Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 11, #19 - May 8, 2006 - Issue #575
"SMB's Especially Attractive To Spyware Criminals"

  1. EDITORS CORNER
    • The Secret Of Finding The Faves
    • Quotes of the Week
  2. ADMIN TOOLBOX
    • Admin Tools We Think You Shouldn't Be Without
  3. TECH BRIEFING
    • Aetna Says Laptop Stolen With Data On 38,000 Members
    • Latest Moskowitz Newsletter: Printers!
    • When Firmware Causes DDOS Attacks
    • Learning Guide: SQL Server Performance Tuning A to Z
    • Using The New DFS In Windows Server 2003 R2
    • Learning Center: Curing AD Security Issues
    • Outlook Folder Deletion And Synchronization Problems
  4. WINDOWS SERVER NEWS
    • FullArmor Takes Group Policy To Next Level
    • Few IT Shops Need Worry About Late Vista
  5. WINDOWS SERVER THIRD PARTY NEWS
    • "SMB's Especially Attractive To Spyware Criminals"
    • Double-Take Fights Hurricanes
    • Need To Stress Test Your FTP Server?
  6. WServerNews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - PRODUCT OF THE WEEK
    • "Antispyware tools must reduce administrative load"
Explore The Alternatives To Microsoft Exchange

Switching to a different mail server is always an involved
process, but Kerio MailServer makes it less painful. Clients can
keep using Outlook or Entourage. Its powerful WebMail delivers an
Outlook-like experience, and you will be able to transfer email,
events and contacts from Exchange to Kerio MailServer using the
included Exchange Migration Tool. Specially designed for SMBs,
Kerio MailServer starts at $499 for 20 users. Continues...
http://www.wservernews.com/060508-Kerio_MailServer

EDITORS CORNER

The Secret Of Finding The Faves

Been doing this 10 years now, so I guess I'll let out the secret after all this time. [grin] It's YOU guys that send them to me mostly. I get suggestions for faves from all directions. People in the office send me links, list subscribers do, friends and family, and often I see postings on the NTSYSADMIN and the Exchangelist that are very cool. This week's Faves are especially interesting, you should check them all out!

Quotes of the Week

"I have always wished that my computer would be as easy to use as my telephone. My wish has come true. I no longer know how to use my telephone." -- Bjarne Stroustrup, inventor of the C++ language.

"In the choice between changing one's mind and proving there's no need to do so, most people get busy on the proof" -- John Kenneth Galbraith, economist (1909-2006)

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


ADMIN TOOLBOX

Admin Tools We Think You Shouldn't Be Without

Want to track email outgoing from a particular group of users to the Internet, and all incoming email to that same group of users?
http://www.wservernews.com/060508-Message_Tracking

A code generating tool if you work with Windows Management Instrumentation objects is free from MS: The WMI Code Creator.
http://www.wservernews.com/060508-WMI_Generator

Freeware for Microsoft AD & ADAM. Web Employee Directory + Self Service. Download at the NameScape site:
http://www.wservernews.com/060508-NameScape

Extend Active Directory to Unix/Linux/Mac to enable single sign-on, set global password policies. Free white paper.
http://www.wservernews.com/060508-Centrify


TECH BRIEFING

Aetna Says Laptop Stolen With Data On 38,000 Members

Health insurer Aetna Inc. is notifying 38,000 members whose personal information was stored on a laptop stolen from an employee's car. More at ComputerWorld:
http://www.wservernews.com/060508-Aetna


Latest Moskowitz Newsletter: Printers!

You've got 'em, but you hate 'em. Printers. Love 'em again with Windows Server 2003 and R2! In his latest installment, Jeremy Moskowitz of GPanswers.com shows you how you can rekindle the lost love between you and your printers.
http://www.wservernews.com/060508-GPAnswers


When Firmware Causes DDOS Attacks

Time out: Poul-Henning Kamp just wanted to keep accurate time for a few Danish ISPs. Then he discovered his Network Time Protocol server on a list of NTP sites built into the firmware of D-Link routers, which collectively ping his server 3 million times per day checking to see what time it is.
http://www.wservernews.com/060508-DDOS_Attacks


Learning Guide: SQL Server Performance Tuning A to Z

From testing and monitoring to indexing and troubleshooting, you're sure to find a resource to help resolve your SQL Server performance dilemmas in this guide. It covers everything SQL Server performance, from the very best practices to database performance-tuning myths, and identifies handy tools to help ensure your SQL Server databases and applications run at their full potential. At SearchSQLServer.com
http://www.wservernews.com/060508-SQL_Performance


Using The New DFS In Windows Server 2003 R2

The R2 release of Windows Server 2003 now features a new replication engine for the Distributed File System (DFS). Expert Gary Olsen offers a few helpful pointers and outlines the key features that make the upgrade worth your while. At SearchWinIT.com
http://www.wservernews.com/060508-Windows_2003_R2_DFS


Learning Center: Curing AD Security Issues

With so much concern being centered toward the new worm threatening windows security, patch management and network security has once again become a hot issue. This learning center will help you to maintain a secure Active Directory network, as well as advise you on what to do when problems slip through the cracks. At SearchWinIT.com:
http://www.wservernews.com/060508-AD_Security


Outlook Folder Deletion And Synchronization Problems

Users who run Exchange Server offline mode (i.e., using an .OST file) can sometimes experience a strange problem where certain Microsoft Outlook folders cannot be deleted. In this tip, SearchExchange.com contributor Serdar Yegulalp explains why and provides a solution:
http://www.wservernews.com/060508-Outlook_Folder_Problem


WINDOWS SERVER NEWS

FullArmor Takes Group Policy To Next Level

Dave Kearns from NetworkWorld made me aware of something very useful! Many system admins agree that GP is the coolest management tool in W2K3. If you did not know that the Group Policy Management Console (GPMC) is free, Redmond has it downloadable. Link below.

With GPMC you can manage Group Policy for multiple domains and sites within one or more forests, all in one drag-and drop GUI. New stuff includes backup, restore, import, copy, and reporting of Group Policy Objects (GPO). This is all fully scriptable, which lets you customize and automate management easily.

But what to do in a multiplatform environment? FullArmor fills that hole by using SMS to apply GP settings outside Active Directory. It ships with easy to use templates:

GPMC with SP1 free download:
http://www.wservernews.com/060508-GPMC_Download

MS Group Policy Website:
http://www.wservernews.com/060508-Group_Policy

FullArmor website with GPAnywhere for SMS announcement
http://www.wservernews.com/060508-FullArmor


Few IT Shops Need Worry About Late Vista

Gartner says Vista could slip even further. It's worth watching only if your Software Assurance agreement is running out or if you're on Windows 2000. Otherwise, nobody is really getting hot or cold about this. There is something else about Vista that is going to be an admin- and helpdesk nightmare.

Everyone knows that Vista has practically been rewritten with security in mind. Major change is an understatement. One of the most important things that changed is User Account Protection (UAP). This concept is nothing new. It's been part and parcel of Unix/ Linux for ever. What it means is nothing but radical change for Windows. With UAP, all users (even admins!) always run with reduced privileges. And if you desire to make a change to the system that might potentially be dangerous, UAP pops up a dialog box that forces you to authorize that change, and give it the required higher admin-level privileges to make the change. Can you see the problem looming?

The problem with UAP is that these pop-ups happen way too often. Example, when you delete an icon from the desktop or kill a shortcut, you are going to have battle through dialog boxes. Your users and helpdesk will find this a significant pain in the neck.

More about Vista's being late or not at SearchWinIT.com:
http://www.wservernews.com/060508-Late_Vista


WINDOWS SERVER THIRD PARTY NEWS

"SMB's Especially Attractive To Spyware Criminals"

On April 24th, Webroot released "Spyware & Small Business", an informative guide developed exclusively for small and medium-sized businesses to educate and inform them on the massive risks spyware poses to their company's networks and assets.

Webroot warns that SMBs are especially attractive to spyware criminals due to their often limited IT resources and lack of network security. According to a survey of SMBs conducted by Webroot, more than 50 percent of small and medium-sized businesses experienced a spyware attack during the first quarter of 2006. The ramifications of these spyware attacks on the businesses themselves were particularly disturbing. Of those attacked, 63 percent experienced slowed system performance, 56 percent reported a reduction in employee productivity, 34 percent experienced a negative impact on their bottom line and 20 percent reported a loss in sales.

We think our colleagues at Webroot are right about this threat. Obviously they would like you to buy their product to protect against all this doom. We however think that you as an administrator would be better served by CounterSpy Enterprise. Reason? It was built "by admins for admins", and this month won Network Computing's prestigious Well-Connected Awards. They said:

"Getting rid of spyware is a difficult task, but to do it well, antispyware tools must reduce administrative load. In our tests, Sunbelt's CounterSpy Enterprise performed remarkably well from an administrative perspective. This product can be deployed and updated more efficiently than any other product we reviewed, and it integrates seamlessly with ActiveDirectory. Policy configuration, exclusion lists and status reporting were all top-notch."

Get a 30 day eval of CSE and see for yourself!
http://www.wservernews.com/060508-CounterSpyEnterprise


Double-Take Fights Hurricanes

For Ron Sattan, IT Manager at award-winning, full service engineering company, Hatch Mott McDonald, last year's Hurricane Katrina was a good test of its new disaster recovery plan. "If the old plan had been in place, we definitely wouldn't have been as comfortable having to close our Mobile office, and we would not have recovered so quickly," said Sattan. Read the Byte and Switch article here:
http://www.wservernews.com/060508-Double-Take


Need To Stress Test Your FTP Server?

Infigo released a simple and user friendly GUI FTP fuzzer tool for stress testing FTP server implementations. It's a very configurable tool, which means that you can precisely define which FTP commands will be fuzzed with the parameter size and test strings.

Running this fuzzer against FTP server implementations resulted in uncovering numerous security vulnerabilities (overflows, format strings) in various FTP servers. After short period of fuzzing, fuzzer revealed buffer overflow vulnerabilities in for example:
  • ArgoSoft FTP Server (RNTO Unicode overflow)
  • Golden FTP Server (NLST overflow)
  • FileZilla FTP Server (MLSD)
  • FileZilla remote server interface (homemade protocol)
  • WarFTPD (various exceptions and WDM.exe overflow)
Try this on your own FTP server and see if it holds up. You can download it from:
http://www.wservernews.com/060508-FTPFuzz


WServerNews 'FAVE' LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff.

  • View the Milky Way at 10 million light years from the Earth. Then move through space towards the Earth in successive orders of magnitude until you reach a tall oak tree just outside the buildings of the National High Magnetic Field Laboratory in Tallahassee, Florida. After that, begin to move from the actual size of a leaf into a microscopic world that reveals leaf cell walls, the cell nucleus, chromatin, DNA and finally, into the subatomic universe of electrons and protons. This is an ALL TIME FAVE of mine, repeated! (Note, you need Java to run this thing)
    http://www.wservernews.com/060508-Milky_Way
  • "The Daily WTF" a site with the subheader: "Curious perversions in Information Technology" Funny for geeks like us.
    http://www.wservernews.com/060508-Daily_WTF
  • Definition of a Mobile Movie: a "mobile movie" or mobmov for short, is quite simply a drive-in that drives-in. The projector is located inside and powered by a car, and the audio is piped in stereo over the FM band to the attendees' cars. Here's how to do it!:
    http://www.wservernews.com/060508-Mobile_Movie
  • Here's a Silicon Valley-made electric car with a 0-60 acceleration rate that's faster than a Ferrari Spider and a Porsche Carrera. The X1 is built by Ian Wright whose valley startup WrightSpeed intends to make a small-production roadster that car fanatics and weekend warriors will happily take home for about $100,000.
    http://www.wservernews.com/060508-Wrightspeed
  • Website to compare credit cards, very useful indeed if you are playing the game of moving balances over to low interest cards:
    http://www.wservernews.com/060508-Compare_Credit_Cards
  • Do-It-Yourself Star Wars - lots of fun Special FX tutorials
    http://www.wservernews.com/060508-Star_Wars
  • Yup. Some techie has equipped his silver VW Beetle with a true honest to goodness JET ENGINE !! You gotta see this one !!
    http://www.wservernews.com/060508-Beetle_Jet
  • Ever asked yourself where the term "OK" ever came from?
    http://www.wservernews.com/060508-OK
  • For Road Warriors. Which hotels have the best Wi-Fi facilities?
    http://www.wservernews.com/060508-Hotel_WIFI
  • For a breathtaking view of Paris by night, click on the following URL, and then scroll your screen sideway for an endless panoramic view of the city.
    http://www.wservernews.com/060508-Paris
  • Book - Rethinking Psychiatric Drugs : A Guide for Informed Consent. "Every psychiatric expert involved in writing the DSM standard diagnostic criteria for disorders such as depression and schizo- phrenia has had financial ties to drug companies that sell medications for those illnesses." - Washington Post April 20, 2006.
    http://www.wservernews.com/060508-Psychiatric_Drugs


WServerNews - PRODUCT OF THE WEEK

"Antispyware tools must reduce administrative load"

CounterSpy Enterprise won Network Computing's prestigious 2006 Well-Connected Awards. They said: "Getting rid of spyware is a difficult task, but to do it well, antispyware tools must reduce administrative load. In our tests, Sunbelt's CounterSpy Enterprise performed remarkably well from an administrative perspective. This product can be deployed and updated more efficiently than any other product we reviewed, and it integrates seamlessly with ActiveDirectory. Policy configuration, exclusion lists and status reporting were all top-notch." Get a 30 day eval of CSE and see for yourself!
http://www.wservernews.com/060508-CounterspyEnterprise2