Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 11, #35 - Aug 28, 2006 - Issue #591
The Consumer Reports Testing Scandal

    • Dude, Your Apple Is Hot!
    • Followup: Physical Security Expert Comment
    • The Consumer Reports Testing Scandal
    • Quote Of The Week
    • Admin Tools We Think You Shouldn't Be Without
    • Last Warning: TechMentor Conference, October 9-13, Vegas
    • Dissecting The AD architecture: Trust Relationships
    • Step-by-step Virtualization Adoption: Capacity Planning
    • Fast Guide: Removable media
    • Hardware Driver, App Issues Can Gum Up Move To x64 Windows
    • Redmond Repairs Botched Patch
    • Citrix and Microsoft Strengthen Partnership
    • Dell Drops to Fourth Place, Sun Moves Up
    • New Blisteringly Fast CounterSpy Enterprise V1.8 Released!
    • Configuration Software For The Rest Of Us
  6. WServerNews 'FAVE' LINKS
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. WServerNews - PRODUCT OF THE WEEK
    • "GFI MES To Ninja" Competitive Upgrade Offer
Block unproductive browsing and costly file downloads

Kerio WinRoute Firewall with OrangeWeb Filter will block
access to up to 72 categories of web content on a per-user
basis. Most IT managers have enough problems to deal with
without worrying about where users are surfing on the web.
The Orange Web Filter's biggest-in-class database has over
60 million URLs which Kerio WinRoute Firewall can block or
log access to. Continues...


Dude, Your Apple Is Hot!

Last week I predicted that Dell would probably not be the only one. Now Sony's bad apple poisons Macs too. SteveJ got into the game, and recalls 1.8 million batteries worldwide. Just like Dell, Apple decided to bite the bullet and do the right thing. Sony claims this is the last one, but hey, who knows what might follow. If your users have Mac iBook G4 and PowerBook G4, check out Apple Tech Support:

Followup: Physical Security Expert Comment

WSN subscriber Robert Langley wrote me this: (edited for brevity) "I have been a commercial locksmith for 15+ years, am a Keri Systems Expert and am a bumping expert I was also IT Director, hence the reason for my subscription. We have used the bump method on Weiser locksets to rekey them for the last 40 years or so. (its actually a service procedure on the older locks) On the European locks/mechanisms, tolerances are way-way tighter, and the bump method actually works quite well. On American locks, Schlage, Quickset (to name a few), the designs are sloppy. It's actually easier to buy lock picks and learn the technique of lock picking than it is to cut bump keys and use them. You will never be able to pick or bump a Medico or Kaba - they are un-pickable due to design features, mainly a countermeasure called the "sidebar". The sidebar is used in most auto ignitions to prevent brute forced rotation of the cylinder(s). (So you can't start the car with a screw driver) Both Shlage and Quickset do offer sidebar systems, but they are costly and rarely deployed.
-- Robert Langley , AKA "Super Lock Dude"

The Consumer Reports Testing Scandal

Well, it's far, far worse than we initially thought. Alex did a great blog post on this, and I'm quoting a sentence or two, just to entice you to read the whole post. Here's Alex: "In addition to antivirus programs, Consumer Reports also tested antispyware applications. And they have now confirmed that they did not test against any spyware for their antispyware testing. (Feel free to read that sentence again.) Instead, their entire test of antispyware applications was based on running applications against Spycar, a set of applications written by Intelguardians that mimic antispyware behavior. The entire test. Blocking. Scan and remove. The works. So incredible, it boggles the mind"...

Quote Of The Week

"To achieve great things, two things are needed; a plan, and not quite enough time." -- Leonard Bernstein

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Tools We Think You Shouldn't Be Without

Extend Active Directory to UNIX/Linux/Mac to enable single sign-on, set global password policies. Free white paper.

Must-have FREE software. Web Employee Directory + Secure Self Service - rDirectory for Microsoft Active Directory.

Need to make some sense out of IP, TCP, UDP, and ICMP Headers? Here are detailed drawings that help to visualize them. Very useful:

BackTrack is a 'gotta-have' free Linux-based security tool. Kevin Beaver introduces BackTrack and explains its network security testing features

The New MS mouse claims to be for hardcore gamers. But system admins might like the precision of this beasty as well!


Last Warning: TechMentor Conference, October 9-13, Vegas

Redmond magazine's TechMentor provides focused training - by expert instructors - on integrating, managing, securing and troubleshooting Microsoft Windows server systems. Join IT managers and network administrators in Vegas for 100 sessions and 6 tracks on:
  • Exchange/SQL Server
  • Security
  • System and Network Troubleshooting
  • Scripting and Automation
  • MCSA - Microsoft Certified Systems Administrator
  • MCSE - Microsoft Certified Systems Engineer
Experienced instructors like Mark Minasi and Todd Lammle lead content-rich sessions on hot topics such as Active Directory, disaster recovery, Group Policy, wireless security, Vista and more. Their presentations contain PRECISE descriptions, STEP-BY-STEP procedures, diagnostic TIPS, and a wealth of information that can be applied immediately. Register by September 1 and save $200. For more information visit:

Dissecting The AD architecture: Trust Relationships

Dean Wells continues his dissection of the Active Directory architecture by breaking down AD trust relationships and security identifiers (SIDs), as well as lesser-known features such as SID filtering and the authentication firewall. At SearchWinIT:

Step-by-step Virtualization Adoption: Capacity Planning

After you have decided which machines to virtualize, it's time to move to the next, most critical phase of the entire project, which is capacity planning. This article covers: what capacity planning is, calculating virtual machines per core, how to consolidate virtual machines, and tools that simplify capacity planning. SearchServerVirtualization (free registration):

Fast Guide: Removable media

CDs and DVDs don't last forever. If something goes wrong on such a disk, you'll want to know about it -- or, better yet, be able to recover the data if possible. This interesting article sits at SearchWinComputing:

Hardware Driver, App Issues Can Gum Up Move To x64 Windows

The two problems administrators moving to 64-bit Windows environments are most likely to encounter are application incompatibility and lack of hardware drivers. Learn how to combat these issues in this tip!

Redmond Repairs Botched Patch

Microsoft reissued a critical security update for IE. The reissue was important because it "fully resolves" a serious bug that was introduced with the original update, released Aug. 8. Redmond acknowledged that there were problems with its update soon after it was issued. Web sites that used HTTP 1.1 compression to speed up the downloading of images could cause the browser to fail, and users of Web-based applications such as PeopleSoft, Siebel, and Sage CRM had problems with the software. ComputerWorld has more about this story:


Citrix and Microsoft Strengthen Partnership

Microsoft and Citrix Systems announced that they will expand their partnership to develop and market a new multifunction Citrix branch office appliance that will help improve speed and security and reduce costs for employees in branch offices. The new branch office appliance will utilize Citrix WANScaler solution, which was announced after Citrix's recent acquisition of Orbital Data, and will be based on the Windows Server OS and ISA Server. The single multifunction appliance will combine Citrix's WAN optimization technologies with branch office services and include remote access capabilities.

Dell Drops to Fourth Place, Sun Moves Up

Sun Microsystems has made some headway recently. Gartner reported that Sun's share of overall server revenues went up 1.7% year-over-year to 12.9%. All other four top vendors lost share. Sun pushed Dell out of its third place (in revenue) behind IBM and HP. Dell now has 10.3% of all server revenues, down from 11.1%. Regarding Unix, last year Sun was third in Unix, now it's first. IBM's position dropped to 31% of revenues and HP fell to 27.8%. The whole server market by itself was up 0.6% to $12.3 billion in the second quarter, as per IDC.


New Blisteringly Fast CounterSpy Enterprise V1.8 Released!

Here is an extensive list of all the highly useful enhancement and changes in the new powerful V1.8! You definitely want to take a look at this version. We've stepped up our development process to where we use 10,000 agents as the baseline test, the result is a high level of optimization in all areas of the server code. The console is significantly more responsive (3x improvement) and the scalability has dramatically improved (at least 5 times more). Apart from that, the reporting has been enormously enhanced. Here are the new features:

CSE Services Features
  • Lower memory usage by the services
  • Faster performance to support up to several thousand agents
  • Backward compatible with 1.5 Agents
  • Configuration changes do not require service restart
    • Changing license key
    • Changing update check interval
    • Proxy
    • Email settings
    • Report service settings
Reporting improvements
  • Faster report rendering
  • Improved database schema
  • More agent events reported
  • Oracle db support
  • Windows authentication support
  • Report database purge
  • All report data stored in the database
  • Users can extract complete data set directly from the database (e.g. into Excel)
  • User can author custom Crystal reports
  • Better drilldown reports
  • HTML export
  • Support for HUGE reports (when running console on the server)
  • Report generation command line utility included
Console Improvements
  • New columns to the grids that show what threats are being found on the enterprise
  • All console settings are preserved between sessions, e.g. column widths, sort order, console window size, etc.
  • Improvements to un-quarantine and delete-from-quarantine for more accurate handling of quarantined threats
  • Administrator can un-quarantine a threat and white-list it from the same dialog
  • New sub-grids on the Quarantine and Threats page
  • Improved proxy configuration setup tool
  • CSEAdmin group on the server allows admin to give remote console privileges to non-server admins
Deployment Wizard Improvements
  • Deployment Wizard Status viewer shows deployment status and persists this for future viewing
  • Ability to deploy over the top of existing (broken) agents
  • Deployment Wizard now supports a scripting language that allows user or Sunbelt support to run additional pre- or post-install programs.
Update and Licensing improvements
  • Better version reporting on the console
  • Better reporting of license and seat count status
Policy options
  • Better layout of the Scan Options
  • New "Agent" tab options
    • Hide agent from Add/Remove Programs
    • Quarantine Purge after X days
  • Improved Threat "Action" tab User Interface
    • Allows admin to better see threat category settings
    • Two levels of fallback in case a new threat category is introduced by the Sunbelt threat research team
    • New Threat Category Glossary describes all the threat categories and threat types in detail.
Changes for better Support
  • Service catalog is saved clear text
  • Agent catalog is saved as clear text
  • Deployment wizard packages are configurable by Sunbelt support techs
Get your 30-day eval here:

Configuration Software For The Rest Of Us

WinReporter is a powerful scanning and reporting administrative tool, that remotely inventories software and device configuration as well as user settings. WinReporter facilitates network management by retrieving all indispensable data linked to the functioning of the Windows NT/2000/2003 network (LAN and WAN), and maintains retrieved information in an ODBC type central database. WinReporter offers a set of 37 "out-of-the-box" reports as well as the ability to customize your own reports. Eval at:

WServerNews 'FAVE' LINKS

This Week's Links We Like. Tips, Hints And Fun Stuff


"GFI MES To Ninja" Competitive Upgrade Offer

Sunbelt Software offers all existing GFI MailEssentials (MES) users a 50% Competitive Upgrade Discount so they can afford to move from their second-generation product to the latest third-gen (policy-based) messaging security platform: Ninja. Download the 30-day Ninja eval, see for yourself how good it works, and ask your Rep or Reseller for a Competitive Upgrade quote. You'll be pleasantly surprised: