Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #2 - Jan 14, 2008 - Issue #656
Sunbelt Software Issues Security Alert for Non-Profits

  1. Editor's Corner
    • Sunbelt Software Issues Security Alert for Non-Profits
    • Quote Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Sprint Rolls Out WiMax In Chicago, Baltimore and Washington
    • Microsoft Admits Vista Update Glitch
    • Expert Advice: Discovering A Hacker's IP Address
    • VMware Certification
    • Best Networking Security Tips Of 2007
    • Top 10 Vista Tips Of 2007
    • Desktop Virtualization: The Next Big Thing To Hit The Enterprise
  4. Windows Server News
    • Microsoft Outlook and Exchange 2003 Email Security Guide
  5. WServer Third Party News
    • And Another Bunch Of Holes
    • Double-Take 4.5 Service Pack 2
  6. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  7. WServerNews - Product of the Week
    • Hacking Exposed Windows: Third Edition
Instantly Reduce Your Exchange Message Store 80%

Sunbelt Exchange Archiver (SEA) improves performance, productivity and
allows you to comply with legal and regulatory retention requirements,
within budget! SEA allows you to handle many email problems in one fell
swoop. You are ready for lawsuits, get an 80% smaller message store,
faster backups, end-user self- service for lost email, built-in HSM,
quicker disaster recovery and much more.

Get a quote and compare SEA cost versus Symantec Enterprise Vault.
http://www.wservernews.com/080114-Exchange-Archiver

Editor's Corner

Sunbelt Software Issues Security Alert for Non-Profits

On January 11, 2008 we issued issued a security alert. A new email scam, targeted at non-profits, distributes what appears to be an advance-fee fraud campaign sent from a "Barbara Moratek" of the "Ivete Foundation." Additionally, malware sites are taking advantage of the fact that people are googling "Barbara Moratek," with search results that deliver links pushing malware. According to Wikipedia, an advance-fee fraud is a confidence trick in which the target is persuaded to advance relatively small sums of money in the hope of realizing a much larger gain.

The Sunbelt Threat Research team continues to follow the development of this scam and the malware sites and will issue additional warnings as needed. For more detailed information on the email scam and the malware sites involved with the Google search term "Barbara Moratek" please visit Sunbelt's corporate blog posting at:
http://www.wservernews.com/080114-Security-Alert


Quote Of The Week

"Those who stand for nothing fall for anything." -- Alexander Hamilton.

Thank you for being a WServerNews subscriber. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/080114-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Get Rid Of Your Old Second Generation Exchange AV

Yeah, it may work OK. But the yearly maintenance is scandalously high. You
can spend your valuable IT budget on something better than that. Get Ninja
for your Exchange AV. It is cheaper than Trend, McAfee or Symantec and true
third generation, integrated, policy-based antispam, AV, disclaimers and
more. It's very little money if you take advantage of the competitive
upgrade program.

Try Ninja for 30 days. You will be amazed how easy it is to set up
and run: 50% less admin time than the others!

http://www.wservernews.com/080114-Ninja-Email-Security

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

The new V5 of Double-Take is out! Lots of new stuff. See the updated page with all the new features and download the latest version here:
http://www.wservernews.com/080114-Double-Take

Get mPowerTools to do tedious Active Directory tasks without scripting. 100+ reports with AD, Security and Permissions reporting. Use it free for 15 days.
http://www.wservernews.com/080114-mPowerTools

Exchange performance suffers. Users want more email storage. Your CEO wants to be ready for legal action. PST files all over the network. Now what?
http://www.wservernews.com/080114-Sunbelt-Exchange-Archiver


Tech Briefing

Sprint Rolls Out WiMax In Chicago, Baltimore and Washington

Sprint announced that a soft launch of its WiMax services is under way in three major U.S. cities as a trial run to prepare the technology for wider launch later this year. Xohm, which serves as Sprint's high-speed wireless Internet division, will begin offering mobile Internet business agreements for both Web portal services and WiMax network access starting Tuesday, the company announced. The WiMax mobile Internet services will be available in Chicago, Baltimore and Washington, the company said, with plans to have a broader commercial launch of the technology later this year. More:
http://www.wservernews.com/080114-WiMax


Microsoft Admits Vista Update Glitch

A patch to prepare for the first service pack went to users of editions that didn't need the update. A day after Microsoft Corp. accidentally sent a patch to some users running the Windows Vista operating system, the company updated the preview release of Vista Service Pack 1 (SP1) to a small group of testers, the company confirmed Thursday. More at PCWorld:
http://www.wservernews.com/080114-Vista-Update-Glitch


Expert Advice: Discovering A Hacker's IP Address

If you have an attacker's machine number and/or IP address, is there a way to find this person or his/her company? Find out from expert Kevin Beaver. (registration required)
http://www.wservernews.com/080114-IP-Address


VMware Certification

How are VMware certifications valued right now? Hear what Ed Tittel had to say about this in his expert response. (registration required)
http://www.wservernews.com/080114-VMware-Certification


Best Networking Security Tips Of 2007

On SearchWindowsSecurity.com, the top 10 networking security tips from 2007 will teach you how to test network security, manage Windows network rights and manage network passwords. The top networking security tip of the year, Hunting down a hacker, can also help you track down an intruder in your network.
http://www.wservernews.com/080114-Networking-Security


Top 10 Vista Tips Of 2007

Check out this compilation of SearchWinComputing.com's best Windows Vista tips from 2007, with advice ranging from using new tools and utilities to burning ISO images to disk.
http://www.wservernews.com/080114-Vista-Tips


Desktop Virtualization: The Next Big Thing To Hit The Enterprise

2008 will be a big year for desktop virtualization. And it would be to your benefit to learn how the technology works. Learn what the future holds for desktop virtualization and what you can do to convince your customers that it's the right move for them. Do just that with this SearchITChannel.com Tech Watch on Desktop Virtualization.
http://www.wservernews.com/080114-Desktop-Virtualization


Windows Server News

Microsoft Outlook and Exchange 2003 Email Security Guide

Protect your organization from email security threats with this collection of tutorials, tips, and expert advice. You'll discover how to configure and harden Microsoft Outlook 2003 and Exchange Server 2003 with security features and tools like SSL, S/MIME, Information Rights Management (IRM) and Intelligent Message Filter (IMF). You'll also learn how to set up a virtual private network (VPN) and best practices for protecting your environment against spam, viruses, phishing and hackers. And of course do not forget to install Ninja!
http://www.wservernews.com/080114-Exchange-Security-Guide


WServer Third Party News

And Another Bunch Of Holes

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories. New Vulnerabilities:

W3246 Internet Explorer 6 crash after installing KB942615 - XP SP2
W3126 Wireshark multiple dissector vulnerabilities
W3075 Opera Vulnerabilities / latest not installed.
S0337 Kernel / SCSI tape drives may induce panic - Solaris 9
S0274 Sshd incorrect logging of audit data - Solaris 9
S0150 Veritas / HBA connections may hang - Solaris 8 - 10
L0321 KDEgraphics3-pdf multiple remote crafted PDF bugs - SuSE
L0322 KOffice multiple remote crafted PDF bugs - SuSE
L0323 Libextractor multiple remote crafted PDF bugs - SuSE
L0324 Poppler multiple remote crafted PDF bugs - SuSE
L0325 GPDF multiple remote crafted PDF bugs - SuSE
L0326 PDFtoHTML multiple remote crafted PDF bugs - SuSE
L0327 Apache2 multiple XSS and DoS flaws - SuSE
L0328 Cacti graph_start value or parameter flaw - SuSE
L0329 OpenLDAP objectClasses and slapo-pcache error - SuSE
L0330 PHPPgAdmin HTML XSS and server validation errors - SuSe
L0333 Perl regular expression critical flaw - SuSE
L0334 Rubygem-activesupport to_json XSS bug - SuSE
L0335 Yast2-core current working directory path error - SuSE
L0336 Librpcsecgss svcauth_gss error - SuSE
L0337 Liblcms ICC profile parsing error - SuSE
L0338 Pcre Perl multiple vulnerabilities - SuSE
N0073 JunOS BGP packet handling
H0017 Rpc.yppasswdd - HP-UX 10,11

Updated Checks

W3120 Safari 3.0 Beta vulnerabilities
W1142, W1986, W1999, W2067 Anti-Virus Signatures
S0533 SCSI MPT Issues - Solaris 10
L0069 Xpdf multiple remote crafted PDF bugs - SuSE
L0150 OpenOffice HSQLDB crafted Java error - SuSE
L0234 CUPS multiple remote crafted PDF bugs - SuSE
M0134 Security Update 2007-009v1.1 Mac OS X 10.4
H0129 Veritas data protection issue - HP-UX 11
H0023 Csh/ksh/sh-posix - Unsafe Temporary Files - HP-UX 10,11

Revised Checks

W2877 It appears that anti-virus software is not installed.
S0443 Libtiff multiple vulnerabilities Solaris 8 - 10
Sunbelt Network Security Inspector version 1.6.86.0 was released January 4, 2008). Sunbelt Software recommends you download the new SNSI version 1.6.86.0, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/080114-SNSI


Double-Take 4.5 Service Pack 2

Double-Take recently released V4.5 Service Pack 2 which includes improvements from numerous previously released hotfixes. These include improved memory management, improvements to sparse file replication, and better performance of intermediate servers in chained configurations. This service pack also includes several critical fixes that are recommended for all customers:

A fix to address an issue where changes to certain memory-mapped files are not properly replicated. Fixes to remove the possibility of a specific condition that may prevent failover when using Double-Take Application Manager to protect Microsoft Exchange or Microsoft SQL Server.

A fix to eliminate a "buffer overflow" security risk. Though the risk of this being exploited is very low, the vulnerability should be removed. Double-Take 4.5.2 is fully compatible with Double-Take Application Manager 4.2.6 and Double-Take Reporting Center 1.1.0.4103, each available for download from the support site. It is also interoperable as a source with Double-Take 5.0 which is now available. Double-Take 5.0 includes the changes mentioned above, as well as a broad range of new features and improvements. For more information on Double-Take 5.0, please visit
http://www.wservernews.com/080114-Double-Take-5

I encourage you to download this Service Pack or Double-Take 5.0 from the support site. Login to http://support.doubletake.com and click on the "Software Updates" tab. The Service Pack is available on the Recent Release History page. If you have any questions or problems, please contact technical support.

WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff



WServerNews - Product of the Week

Hacking Exposed Windows: Third Edition

Meet the challenges of Windows security with the exclusive Hacking Exposed "attack-countermeasure" approach. Learn how real-world malicious hackers conduct reconnaissance of targets and then exploit common misconfigurations and software flaws on both clients and servers. See leading-edge exploitation techniques demonstrated, and learn how the latest countermeasures in XP, Vista, and Server 2003/2008 can mitigate these attacks. Get practical advice based on the authors' and contributors' many years as security professionals hired to break into the world's largest IT infrastructures. Dramatically improve the security of Microsoft technology deployments of all sizes.
http://www.wservernews.com/080114-Hacking-Exposed-3rd-Edition