|
Vol. 12, #16 - Apr 23, 2007 - Issue #622
|
|
Here's The Deal On The Windows DNS Bug
|
- Editor's Corner
- The Latest Threat Developments
- Live Web Demo Of New CounterSpy Enterprise Version 2.0
- Upcoming Double-Take Seminars
- Quote Of The Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Tech Briefing
- Corporate Data Slips Out Via Google Calendar
- Free Advanced Server Virtualization Seminar
- Cracking Passwords: 8 tips in 8 minutes
- Tip: How Current Virtualization Licensing Blocks Adoption
- NTFS And The Registry In Vista Packaged Up
- Change System Restore Volume Size In Windows Vista
- Windows Server News
- Redmond Targets Next Billion Customers
- Here's The Deal On The Windows DNS Bug
- WServer Third Party News
- Dorian Software and Sunbelt Software Partner Up
- Recently Recovered A Server From Tape Backup?
- Protect Exchange In Half The Admin Time And Half The Cost!
- WServerNews FAVE Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- The New Radmin V3: Fast, Secure Remote PC Access and Control
|
The New Radmin V3: Fast, Secure Remote PC Access and Control
The New Radmin V3 is a secure and lightning fast Remote Control
tool designed by and for system admins. It took a few years but they
pulled it off. This is a major new release and still very affordable.
Version 3 Supports Vista (32bit) and you should try it out, the new
drivers are lightning fast and you can get to PCs from anywhere in
the world. Radmin also has file transfer, multi-user text and voice
chat, Windows security, 256-bit AES encryption, telnet and more.
Try it out for yourself and SEE the speed:
http://www.wservernews.com/070423-Radmin
|
 |
Editor's Corner |
|
The Latest Threat Developments
Two noteworthy things this week we should all be aware of. The number
of cyberattacks that consist of a single e-mail targeting no more
than just one, or a handful of people is up sharply from last year.
It means that cybercrime is getting ever more sophisticated in its
approach, and even more targeted than before. They single out companies
that are likely targets and send emails with malformed MS-Office
attachments, often more than one, which infect the machine of the
target with a Trojan. From that point forward, the machine is owned.
Another ominous development are P2P Botnets. These nets do not have
a central hierarchical command-and-control architecture, but each of
the bots are both server and client, so that the central chokepoint
is eliminated. That makes these types of P2P botnets hard to take
down, as gaps in their networks will be closed without loss of their
operation or the criminal's control.
It's a game of chess, and the bad guys have white.
Live Web Demo Of New CounterSpy Enterprise Version 2.0
Join us for an overview of the all-new CounterSpy Enterprise version 2.0.
This new version delivers revolutionary hybrid antispyware technology that
provides centralized and robust protection against blended malware threats.
The web demo will be hosted by Alex Eckelberry, President and Greg Kras,
VP of Product Management for Sunbelt Software on Tuesday April 24th at
2:00pm EDT. Learn about the new features of this robust enterprise
antimalware product including:
- The new "hybrid" antispyware scan/remove engine with VIPRE(tm) technology
- FirstScan(tm) - CounterSpy Enterprise's new scan and remove on-boot technology
- Kernel-level Active Protection(tm) - signature, behavioral and heuristic-based real-time blocking of threats
- Improved agent scanning technology
- Automatic agent deployment functionality
- Improved administrative console
- Greater scalability and performance
When: Tuesday, April 24, 2007 2:00 PM (EDT)
To join the day of the event please visit:
http://www.wservernews.com/070423-CSE-2-Webinar
Meeting ID: 92SSQC
Attendee Meeting Key: XR*mw9Z
Audio: Toll free: +1 (888) 468-4618
Toll: +1 (620) 782-8200
Participant code: 104764
Upcoming Double-Take Seminars
We'd like to invite you to attend the following seminars that we are hosting:
"Recovery Made Easy for Exchange, SQL, and other Critical Applications" - Join
Sunbelt and Double-Take Software as we discuss strategies for implementing high
availability, remote availability and offsite disaster recovery solutions for
SQL, Exchange and other mission critical applications using Double-Take. You
will also hear about Double-Take's NEW solutions that power your keys to
recoverability.
Hosted at Microsoft in Pittsburgh, PA on Friday, April 27th.
Register here:
http://www.wservernews.com/070423-DT-Seminar-PA
Hosted at Microsoft in Sacramento, CA on Friday, May 11th.
Register here:
http://www.wservernews.com/070423-DT-Seminar-CA
Hosted at Microsoft in Minneapolis, MN on Tuesday, May 22nd.
Register here:
http://www.wservernews.com/070423-DT-Seminar-MN
Quote Of The Week
"If you can't be a good example -- then you'll just have to be a
horrible warning." --Catherine
"A man always has two reasons for doing anything / a good reason
and the real reason." -- John Pierpont Morgan
|
|
Tech Briefing |
|
Corporate Data Slips Out Via Google Calendar
It's not clear what gets discussed during McKinsey & Co.'s weekly
internal communication meeting, but the dial-in number and passcode
for the event can be easily found by searching with Google. The data
is out there thanks to the Search Google Calendar a feature added to
Google's Web-based calendar service last November. Google bills it as
a cool way to discover interesting events, but a few quick searches
show that it can also be used to turn up sensitive corporate information
that was inadvertently made public using Google Calendar. More at InfoWorld:
http://www.wservernews.com/070423-Google-Calendar
Free Advanced Server Virtualization Seminar
SearchServerVirtualization.com's free 1-day seminar, "Advanced Server
Virtualization: Virtualization in Production" is coming to New York this
June and Toronto in November. Attend to find out how to take virtualization
and all its benefits to the next level! Independent expert Chris Wolf will
show you how to get away from piecemeal virtualization and move into the
dynamic data center future. Find out how to change your operations to
exploit and support virtualization and get practical advice about deploying
and managing next generation hardware and software. And learn how to build
large scale deployments of virtualization, how to handle advanced system
management tasks common in virtualization and much more. Attendance is
free but seating at this advanced event is very limited, apply today!
http://www.wservernews.com/070423-Virtualization-Seminar
Cracking Passwords: 8 tips in 8 minutes
The ability to crack passwords is a useful skill for any network admin,
whether it's to test the strength of their own passwords or to circumvent
security when an end user forgets their code. Learn some valuable password
cracking skills with these eight expert tips. (subscription required)
http://www.wservernews.com/070423-Passwords
Tip: How Current Virtualization Licensing Blocks Adoption
Technical issues represent just a small part of the issues IT managers face
when deciding to adopt virtualization. Beginning much earlier than actual
implementation, IT managers will be tasked with trying to find products
that are officially supported in a virtual environment and by trying to
understand how licensing applies. Find out more in this tip! (registration
required)
http://www.wservernews.com/070423-Virtualization-Licensing
NTFS And The Registry In Vista Packaged Up
The Registry and NTFS functions in Windows Vista are now packaged up, or
transaction based, and transaction failure is no longer a problem. See an
example of this new feature in a book excerpt from "Administering Vista
Security: The Little Surprises" by Mark Minasi.
http://www.wservernews.com/070423-Vista-Security
Change System Restore Volume Size In Windows Vista
Learn how to change a drive's shadow volume size in Microsoft Windows Vista
using the vssadmin command-line utility.
http://www.wservernews.com/070423-VSSadmin
|
|
Windows Server News |
|
Redmond Targets Next Billion Customers
Microsoft said this week that later in 2007 it would start delivering $3
(yes you read that right... three bucks) software to governments that buy
and supply PCs to K-12 students in the third world. The package is called
the Microsoft Student Innovation suite, and it's a bundle of the XP Starter
Edition, Office Home and some more code. Redmond is also going to add 90 more
Innovation Centers in 25 countries to the 110 it's already got in 60 countries
to expand local workforce skills and create jobs.
Here's The Deal On The Windows DNS Bug
The Windows DNS flaw has not yet been patched by Microsoft. Until Microsoft
acts, here's what you need to know about the vulnerability and, most
importantly, what you can do about it. No patch in expected until May 8th.
The only workaround available at the moment is to turn off remote control,
which of course is not very workable at all. It's been all over the news,
but ComputerWorld has the best write-up about the whole thing, and wrote
it in FAQ format which I liked best to get everyone up to date on what
the problem is, and how to fix it in the mean time.
In short: W2K Server and W2K3 have a bug in how the DNS Server Service --
the component that lets the server act as a Domain Name System server to
route URL requests to the proper destination -- handles remote procedure
call (RPC) protocol calls. By sending a malicious RPC packet to a DNS-enabled
server, attackers could generate a stack-based buffer overflow. Code executed
after that has complete access to the system. They then own the box; game over.
Read the FAQ at:
http://www.wservernews.com/070423-Windows-DNS-Bug
|
|
WServer Third Party News |
|
Dorian Software and Sunbelt Software Partner Up
Are proactive security measures reliable enough to negate the need for an
enterprise quality log management and auditing solution? Of course not. Even
with a strong focus on front-line security and even if your enterprise does
not face the compliance requirements of HIPAA or Sarbanes-Oxley for example,
an SIEM solution is a must in today's evolving enterprise.
Dorian Software Creations, Inc. holds the patent for modular event log
management technology with its Total Event Log Management Solution (tm).
Dorian's suite of log management applications easily brings enterprise
quality log management within reach of small and medium size enterprises.
This modular group of log technology includes the Dorian (r) flagship SIEM
title Event Archiver (r), which automatically collects and consolidates log
files into various flat file formats and hassle-free, databases, like
Microsoft Access (tm), SQL, or Oracle (r). Event Analyst (r) provides filtering
and automated reporting on flat files or your events database, and Event
Alarm (r) provides near real-time notification of the specified events that
it monitors. Finally, Event Rover (tm) offers a convenient method of quickly
mining log data for on-the-fly log forensics. Choose the individual titles
you need, or purchase them together for a complete SIEM solution.
And now, Dorian is offering all customers of Sunbelt's Network Security
Inspector 15% off any single log management title or combination of titles.
As you know already, SNSI can help you make sure auditing is properly enabled
on all of your important systems. Now, let Dorian help you preserve, analyze,
and monitor that critical auditing data generated by your auditing policies.
Download the free evaluation software and get ready to take advantage of
this limited time offer.
http://www.wservernews.com/070423-DorianSoft
This offer is good until December 31, 2007 and is not available in addition to
other discounts. Request a quote for the desired Dorian log management title(s),
http://www.wservernews.com/070423-Quote
Recently Recovered A Server From Tape Backup?
Have you recently recovered a production server using traditional backup
solutions like tape? The complexity of traditional recovery solutions
compounds an already difficult situation, and heightens the opportunity
for human error. Speed and quality of recovery are extremely important when
customers and employees are relying on access to critical data, but the
average restoration takes hours at best. And with solutions like tape
backup, even a successful recovery results in the loss of any data that
is new or has changed since the backup was made. The Double-Take(r) Server
Recovery Option is a whole-server data protection solution that, when
combined with Double-Take real-time replication, simplifies the restoration
process and reduces the time and effort involved with server recovery.
Using Double-Take with the Server Recovery Option, the entire production
server - its operating system, applications and data - can be protected
and easily recovered to a new system quickly. (PDF)
http://www.wservernews.com/070423-Server-Recovery-Option
Protect Exchange In Half The Admin Time And Half The Cost!
You need better email security. Existing products are a pain to manage,
and they are not integrated. Ninja was developed 'by admins for admins',
and it shows. Independent research reported that Ninja takes half the
admin time to protect Exchange from spam, viruses, phishing, malicious
attachments and even zero-day attacks. Ninja also has great disclaimer
functionality, and more plug-ins are coming. More over, you can get a
50% competitive upgrade discount if you switch! Check out Ninja now,
you will be very happy you did:
http://www.wservernews.com/070423-Sunbelt-Messaging-Ninja
|
|
WServerNews FAVE Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
WServerNews - Product of the Week |
|
The New Radmin V3: Fast, Secure Remote PC Access and Control
The New Radmin V3 is a secure and lightning fast Remote Control
tool designed by and for system admins. It took a few years but they
pulled it off. This is a major new release and still very affordable.
Version 3 Supports Vista (32bit) and you should try it out, the new
drivers are lightning fast and you can get to PCs from anywhere in
the world. Radmin also has file transfer, multi-user text and voice
chat, Windows security, 256-bit AES encryption, telnet and more.
Try it out for yourself and SEE the speed:
http://www.wservernews.com/070423-New-Radmin-V3
|
|
|
|
|
Email me: