Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 12, #18 - May 7, 2007 - Issue #624
How Credit-Card Data Went Out Wireless Door

  1. Editor's Corner
    • How Credit-Card Data Went Out Wireless Door
    • Various NewsBytes
    • Spyware Has Morphed Into Malware. Here's How To Fight It!
    • Quote Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Server Virtualization: Figuring Out Costs, ROI And Chargeback
    • Fixing Corrupt Microsoft Outlook Calendar Entries
    • Downloads Hint Of Powershell's Powerhouse Potential
    • Microsoft Releases WSUS 3.0
    • Monitoring Server Disk Space In SQL Server
  4. Windows Server News
    • WSUS 3.0 Released -- Admin Feedback:
    • ISA 2004 SP3 Released
    • Longhorn Slideshow
    • Rootkits: The Next Big Enterprise Threat?
  5. WServer Third Party News
    • Hit Malware Hard
    • Webinar: Disaster Recovery For All Your Data
    • Print Manager Plus Academic Unlimited Site License Available
  6. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • What IS Blended Malware?
Considering Microsoft's Antigen?

Microsoft is spending millions of dollars promoting their "new"
Forefront Antigen with a pretty lame ad campaign. They have recycled
Sybari's product and it is now integrated with other code they acquired.
If you are feeling the heat to deploy Antigen, here is some "Antidote"
instead. We compared Antigen to Ninja, looking at the important
features of each product. You will see why we are calling Ninja a
third-gen product, and with good reason. Here is the PDF document:
http://www.wservernews.com/070507-Ninja-vs-Antigen

Editor's Corner

How Credit-Card Data Went Out Wireless Door

That was the title of a front-page article in the Wall Street Journal Friday May 4, 2007. WSJ explained in great detail how hackers pointed a Wi-Fi antenna to a Marchall's clothing store and found that they were only protected with WEP. It did not take long to crack, and for 18 months credit card data was pulled out. They may have grabbed a whopping 200 million card numbers from four years' records. While the hackers were stealing the data, they were selling it on the Internet on password-protected sites used by gangs who then run up charges using fake cards printed with the numbers.

So, you will likely get some questions shortly (if you have not been asked already) about the wireless security that you have in place. If you still have WEP, I suggest you read up on WPA like lightning, and change to WPA or better wireless security... yesterday! Cuz' your WSJ-reading Board is likely going to ask questions about this. This is a very, very expensive thing to investigate and fix after the fact. Don't let it happen to you, it's a career killer.

Various NewsBytes

A lot of things happened this week! Too much to cover in detail, but here is a quick overview. Redmond will release a service pack this week for Systems Management Server 2003 that allows SMS to support Vista -- Clearwire announced this week that the first Wi-Max laptop card was approved by the FCC -- Expect the new IE8 no later than two years from now -- also this week, Redmond releases WSUS 3.0 -- ISA 2004 SP3 Released -- Last but not least, Microsoft announced seven bugfixes for coming Tuesday. More at:
http://www.wservernews.com/070507-Patch-Tuesday


Spyware Has Morphed Into Malware. Here's How To Fight It!

Join us for an overview of the all-new CounterSpy Enterprise version 2.0. This new version delivers revolutionary hybrid antispyware technology that provides centralized and robust protection against blended malware threats. The web demo will be hosted by Alex Eckelberry, President and Greg Kras, VP of Product Management for Sunbelt Software on Tuesday May 8th at 2:00pm EDT. See the new features of this robust enterprise antimalware product:
  • The new "hybrid" antispyware scanning and removal engine with VIPRE(tm) technology
  • FirstScan(tm) - CounterSpy Enterprise's new scan and remove on-boot technology
  • Kernel-level Active Protection(tm) - signature, behavioral and heuristic-based real-time blocking of threats
  • Improved agent scanning technology
  • Automatic agent deployment functionality
  • Improved administrative console
  • Greater scalability and performance
When: Tuesday, May 8, 2007 2:00 PM (EDT)
To join the day of the event please visit:

http://www.wservernews.com/070507-CSE-Webinar

Meeting ID: 92SSQC
Attendee Meeting Key: XR*mw9Z
Audio: Toll free: +1 (866) 863-8879
Toll: +1 (319) 279-1000
Participant code: 104764

Quote Of The Week

"As far as the laws of mathematics refer to reality, it is not certain. As far as they are certain, they do not refer to reality." -- Albert Einstein

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Really Useful FREEWARE! Web Active Directory & Self-Service Password. Download now:
http://www.wservernews.com/070507-Namescape

New Radmin V3 is a complete, secure and lightning fast Remote Control tool designed by and for system admins. Supports Vista - Try it out!
http://www.wservernews.com/070507-Radmin-V3

NINJA Email Security gets image spam. Last week in the webcast, we even announced a new, dedicated image-spam engine that will come out soon!
http://www.wservernews.com/070507-Ninja


Tech Briefing

Server Virtualization: Figuring Out Costs, ROI And Chargeback

Figuring out virtualization ROI and chargeback puzzles many IT managers. In this exclusive interview, John Hayes offers advice on handling these issues, plus provides tips on using VMware Capacity Planner.
http://www.wservernews.com/070507-Server-Virtualization


Fixing Corrupt Microsoft Outlook Calendar Entries

Microsoft Outlook 2003 and Outlook 2007 are stable products for the most part, but you may occasionally experience problems with corrupt calendar entries. The specific nature of the problem is that a reminder for old appointments will pop up shortly after opening Microsoft Outlook. When you click Dismiss or Dismiss All, you receive the following message: "Cannot turn off the reminder. You may be reminded again. Cannot locate recurrence information for this appointment." Closing the reminder window silences the reminder. But the next time you open Microsoft Outlook, the reminder returns. In this expert tip, find out how to address this issue. (registration required)
http://www.wservernews.com/070507-Corrupt-Outlook-Calendar


Downloads Hint Of Powershell's Powerhouse Potential

Although the PowerShell scripting language might be tricky for IT managers at first, early adopters say learning it is well worth the effort.
http://www.wservernews.com/070507-PowerShell


Microsoft Releases WSUS 3.0

Microsoft released the newest version of its Windows Software Update Services, the company's popular free patching tool known as WSUS 3.0. Some of the highlights are a Microsoft Management Console-based user interface and custom views based on products, classifications, sync date and the groups that the updates are approved for. There is also new filtering based on approvals and the status of a client. Find out more in this exclusive article. Further below is the first Admin Feedback:
http://www.wservernews.com/070507-WSUS-3


Monitoring Server Disk Space In SQL Server

Monitoring SQL Server database files is an essential operation of all DBAs. Avoid downtime and data loss with the three methods described in this tip to monitor auto-growths of database files.
http://www.wservernews.com/070507-SQL-Disk-Space


Windows Server News

WSUS 3.0 Released -- Admin Feedback:

This was a very busy thread on Sunbelt's NTSYSADMIN forum the last few days. Here are some selected comments from people on the list that have tried it out, and some caution is required before you use it.

"It's pretty straightforward though and seems to do a really good job of keeping existing settings and preferences. They have updated the API tools set, but since the email notify is now built in, they may be less useful for many."

"The UI is *very* different. But since it's now MMC rather than web, it's a nice improvement. Plus the built in server cleanup wizard is very helpful."

"As far as eliminating svchost issues, there is a memory leak in wuauclt that causes svchost to consume lots of CPU and RAM. Looks like a combo of the KB fix plus the new client will be required for a complete fix." Link:
http://www.wservernews.com/070507-Memory-Leak

"The server will only install on 2003, but the client still works fine with Win2k. I was reading in the release notes that if you are using a BE for SQL it must be 2005 SP1. Specifically, it states: If WSUS 2.0 has been installed previously and it is using SQL Server 2000, SQL Server Desktop Engine 2000, or any SQL Server database earlier than SQL Server 2005 SP1 (or SQL Server 2005 SP2 on Windows Server "Longhorn"), the WSUS 3.0 installation program will install Windows Internal Database and migrate the database to it. Looks like I will have to wait to do ours until we can upgrade the BE SQL server."

"Note to self: In WSUS 3.0, IE7 is marked for "Install" for All Computers with inherited Approval. BUT, my "Desktops" group is marked "Not approved". This was not an issue in WSUS 2.0, but as soon as I upgraded to 3.0, IE7 got pushed out to all the systems in my Desktop group.

Microsoft Windows Server Update Services 3.0 Overview:
http://www.wservernews.com/070507-WSUS-Overview

Step-by-Step Guide to Getting Started with Microsoft Windows Server Update Services 3.0:
http://www.wservernews.com/070507-WSUS-Guide

How to get your hands on it:
http://www.wservernews.com/070507-WSUS-Download


ISA 2004 SP3 Released

Microsoft Internet Security and Acceleration (ISA) Server 2004 Service Pack 3 (SP3) provides the latest updates to ISA Server 2004 Standard Edition and Enterprise Edition, with increased security, new features, and enhanced functionality. In addition, this service pack provides improved troubleshooting options, designed to help you identify and resolve ISA Server config issues:
http://www.wservernews.com/070507-ISA-2004-SP3


Longhorn Slideshow

If you don't want to install Longhorn, but would like a look at the interface, there's a slideshow walk-through here:
http://www.wservernews.com/070507-Longhorn-Slideshow


Rootkits: The Next Big Enterprise Threat?

Late at night, a system administrator performed a routine check of a crashed server, one of 48 systems comprising a major online infrastructure that generated about $4 million per month in revenue. He was a bit surprised that the system had gone down, as it had been humming for months without any indication of being prone to crashing. The check uncovered three encrypted files. The administrator called on MANDIANT to analyze them. The rest of this riveting story is at InfoWorld:
http://www.wservernews.com/070507-Rootkits


WServer Third Party News

Hit Malware Hard

Is Your Network Protected against Blended Malware Threats?

Cyber criminals are now using combinations of spambots, worms, trojans, rootkits and social engineering to infect your users' machines. Spyware has morphed into malware. You need protection against these new nasties. Surveys tell us the biggest security issue you see this year is blended malware. Protecting your corporate environments from the loss of confidential data, employee productivity, and network bandwidth has become a major issue.

CounterSpy Enterprise: The most powerful antimalware available Company-wide malware protection requires a real, centralized enterprise product. CounterSpy 2.0 is just that: a scalable, policy-based tool that delivers a new, revolutionary hybrid antimalware technology that provides robust protection against blended threats. And your end-users won't even notice.

Hybrid antimalware scanning and removal engine with VIPRE(tm) technology CounterSpy Enterprise is powered by a hybrid engine that merges classic spyware detection and remediation with Sunbelt's new Virus Intrusion Protection Remediation Engine. VIPRE has traditional antivirus and cutting-edge antimalware techniques. The upshot? Faster scanning and dramatically less system resources.

Kernel Level Active Protection
CounterSpy Enterprise's Active Protection(tm) offers signature, behavioral and heuristic-based real-time blocking of threats. It works seamlessly with existing desktop antivirus solutions. And it has best threat database in the industry. Period.

Free trial. Find out how many machines in your organization are infected NOW. Scan the machines in your enterprise for free. Download the trial at:
http://www.wservernews.com/070507-CounterSpy-Enterprise


Webinar: Disaster Recovery For All Your Data

Join this webinar to receive a full overview of Double-Take Software's replication and failover technologies to protect and recover your business- critical data and applications. During this live webinar, we'll provide an overview of how Double-Take works as well as an introduction to Double-Take Software's newest product, Double-Take Server Recovery Option (SRO), which provides system state protection for whole-server recovery. And finally, you'll learn how to leverage both these technologies to launch a comprehensive recovery strategy for your environment that will ensure the availability of both your most critical data systems that your business relies on. When recoverability matters, depend on Double-Take Software to protect and recover your business critical data and applications.
http://www.wservernews.com/070507-Double-Take-Webinar


Print Manager Plus Academic Unlimited Site License Available

Software Shelf offers for the first time an Unlimited Site License for Print Manager Plus 6.0 Standard Academic. This unlimited Academic Site License covers one organization, and one or more domains within the same Active Directory Forest. Whether you are a School District or University Campus Print Manager Plus will cover your Print Management needs. Print Manager Plus allows you to track, quota, and restrict student printing and printer usage for a complete print management solution. This print management system gives you control over all of your printing resources, namely printers, paper, and toner. No more wasted budget resulting from uncontrolled and irresponsible printing. You'll be amazed how much you can save by just tracking this outflow.

Features Include:
  • User Quotas
  • Seven User, Group, or Printer Restrictions.
  • Complete user notification via built in free End User Inquiry Tool.
  • Licensed per Print Server/Workgroup or Unlimited Site License.
  • Supports unlimited users on the Active Directory/LDAP or Workgroup setup.
  • Supports unlimited printers on the print server.
  • Over 100 built in Reports.
  • Easy Install, No Change to Windows, No Hardware Required!
  • Maintenance is included with all products, and covers Upgrades/Updates and Phone Support for One Year from the date of purchase.
Download a fully functional evaluation from:
http://www.wservernews.com/070507-Print-Manager-Plus


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

What IS Blended Malware?

Cyber criminals are now using combinations of spambots, worms, trojans, rootkits and social engineering to infect your users' machines. Spyware has morphed into malware. You need protection against these new nasties. The all-new CounterSpy Enterprise Version 2.0 with centralized "hybrid" antispyware technology does that.

With kernel-level, real-time protection you can feel a bit safer. But how many of the machines in your network are infected? Find out! Test drive the new hybrid antispyware engine that merges the 'system cleaning' properties of traditional antispyware products with the efficiency of powerful antivirus-based technology. Try it today:
http://www.wservernews.com/070507-CounterSpy-Enterprise