Vol. 12, #6 - Feb 12, 2007 - Issue #612
Ninja Kills Barracuda
- Editors Corner
- Ninja Kills Barracuda
- Initial Vista Consumer Sales Positive
- Expect 12 Patches Next Week
- Quote Of The Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Tech Briefing
- Hackers Slow Internet Root Servers With Attack
- Free Server Virtualization Seminar
- Xen All-In-One Guide
- Fast Guide: VPN Quick Tips
- Tip: Exchange And IE 7 Compatibility Problems
- Run Vista For Four Months Without Needing Activation
- IT Managers Still Reacting To Security Threats
- Windows Server News
- MAJOR HEADACHE: Exchange and Daylight Saving Time
- Exchange and Daylight Saving Time, Part 1
- WServer Third Party News
- CounterSpy Enterprise V2.0 Loaded With New Features!
- New Ninja 2.1 Features
- Wireless Hacking Tool Makes Splash at RSA
- WServerNews Fave Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- Get CounterSpy Enterprise Before Price Hike
Sunbelt Messaging Ninja
Comparing Email Management Systems that Protect Against Spam,
Viruses, Malware & Phishing Attacks.
To understand organizations'
perceptions about various email management systems, Sunbelt Software
engaged Osterman Research to survey organizations that are using five
different email management systems: Barracuda Spam Firewall, GFI Mail
Essentials, McAfee GroupShield for Exchange, Symantec Brightmail, and
Sunbelt Messaging Ninja. This white paper presents the results of those
findings, comparing Sunbelt Software's Messaging Ninja with the other
four systems. A must-read for any IT strategist or e-mail administrator
who's actively researching SMB security messaging management tools.
Ninja Kills Barracuda
OK, that was definitely tongue-in-cheek, but something big happened:
Ninja won the 2007 SC Magazine Readers Trust Award for Best Email
Security Solution, beating out all email security competitors.
Here is the official announcement:
"Sunbelt Software has won a 2007 Reader Trust Award in the 10th annual
SC Magazine Award program for outstanding achievement in information-
technology (IT) security. Sunbelt Messaging Ninja was named the Best
Email Security Solution at a gala ceremony held in San Francisco,
Tuesday, February 6, 2007 in conjunction with the recent RSA Conference,
the world's leading information-security event." Here is the PDF that
lists the products that Ninja "defeated", and their Ninja write-up!
Initial Vista Consumer Sales Positive
The first week Vista was released, the retail PCsales in the U.S. jumped
67% compared to last year, according to Current Analysis. And compared
to the week before, they were up 173%. It's not surprising to see that
seventy percent of consumers opted for the higher-priced Vista Premium
Expect 12 Patches Next Week
Redmond plans to release a dozen security updates next week to patch critical
holes in Windows, Office, Visual Studio and in its antivirus software.
Also, they already released a patch supposed to improve performance of
IE7's phishing filter ahead of the regular schedule, as per Redmond's
IEBlog. Here is the advance patch notification at the MS website:
Quote Of The Week
"I have only one superstition. I touch all the bases when I hit a home run."
-- Babe Ruth
Hackers Slow Internet Root Servers With Attack
I have to say this news got my attention, and a bit of concern. Online
attackers have briefly disrupted service on at least two of the 13 "root"
servers. FYI, root servers manage the Internet's Domain Name System (DNS),
used to translate Web addresses such as Amazon.com into the numerical
Internet Protocol addresses used by machines. The attack, which began
Tuesday at about 5:30 a.m. Eastern time, was the most significant attack
against the root servers since an October 2002 distributed denial-of-service
(DDoS) attack. It was all over the news, but ComputerWorld has a good
Free Server Virtualization Seminar
Attend SearchServerVirtualization.com's upcoming seminar "Server
Virtualization: When, Why and How to Virtualize," where independent
experts Chris Wolf and Erick Halter will show you how to reclaim real
estate in your server room, reduce your power costs, increase hardware
utilization rates and better leverage IT resources through virtualization.
This free one-day seminar is coming to nine cities beginning in March.
Xen All-In-One Guide
In this guide, learn what the difference is between Xen and other
virtualization products, see Xen in action and follow Xen's trail in
the news while learning if it's the right virtualization solution
for your company. (free registration)
Fast Guide: VPN Quick Tips
With distributed work forces the norm rather than the exception these days,
virtual private networks (VPNs) are more of a necessity than a luxury for
administrators. This quick guide will provide practical tips, expert advice
and more for administrators at different levels of the VPN lifecycle.
Tip: Exchange And IE 7 Compatibility Problems
In this tip, expert Serdar Yegulalp explains three ways that computers running
Exchange Server 2003 Service Pack 2 may experience problems if they're upgraded
to Internet Explorer 7 (IE7) and how to solve these issues. (free registration)
Run Vista For Four Months Without Needing Activation
Through a command run in an administrative prompt, you can extend the grace
period for running Windows Vista without needing activation to four months.
IT Managers Still Reacting To Security Threats
As Bill Gates touts policy-based security as a potential cure-all at RSA this
week, IT managers may not have the resources or infrastructure to make it happen.
||Windows Server News
MAJOR HEADACHE: Exchange and Daylight Saving Time
It's been discussed all over the forums, the press and the water coolers.
Especially shops running Exchange and Blackberries can be overwhomped. Just
look at a letter from a system admin I got this week (edited for brevity)
"I have 12 k mailboxes and 1500 Blackberries that will need to be patched.
All of this needs to be done in a certain order for it to be successful.
Currently, MS is coming out with an Exchange tool to run on all mailboxes to
fix the DST times on the calendars and resources - conference rooms. We have
366 conference rooms in the company. As of yesterday MS states they will not
release the tool for "weeks." Research in Motion (RIM) is not releasing their
patch for the Blackberries until mid February. MS has released the patches for
the OS on pc's and servers. These patches cannot be applied until MS releases
the Exchange tool. All these patches and the Exchange tool need to be done by
March 7th. I was advised by MS that I will have to remove all the meetings
during the DST time frame, run the Exchange tool on all 12 k mailboxes and that
tool "should" repopulate the conference rooms with the meetings. Somehow I
don't feel real cozy with this. It was not tested it that way....More
importantly, how can anyone log into 366 mailboxes, manually remove the
meetings in the March and November time frame, manually run the tool on 12K
mailboxes (we have to pick and choose which mailbox to run the tool on due
to having pc's in Mexico on Central time zone instead of Mexico time zone.
If we run the tool on Mexico mailboxes it will change all their meeting times
to an incorrect time) and then look at all 366 mailboxes to confirm the
meetings are now showing the correct time. Whew, sounds impossible to me....
And then there is the -method- of AutoAccept. I had nothing but trouble
with this version, the mailboxes would stop accepting or declining the
meetings. I am currently setting up our Blackberry Enterprise Server to
wirelessly send out the patch to 1500 BB's. One issue, that only works
if the BB is on at least version 4. We have about 200 BB's that are
below that version. So we are setting up a dedicated pc to updates the
BB version via the application loader. You cannot just use RIM's 4.0 version.
You have to find out the make and model of these BB's and download their
version of 4.0 or higher. The end user WILL have to attach their BB to
the pc. This part cannot be done wirelessly. Once that is done they will
now be candidates for the wireless patch, once RIM released it. To say the
least I am OVERWHELMED...."
So I was happy to see that Paul Robichaux of WindowsITPro mag came to the
rescue, and I'm copying the first bit and the link to the full article below!
Exchange and Daylight Saving Time, Part 1
Since the Germans first started doing it in 1916, much of the industrialized
world has adopted a system of shifting time by an hour twice per year. In
Europe, this is generally known as "summer time," but in the United States
and Canada it's known as daylight saving time (DST). Never shy about screwing
with a perfectly workable system, the US Congress passed a law in 2005, which
goes into effect this year, that changes the dates when we switch to and
away from DST.
This change has many implications that the original authors of the law
probably didn't think of. It's easy enough to change ordinary clocks,
but many other devices keep time and will need to be either adjusted or
patched by the manufacturers. For example, in my home there are two TIVOs,
a dozen or so computers, several wireless access points and routers, a
VCR, and a PBX. All of these devices automatically adjust their clocks
for DST now, but they'll need to be updated because this year DST begins
earlier (March 11 instead of April 1) and ends later (November 4 versus
October 28) than it has before.
The 2007 DST change poses an especially interesting circumstance for
Exchange administrators. There are actually four sets of changes required:
By Paul Robichaux, Exchange Editor, [email protected]
- patches for Windows, including Windows Server 2003, Windows 2000 Server,
Windows XP, and Windows Mobile
- patches for Exchange, which are required for OWA and other programs
that use the Collaboration Data Objects (CDO) libraries
- patches for Outlook, Microsoft Entourage, and other clients that create
and process calendar data
- updates to existing appointments that fall during the new extended
DST period (March 11-April 1 and October 28-November 4)
To read the rest of this article and find out what you need to do to be ready
for the DST switch, click here:
||WServer Third Party News
CounterSpy Enterprise V2.0 Loaded With New Features!
This is a pretty impressive list of all the new stuff you will get in
V2.0 that we expect late March, as Development has just sent V2.0 to
Quality Assurance early. Just -look- at this list... impressive:
*Automated Deployment Service - It is now possible to have CSE automatically
deploy agents to the network. At a policy level this feature can be enabled
and the admin can specify any combination of machine lists, IP addresses, IP
ranges, IP subnets, and AD queries to be resolved and deployed to without admin
interaction. The traditional methods of deployment such as console push and
MSI packages are still included.
*New User Features - The new agent now has many more options that can be
exposed to the user at the discretion of the admin. The features include
the ability to pause a scan that is in progress or disable active protection.
As well, the end user can now be allowed to view the scan results and manage
his own quarantine using a new end-user UI. Agents can still be run in a
completely silent mode with no end-user interaction.
*New Engine - The agents are now using a new scanning and removal engine which
now includes Sunbelt's new VIPRE technology. The new engine is faster and
requires less system resources while at the same time has improved detection
for more sophisticated threats such as rootkits. FirstScan is CounterSpy's
new scan and remove on-boot technology designed specifically to detect and
remove the most deeply embedded malware before it can run or install. Triggered
through a CounterSpy system scan, FirstScan will run at the system's boot time,
bypassing the Windows operating system, to directly scan certain locations of
the hard drive for malware, removing infections where found.
*Incremental updates - This new engine fully support incremental updates so
definitions can be released more often with less bandwidth impact and shorter
download times for end-users that use CounterSpy at their home office.
*New Active Protection - The active protection system had been completely
replaced with a new kernel-level component which is also based off of the
VIPRE technology. The new system offers real-time blocking of threats from
being executed while also being able to prompt the user to take action if
suspicious behavior is detected. Additionally the administrator can create
their own custom defined list of allowed and denied applications.
*New Agent Features - The new agent includes all of the above features as well
as several other technologies. The agents can now go over the Internet to
obtain definition updates if their CSE server is unreachable. They can also
be set to throttle the rate that they download definition files and updates
from CSE server so as to not saturate slower network connections. Advanced
scheduling options now allow the agent to start scans at randomized times and
make up for missed scheduled scans.
*New Console Features - The administrative console for CSE has been redesigned
to include more information. The admin can now tell at a glance when an agent
last scanned and print from any of the customizable agent grids. The console
to server communication has been reworked and optimized to respond quickly even
under heavy usage. Advanced features, such as the Agent Recovery Mode which
allows agents removed from the CSE server to automatically attach back to the
server, are exposed to the admin.
*New Server Features - The services for CSE have all been consolidated into
a single process which increase the performance while at the same time
decreasing the memory and CPU requirements. Additionally the new service
has been ported over to .NET 2.0 which also increases the efficiency. The
new CSE server component is not only compatible with the new agents but
backwards compatible with the older 1.5 and 1.8 agents so upgrading can
be done in stages.
This really is MAJOR improvement. We're stoked about this new version!
New Ninja 2.1 Features
And there's more! Ninja V2.1 is also coming out very soon. Here's what's
new in the next Ninja version:
Global Disclaimer - The 2.1 release of Ninja now includes the ability to
add a disclaimer to all email sent. This new feature has the ability to
block duplicate disclaimers and the ability for the admin to allow the
users to bypass this global disclaimer on a per email basis emails.
Alternatively the global disclaimer could also be setup to only disclaim
messages that the users specify.
Policy Based Disclaimers - In addition to the global disclaimer there
are now policy based disclaimers which allow the admin to have a different
disclaimers for groups of users. The same ability to remove duplicate
disclaimers and allow users to include or exclude the disclaimer exist
at the policy level. As well the policy level disclaimers can be set
to either leave a set global disclaimer in place or replace the global
Disclaimer Templates - The new disclaimer functionality utilizes templates
that allow the admin to easily setup disclaimers using HTML or plain text.
These templates can be setup to include user data from Active Directory
so that each disclaimer is customized for the user sending the email.
Included are template samples such as legal disclaimers, virus warning
disclaimers, and copyright disclaimers.
Updated Antispam Engine - This release includes Cloudmark's latest engine
release which has additional enhancements to improve the detection of the
latest spam variants such as image spam. Another new feature includes the
ability to adjust the efficacy of the detection while tuning the amount
of resources available to the engine.
Console Enhancements - Several enhancements have been added to the console.
Database management has been added through tools to allow the purging of
old records from an existing database and the compacting of Access databases
to reduce their size. Enhanced proxy support has been added for systems
that utilize NTLM authentication. New reports have been added to give
information on the use of disclaimers.
Wireless Hacking Tool Makes Splash at RSA
eWEEK just reported that among the most intriguing technologies being shown
off at RSA is a mobile penetration testing application made by Immunity
that allows people to scan networks for vulnerabilities on the go. Dubbed
Silica, the sleek handheld, based on a Nokia tablet device, claims the
ability to test wireless network security using Wi-Fi technology. Will
criminal hackers use this for the wrong reasons?
||WServerNews Fave Links
This Week's Links We Like. Tips, Hints And Fun Stuff.
||WServerNews - Product of the Week
Get CounterSpy Enterprise Before Price Hike
When CSE V2.0 gets released with the dramatically expanded feature
set, the prices will go up. If you do not have an enterprise
quality antispyware product deployed yet, and have been looking at
the different contenders in this category, it would be a really
good idea to buy CSE before the price hike, and lock in lower cost!
When V2.0 comes out, you will get that version without having to
pay for all the extras. Check it out now, you will not regret it.