Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 12, #16 - Apr 23, 2007 - Issue #622
Here's The Deal On The Windows DNS Bug

  1. Editor's Corner
    • The Latest Threat Developments
    • Live Web Demo Of New CounterSpy Enterprise Version 2.0
    • Upcoming Double-Take Seminars
    • Quote Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Corporate Data Slips Out Via Google Calendar
    • Free Advanced Server Virtualization Seminar
    • Cracking Passwords: 8 tips in 8 minutes
    • Tip: How Current Virtualization Licensing Blocks Adoption
    • NTFS And The Registry In Vista Packaged Up
    • Change System Restore Volume Size In Windows Vista
  4. Windows Server News
    • Redmond Targets Next Billion Customers
    • Here's The Deal On The Windows DNS Bug
  5. WServer Third Party News
    • Dorian Software and Sunbelt Software Partner Up
    • Recently Recovered A Server From Tape Backup?
    • Protect Exchange In Half The Admin Time And Half The Cost!
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • The New Radmin V3: Fast, Secure Remote PC Access and Control
The New Radmin V3: Fast, Secure Remote PC Access and Control

The New Radmin V3 is a secure and lightning fast Remote Control
tool designed by and for system admins. It took a few years but they
pulled it off. This is a major new release and still very affordable.
Version 3 Supports Vista (32bit) and you should try it out, the new
drivers are lightning fast and you can get to PCs from anywhere in
the world. Radmin also has file transfer, multi-user text and voice
chat, Windows security, 256-bit AES encryption, telnet and more.
Try it out for yourself and SEE the speed:
http://www.wservernews.com/070423-Radmin

Editor's Corner

The Latest Threat Developments

Two noteworthy things this week we should all be aware of. The number of cyberattacks that consist of a single e-mail targeting no more than just one, or a handful of people is up sharply from last year. It means that cybercrime is getting ever more sophisticated in its approach, and even more targeted than before. They single out companies that are likely targets and send emails with malformed MS-Office attachments, often more than one, which infect the machine of the target with a Trojan. From that point forward, the machine is owned.

Another ominous development are P2P Botnets. These nets do not have a central hierarchical command-and-control architecture, but each of the bots are both server and client, so that the central chokepoint is eliminated. That makes these types of P2P botnets hard to take down, as gaps in their networks will be closed without loss of their operation or the criminal's control.

It's a game of chess, and the bad guys have white.

Live Web Demo Of New CounterSpy Enterprise Version 2.0

Join us for an overview of the all-new CounterSpy Enterprise version 2.0. This new version delivers revolutionary hybrid antispyware technology that provides centralized and robust protection against blended malware threats. The web demo will be hosted by Alex Eckelberry, President and Greg Kras, VP of Product Management for Sunbelt Software on Tuesday April 24th at 2:00pm EDT. Learn about the new features of this robust enterprise antimalware product including:
  • The new "hybrid" antispyware scan/remove engine with VIPRE(tm) technology
  • FirstScan(tm) - CounterSpy Enterprise's new scan and remove on-boot technology
  • Kernel-level Active Protection(tm) - signature, behavioral and heuristic-based real-time blocking of threats
  • Improved agent scanning technology
  • Automatic agent deployment functionality
  • Improved administrative console
  • Greater scalability and performance
When: Tuesday, April 24, 2007 2:00 PM (EDT)
To join the day of the event please visit:

http://www.wservernews.com/070423-CSE-2-Webinar

Meeting ID: 92SSQC
Attendee Meeting Key: XR*mw9Z
Audio: Toll free: +1 (888) 468-4618
Toll: +1 (620) 782-8200
Participant code: 104764

Upcoming Double-Take Seminars

We'd like to invite you to attend the following seminars that we are hosting: "Recovery Made Easy for Exchange, SQL, and other Critical Applications" - Join Sunbelt and Double-Take Software as we discuss strategies for implementing high availability, remote availability and offsite disaster recovery solutions for SQL, Exchange and other mission critical applications using Double-Take. You will also hear about Double-Take's NEW solutions that power your keys to recoverability.

Hosted at Microsoft in Pittsburgh, PA on Friday, April 27th.
Register here:
http://www.wservernews.com/070423-DT-Seminar-PA

Hosted at Microsoft in Sacramento, CA on Friday, May 11th.
Register here:
http://www.wservernews.com/070423-DT-Seminar-CA
Hosted at Microsoft in Minneapolis, MN on Tuesday, May 22nd.
Register here:
http://www.wservernews.com/070423-DT-Seminar-MN


Quote Of The Week

"If you can't be a good example -- then you'll just have to be a horrible warning." --Catherine
"A man always has two reasons for doing anything / a good reason and the real reason." -- John Pierpont Morgan

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Must Have FREEWARE. Web Active Directory & Self Service Password. Download now!
http://www.wservernews.com/070423-Namescape

New Radmin V3 is a complete, secure and lightning fast Remote Control tool designed by and for system admins. Supports Vista - Try it out!
http://www.wservernews.com/070423-Radmin-V3

Microsoft unveils 'Flash Killer" called Silverlight. This is a new tool that will be released later this year. Read about it now though!
http://www.wservernews.com/070423-Silverlight


Tech Briefing

Corporate Data Slips Out Via Google Calendar

It's not clear what gets discussed during McKinsey & Co.'s weekly internal communication meeting, but the dial-in number and passcode for the event can be easily found by searching with Google. The data is out there thanks to the Search Google Calendar a feature added to Google's Web-based calendar service last November. Google bills it as a cool way to discover interesting events, but a few quick searches show that it can also be used to turn up sensitive corporate information that was inadvertently made public using Google Calendar. More at InfoWorld:
http://www.wservernews.com/070423-Google-Calendar


Free Advanced Server Virtualization Seminar

SearchServerVirtualization.com's free 1-day seminar, "Advanced Server Virtualization: Virtualization in Production" is coming to New York this June and Toronto in November. Attend to find out how to take virtualization and all its benefits to the next level! Independent expert Chris Wolf will show you how to get away from piecemeal virtualization and move into the dynamic data center future. Find out how to change your operations to exploit and support virtualization and get practical advice about deploying and managing next generation hardware and software. And learn how to build large scale deployments of virtualization, how to handle advanced system management tasks common in virtualization and much more. Attendance is free but seating at this advanced event is very limited, apply today!
http://www.wservernews.com/070423-Virtualization-Seminar


Cracking Passwords: 8 tips in 8 minutes

The ability to crack passwords is a useful skill for any network admin, whether it's to test the strength of their own passwords or to circumvent security when an end user forgets their code. Learn some valuable password cracking skills with these eight expert tips. (subscription required)
http://www.wservernews.com/070423-Passwords


Tip: How Current Virtualization Licensing Blocks Adoption

Technical issues represent just a small part of the issues IT managers face when deciding to adopt virtualization. Beginning much earlier than actual implementation, IT managers will be tasked with trying to find products that are officially supported in a virtual environment and by trying to understand how licensing applies. Find out more in this tip! (registration required)
http://www.wservernews.com/070423-Virtualization-Licensing


NTFS And The Registry In Vista Packaged Up

The Registry and NTFS functions in Windows Vista are now packaged up, or transaction based, and transaction failure is no longer a problem. See an example of this new feature in a book excerpt from "Administering Vista Security: The Little Surprises" by Mark Minasi.
http://www.wservernews.com/070423-Vista-Security


Change System Restore Volume Size In Windows Vista

Learn how to change a drive's shadow volume size in Microsoft Windows Vista using the vssadmin command-line utility.
http://www.wservernews.com/070423-VSSadmin


Windows Server News

Redmond Targets Next Billion Customers

Microsoft said this week that later in 2007 it would start delivering $3 (yes you read that right... three bucks) software to governments that buy and supply PCs to K-12 students in the third world. The package is called the Microsoft Student Innovation suite, and it's a bundle of the XP Starter Edition, Office Home and some more code. Redmond is also going to add 90 more Innovation Centers in 25 countries to the 110 it's already got in 60 countries to expand local workforce skills and create jobs.

Here's The Deal On The Windows DNS Bug

The Windows DNS flaw has not yet been patched by Microsoft. Until Microsoft acts, here's what you need to know about the vulnerability and, most importantly, what you can do about it. No patch in expected until May 8th. The only workaround available at the moment is to turn off remote control, which of course is not very workable at all. It's been all over the news, but ComputerWorld has the best write-up about the whole thing, and wrote it in FAQ format which I liked best to get everyone up to date on what the problem is, and how to fix it in the mean time.

In short: W2K Server and W2K3 have a bug in how the DNS Server Service -- the component that lets the server act as a Domain Name System server to route URL requests to the proper destination -- handles remote procedure call (RPC) protocol calls. By sending a malicious RPC packet to a DNS-enabled server, attackers could generate a stack-based buffer overflow. Code executed after that has complete access to the system. They then own the box; game over. Read the FAQ at:
http://www.wservernews.com/070423-Windows-DNS-Bug


WServer Third Party News

Dorian Software and Sunbelt Software Partner Up

Are proactive security measures reliable enough to negate the need for an enterprise quality log management and auditing solution? Of course not. Even with a strong focus on front-line security and even if your enterprise does not face the compliance requirements of HIPAA or Sarbanes-Oxley for example, an SIEM solution is a must in today's evolving enterprise.

Dorian Software Creations, Inc. holds the patent for modular event log management technology with its Total Event Log Management Solution (tm). Dorian's suite of log management applications easily brings enterprise quality log management within reach of small and medium size enterprises.

This modular group of log technology includes the Dorian (r) flagship SIEM title Event Archiver (r), which automatically collects and consolidates log files into various flat file formats and hassle-free, databases, like Microsoft Access (tm), SQL, or Oracle (r). Event Analyst (r) provides filtering and automated reporting on flat files or your events database, and Event Alarm (r) provides near real-time notification of the specified events that it monitors. Finally, Event Rover (tm) offers a convenient method of quickly mining log data for on-the-fly log forensics. Choose the individual titles you need, or purchase them together for a complete SIEM solution.

And now, Dorian is offering all customers of Sunbelt's Network Security Inspector 15% off any single log management title or combination of titles. As you know already, SNSI can help you make sure auditing is properly enabled on all of your important systems. Now, let Dorian help you preserve, analyze, and monitor that critical auditing data generated by your auditing policies. Download the free evaluation software and get ready to take advantage of this limited time offer.
http://www.wservernews.com/070423-DorianSoft

This offer is good until December 31, 2007 and is not available in addition to other discounts. Request a quote for the desired Dorian log management title(s),
http://www.wservernews.com/070423-Quote


Recently Recovered A Server From Tape Backup?

Have you recently recovered a production server using traditional backup solutions like tape? The complexity of traditional recovery solutions compounds an already difficult situation, and heightens the opportunity for human error. Speed and quality of recovery are extremely important when customers and employees are relying on access to critical data, but the average restoration takes hours at best. And with solutions like tape backup, even a successful recovery results in the loss of any data that is new or has changed since the backup was made. The Double-Take(r) Server Recovery Option is a whole-server data protection solution that, when combined with Double-Take real-time replication, simplifies the restoration process and reduces the time and effort involved with server recovery. Using Double-Take with the Server Recovery Option, the entire production server - its operating system, applications and data - can be protected and easily recovered to a new system quickly. (PDF)
http://www.wservernews.com/070423-Server-Recovery-Option


Protect Exchange In Half The Admin Time And Half The Cost!

You need better email security. Existing products are a pain to manage, and they are not integrated. Ninja was developed 'by admins for admins', and it shows. Independent research reported that Ninja takes half the admin time to protect Exchange from spam, viruses, phishing, malicious attachments and even zero-day attacks. Ninja also has great disclaimer functionality, and more plug-ins are coming. More over, you can get a 50% competitive upgrade discount if you switch! Check out Ninja now, you will be very happy you did:
http://www.wservernews.com/070423-Sunbelt-Messaging-Ninja


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

The New Radmin V3: Fast, Secure Remote PC Access and Control

The New Radmin V3 is a secure and lightning fast Remote Control tool designed by and for system admins. It took a few years but they pulled it off. This is a major new release and still very affordable. Version 3 Supports Vista (32bit) and you should try it out, the new drivers are lightning fast and you can get to PCs from anywhere in the world. Radmin also has file transfer, multi-user text and voice chat, Windows security, 256-bit AES encryption, telnet and more. Try it out for yourself and SEE the speed:
http://www.wservernews.com/070423-New-Radmin-V3