Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 12, #33 - Aug 27, 2007 - Issue #639
The Monster.com Mess

This issue of WServerNews is sponsored by
Namescape: Active Directory. Activated.
  1. Editor's Corner
    • The Monster.com Mess
    • iPhone Unlocked: AT&T Loses iPhone Exclusivity
    • Quotes Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Microsoft Plugs Single Sign-On With Windows Live ID
    • German Anti-hacker Law Could Backfire
    • Redmond Finds Big Partners For Voice Compression
    • Microsoft Uses Silverlight For Experimental Search Site
    • What Is The Best CPU Performance For Your Buck?
    • Step-by-Step Guide: Planning for a Security Breach
    • Hardware Flash Drive Secures Windows Passwords
    • Server Virtualization For SMBs Top Five Reseller Tips
  4. Windows Server News
    • Windows Server 2008 Sales Outlook Uncertain
    • Microsoft To Launch Communications Servers in October
    • Amazon Leaks Price, Date Of First Windows Home Server Box
    • Vista Enterprise Licensing Terms May Be Scaring Companies Off
  5. WServer Third Party News
    • Replication: The Difference Between E2K7 and Double-Take
    • With Virtualization, Now Many Apps Can Go Down
  6. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. Product of the Week
    • Time To Upgrade Your AD Toolset To Industrial Strength?
Active Directory Activated like never before!

Just released, rDirectory 2.0! Tap into Active Directory's potential
with composable web applications you can deploy in minutes. New &
improved rDirectory 2.0 combines an easy to use designer with templates
and preconfigured applications for secure solutions that leverage your
existing AD. It's the perfect system: a self-editable directory, a
template driven account creation tool, a way for users to create and
self-subscribe to email lists and groups, a self-service password reset
utility, a valuable tool for any help desk and more. Discover the
flexibility of rDirectory and new ideas on how to leverage AD will
start popping up. See why customers call rDirectory the "the most
versatile Active Directory tool available."
http://www.wservernews.com/070827-rDirectory

Editor's Corner

The Monster.com Mess

The looting of Monster goes back weeks, and maybe months, so IF you had your resume out there, you need to use a double dose of suspicion when you get emails to the address you provided. Some unwary users of Monster have had their identity stolen and their back accounts were suddenly emptied. Monster's database was looted, and personal data was taken to craft extremely convincing emails that then installed trojans and ransomware on PCs. It looks like 1.6 million records were stolen, so yours might be one of them. Our Malware Researchers have been going back and looking at everything again because of all the press lately and they have found some evidence that they were probably attacking the CareerBuilder site as well. So keep an eye out for that too.

Monster itself was not hacked. But smart attackers blended some noxious elements together: stolen information, personalized phishing email, combined with trojan malware and so called 'money mules' (middlemen who transfer money from a phished bank account to a foreign, difficult to trace account.) What happened is that "by gaining unauthorized access to employer accounts, the software was obtaining job seeker contact information," Monster said in a recent alert. The data-stealing Trojan was hard coded to look at U.S. residents only. And of course CounterSpy finds it. I have three links for you. One is from Monster themselves:
http://www.wservernews.com/070827-Monster

The other one is ComputerWorld that has a very good FAQ and backgrounder story. This is practically required reading.
http://www.wservernews.com/070827-ComputerWorld

The third is to CounterSpy, which IF this trojan is on any of your systems, will find it and clean it off for 15 days:
http://www.wservernews.com/070827-CounterSpy


iPhone Unlocked: AT&T Loses iPhone Exclusivity

August 24, 2007, 12:00PM EDT, the EndGadget site reported: "It's high noon, Apple and AT&T -- we really hate to break it to you, but the jig is up. Last night the impossible was made possible: right in front of our very eyes we witnessed a full SIM unlock of our iPhone with a small piece of software. It's all over, guys. The iPhoneSIMfree.com team called us up to prove their claim that they cracked Apple's iPhone SIM lock system, and prove it they did. (No, we don't have a copy of the unlock software, so don't even ask us, ok?) The six-man team has been working non-stop since launch day, and they're officially the first to break Apple's SIM locks on the iPhone. It's done. Seriously. They wouldn't tell us when and how they would release it to the public, but you can certainly bet that they'll try to make a buck on their solution (and rightly so). We can hardly believe the iPhone's finally been cracked. No, scratch that -- we just can't believe it took this long. Again: we can confirm with 100% certainty that iPhoneSIMfree.com's software solution completely SIM unlocks the iPhone, is restore-resistant, and should make the iPhone fully functional for users outside of the US. Read on for details and links to our video, and check out the gallery of images below."
http://www.wservernews.com/070827-iPhone-Hacked

And here is the video showing it !!
http://www.wservernews.com/070827-iPhone-Sim-Unlock


Quotes Of The Week

"I didn't attend the funeral, but I sent a nice letter saying I approved of it." -- Mark Twain
"Aim at Heaven and you will get Earth thrown in. Aim at Earth and you get neither." -- C.S. Lewis

And thank you for being a WServerNews subscriber.

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Vista Command Prompt in Admin Mode - If you go down to Start and type CMD in the search box (not from the RUN line) and hit CTRL+SHIFT+ENTER, it will open the command prompt in Admin mode.

Enable users to securely reset their own Active Directory passwords through an easy and secure web interface with myPassword. A complete solution at a very reasonable cost.
http://www.wservernews.com/070827-Namescape

The Sunbelt Personal Firewall is just 10 bucks for a limited time. That is a killer deal for a Top Class Firewall with HIPS and NIPS:
http://www.wservernews.com/070827-Sunbelt-Personal-Firewall

Sprint offers the first U.S.$10.5 million Blackberry 8830. Oh, they are throwing in a private island... You need one! Check the video:
http://www.wservernews.com/070827-Blackberry-8830


Tech Briefing

Microsoft Plugs Single Sign-On With Windows Live ID

Microsoft has released a software development kit for a service that enables users who log in through one Web site to be authenticated on many others. InfoWorld has the story:
http://www.wservernews.com/070827-Single-Sign-On


German Anti-hacker Law Could Backfire

A new anti-hacker law in Germany will make it illegal to have in your possession, any hacker tools on your system, even if you are a professional who uses these tools to test for security vulnerabilities. With that in mind, RSN editing staff wonders who will be left to test for security vulnerabilities in Germany? John Blau fills you in. More at InfoWorld:
http://www.wservernews.com/070827-Anti-Hacker-Law


Redmond Finds Big Partners For Voice Compression

Microsoft announced six companies, including Intel, and Texas Instruments, are now licensing its voice software for audio conferencing, video, wireless over IP and gaming devices. The licensing agreements, which were announced Tuesday at the VoiceCon San Francisco 2007 conference, could help put Microsoft in the catbird's seat as it extends its tentacles to the emerging unified communications market. Infonetics Research, an IT market research firm based in Boston, in July reported worldwide sales of unified communications applications increased 21 percent between 2005 and 2006 to more than $363 million. It now expects the market to grow in the "high double digits" each year through at least 2010. More at:
http://www.wservernews.com/070827-Voice-Compression


Microsoft Uses Silverlight For Experimental Search Site

Microsoft uses Silverlight for an experimental search site, that looks quite Vista-esque. The site is called Tafiti, which means "do research" in Swahili. You can check the site out, but you do need to install Silverlight first. It's not that big and looks very pretty:
http://www.wservernews.com/070827-Tafiti


What Is The Best CPU Performance For Your Buck?

The interactive CPU Charts at tomshardware provide a true performance comparison between AMD and Intel processors. They allow ambitious users as well as decision makers and dealers to compare their favorite products in 20+ benchmark disciplines. In addition, the price/performance index enables you to find the best performance for your buck. This chart is updated daily with the latest product prices from TG Stores. The charts have several unique features:
  • Select your desired benchmark.
  • Select two processor models, which will be highlighted on your results page.
  • Check out the absolute and relative performance difference between selected models at the bottom of the page.
  • Click on any bar within the chart to receive the test configuration.
It's over here, with some pre-set comparisons:
http://www.wservernews.com/070827-CPU-Performance


Step-by-Step Guide: Planning for a Security Breach

Do you have a solid plan in place for if and when you experience a security breach? Does that plan include important contact information, and have you and your co-workers walked through the plan together? This step-by-step guide will help you to set an action plan in place. (registration required)
http://www.wservernews.com/070827-Security-Breach


Hardware Flash Drive Secures Windows Passwords

This little silver flash drive manages Windows passwords and self-destructs after 10 login attempts. Learn more in this exclusive article.
http://www.wservernews.com/070827-Hardware-Flash


Server Virtualization For SMBs Top Five Reseller Tips

Server virtualization opportunities abound in the small and midsized business (SMB) market, but resellers, systems integrators and service providers traditionally used to working with larger enterprises may be hesitant to pursue them. Access the top five SearchSystemsChannel.com tips for how-to advice for helping both you and your SMB clients go virtual.
http://www.wservernews.com/070827-Virtualization


Windows Server News

Windows Server 2008 Sales Outlook Uncertain

Few experts believe it will be hard for Microsoft solutions partners to sell Windows Server 2008 when it comes out in February. The questions are who will buy it and, more importantly, when, considering the relatively long sales cycle endemic to server software and the historically slow takeoff of many major Windows updates.

The first wave of customers will likely be those who currently run Windows 2000 Server, according to John Enck, a research vice president for Gartner Research. He estimated that about 40% of the Windows Server market runs Windows 2000 Server, which Microsoft will stop supporting in 2010. Those users will want a "really rapid migration" to Windows Server 2008, he said.

Michael Cherry, a lead analyst for Directions on Microsoft, agreed that Windows 2000 Server users will have the greatest incentive to upgrade before Microsoft's support expires. "That's always an issue," he said. "You're going to want to move faster than the others." More at SearchITChannel:
http://www.wservernews.com/070827-Windows-Server-2008


Microsoft To Launch Communications Servers in October

The next generation of Microsoft's efforts at unified communications will be unveiled on Oct. 16 when it launches three products including its crown jewel, Microsoft Office Communications Server 2007. Read more:
http://www.wservernews.com/070827-Communication-Servers


Amazon Leaks Price, Date Of First Windows Home Server Box

ComputerWorld reported that details and prices of the first home server running Microsoft Corp.'s Windows Home Server software were posted briefly on several online stores yesterday. Systems are scheduled to ship Sept. 15 at prices starting at $599. According to listings on such e-tailing sites as Amazon.com, PCMall.com and onSale.com, Hewlett-Packard Co.'s MediaSmart Home Server will be sold in two models at prices of $599 and $749. The pair are identical with the exception of the amount of included storage: the $599 server contains 500GB, while the $759 unit offers 1TB. Both servers will be powered by a 1.8-GHz Sempron processor from Advanced Micro Devices Inc., and come bundled with HP's Photo Webshare software, an add-on to Windows Home Server (WHS) that builds a photo-sharing Web site and serves it from the MediaSmart box. None of the for-sales listings spelled out the amount of memory in the servers, however. HP declined to comment on the MediaSmart leaks. More at:
http://www.wservernews.com/070827-Windows-Home-Server


Vista Enterprise Licensing Terms May Be Scaring Companies Off

Beyond the issues of operating system performance, the changes to Microsoft's Vista licensing program seem to be having a chilling effect on sales. Meanwhile, the number of desktop Linux users apparently doubled in the last year. Microsoft-Watch has a lot of interesting detail on this 'Vista Enterprise' license.
http://www.wservernews.com/070827-Vista-Licensing


WServer Third Party News

Replication: The Difference Between E2K7 and Double-Take

Exchange 2007 SP1 features Standby Continuous Replication (SCR). Like LCR and CCR, Standby Continuous Replication uses asynchronous log shipping and reply to create a backup "standby" database on a target Exchange server. Unlike CCR, which relies on clustering and provides high availability, SCR sends data from a standalone or clustered Exchange server to a standalone Exchange server and provides no failover capabilities. SCR shares some of the same limitations as LCR and CCR and introduces some new limitations.

Some items customers should consider about SCR and Double-Take:
  • SCR provides no failover. SCR is designed to create a standby database that matches the source database, similar to LCR but with the database residing on a separate server. To provide high availability and DR, Microsoft recommends combining CCR and SCR.
  • You must use a single database per storage group. When a storage group has been enabled for SCR, it can only contain a single database. This prevents you from scaling up by having multiple databases per storage group. Double-Take does not have this limitation.
  • SCR is not real-time protection of Exchange data. SCR works by shipping log files locally and applying them to a second copy of the Exchange database. It is not real-time replication.
  • You cannot backup an SCR target database. This limitation of SCR prohibits using SCR for a centralized backup strategy and moving backups off of the production servers. Double-Take does not have this limitation and fully supports backups from the target server.
To get a full-feature test of Double-Take with Exchange for 30 days:
http://www.wservernews.com/070827-Replication


With Virtualization, Now Many Apps Can Go Down

Before the technological development of virtual servers, a single physical server crash might bring down one or two mission critical apps. But now, one server crash, running a lot of virtual servers, can KO many more apps.

That's why you absolutely need to look into high availability and disaster recovery (HA/DR) for these virtual servers - and why you should look into the need of new HA/DR designed specifically for virtual servers. You need:
  • Protection against apps going down inside individual VMs, not just server crashes, well as underlying hardware components.
  • Notification of any failures
  • Automated failover within the same site or to a remote site
  • Uniform replication across physical and virtual servers, plus one single replication console across all servers.
As your virtualize servers, HA/DR is more important than ever. Double-Take is the solution you need to look into:
http://www.wservernews.com/070827-Double-Take


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



Product of the Week

Time To Upgrade Your AD Toolset To Industrial Strength?

Do you need to add, delete, modify and & report on AD objects & attributes? Use mPowerTools! You'll be supplied with a set of tools for quick and easy management of Users, Groups, Contacts, Computers and ACLs, plus an efficient and flexible Search & Replace engine that eliminates time spent manually digging through AD to change attributes. mPowerTools has over 100 preconfi- gured reports to harvest AD info, including AD Security, File Security & Mailbox Security. Reports can be customized to your specs giving you an unlimited number of reporting capabilities. Advanced scheduling options make it convenient for executing tasks or running reoccurring reports. Try it free for 15 days. If you don't like it, they will refund your money.
http://www.wservernews.com/070827-mPowerTools