Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 11, #18 - May 1, 2006 - Issue #574
Major Changes In SMS And MOM

    • CounterSpy Enterprise Wins 2006 Well-Connected Award
    • More About: "What Is Your Record Uptime?"
    • The May 2006 Seminars: N'Orleans; Pittsburgh & Ft Lauderdale
    • Quote of the Week
    • Admin Tools We Think You Shouldn't Be Without
    • All-in-One Guide: AD Backup And Recovery
    • Why, When And How To Consolidate SQL Servers
    • Active Directory Federation Services Explained
    • Is This Thing On? Verifying DPM Status
    • An Administrator?s Guide To Exchange Public Folders
    • Tip: New Crop Of MS Cert Exams Springs Up In April
    • I Was Just Hunting UFOs, Says Pentagon Hacker
    • Major Changes In SMS and MOM
    • Microsoft Service Desk Could Be Tough Sell
    • Deadline WinIT Pro Readers' Choice 2006: May First!
    • NetIQ Sold for $495 Million
    • Double-Take Software: MVP Awards Finalist
    • Superfast, Super Value, Remote Control
    • New Crop Of Holes That Needs To Be Scanned For & Fixed
  6. WServerNews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. WServerNews - PRODUCT OF THE WEEK
    • More Security Regulations To Comply With?
Combat Spam On Several Fronts - with Kerio MailServer

Taking complete approach to spam filtering can be surprisingly
easy with Kerio MailServer. It's a well-rounded package of anti-
spam techniques ranging from directory harvest attack protection
to SPF verification to Bayesian filtering that can turn any PC
into a powerful anti-spam gateway. You can install Kerio MailServer
a Windows or Linux server, making it a powerful anti-spam appliance
for under $500 plus hardware. Continues...


CounterSpy Enterprise Wins 2006 Well-Connected Award

Network Computing wrote: "Compliance... zero-day vulnerabilities... the business case for security ... policy, policy and more policy! You can't turn around without bumping into one of these topics. They're important issues, but they're not the best drivers for security-related deployments. Let's face it: There are few business cases for security other than avoidance--specifically risk, attack and litigation avoidance. You need processes and products that solve the problems you face every day. Security budgets aren't growing by leaps and bounds. In fact, many organizations' compliance dollars are going for audits, re-engineering projects and consultants."

And in the section Security Winners - Antispyware they wrote: Winner: Sunbelt Software CounterSpy Enterprise 1.5 "Getting rid of spyware is a difficult task, but to do it well, antispyware tools must reduce administrative load. In our tests, Sunbelt's CounterSpy Enterprise performed remarkably well from an administrative perspective. This product can be deployed and updated more efficiently than any other product we reviewed, and it integrates seamlessly with Active Directory. Policy configuration, exclusion lists and status reporting were all top-notch."

Here is the link to the Network Computing Winners Page:

Here is the link to the CSE Product Page for a 30-day eval:

More About: "What Is Your Record Uptime?"

It looks like quite a few of you have systems running for long times. But this topic was generating enormous feedback as well. Many of you sent me email that boiled down to: "Hey, how about patches and updates? Once a month a reboot is required to keep my systems secure!" And that is of course a very good point.

WSN-reader Nick Meyer came back with a another important reason for regular reboots though. Here is what he sent in: "For my part, I have never been impressed by long uptime stats. It means that you haven't patched your machine, you've never powered it down, you haven't tested failover, and just generally have not done your job. The most memorable incident I had was a service call on was an IBM RS6000 unit that had run continuously for seven and a half years. They re-arranged the server room, so they powered the unit down, moved it, powered it up...and got nothing. 4 hour response time callout. Darn thing had had a failed drive in a RAID 5 array and wouldn't allow a bootup without replacing the bad disk. Sensible enough--keeps you from running a unit in a vulnerable situation. Brought in a SCSI drive replacement--larger than the original but compatible with the controller. Fugetaboutit, not allowed. Okay, replace all three drives and restore from tape. Fugetaboutit, the Unix backup routine was a sector-by-sector image that could only be restored to the EXACT same drive array. This was Friday. No air freight service on Saturday. Got a drive in Sunday evening. No joy. Sourced an acceptable drive from IBM on Tuesday. Got it Wednesday. In-house IT got the server running for Thursday morning--but Friday afternoon through Wednesday afternoon, 214 drafting/design personnel did jack squat. 30 hrs x 214 people x $14.00/hr average = $89880. I never was too impressed with uptime stats--but after that I was determined that NO server I looked after would ever go more than a month without a reboot. If I am going to get an unpleasant surprise, I want it to happen long before it turns out the hardware I am running can't be replaced or the backup routine I am using has a big gotcha". Wise words from the guy that was bitten and literally learned a valuable lesson!

The May 2006 Seminars: N'Orleans; Pittsburgh & Ft Lauderdale

We?d like to invite you to attend the following seminars that we are hosting in May:

"Winning the War on the Spyware Battlefield" - Join renowned spyware researcher and Sunbelt's Director of Malware Research, Eric Howes, for an engaging discussion on the scope of the spyware problem. Hosted at the Microsoft office in Ft. Lauderdale on Thursday, May 18th. Register:

"Hurricane Season 2006 ? Protecting Your Data" ? The 2006 hurricane season starts June 1st ? is your critical business data protected? Join Sunbelt and Double-Take Software for a disaster recovery seminar focused on protecting Microsoft Exchange, SQL and other mission critical applications. Hosted at the New Orleans Marriott at the Convention Center on Wednesday, May 17th. Register here:

"What Every IT Manager Should Know About Protecting Microsoft Exchange and Centralized Backup" ? Join Sunbelt and Double-Take Software as we discuss strategies for implementing high availability, remote availability and offsite disaster recovery solutions for Exchange and other mission critical applications using Double-Take. Hosted at the Microsoft office in Pittsburgh, PA on Tuesday, May 23rd. Register here:

Quote of the Week

"You can fool all the people some of the time, and some of the people all the time, but you cannot fool all the people all the time." -- Abraham Lincoln

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Tools We Think You Shouldn't Be Without

Freeware for Microsoft AD & ADAM. Web Employee Directory + Self Service.

This time around just two entries in the Admin Toolbox. Because the second one has 450 tools in it! David Pearson sent this page to me. It's called "I want a Freeware Utility to ... 450+ common problems solved. Extremely useful utilities that do specific jobs really well and save time and money. Now you can spend your weekend checking out all these cool tools. [grin]:


All-in-One Guide: AD Backup And Recovery

Ensure that your Active Directory remains intact -- even when the worst happens -- with Chapter 4: Active Directory, the final installment of All-in-One Guides to Windows backup and recovery. The three AD segments include advice on Backup Basics, Disaster Recovery, and Replication, including tips outlining methods of backing up your AD domain controllers, describing how to back up DNS servers and options for creating a disaster recovery plan.

Why, When And How To Consolidate SQL Servers

This original e-book introduces DBAs to the worlds of server and storage consolidation. In Chapter 1: The case for consolidation, author Hilary Cotter details problems associated with SQL Server sprawl, defines storage and server consolidation, and helps you determine if consolidation is right for your outfit.

Active Directory Federation Services Explained

ADFS sounds complicated, but it's not as difficult to implement as it sounds. Simplify Web application access by extending identity beyond organizational boundaries. At SearchWindowsSecurity:

Is This Thing On? Verifying DPM Status

The first step in troubleshooting most problems related to Data Protection Manager is to verify that it is actually operating. SearchWinSystems has the tech how to troubleshoot it.

An Administrator?s Guide To Exchange Public Folders

Despite speculation on their impending demise, Exchange public folders are still widely used and Microsoft plans to support them through the next version of Exchange Server. This new administrator?s guide to Exchange public folders compiles articles, tutorials, tips, tools, downloads, and expert advice that will improve your Exchange public folder management and augment your troubleshooting know-how.

Tip: New Crop Of MS Cert Exams Springs Up In April

Spring is in the air, and more than just the flowers are in bloom. Career expert Ed Tittel goes over some of the newest Redmond certs to begin their lifecycles this month.

I Was Just Hunting UFOs, Says Pentagon Hacker

OK, this is just a fun story, nothing technical at all, except to show that most supposedly secure systems can still be hacked by basically an amateur. Here goes: To the U.S. government, Gary McKinnon is a seriously dangerous man who put the nation's security at risk by committing "the biggest military computer hack of all time." However, Mr. McKinnon sees things differently, he was just looking for UFO evidence. ComputerWorld has the story:


Major Changes In SMS and MOM

First off, Redmond announced they acquired asset management house AssetMetrix and will add its asset management capabilities into SMS within the next nine months. AssetMetrix inventories more than 250 hardware features such as CPU and RAM and catalogs more than 300,000 apps, including version numbers and licensing data.

But second, and a bigger surprise, they changed SMS' name to "System Center Configuration Manager 2007". Sheesh, SMS becomes 'SCCM' and gets a year tacked on. Oh well. It will ship in 2007.

By adding AssetMetrix you can integrate your Microsoft Licensing Statements with inventory data to ensure the software you run is legal. Redmond said their idea was to have this data loaded into SCCM to beef up its existing basic asset management features.

Also, Redmond will continue to run AssetMetrix as a hosted service, similar to FrontBridge for e-mail cleaning and Placeware for Web conferencing.

At the same time, Kiril Tatarinov (Corp VP of Windows and Enterprise Management) laid out their plans for the management products over the next 18 months. To start with, he announced products that will integrate Redmond's management modeling technology which is called Systems Definition Model (SDM).

Ready for some more change? Well MOM is now SCUM! Ooops, really 'SCOM' but it sounds a lot worse doesn't it? Microsoft Operations Manager v3 is now called System Center Operations Manager 2007 (SCOM). Sheesh! The first public beta of SCOM 2007 will ship in late May or early June. The final release will ship before the end of the year.

Also in 2007, Redmond plans to release System Center Service Desk, a process workflow engine that ties together their range of management tools, more about this in the item below.

SSCM will have a simplified GUI that supports drag-and-drop and advanced task sequencing for complex software and OS deployments. It will also have "Wake-on LAN" management over the Internet, and "time change windows." which allows you to wake up powered down systems and to schedule updates and distributions.

The new SSCM 2007 will also support Network Address Protection (NAP) when Longhorn (Vista Server) comes out. This will help you improve security compliance by blocking access to your corporate network by noncompliant systems. SCCM 2007 will automate the "remediation process" to bring offending systems up to the required level. If you want to have a look at Beta 1 of SCCM 2007, go here:

Microsoft Service Desk Could Be Tough Sell

Redmond is adding the product, code-named simply "Service Desk," in late 2007. It pulls together process and change control logic. It will be integrated with other System Center tools out-of-the-box.

But even by adding a service desk to its System Center portfolio, it won't be easy for Microsoft to entice Windows shops that have already invested time and money in third-party products like MBC, IBM and Peregrine. Story at:


Deadline WinIT Pro Readers' Choice 2006: May First!

Oh, if you have not voted yet, could you? The vote ends May 1! If you like receiving your weekly WServerNews, and like Sunbelt's products, I'd be very grateful if you would vote for us!

Windows IT Pro Magazine started their 2006 Readers' Choice awards voting and it continues through May 1st, 2006. To vote, the only requirement is a Windows IT Pro registered user or subscriber account. These accounts are free and require only a valid e-mail address. If you are not registered, you should. This is a GREAT Site that I think is in the Top 3 for system admins. Vote here:

And here is the list of direct links of our five products you can vote for. Thanks a lot in advance!
  • Security: Spyware Blocker - CounterSpy Enterprise
  • Messaging: Antispam Mail/Server - iHateSpam for Exchange
  • Network Management: Network Analyzer - LanHound
  • Security: Vulnerability Assessment Scanner - Sunbelt Network Security Inspector
So, if you have been reading WServerNews for a while and would like to thank me for your weekly windows news roundup, I would highly appreciate your vote. Go here:

NetIQ Sold for $495 Million

Client Server News reported today that AttachmateWRQ is buying NetIQ, who did their IPO in 1999 and - up against Microsoft - for all intents and purposes hasn't made money since then. However, NetIQ has about $192 million in the bank so the price is more like $300 million. AttachmateWRQ creates software that integrates desktops with mainframes. On the same day the acquisition was NetIQ, posted losses of $1.14 million, or three cents a share, on revenues down 10% to $46 million for the March quarter. If you work in our Windows/Linux industry and want to get the inside scoop early, you should consider a subscription to Client Server News:

Double-Take Software: MVP Awards Finalist

More great news - Double-Take has been selected as a "Data Protection Software" finalist for the Storage World MVP Awards! These awards recognize the "best of the best" of storage networking products in the industry, as determined by storage end-users. The nomination was reviewed by a board of storage industry experts (including representatives from InfoStor Magazine and the ASNP). Similar to the ACE awards, end-users vote on the winner, voting ends May 5.

Superfast, Super Value, Remote Control

Sunbelt Remote Administrator has everything you need, and nothing you don't. A user called it a "pcAnywhere killer"! Sunbelt Radmin is a complete and secure remote control tool especially designed for-and-by busy system admins. (but if you are a normal telecommuter it will work great for you too) The truly crucial features are all there: superfast remote control, file transfer, NT security, telnet and multilanguage support. It has a very small, tight footprint and is blisteringly fast. The price is ridiculously low. This is one sweet little tool that comes with Sunbelt's industry strength tech support and resources. Version 3.0 is in beta and expected soon:

New Crop Of Holes That Needs To Be Scanned For & Fixed

Sunbelt Network Security Inspector (SNSI) version released April 26, 2006). To update from within the SNSI console, select Settings, enter your full registration key and click on Check Now button. New vulnerability updates for this release include:
ID      Name
L1119   Groff temp directory race condition - MDV
L1120   Kernel multiple vulnerabilities - MDV
L1121   Bluez-hcidump l2cap.c vulnerability - MDV
L1122   Libtiff malformed BitsPerSample tag - MDV
L1123   Mplayer multiple vulnerabilities - MDV
L1124   Mozilla Thunderbird WYSIWYG security bypass - MDV
L1125   Freeciv packet.c negative compression error - MDV
L1126   Xorg-X11 Init.c logfile and configure error - MDV
L1127   GNOME Evolution Cairo content-disposition - MDV
L1128   PHP html_entity chunk return - MDV
W2757   Firefox Privilege Escalation Vulnerabilities
W2758   Mozilla SeaMonkey Privilege Escalation Vulnerabilities
SNSI extended to support more OS versions: Mandriva
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories. Get a 30-day eval at:

WServerNews 'FAVE' LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff


More Security Regulations To Comply With?

Your organization needs to comply with more and more security regulations. A good example is the new Credit Card Security Standard. If your outfit takes credit card sales online, you need to comply! Windows IT Pro Magazine readers chose SNSI as their Best Vulnerability Scanner in the September 2005 issue. Earlier reviews gave SNSI got 4 out of 5 stars, and they said: "Excellent vulnerability descriptions and remediation instructions; low cost... user-friendly." 30-day eval here: