Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 11, #14 - Apr 3, 2006 - Issue #570
Moved Up In The World

    • Sunbelt Software Moved Up In The World
    • Sunbelt April Seminars
    • Quotes of the Week
    • Admin Tools We Think You Shouldn't Be Without
    • Windows Vista Doubles Group Policy's Potential
    • How To Create Your Own MSI File To Deploy Apps
    • Step-by-Step Guide: Plan migration To SQL Server 2005
    • Phishing Exposed
    • CastleCops and Sunbelt Are Gutting Phishers
    • Hack To Speed Up Security Scans
    • Virtual Server Service Pack Skates into 2007
    • MBSA 1.2 Support Yanked? Not Yet!
    • EU Warns Microsoft Over Vista Features
    • What's New in ISA Server 2006
    • Interview: What Is New In CounterSpy V2.0?
    • Data Protection Strategies for Virtualization
    • Altiris Came Up With Some Cool Technology!
  6. WServerNews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. WServerNews - PRODUCT OF THE WEEK
    • How To Get Free AV on Exchange: Participate In Ninja Beta
How Much of Your Network Traffic Is Caused By Spyware?

A customer told us: "Thank you very much. After the first 60 PCs
were seen in CSE I initiated a deep scan. Within 3 minutes of the
scan starting outbound Internet traffic dropped by 2/3! After 68
agents were deploys and the default noon quick scan ran, traffic
dropped by 75%. SWEET." Try out for yourself how much network
traffic you can kill with CounterSpy Enterprise:


Sunbelt Software Moved Up In The World

Hi All!

You might be glad to know that your fave supplier has new, higher and larger premises, right next door from where we were. Our old digs were getting a bit tight (we were really bursting out the seams) so we grabbed a few floors in the building next door for our team of 120, and since we are the anchor tenant now, we were able to put our name on the building. Please note that our new address is now 33 N Garden Avenue in Clearwater, FL. (That's the Tampa Bay area on the west coast.) Want to see the new building, and the new address? Check it out at the "we moved" page:

And here is our new view from the twelfth (top) floor!!:

Sunbelt April Seminars

We?d like to invite you to attend the following seminars that we are hosting in April:

"Winning the War on the Spyware Battlefield" - Join renowned spyware researcher and Sunbelt's Director of Malware Research, Eric Howes, for an engaging discussion on the scope of the spyware problem. Hosted at the Microsoft office in Washington DC on Tuesday, April 25th. Register here:

"What Every IT Manager Should Know About Protecting Microsoft Exchange and Centralized Backup" ? Join Sunbelt and Double-Take Software as we discuss strategies for implementing high availability, remote availability and offsite disaster recovery solutions for Exchange and other mission critical applications using Double-Take.

Hosted at the Microsoft office in Los Angeles, CA on Thursday, April 20th. Register here:

Hosted at the Microsoft office in Columbus, OH on Tuesday, April 25th. Register here:

Quotes of the Week

"Be not afraid of greatness: some men are born great, some achieve greatness and some have greatness thrust upon them." -- William Shakespeare

"The chief obstacle to the progress of the human race is the human race." -- Don Marquis

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Tools We Think You Shouldn't Be Without

Must Have Freeware. AD Web Search App + GAL Self Service. Free download at the NameScape Site:

Winternals Admin Pak is a complete suite of powerful tools. They have an emergency download link you need in your faves.

Forgot the Admin Password? Got locked out? There's freeware, but NTAccess comes with professional tech support, and is just $70:

Sunbelt Remote Admin is a superfast, super value, award winning remote control program. Everything you need and nothing you don't.


Windows Vista Doubles Group Policy's Potential

The next version of Windows doubles the number of Group Policy settings from roughly 1,500 to about 3,000. Most of them are security related. It will pay off to read this article at the SearchWinIT site:

How To Create Your Own MSI File To Deploy Apps

Deploying an app across an organization via Group Policy settings is easy if the app has an installer in MSI format. But if it doesn't, try creating your own MSI file. At SearchWinSystems

Step-by-Step Guide: Plan migration To SQL Server 2005

Before upgrading to SQL Server 2005, you must determine which components you need to upgrade and what steps to take to get there. Edgewood Solutions' Jeremy Kadlec reviews your migration options. Useful, especially from a budgeting perspective!

Phishing Exposed

A must read for administrators responsible for system security, this collection of 10 tips from "Phishing Exposed," will teach you how to prepare for and defend against phishers and spammers. To begin, you'll discover how the e-mail delivery process works, including how phishers and spammers take advantage of weaknesses in SMTP design to manipulate and forge e-mail headers and settings. You'll also explore how phishers and spammers use open relays and proxy servers to cover their tracks, as well as tools and techniques they use to harvest e-mail addresses, bypass spam filters and send bulk mail to your users. At the SearchExchange site:

CastleCops and Sunbelt Are Gutting Phishers

The nascent Phishing Incident Reporting and Termination project sponsored by CastleCops and Sunbelt Software encourages people to report phishing attempts so they can be tracked down and terminated. It was all over the press. Here is one article:

Hack To Speed Up Security Scans

Have you ever wondered how you can save some time when performing your security scans? Well, if you use Windows XP for security testing, there's a hack that might buy you some time. Learn more in this step-by-step guide! (login required)


Virtual Server Service Pack Skates into 2007

Microsoft confirmed this week that Service Pack 1 for Virtual Server 2005 R2 will arrive in early 2007 instead of late this year, although the company says it doesn't categorize the change as a "slip." Instead, according to a spokesperson, Microsoft is merely able to be more precise about a delivery date as it gets closer to testing the update. Read more at ENTMag:

MBSA 1.2 Support Yanked? Not Yet!

Redmond extended support for MBSA for a while longer. They planned to end support for version 1.2 of the Microsoft Baseline Security Analyzer last Friday. But Doug Neal, program manager at Microsoft, said in an interview that they will extend it for a while.

"The decision was based on a lot of customer feedback we received that said removing support at this time would create a gap in security update detection for Microsoft products," he said. The decision to extend support was made on Monday, he added.

Redmond was pushing MBSA 2.0 upgrades, but that version does not support some Microsoft products like Office 2000, MSN Messenger and MS Works. MBSA 1.2 is popular with more than 3 million scans per week. The difference between MBSA 1.2 and 2.0? The scan engine. The original is based on the Shavlik code. V2.0 is MS home brew.

EU Warns Microsoft Over Vista Features

The European Commission said it has competition worries about Microsoft's new Vista operating system, another antitrust concern the software giant must answer in Europe. Article at ComputerWorld:

What's New in ISA Server 2006

The Directions on Microsoft site had a interesting little summary about ISA Server. "Internet Security and Acceleration (ISA) Server 2006, now in beta, adds modest improvements that ease admin and boost versatility, but a major overhaul awaits the arrival of Windows 'Longhorn' Server in 2007.

Although ISA Server 2006 does not carry the "R2" moniker used by some Microsoft servers, such as Windows Server 2003 R2, to denote minor releases, ISA Server 2006 is nevertheless a minor release. It has not undergone any major architectural changes, the user interface has few changes, and it contains only small improvements over ISA Server 2004. These new features are unlikely to win over customers that previously dismissed ISA Server, and existing customers without Software Assurance (SA) are unlikely to see enough incremental value to pay for the new release. However, for customers with SA, the upgrade process should be relatively quick and painless and they may benefit from some of the new features. Furthermore, there should be no compatibility problems with third-party ISA Server add-ins and utilities such as EMC's Rainfinity load-balancing and failover software.

In addition to the improvements and new features Microsoft added recently to ISA Server 2004 in Service Pack 2, such as better caching of patches client PCs request from Windows Update or Microsoft Update Web sites (see "ISA Server SP2 Adds Features" on page 10 of the Mar. 2006 Update), ISA Server 2006 incorporates numerous small changes that generally ease administrative tasks, add flexibility, and increase the number of specialized situations ISA Server can handle, such as supporting smart card or RSA token authentication methods." Source:


Interview: What Is New In CounterSpy V2.0?

We asked our CounterSpy Consumer Product Manager Phil Owens about the new version that we expect in the second quarter of 2006:

Q1: With Spyware now the major form of malicious software, what has Sunbelt done to further its R&D to stay ahead, and cope with this ever increasing menace?
A1: Sunbelt takes research and development seriously. Over the last year, the Sunbelt Malware Research Team has grown exponentially to include renowned researchers in the antispyware and malware fields. In January, Sunbelt appointed leading expert, Eric Howes, to Director of Malware Research where he is responsible for leading the research initiatives that ensure CounterSpy?s threat database is top-notch and effective at detecting and stopping the latest spyware and malware threats. Also in January, antivirus rockstar Joe Wells was appointed to Chief Scientist to help develop new scanning and removal technologies to help combat and stay one step ahead of the new and complex forms of malicious software that are being developed.

Q2: What are the major improvements in V2 over V1.5?
A2: Five points:
  1. Sunbelt has rewritten CounterSpy?s scanning engine to be more accurate in its detection and removal of spyware and also utilizes less computing power on your PC, which allows you to do other things on your PC during a scan.
  2. CounterSpy?s real-time protection - Active Protection - has been completely revamped to be more proactive in not allowing malware to infest a machine ? in other words, spyware will be stopped before it can even install on your PC.
  3. CounterSpy?s spyware definition updates have been changed to allow for smaller incremental updates. What this means is that when new spyware definitions are available, CounterSpy will only download the definitions that have been added or changed. This will make downloads as much as 10 minutes faster on a dialup connection.
  4. Users will be allowed to do Full System Scan and Removal even if logged in with limited user privileges ? so if you have multiple users on your PC, for example, you?ve created a limited user ID for your spouse, and you are the Admin, your spouse will still be able to run a scan and delete any spyware detected.
  5. Some minor enhancements include: New Scheduling Options and better usability around Active Protection.
Q3: Users are grappling with the length of time it takes to scan, has this been improved?
A3: Quick Scan has improved dramatically, however full system scan still takes about the same amount of time, but with enhancements listed above, you are able to work within other applications while scanning takes place.

Q4: Will Version 2 allow users to more easily control settings?
A4: Three points:
  1. Sunbelt has created various best practices for Active Protection to allow users to choose security preferences on when they are notified about certain behaviors on their PC. For example, choosing a more aggressive security preference would display to the user more changes that are being made to the PC by software that is installed ? whether malicious or not.
  2. A settings button has been added to the toolbar so it is no longer hidden under a menu.
  3. Scheduling has changed to allow multiple scheduled scans per day and more customization per scan.
Q5: Is there any change in V2 on how cookies are handled?
A5: Not really. CounterSpy continues to recognize tracking and metrics cookies as low-risk threats. However, there is still an optional checkbox to not scan for cookies.

Q6: What do you see is the difference between CounterSpy and the competition?
A6: Two major points:
  1. Bottom line, we believe an antispyware tool is only as good as its threat database. With the team we have in place to research and uncover new spyware threats daily, along with ThreatNet, our community of opt-in users that report spyware back to Sunbelt, CounterSpy?s threat database is one of the most robust databases on the market. We also take a very aggressive stance with our threat listing criteria, ensuring that all levels of spyware threats are detected and removed.
  2. CounterSpy remains one of only a few applications on the market that allows the user to make informed decisions to ignore, quarantine, or remove detected threats based on recommended best practice actions in our spyware results display.
We expect both versions (consumer and enterprise) to be released during the second quarter of 2006.

Data Protection Strategies for Virtualization

Reliable and Cost Effective Disaster Recovery and High Availability Solutions.

Virtualization is one of the fastest-growing technologies in mainstream IT today. Historically, virtual systems have been used to consolidate operating environments, optimize resource use, and improve IT flexibility. While this remains true, organizations are now using virtualization as part of an exciting new business continuity solution. To ensure that business-critical data is always protected, replication technologies are being applied to virtual systems as a cost-effective means to disaster recovery, high availability, and centralized back-up.

Please join us for this educational webinar to learn more about data replication for virtual systems.

Altiris Came Up With Some Cool Technology!

Neil Rubenking at PCMag reviewed a new category of software created by Altiris and AlexE sent the link over to me. This is some very cool stuff! Rubenking wrote: "Where virtual machine utilities like VMware Workstation manage entire virtual computers, Altiris Software Virtualization Solution 2.0 virtualizes individual software installations. In the latest PC Magazine Technical Excellence Awards, we recognized the product based on a beta version. The utility can instantly wipe out a problem program, allow alternating use of incompatible applications, and make transferring software between computers a breeze. SVS is free for personal use on up to ten computers; Follow the link at the end of this review to download. At the enterprise level, it sells for $29 per node (list) and integrates with the Notification Server and Deployment Solution products from Altiris." You should check this out:

WServerNews 'FAVE' LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff

  • This is why I work in IT. After 25 years there are still things happening that are AWESOME to see !!! This is a movie about the technology which Apple has recently patented. It is not a movie made by Apple but by some researchers (google video)
  • New data transmission record - 60 DVDs per second! That is a whopping 2.56 terabits per second over a 160-kilometer link.
  • Pretty cool Robot War video from Japan. The little guys are beating each other up with body slams and other cool moves:
  • A drivable replica of a Star Wars LANDSPEEDER, is currently on sale on eBay:
  • Suspect your girlfriend is cheating? Set up a packet sniffer and find out if she really is. LanHound would do the trick, but here is a guy who did it with Ethereal:
  • Forrester published a new report that examines the trust that U.S. American households place in PC and consumer electronics (CE) brands, including the brands of Microsoft, Nintendo and Sony:
  • Meteor crash video commercial for Chevy truck:
  • Some guys have created a consumer gateway device for $150. Another solution looking for a problem. Nobody is going to pay that kind of money. You need to pay even more for AV. Dumb!
  • A collection of some "fave" Microsoft clips, collated together in a movie with computer generated voice-overs that are definitely anti-redmond (made by a few Mac-fans) but have a good "humor" value. You may have missed some of these clips. (don't kill me for Microsoft bashing. I don't agree with their comments, but some of the clips are really funny!)
  • OMG this one is really hilarious. A City Manager (with "22 years of IT experience") sees Linux Web Server Standard Install page on his site, and figures he got hacked, hunts down the Linuxmaker and really goes out to threaten them with the FBI!


How To Get Free AV on Exchange: Participate In Ninja Beta

Did you know that Sunbelt Messaging Ninja just went into Beta 2? If you are interested in testing Ninja on one of your production servers, there are some very attractive awards available. With Ninja you can scan and eliminate threats at the server level, filter attachments in a truly smart way, scan spam and viruses through multiple engines and much more. Check out the specs, and click on download to get instructions how to get the beta: