Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 12, #32 - Aug 17, 2007 - Issue #638
Exchange Server 2007 SP1 Stacked With Goodies

  1. Editor's Corner
    • Impact Of "Credit Crisis" On IT?
    • More On Thumbs Down On Vista For Admins
    • Test Your Geek IQ
    • Quotes Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • WinXP SP3 Released To Small Group
    • Is Your Company Using Proxcards? This Is Highly Insecure
    • Trouble Ahead - Main Security Threats For 2007
    • Mobile Device Insecurity Facts
    • Nokia Says 46 Million Batteries May Overheat
    • Interpreting The Five Disk-Related Blue Screen Of Death Errors
    • Tutorial: Configuring Microsoft Exchange Direct Push Technology
  4. Windows Server News
    • Exchange Server 2007 SP1 Stacked With Goodies
    • Exchange Server 2003 Performance On VMware ESX Server 3
  5. WServer Third Party News
    • Email Management, According To The Managers
    • Take Credit Cards? A Cost Effective Way To Get PCI DSS Compliant
  6. WServer News FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Use EBay or PayPal? Get their Security Key
10 Questions You Should Ask About Enterprise Antispyware

ITSecurity.com recently posted their Antispyware Buyers Checklist with
10 questions you should ask when considering implementing an enterprise
antispyware solution in your organization. To aid in your search to
find the right antispyware solution, we have provided answers to each
question on how CounterSpy Enterprise is able to deliver all the
necessary requirements to best protect your network from spyware and
other malware. Direct link to a short 2-page PDF - No registration:
http://www.wservernews.com/070820-Antispyware-Checklist

Editor's Corner

Impact Of "Credit Crisis" On IT?

OK, it's all over the news: "Credit Crisis". But subprime mortgages are only 5% of the total economy. The uncertainly connected with it though, and who is exposed makes it seem worse than it is. However, tightness in credit extends out to business lending. And that could influence IT. Here are a few scenarios you might see in the next six months, depending on the financial strength of your own organization:
  • Vendors with low profit margins cannot get cheap money, so they will likely be acquired.
  • Large, capital-intensive IT project could likely get scaled down.
  • If your organization has large debts, there will be a budget crunch.
  • If this fully filters down to consumers (who no longer can use their house as an ATM), that could mean lower general corporate revenues.
Two-thirds of the U.S economy is driven by consumers. Your IT budget is always a percentage of your corporate sales.

Worst case design, it would be a slump similar to the Internet Bubble hangover, but not very likely. The Feds are just going to print money and pump it in the economy when things threaten to get bad. Prepare for the worst and hope for the best.

More On Thumbs Down On Vista For Admins

I got some good feedback from admins about using Vista for admin tasks. They told me that installing the adminpak.msi on Vista would take care of a lot of these complaints. There still seem to be some performance issues with it. But try installing the Windows Server 2003 admin tools, I get reports they work fine on Vista. You just need to follow these instructions:
http://www.wservernews.com/070820-Vista-2003-Adminpak

Downgrading to XP also seems to come with other problems. Below is a link from HP that seems to state that much of the hardware in the HP Vista equipped laptops systems is not and will not be supported by any other operating system drivers. In other words, did Microsoft force component hardware manufacturers to not write software drivers other than Vista for the new machines? See the link:
http://www.wservernews.com/070820-Vista-Hardware

Generally speaking, there are some problems with Vista that give it a bum rap, despite the fact that the actual underlying code is actually a lot more solid than XP's. Let me summarize these for a sec:
  1. A lot of drivers were not ready at release time
  2. Desktop performance is bad
  3. The UAC looked like it was designed by marketing
  4. Upgrade pricing stank
And then there were bugs. For example the slow copying of files, which seems to still be the case in a peer-to-peer network, something not fixed by the recent patches. The coming SP1 should improve things considerably.

Test Your Geek IQ

InfoWorld has a fun test. It's not easy. They told me to get a suit and become a manager, as I was 'no good' as a geek. (I don't know much about Linux, and that sure came out in this test!) Here's how the invite looked:

"Sure, you may have scored more than 150 on the standardized IQ test, you may party hearty with Mensa Mommas -- but what's that actually worth in the real world? Diddly. If you truly want to know how smart you are when it counts, then InfoWorld's Geek IQ test is the puzzler for you. Answer the 20 questions below, and we'll add up your score and let you know how you measure up. Even a suit can follow those directions. And remember: Googling every question will not give you an accurate score. Got a beef or want to brag? Take it out on the comments section of the Answer Key page at the end of the test."
http://www.wservernews.com/070820-Geek-Test


Quotes Of The Week

"You must keep your mind on the objective, not on the obstacle." -- William Randolph Hearst
"The nationalist not only does not disapprove of atrocities committed by his own side, he has a remarkable capacity for not even hearing about them." -- George Orwell

Thank you for being a WServerNews subscriber!

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

BotHunter is a passive traffic monitoring system that can locate bot activity on your network, but you need Linux to use it.
http://www.wservernews.com/070820-BotHunter

Exchange Server 2007 is a native 64-bit app with 64-bit management tools. But if your remote management system is 32, you will need the 32-tools:
http://www.wservernews.com/070820-Exchange-32bit-Tools

You may not know this, but the Community Edition is actually free. Download rDirectory and webify your Active Directory.
http://www.wservernews.com/070820-rDirectory

Run VMs? How do you handle disaster recovery and high availability? Use the World's Number One "DR/HA in-one" tool: Double-Take:
http://www.wservernews.com/070820-Double-Take


Tech Briefing

WinXP SP3 Released To Small Group

Redmond has this week dropped an early copy of WinXP SP3 in the lap of a small group of testers. Coming in at less than 350MB, the service pack includes fixes for over 900 reported problems, some of which have already been resolved with post-Service Pack 2 hotfixes. This build is tagged 5.1.2600.3180, and here are some pictures of the build:
http://www.wservernews.com/070820-XP-SP3-Pic1

http://www.wservernews.com/070820-XP-SP3-Pic2


Is Your Company Using Proxcards? This Is Highly Insecure

Chris Paget, director of R&D for IOActive, in his speech at BlackHat, talked about a low-cost, handheld device for cloning RFID cards. Paget held up several RFID cards, waved them close to his cloning device, and in seconds created a usable copy of the original RFID card. In conclusion, Paget said, "If you use 125KHz proximity cards, your doors are highly insecure!"

Well, I just did a Google search, and found that indeed since a few years the technology to break them exists, and that it's not all -that- hard when you are a geek. Here is a page that explains how to do it. In Sunbelt we have moved to biometrics completely. You need your fingerprint to open our main doors. It's not 100% either but it's definitely better than this:
http://www.wservernews.com/070820-Proximity-Cards


Trouble Ahead - Main Security Threats For 2007

A recent University of Michigan study found that 70 percent of corporate theft incidents can be traced to an insider. This year saw the increase in Web-based attacks, and that's only going to intensify in 2007, security experts say. A recent IDC report found that up to 30 percent of companies with 500 or more employees have been infected via Web surfing, and 20- to 25 percent via email-borne worms and viruses.
http://www.wservernews.com/070820-Security-Threats


Mobile Device Insecurity Facts

Mobile device use is widespread. More than half those surveyed (60.8%) have at least one, and almost a third (29.3%) have two. The vast majority of users (70.7%) keep confidential information on their mobile device - be it their own or their employer's. Almost all users (78.1%) who lost a portable device containing confidential information still do not encrypt their data today.
http://www.wservernews.com/070820-Mobile-Device-Security


Nokia Says 46 Million Batteries May Overheat

Nokia is offering to replace 46 million batteries made by another company for use in its mobile phones because of a risk of overheating, Nokia said on Tuesday. It's moving from Laptops to phones now! Faulty batteries made by Japan's Matsushita and sold in a wide range of Nokia phones will be replaced for free. InfoWorld broke the news:
http://www.wservernews.com/070820-Nokia-Batteries


Interpreting The Five Disk-Related Blue Screen Of Death Errors

A dreaded Blue Screen of Death error message can provide insight into the root cause of the failure. Here you'll learn what the five most common disk-related BSOD Stop messages mean.
http://www.wservernews.com/070820-BSOD-Errors


Tutorial: Configuring Microsoft Exchange Direct Push Technology

Learn how Microsoft Direct Push technology works and find out how to configure and implement Direct Push in an Exchange 2003 SP2 email environment.
http://www.wservernews.com/070820-Exchange-Direct-Push


Windows Server News

Exchange Server 2007 SP1 Stacked With Goodies

Redmond release a new CTP (community technology preview) which includes more support for W2K8, W2K3 SP2, Vista, and Lotus Notes. People that have MSDN and TechNet can get their hot little hands on it.

The CTP is now feature complete, and supports Vista better, e.g. Exchange management tools now run on Vista and W2K8. E2K7 SP1 Beta 2 also adds standby continuous replication, which allows Exchange to maintain an updated stand-by server to prevent catastrophic data loss in the event of power failures, but there is no automatic failover, this is a manual switch.

Then, there's the additional security. Redmond says that Exchange Server-side security has been improved to support military requirements. Admins will also be interested in the new S/MIME (Secure/Multipurpose Internet Mail Extensions) support Redmond has dropped into Outlook Web Access (OWA). OWA looks even more like Outlook now. SP1 will provide support for custom forms, new and much better mobile-device management like new ActiveSync policies for synching, authentication, and encryption.

E2K7 SP1 also adds an array of other updates, including the intro of IPv6 support, a service pack for Forefront Security for Exchange Server that "increases filtering and scanning performance," better integration with the new Office Communications Server 2007.

An interesting fact from a slide that was presented at Microsoft's yearly Financial Analyst Meeting in June, shows that Exchange is a $1.5 billion annual revenue stream. Redmond claims more than a thousand companies have switched from Lotus Notes to Exchange in the last 12 months. They did not tell how many changed from Exchange to Notes though. ;-D

Getting SP1 released later this year is likely to convince many admins who have been sitting on the sidelines to migrate to E2K7. And we have a Ninja version for them too.

Exchange Server 2003 Performance On VMware ESX Server 3

This VMware white paper discusses the performance and scalability of Microsoft Exchange Server 2003 when deployed within virtual machines running under VMware ESX Server 3.0.1. The introduction of this 19 page white paper reads:

"Virtualization has become a mainstream technology, allowing enterprises to consolidate underutilized servers while helping to increase reliability and fault tolerance and simplify load balancing. As organizations embrace virtualization in the data center, many may consider virtualizing Microsoft Exchange software. This paper suggests how an enterprise-critical messaging application like Microsoft Exchange Server 2003 should be sized and deployed on VMware ESX Server1 to obtain a satisfactory Quality of Service.

Specifically, we examine:
  • The performance implications of running Exchange Server 2003 on a virtual machine versus a physical system.
  • The performance of Exchange Server 2003 in virtual machine configurations when "scaling-up" (adding more processors to a machine) and "scaling-out" (adding more machines).
This paper discusses the performance and scalability of Exchange Server 2003 when it is deployed within virtual machines hosted by VMware ESX Server 3.0.1 on a Dell PowerEdge 6850 server with a Dell-EMC CX500 FC SAN. The Heavy user profile from Microsoft's Exchange Server 2003 Load Simulator benchmarking tool was used to simulate the Exchange workload. Results indicated that a uniprocessor virtual machine can support up to 1,300 Heavy users. Our experiments also show that consolidating multiple instances of these uniprocessor Exchange virtual machines on a PowerEdge 6850 can cumulatively support up to 4,000 Heavy users while still providing acceptable performance and scaling.

A key observation in the study is that uniprocessor virtual machines are, from a performance perspective, equivalent to half as many multiprocessor (two virtual processors) virtual machines. Hence we recommend that the Windows and Exchange licensing costs, ease of management, and corporate standards guide your configuration in this regard.

This VMware white paper discusses the performance and scalability of Microsoft Exchange Server 2003 when deployed within virtual machines. PDF:
http://www.wservernews.com/070820-Virtualizing-Exchange-2003


WServer Third Party News

Email Management, According To The Managers

When you're evaluating email security management systems, defining your must-haves is the easy part: ironclad effectiveness, no downtime, easy to manage. Finding out which of five top-tier solutions in wide use really deliver on those qualities is more difficult, unless you have the means to survey several organizations using them. But that's exactly what Osterman Research did, and the results are available to you now in a free white paper, "Comparing Email Management Systems that Protect Against Spam, Viruses, Malware and Phishing Attacks". When you're evaluating critical security solutions, what you really need to know is how they perform in the real world, not in the lab. That's just what you'll learn about email security management systems in this free white paper. (PDF, no registration!):
http://www.wservernews.com/070820-Email-Management-White-Paper


Take Credit Cards? A Cost Effective Way To Get PCI DSS Compliant

Visa is warning large merchants who accept credit cards that they face higher transaction fees beginning in October if they don't fully comply with the PCI data security standard by the end of next month.

If your organization takes credit cards, one of the requirements is you scan your networks for vulnerabilities. SNSI can do that for you at an incredible price.

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.

New vulnerability updates for this release include:

W3183	Vector Markup Language Could Allow Remote Code Execution
W3182	Virtual PC and Virtual Server Could Allow Elevation of Privilege	
W3180	Windows Media Player Could Allow Remote Code Execution
W3179	GDI Could Allow Remote Code Execution	
W3178	Cumulative Security Update for Internet Explorer	
W3177	Microsoft Excel Could Allow Remote Code Execution	
W3176	Microsoft Excel Could Allow Remote Code Execution	
W3175	Microsoft Excel Could Allow Remote Code Execution	
W3174	Microsoft Excel Could Allow Remote Code Execution Office 2000	
W3173	OLE Automation Could Allow Remote Code Execution - Visual Basic 6	
W3172	OLE Automation Could Allow Remote Code Execution	
W3171	Microsoft XML Core Services Could Allow Remote Code Execution	
W3170	Microsoft XML Core Services Could Allow Remote Code Execution	
W3169	Microsoft XML Core Services Could Allow Remote Code Execution	
W3168	XML Core Services Could Allow Remote Code Execution XML Core 6	
W3167	XML Core Services Could Allow Remote Code Execution XML Core 4	
W3166	XML Core Services Could Allow Remote Code Execution XML Core 3	
W3165	Visual Studio 6 VDT70.dll ActiveX Vulnerability - W2K, XP, W2K3	
W3164	Photoshop PNG, BMP file handling vulnerability - W2K, XP, W2K3
W414	ActivIdentity CAC Card Detected
S487	Java Portal Server XSLT handling - Solaris 8 - 10
S486	Java Web Server HTTP response splitting - Solaris 8 - 10
N65	IOS Next Hop Resolution Protocol Vulnerability
N64	IOS UCM Voice Vulnerabilities
M123	Security Update 2007-007 not installed - Mac OS X
M2	Photoshop PNG, BMP file handling - Mac OS X
H7	OpenView Performance Insight Shared Trace Vulnerability - HP-UX 10, 11

Sunbelt Network Security Inspector version 1.6.74.0 was released Aug 15, 2007. Sunbelt Software recommends you download the new SNSI version 1.6.74.0 and scan and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/070820-SNSI


WServer News FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Use EBay or PayPal? Get their Security Key

Some one sent this to me. It's not new, but a really good idea. "If you are a eBay or PayPal member, I recommend that you consider getting the PayPal Security Key. This security key adds another authentication factor for access to your eBay and PayPal accounts. The pocket size device generates a unique six-digit security code about every 30 seconds. You enter that code when you log in to your PayPal or eBay account with your regular user name and password. Then the code expires - no one else can use that code. Once the security key is activated for your account, no one can access your account with using the key. Simple! Online banking websites should have been doing this long ago." Get one here for 5 bucks:
http://www.wservernews.com/070820-Security-Key