Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 12, #38 - Oct 1, 2007 - Issue #644
Russian Cyber Crime Is Writing Malware Just For You

  1. Editor's Corner
    • Russian Cyber Crime Is Writing Malware Just For You
    • Vote For Ninja
    • Webcast: What's New in CounterSpy Enterprise V3.0
    • Quotes of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • FBI Investigates Unisys Over US Government Hack
    • Euro Think Tank Recommends Unbundling Windows From PCs
    • Tip: New T-SQL Features In SQL Server 2005
    • Multi-Core Processors On The Desktop Offer Major Boost
    • How To Index Standalone Printers In Active Directory
    • Bundling Storage And Server Virtualization Services
    • Top Five Systems Channel Tips Of 2007
  4. Windows Server News
    • Major Day of Windows Releases From Microsoft
    • A Look At Microsoft's Virtualization Technologies
    • First Update for Windows Home Server Released
    • Seagate: Vista OS Requires 250GB To 1TB Of Storage
    • Novell's Linux Business Climbs Since Its Deal With Redmond
  5. WServer Third Party News
    • Get SNSI Before The Price Goes Up
    • Double-Take Software Solutions Program Partner Citrix Systems
    • Microsoft Quietly Lets Vista Users Revert to XP
  6. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Microsoft Exchange Server 2007: A Beginner's Guide
Trap and Kill Image Spam with Ninja Email Security for Exchange

Ninja integrates best-of-breed antispam, antivirus, disclaimers,
& attachment filtering on your Exchange 2000, 03, and 07 server.
It has one of the industry's only dedicated image-spam detection
engines designed to protect against emerging image spam threats.

Try the 30-day eval to see this best-selling policy-based email
security product in action. Your users will love it:

http://www.wservernews.com/071001-Ninja-Email-Security

Editor's Corner

Russian Cyber Crime Is Writing Malware Just For You

Gartner Group estimates that 75% of enterprises will be infected this year with targeted malware that evades their traditional defenses. You might be in that section of the market that is specifically targeted by Internet criminals, industrial espionage, or terrorists. I'm talking about Fortune 1000 Companies, Banks, Defense industry, Telecom or Utilities.

While more than 80% of enterprises have some form of URL filtering in place, less than 15% have any form of deep inspection on payloads, resulting in a Web security gap. You have a special problem to defend against; tailor-made trojans that were developed to penetrate only YOUR organization.

The issue is that normal AV products do not find those signatures, since the malware was made to penetrate only your defenses. Your problem becomes quickly: "HOW do I find out if a file is malicious?" Sunbelt has a solution for this: The CWSandbox. It allows you to rapidly and easily analyze the behavior of suspected viruses, trojans and other malware in a controlled environment. You can license this Sandbox to run in an isolated test network on your own site. If you are in one of these critical, potentially at risk sections of the market, you need to check out the CWSandbox. Find out why the world's largest web portals, telecoms and military organizations count on CWSandbox for proactive intelligence on targeted cyberattacks:
http://www.wservernews.com/071001-Sunbelt-CWSandbox


Vote For Ninja

We would love your help with the Info Security Product Excellence Awards this year. Ninja has been entered into the Email Security category for Info Security Products Guide, 2008 Global Product Excellence Awards. Could you please take a minute, click on the link below and vote?
http://www.wservernews.com/071001-Vote-for-Ninja

All you have to do is follow these simple instructions at the voting booth:
  • Select 'Sunbelt Software' as the vendor.
  • Select 'Ninja Email Security v2.1' as the product.
  • Select 'Email Security Solution' as the category.
  • Select 'Global' as the region.
  • Then provide your information and click on the 'Cast Your Vote' button.
Voting is open through October 8, 2007, so do it right away if you can. Thanks very much for helping out.

Webcast: What's New in CounterSpy Enterprise V3.0

Join Sunbelt Software for an overview of the new features in CounterSpy Enterprise version 3.0. This new version continues to provide robust protection against complex malware threats for corporate environments while delivering several new features, including new management dashboards, reporting improvements, and console usability enhancements.

The web demo will be hosted by Alex Eckelberry, President and Greg Kras, VP of Product Management for Sunbelt Software on Wednesday, October 3rd at 2:00pm EDT.

Learn about the new features of this robust enterprise antimalware product including:
  • New configurable management dashboards that allow administrators to easily create a customized "malware command center" that gives instant access to their most used reports and policy controls.
  • Reporting improvements that make it easier to schedule and customize the library of reports, and includes a new report scheduler and custom report editor
  • Console usability enhancements that offer easier-to-understand alerts and customizable views
When: Wednesday, October 3, 2007 2:00 PM (EDT)

To register for this event please visit:
http://www.wservernews.com/071001-CSE3-Webcast

Hurry, space is limited!

Quotes of the Week

"The world is a dangerous place, not because of those who do evil, but because of those who look on and do nothing." -- Albert Einstein

"I guess I just prefer to see the dark side of things. The glass is always half empty. And cracked. And I just cut my lip on it. And chipped a tooth." --Janeane Garofalo

And thank you for being a WServerNews subscriber.

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Is maintaining Active Directory a pain? One word: DELEGATION. Get started with Namescape's rDirectory Community Edition...it's free.
http://www.wservernews.com/071001-rDirectory

Reclaim up to 95% of your .pst files with PSTCompress 3. Download your trial copy today!
http://www.wservernews.com/071001-PSTCompress3

FREE Active Directory Password Self-Service client for Windows Vista and XP with every purchase of a user license until October. 30-Day Free Trial - Start cutting helpdesk costs today.
http://www.wservernews.com/071001-MyPasswordPromo

Plan to use Windows Server Virtualization? You need these fresh Release Notes that explain a lot of the new features:
http://www.wservernews.com/071001-Virtualization-Notes



Tech Briefing

FBI Investigates Unisys Over US Government Hack

The FBI is investigating Unisys over allegations the company failed to detect cyber attacks on US Department of Homeland Security (DHS) computer systems. The investigation was prompted by a letter from the House Committee on Homeland Security, citing the "high and unacceptable" number of "cyber security incidents" experienced by DHS computer systems in fiscal years 2005 and 2006. The committee alleges that the intrusion protection devices placed on DHS systems by Unisys were improperly installed. Unisys refutes the allegations of improperly installed systems and maintains it reported cyber security incidents. More at:
http://www.wservernews.com/071001-Unisys


Euro Think Tank Recommends Unbundling Windows From PCs

A pro-business think tank in Europe has recommended unbundling Microsoft Corp.'s Windows operating system from new PCs in order to give customers more choice when buying new computers. Story at ComputerWorld:
http://www.wservernews.com/071001-Unloading-Windows

And here is Microsoft's answer to that idea:
http://www.wservernews.com/071001-MS-Response


Tip: New T-SQL Features In SQL Server 2005

Have you experienced the new T-SQL features in SQL Server 2005? In this tip, SQL Server database administrator Eric Johnson outlines four of its hottest development features: error handling, ROW_NUMBER function, DDL triggers and CLR. (registration required)
http://www.wservernews.com/071001-T-SQL-Features-SQL-2005


Multi-Core Processors On The Desktop Offer Major Boost

Better performance for several applications running side by side is just one advantage of multiple-core processors on desktop PCs.
http://www.wservernews.com/071001-Multi-Core


How To Index Standalone Printers In Active Directory

Occasionally users will need to send a job to a network printer they don't normally print to. Here's how Windows administrators can use Active Directory to create a print queue for a standalone printer.
http://www.wservernews.com/071001-Index-Standalone-Printers


Bundling Storage And Server Virtualization Services

Virtualization, a method for using software and hardware to make many separate storage devices appear as a single virtual device, is increasing in popularity across the enterprise for the purposes of server consolidation, as well as server flexibility and agility. This virtualization boom is making many integrators change their product mixes and strategies for addressing customer problems, partly because of the varying goals of companies even considering server virtualization.
http://www.wservernews.com/071001-Virtualization-Storage


Top Five Systems Channel Tips Of 2007

These five SearchSystemsChannel.com tips have been the most popular of the year so far. Systems channel professionals revisit these tips, or read them for the first time, to learn more about best practices for installing Windows Vista, virtualization technology licensing, ITIL basics and more.
http://www.wservernews.com/071001-Top-Channel-Tips


Windows Server News

Major Day of Windows Releases From Microsoft

Well, as expected it happened this week. Microsoft released several major updates for its Windows lineup yesterday, including the first release candidate (RC) for Windows Server 2008 and the initial public beta for Windows Vista Service Pack (SP) 1. For some inexplicable reason they called it RC0 instead of RC1, but oh well. It was all over the press, but ENTmag had a good summary. Read more:
http://www.wservernews.com/071001-Windows-Releases


A Look At Microsoft's Virtualization Technologies

If you're not familiar with Viridian, it's helpful to understand where Microsoft's virtualization solutions stand today. Windows Guru Paul Thurrott explains it like this: "Currently, Microsoft offers a free server product called Virtual Server (and an accompanying free desktop product, Virtual PC) that provide traditional (i.e. user mode) virtualization environments. Virtual Server could very well be the pinnacle of this type of technology, at least from Microsoft, given that it will be obsolete as soon as the more performant, maintainable, and efficient WSV arrives next year. For those looking ahead to this future, Virtual Server's Virtual Hard Drive- (VHD-) based virtual machines will work fine--if not quite a bit better-if and when you later upgrade to Windows 2008 with WSV." Paul Thurrott's SuperSite for Windows has the whole article:
http://www.wservernews.com/071001-Virtualization-Techniques


First Update for Windows Home Server Released

Windows Home Server (WHS), Microsoft's first-ever server for home use, gets its first update today. WHS is designed to be an entry-level server for home users with multiple computers. It provides a central repository for documents, photos and other data, with centralized backup and management. It's made to be simple to set up and operate.

WHS, first announced to the world last January, was released to manufacturing on July 16. There was no official "launch" of the product; since WHS is available through system builders, it's up to the OEMs to determine when WHS servers will be commercially available. Read more:
http://www.wservernews.com/071001-WHS-Update


Seagate: Vista OS Requires 250GB To 1TB Of Storage

Yes, you read that right... up to ONE TERABYTE. When I saw this item, I thought you would need to know about that, as this has repercussions for disk space on both the end-user and servers. Seagate sees an increasing demand for storage driven primarily by two trends: the increased storage demands of Windows Vista and the advent of the digital pack rat, who stores ever-increasing amounts of songs, pictures and videos. And then think about the BACKUP of all that. Some company is going to make a lot of 1TB drives, and Seagate wants to be in the middle of it. More:
http://www.wservernews.com/071001-Vista-Storage


Novell's Linux Business Climbs Since Its Deal With Redmond

Novell's Linux business has soared 243% since last November, when the company signed its controversial deal with Microsoft, a company executive told a panel. "The affect on sales year over year, for Novell's first three quarters of our fiscal year, which ends Oct. 31 -- our Linux business was up 243%," said Justin Steinman, director of marketing at Novell, who, along with executives from both companies, spoke at a program hosted by the Massachusetts Technology Leadership Council. And, that growth doesn't seem to be short-lived. More at ComputerWorld:
http://www.wservernews.com/071001-Linux


WServer Third Party News

Get SNSI Before The Price Goes Up

The new SNSI V2.0 is around the corner, but it's also going from around 1,800 to 2,495! If you buy SNSI now, you will get V2.0 grandfathered in.

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI Top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.

New vulnerability updates for this release include:
W3195	Windows Services for UNIX Subsystem Could Allow Elevation of Privilege
W3188	Microsoft Agent Could Allow Remote Code Execution
W3187	Office SharePoint 2007 / SharePoint 3.0 At Risk - W2K3
W3186	Oracle JInitiator ActiveX Control Vulnerability
W2818	iTunes album art handling - XP, W2K3, Vista
S490	SPECFS strfreectty function system panic - Solaris 8 - 10
S491	N1 Grid Engine 6.1 Resource Quota - Solaris 8 - 10
S492	Libresolv / DHCP patches stall in.dhcpd Solaris 9
S493	Kadmind RPCSEC_GSS Vulnerabilities - Solaris 8 - 10
S332	Kerberos RPCSEC_GSS Software Vulnerable - Solaris 8-10
M82	iTunes album artwork handling - Mac OS X
W3196	Visual Basic 6.0 Project VBP_Open file handling - W2K, XP
S0427	Shutdown problems in Cluster 3.1/3.2 - Solaris 10
M0125	QuickTime .qtl file handling
M0078	Firefox QuickTime media link file handling - Mac OS X
L0079	Opera torrent - truncation & URL spoofing
L0101	Perl-Net-DNS stack consumption & spoofing errors - SuSE
L0102	iSCSI protocol socket uid and logging errors - SuSE
L0103	PFStools RGBE readRadiance error - SuSE
L0104	VIM feedkeys and writefile error - SuSE
L0105	Tar and Star "slash slash dot dot" traversal - SuSE
L0106	NFSv4 ID uid translation error - SuSE
L0107	Qgit dataloader doStart error - FC
L0108	Samba winbind nss_info error - FC
L0113	OpenOffice TIFF tag processing error - RHE
H0179	Logins incorrectly reports password status - 
W3194	Windows Services for UNIX 3.0 and 3.5 Could Allow Elevation of Privilege
W3193	Crystal Reports for Visual Studio Could Allow Remote Code Execution 

Sunbelt Network Security Inspector version 1.6.77.0 was released September 24, 2007. Sunbelt Software recommends you download the new SNSI version 1.6.77.0, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/071001-SNSI


Double-Take Software Solutions Program Partner Citrix Systems

Double-Take Software and Citrix Systems have initiated a joint marketing and solution partnership. Citrix, a leader in application delivery & performance, and Double-Take Software have created two unique solutions involving the WANScaler and Presentation Server products from Citrix along with the Double-Take application. WANScaler is a WAN optimization solution that increases the speed at which Double-Take can process replication and Presentation Server provides seamless "last-mile" access to a secondary location in the event of a disaster and a Double-Take initiated failover.

Microsoft Quietly Lets Vista Users Revert to XP

Hate Vista? If your PC is running Microsoft Windows Vista Business or Windows Ultimate and you're fed up with the OS you may be able to ditch Vista for XP Pro. Microsoft is quietly allowing you to downgrade to Windows XP Pro. Dell, Hewlett-Packard, and Lenovo are just a few of the system manufacturers offering downgrades. Each of these PC makers offer an XP Pro recovery disc to those who request one that can be used to revert a Vista machine to XP Pro. Dell, HP, and Lenovo customers can request a Windows XP Pro recovery disc to be included with their purchase of a Vista machine - should they want to revert in the future. Customers who already have purchased a Vista-PC can request an XP Pro recovery CD for between $15 to $20 by calling technical support. More at PCWorld:
http://www.wservernews.com/071001-Vista-to-XP


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Microsoft Exchange Server 2007: A Beginner's Guide

Support a Seamless Microsoft Exchange Server 2007 Messaging Environment. Get started using Microsoft Exchange Server 2007 quickly with help from this easy-to-follow resource. Using screenshots and step-by-step instructions, Microsoft Exchange Server 2007: A Beginner's Guide shows you how to set up Exchange Server, migrate from earlier releases, manage recipients, and administer storage. You'll learn how to integrate with Outlook, support mobile users, handle backup and recovery, and implement security measures. The latest monitoring and reporting tools, performance enhancement techniques, and regulatory compliance procedures are also covered.
http://www.wservernews.com/071001-Exchange-2007-Beginner-Guide