protection
to allow users to choose security preferences on when they are
notified about certain behaviors on their PC. For example, choosing
a more aggressive security preference would display to the user
more changes that are being made to the PC by software that is
installed ? whether malicious or not.
- A settings button has been added to the toolbar so it is
no longer hidden under a menu.
- Scheduling has changed to allow multiple scheduled scans per
day and more customization per scan.
A5: Not really. CounterSpy continues to recognize tracking and
metrics cookies as low-risk threats. However, there is still
an optional checkbox to not scan for cookies.
Q6: What do you see is the difference between CounterSpy and
A6: Two major points:
We expect both versions (consumer and enterprise) to be released
during the second quarter of 2006.
- Bottom line, we believe an antispyware tool is only as good
as its threat database. With the team we have in place to research
and uncover new spyware threats daily, along with ThreatNet, our
community of opt-in users that report spyware back to Sunbelt,
CounterSpy?s threat database is one of the most robust databases
on the market. We also take a very aggressive stance with our
threat listing criteria, ensuring that all levels of spyware
threats are detected and removed.
- CounterSpy remains one of only a few applications on the
market that allows the user to make informed decisions to
ignore, quarantine, or remove detected threats based on
recommended best practice actions in our spyware results display.
Data Protection Strategies for Virtualization
Reliable and Cost Effective Disaster Recovery and High
Virtualization is one of the fastest-growing technologies in
mainstream IT today. Historically, virtual systems have been
used to consolidate operating environments, optimize resource
use, and improve IT flexibility. While this remains true,
organizations are now using virtualization as part of an exciting
new business continuity solution. To ensure that business-critical
data is always protected, replication technologies are being
applied to virtual systems as a cost-effective means to disaster
recovery, high availability, and centralized back-up.
Please join us for this educational webinar to learn more about
data replication for virtual systems.
Altiris Came Up With Some Cool Technology!
Neil Rubenking at PCMag reviewed a new category of software created
by Altiris and AlexE sent the link over to me. This is some very
cool stuff! Rubenking wrote: "Where virtual machine utilities
like VMware Workstation manage entire virtual computers, Altiris
Software Virtualization Solution 2.0 virtualizes individual
software installations. In the latest PC Magazine Technical
Excellence Awards, we recognized the product based on a beta
version. The utility can instantly wipe out a problem program,
allow alternating use of incompatible applications, and make
transferring software between computers a breeze. SVS is free
for personal use on up to ten computers; Follow the link at the
end of this review to pcmag.com-hosted download. At the enterprise
level, it sells for $29 per node (list) and integrates with
the Notification Server and Deployment Solution products from
Altiris." You should check this out:
||WServerNews 'FAVE' LINKS
This Week's Links We Like. Tips, Hints And Fun Stuff
- This is why I work in IT. After 25 years there are still things
happening that are AWESOME to see !!! This is a movie about the
technology which Apple has recently patented. It is not a movie
made by Apple but by some researchers (google video)
- New data transmission record - 60 DVDs per second! That is a
whopping 2.56 terabits per second over a 160-kilometer link.
- Pretty cool Robot War video from Japan. The little guys are
beating each other up with body slams and other cool moves:
- A drivable replica of a Star Wars LANDSPEEDER, is currently on
sale on eBay:
- Suspect your girlfriend is cheating? Set up a packet sniffer
and find out if she really is. LanHound would do the trick, but
here is a guy who did it with Ethereal:
- Forrester published a new report that examines the trust that
U.S. American households place in PC and consumer electronics (CE)
brands, including the brands of Microsoft, Nintendo and Sony:
- Meteor crash video commercial for Chevy truck:
- Some guys have created a consumer gateway device for $150.
Another solution looking for a problem. Nobody is going to pay
that kind of money. You need to pay even more for AV. Dumb!
- A collection of some "fave" Microsoft clips, collated together in
a movie with computer generated voice-overs that are definitely
anti-redmond (made by a few Mac-fans) but have a good "humor"
value. You may have missed some of these clips. (don't kill me
for Microsoft bashing. I don't agree with their comments, but
some of the clips are really funny!)
- OMG this one is really hilarious. A City Manager (with "22 years
of IT experience") sees Linux Web Server Standard Install page
on his site, and figures he got hacked, hunts down the Linuxmaker
and really goes out to threaten them with the FBI!
||WServerNews - PRODUCT OF THE WEEK
How To Get Free AV on Exchange: Participate In Ninja Beta
Did you know that Sunbelt Messaging Ninja just went into Beta 2?
If you are interested in testing Ninja on one of your production
servers, there are some very attractive awards available. With
Ninja you can scan and eliminate threats at the server level,
filter attachments in a truly smart way, scan spam and viruses
through multiple engines and much more. Check out the specs, and
click on download to get instructions how to get the beta: