Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 11, #29 - Jul 17, 2006 - Issue #585
Current Security Trends

    • 84% of You Have Had Infections Through Email
    • Exchange AV Product Painpoints Survey
    • Current Security Trends
    • Quotes Of The Week
    • Admin Tools We Think You Shouldn't Be Without
    • NEW: Microsoft Windows Fundamentals for Legacy PCs (WinFLP)
    • Battling Virtualization Giants
    • Here Is The Latest Scam Using VOIP: "Vishing"
    • Remove Windows Components Using Command Line
    • How To Create Custom Mailbox Quota Messages For Exchange 2003
    • Using VMware To Cement Server Consolidation
    • New SBS 2003 R2 Is -Not- Based On Windows Server R2
    • Microsoft Goes Straight After
    • Redmond Intros Vista Virtualization Licensing Plan
    • Microsoft Confirms PowerPoint Zero-Day Attack
    • Why Switch From Trend ScanMail to Ninja?
    • DTAM Makes Setting Up Exchange Environments Easy
  6. WServerNews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. WServerNews - PRODUCT OF THE WEEK
    • Your Desktop On Your Keychain - Redux
Switch From Your Old Exchange AV To Sunbelt Messaging Ninja Why Switch From Your Old Exchange AV To Sunbelt Messaging Ninja?

  • A state-of-the-art Attachment Filter for FREE
  • Dual industrial-strength AV engines for your Exchange server
  • Powerful, third-generation, all-in-one messaging security
    with a central management console and optimized performance
  • Significantly lower total cost of ownership
  • Highly Responsive 24/7 US-based Technical Support
Click now to get started today with Ninja's SMART attachment filter!


84% of You Have Had Infections Through Email

Osterman Research has just released a study of email security trends, and has this highly interesting statistic. Eighty-four percent of organizations have had a virus, worm or Trojan horse successfully infiltrate their network through email, while 54% of organizations have had such a threat successfully enter their network through the Web. However, only about one in five organizations have been infected by a public instant messaging (IM) network worm or virus.

Through email? To me, this highlights how dangerous it is to rely on only one vendor for your email antivirus. Use a multi-engine approach. Our own email security product for Exchange, Ninja, uses multiple antivirus engines, so of course I'm biased here. Looking at that 84% infection rate though, one engine alone seems to be asking for trouble. A good strategy is using one AV product on the Exchange server, another at the gateway, and ideally a third (different one) on the desktop. Here is the link to the Osterman PDF. Excellent ammo to get budget!

Exchange AV Product Painpoints Survey

We are doing a short Exchange Antivirus Product Painpoints Survey! These are the three questions. Please think for a moment and let us know what the headaches are with the current AV product that you are running 'on-server' on Microsoft Exchange.
  1. What is the name of your current on-server Exchange AV product?
  2. What are the headaches you are running into with this product?
  3. Other comments you want to make?
Please click on this link to get to the survey. Your input is tremendously appreciated !

Current Security Trends

Since we are in this biz, and I'm reading a lot about it, let me try to synthesize what I have picked up over the first half of the year. I'll try to determine some larger trends in security, and describe these loosely, and then what people are doing about it.

Our borders are porous due to a variety of circumstances. Last week's column by Roger Grimes gave a bunch of good reasons. We IT guys need to accommodate people that are telecommuting, people with wireless laptops and other mobile devices, and sometimes even integrate partners in our network. Lots of us run VOIP now, which causes its own problems, and uptime requirements. More and more vendors are integrating some security features in their products, but no integrated whole emerges out of that, it's more like the opposite. Most of the current attacks that happen are against known vulnerabilities, and happen for financial gain. Small and Mid size companies get targeted more than before.

What IT people are doing about all this?

First of all, there is a major shift from defending your perimeter to a multi-layered defense approach. There is more and more focus on ID management and authentication. Many system admins expect wireless security to be one of the first points to break, and are taking action to prevent that. Despite the tendency to think that security suites are the solution, the majority of you choose best- of-breed and create your own toolkit. Many of you would like an easier way to analyze, correlate and report on the activity of many different security products. There is no silver bullet. You -do- need to apply the multi layered approach though. It's not either/or, it's "both". For instance, and more than one antivirus engine is highly recommended, preferably on different devices so you can spread the risk, and it makes a whole lot of sense to use antispyware on both the gateway and the desktops.

Quotes Of The Week

"The significant problems we face cannot be solved at the same level of thinking we were at when we created them" -- Albert Einstein.

"Success usually comes to those who are too busy to be looking for it." - Henry David Thoreau

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Tools We Think You Shouldn't Be Without

Like GoToMyPC and PCAnywhere? Check out this new one: LogMeIn. Pretty useful for system admins; whitepapers, templates, and support tools.

Freeware for Microsoft AD & ADAM. Web Employee Directory + Self Service from Namescape.

Famatech has announced the release of two newly updated free network utilities: Advanced IP Scanner 1.5 and Advanced Port Scanner 1.3

UserLock limits the number of simultaneous connections of the same user name, and reports the logon/logoff activity. Very Useful !


NEW: Microsoft Windows Fundamentals for Legacy PCs (WinFLP)

Steven Bink sent me this: "I just want to let you know, that I just put up 33 screenshots of the just released Microsoft Windows XP Fundamentals for Legacy PC's. Be sure to check out the screenshots: Microsoft Windows Fundamentals for Legacy PCs (WinFLP) is a Windows- based operating system designed for enterprise customers with legacy PCs who are not in a position to purchase new hardware. WinFLP provides the same security and manageability as Microsoft Windows XP SP2 while providing a smooth migration path to the latest hardware and operating system. Windows Fundamentals for Legacy PCs (WinFLP) requires:
  • A minimum of 611-1151 MB of free hard drive space, (count on more)
  • A computer with 233 megahertz or higher processor clock speed (300 MHz is recommended);
  • 64 MB of RAM. 256 MB of RAM is recommended.
Check it out at:

Battling Virtualization Giants

This week both Redmond and VMware announced free versions of their code. Use Microsoft Virtual PC 2004 to run multiple operating systems at the same time on the same physical computer. The download is at:

And at the same time, VMware announced this week that it is now shipping the free version of its virtualization server platform. While the server comes at no cost, enterprise-class support costs $350 for a one-year subscription per two CPUs for Gold level and $450 for Platinum.

Here Is The Latest Scam Using VOIP: "Vishing"

A new kind of identity theft scam, with thieves using easy-to-obtain VOIP (Voice over Internet Protocol) telephone numbers to trick Internet or telephone users, is beginning to pop up. What else would you call it but "vishing?"

Remove Windows Components Using Command Line

Sometimes when you try to delete Windows components and shortcuts the operating system will restrict you from deleting them. Use sysocmgr.exe to remove Windows components. Tip at SearchWinComputing:

How To Create Custom Mailbox Quota Messages For Exchange 2003

Learn how you can use a free .NET program called the Quota Message Service to customize Exchange Server 2003 mailbox quota messages for users who are near or over their message storage thresholds. At SearchExchange:

Using VMware To Cement Server Consolidation

Wade Reynolds and David Marshall, authors of Advanced Server Virtualization: VMware and Microsoft Platforms in the Virtual Data Center, offer a bird's eye view of VMware's management tools and hardware requirements, and compare to Microsoft Virtual Server. SearchServerVirtualization:


New SBS 2003 R2 Is -Not- Based On Windows Server R2

Redmond launched the new SBS 2003 at the partner conference this week. But surprisingly they based it on Windows Server 2003 SP2 instead of the enhanced R2 Code. The fact one is small does not mean one doesn't want the same functionality as the big guys. More over this creates a gap in functionality between W2K3 and SBS. Micorosoft, this is not particularly smart marketing... Customers will find it strange that SBS R2 is not based on Windows Server R2.

You can get SBS 2003 R2, available in August, in two flavors: standard and premium editions. The standard edition of R2 is priced at $599. The Premium edition, which now comes with SQL Server 2005 Workgroup Edition, is discounted to $1,299. Would be a lot nicer to have the full SQL server product included but I guess you cannot have it all. [grin]

But you can now use your five SBS CALs to access SQL Server 2005 Workgroup or Exchange 2003 running on a second server. (The current version limits the SBS CAL to access the server suite from only one server.) The new SBS R2 does include new features for patching PCs based on WSUS, which is a welcome addition, and a "green check of health" to tell if SBS and its hooked up PC's are up to date with the latest patches and security updates.

Longhorn Server is expected in the second half of next year, and its SBS flavor (code-named "Cougar"), will likely arrive a few months after the general release of Longhorn. Cougar will feature the latest updates to all the bundle's software components, new management technologies and will shift to only supporting 64-bit applications.

Microsoft Goes Straight After

The company announced the plan for "Microsoft Dynamics CRM Live" during its Worldwide Partner Conference in Boston this week. They are going direct after the market where has grown rapidly.

"This has the potential to create conflict with Microsoft's own partners," wrote Goldman Sachs analyst Rick Sherlund in a research note. "How Microsoft manages relationships and compensates partners will be important, particularly over time as it builds its hosted solutions out beyond CRM."

Dynamics CRM 4.0, available in June 2007, will include Dynamics CRM Live, a new software-as-a-service offering. Dynamics CRM 4.0 will give customers the option to choose from an on-premise solution, a hosted solution or a combination of both. CRM Live will be offered directly by Microsoft through its Windows Live platform, and is designed specifically for small businesses.

Redmond Intros Vista Virtualization Licensing Plan

ENTMag broke this story: On Wednesday, Microsoft announced a desktop virtualization licensing plan in which customers that acquire Vista Enterprise through Software Assurance can run copies of Vista, Windows XP, Windows 2000, or other Windows workloads on one device at no additional charge. The new licensing plan reflects an initiative to increase the uptake of its Software Assurance update and maintenance program. Microsoft also announced that it is making its high-end Windows Server 2003 R2 Datacenter Edition available through volume licensing. Read more at ENT:

Microsoft Confirms PowerPoint Zero-Day Attack

eWEEK reported that a previously unknown software flaw in the widely used Microsoft PowerPoint is being used in targeted attacks traced to China. The latest strike closely mirrors a June Excel attack that was discovered 24 hours after Patch Day. Here's the story:


Why Switch From Trend ScanMail to Ninja?

Here's how a current user sees it: "Trend Micro ScanMail has been my first choice for email protection for several years, and I have used it to successfully block specific attachments. However, Sunbelt Messaging Ninja gives me far greater control than the "all or nothing" options provided by ScanMail. For instance, now I can allow .zip files between internal users, or allow them outgoing but not incoming, and can define and assign policies based on file type or user requirements. I'm lovin' it! -- Roger Wright, Southern Commerce Bank

DTAM Makes Setting Up Exchange Environments Easy

Check Out This Quick Tutorial To Learn More. Double-Take Application Manager for Exchange demonstrates our commitment to providing customers with innovative solutions for protecting business-critical data. It integrates the management of application protection into a single console allowing for increased automation and ease of setup, resulting in improved protection, reduced recovery times, and a higher level of application availability.

WServerNews 'FAVE' LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff


Your Desktop On Your Keychain - Redux

You sent me more than one alternative for this concept, and all of these are pretty cool. Here's one third-party product that does this:

And then, regards to the desktop on a keychain, have a look here:

Next, FingerGear and their Computer-On-A-Stick, particularly the pro version. Bootable OS (Linux) with capability of mounting the host system drives, including Windows NT. Firefox, Gaim IM, OpenOffice, even PPP stack for dialout. Stick it in your Windows system's USB drive and have a completely separate workstation. Amazing!