|
Vol. 13, #4 - Jan 28, 2008 - Issue #658
|
|
Redmond Invades Virtual Machine Space
|
- Editor's Corner
- Redmond Invades Virtual Machine Space
- The Growth Of Malware - See This Graph?
- New SunPoll And Results Of The Last One
- Quote Of The Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Tech Briefing
- A False Sense Of Security
- Hacker Compromised Legit Web Sites Now Pose Gravest Danger
- Excellent AntiVirus Article
- ITCI - Reboot Your Records Retention Strategy
- FAQs: Exchange Global Address List (GAL)
- Tip: Terminal Services In Windows Server 2008
- Podcast: What's Hot In Windows Security?
- New Product Showcase: Windows Systems Administration
- Windows Server News
- More About Microsoft's Attack On Virtual Space
- Vista SP1 Due Out In Next Few Weeks, Sources Say
- WServer Third Party News
- New Spam Appliance From Sunbelt Software
- Nice Feedback From A New Ninja Customer
- Which Software Company Saves 150,000 Trees A Month?
- And The Holes Keep On Coming
- WServerNews FAVE Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- Be Ready For Lawsuits Now With SEA
|
Introducing: Ninja Blade: The Barracuda Killer
Ninja Blade is built on commercial grade soft- and hardware, as opposed to
inexpensive boxes which re-brand open source offerings. A lot of system admins
asked us for an email appliance with the quality of our Ninja Email Security
for Exchange software product. You told us you wanted an appliance at the
Barracuda price points, but more reliable hardware, and high-end antispam and
antivirus code with less false positives. So we created a 'barracuda killer'
for you. Check out the specs and the prices, and draw your own conclusions.
Pricing starts at $1,995; annual maintenance and support costs (which include
automatic signature updates for anti-spam/anti-virus) start at $599 for the
500 model which runs on a Dell server with 3 year warranty and 4-hour on-site
service!
http://www.wservernews.com/080128-NinjaBlade
|
 |
Editor's Corner |
|
Redmond Invades Virtual Machine Space
Apart from reporting very strong financial results this week (they posted
a 79% jump in quarterly net income from a year ago) and giving an upbeat
outlook for its full financial year, they moved into the virtual space
with a bang. Even the Wall Street Journal had a whole article about it.
Some one sent me Microsoft Big Shot Bob Muglia's 1686-word opening salvo
called 'Harnessing the Power of Virtualization for Dynamic IT' that started
pounding on VMware's bastion. The link is below and it's recommended
reading.
Redmond this week allowed all flavors of Vista to be virtualized, and wants
to create a virtualization framework that covers both the client and the
server. VMware, meanwhile, is working their collective behinds off to give
you more sophisticated management tools. But you have to wonder how all
this virtualization fits into your existing environment and how much
redesign is required. (Answer: a lot) And then the question rises how
secure are these virtual environments? Once you have answered these two
nettlesome issues, you can start thinking about the compliance and licensing
of virtual servers. This is a major rethink of our data center plumbing.
The direction is toward a fully virtualized environment but we are far
from there yet.
Data storage and physical servers are not really virtualized yet. The end
goal is the have the whole datacenter virtualized architecturally, managed
through dynamic policy and less hands-on system admin hours. Virtualization
is ultimately growing towards being a 100% abstraction of the physical
infrastructure. As a major benefit this will prevent over-provisioning
just to make sure you have sufficient horsepower for peak capacity.
Redmond wants to provide you with a 'virtual stack' as it were; virtualizing
the Server, Application, Presentation and Desktop environments. Here is
the whole Muglia article, like I said, recommended reading:
http://www.wservernews.com/080128-MS-Virtualization
The Growth Of Malware - See This Graph?
Just for a second, check out the graph that Alex posted on his blog this
week. It shows the growth of unique samples of malware. Amazing numbers!
http://www.wservernews.com/080128-Malware-Growth
New SunPoll And Results Of The Last One
To start of, we asked "For 2008, which do you expect to be the greatest
security threat to your networks?" Your answers were illuminating.
Compared to 2007, Blended Malware still remained by far the number one
spot but fell from 49% to 39%. Botnets moved from 15% for 2007 to
14% for 2008, Viruses went from 13% for 2007 to 14% for '08 but the
main difference was 'Outside-in hacking attempts' that moved up from
2007's 13% to almost double with 21% for 2008!
And for the next SunPoll we want to know which give-aways you'd like best
at a trade show or a seminar: You can vote for an iTouch, iPhone, iPod,
Nintendo Wii, Best Buy Gift Card, or an Amex Gift Card. Vote here:
http://www.wservernews.com/080128-SunPoll
Quote Of The Week
"No man's life, liberty or property are safe while the legislature is
in session." -- Judge Gideon J. Tucker (1826-1899)
Thank you for being a WServerNews subscriber. Please
tell your friends about us. They can subscribe here:
http://www.wservernews.com/080128-WSN-Subscribe
|
Should I Choose Ninja Or Ninja Blade? Actually, Deploy Both!
First of all, existing Ninja customers can get Ninja Blade with 20% discount
if you buy in the first quarter of 2008. And it makes a whole lot of sense
to combine these two powerful spam fighters. We put together a one-page
comparison that shows the strengths of each product, and you will find out
that each has some unique features that work together like a well-oiled
fighting machine against ever increasing and ever more malicious spam.
Check out the comparison here: (PDF - no registration required)
http://www.wservernews.com/080128-Ninja-or-Ninja-Blade
|
|
Admin Toolbox |
|
Admin Tools We Think You Shouldn't Be Without
This Windows Security Wiki reflects the many years of consulting and research
on Windows security since Windows NT 3.51, You can contribute using the forum
specific to each article.
http://www.wservernews.com/080128-Windows-Security-Wiki
rDirectory is a Web solution for Active Directory; get the Community Edition at
NO COST! Deploy a professional employee directory website and search engine in
minutes.
http://www.wservernews.com/080128-rDirectory
uTIPu - the easiest way to show how to do everything on your PC. This is a
very user friendly way to get end-users to SEE how they need to do things:
http://www.wservernews.com/080128-uTIPu
|
|
Tech Briefing |
|
A False Sense Of Security
This quote was too long for the Editor's Corner, but it's quite interesting,
and a repeat from a newsletter a long time ago:
"When anyone asks me how I can best describe my experience in nearly 40 years
at sea, I merely say, uneventful. Of course there have been winter gales,
storms, fog and the like, but in all my experience, I have never been in any
accident of any sort worth speaking about. I have seen but one vessel in
distress in all my years at sea...I never saw a wreck and have never been
wrecked, nor was I ever in any predicament that threatened to end in disaster
of any sort." -- Captain E. J. Smith, RMS Titanic
Hacker Compromised Legit Web Sites Now Pose Gravest Danger
Based on report by Websense's Dan Hubbard, the steady increase in the number
of compromised sites has grim implications for Internet users. More than half
of all Web sites serving up attack code are legitimate domains that have been
hacked by criminals. More at ComputerWorld:
http://www.wservernews.com/080128-Compromised-Sites
Excellent AntiVirus Article
Dan Alvin, Vice President at DataScape, LLC sent me this: "I came across a
well written article on AV software selection which I thought you might be
interested in, it is an education. Since I recently reached my last straw
with Symantec, I had been researching my replacement AV for my small business
network. Unbiased research on AV software performance is almost impossible
to find, but this article contains a wealth of information. I hope you enjoy
this article. Thanks again for your newsletters!
http://www.wservernews.com/080128-Antivirus-Article
ITCI - Reboot Your Records Retention Strategy
Mathew Schwartz at the ICT Institute wrote a good article about the new FRCP.
Under the new Federal Rules of Civil Procedure (FRCP), organizations must
demonstrate that their electronic information is complete, accessible, and
reliable. As a result, companies must formalize their retention management
strategy and rapidly put in place the organizational and technological
changes required to retrieve any given record. He answers the question:
"What's the cost of poor records retention practices?". You WANT to know
the answer! More at:
http://www.wservernews.com/080128-FRCP
FAQs: Exchange Global Address List (GAL)
Whether you're having trouble migrating or synchronizing your GAL or you
need to know how to modify, hide or remove information, find the help you
need in this compilation of expert answers to SearchExchange.com readers'
frequently asked questions. (registration required)
http://www.wservernews.com/080128-FAQ-Exchange-GAL
Tip: Terminal Services In Windows Server 2008
The capabilities of Terminal Services in Windows Server 2008 are far ahead
of those in Windows Server 2003. Learn about one of the features likely to
get the most attention from end users - support for RemoteApps.
(registration required)
http://www.wservernews.com/080128-W2K8-Terminal-Services
Podcast: What's Hot In Windows Security?
Microsoft security expert Brien M. Posey shares his thoughts on some of the
latest Windows security issues such as the 2007 Microsoft Office Security
Guide, Mozilla Firefox's most recent security update and more.
(registration required)
http://www.wservernews.com/080128-Windows-Security
New Product Showcase: Windows Systems Administration
Check out some of the best new products of 2007 in the areas of systems
and desktop management, network monitoring and server hardware.
http://www.wservernews.com/080128-Windows-Systems-Administration
|
|
Windows Server News |
|
More About Microsoft's Attack On Virtual Space
This week, Microsoft had its Virtualization Deployment Summit in Redmond.
We'll see in a few months how big VMWare's scars will be. But like always,
MS started to promote the Hyper-V vaporware and chew a chunk out of
VMware's (admittedly ridiculously high) $31 billion market cap.
Another way the attack went down was the acquisition of a California desktop
virtualization start-up called Calista Technologies. MS also got deeper
in bed with with Citrix which recently bought XenSource, the open source
rival of VMware.
And then, to add insult to injury, they announced price cuts for large
accounts running Windows in virtual machines. To end off, they went 180
on the earlier policy banning virtual consumer versions of Vista Home
Basic and Home Premium. You can now virtuallize any Vista flavor. Now
I can stick Vista in the new solid-state version of MacBook Air!
VMware claims it has 80% of the market, but Redmond states that only 10%
of servers - and even fewer desktops - are virtualized and virtual servers
are only in the beginning stages. Where have we seen this before? Let
another company create the concept, make it into a new category, do
the heavy lifting, forge ahead creating a new market, and then stepping
in with elephant's feet.
Redmond now trumpets that its 'everything-and-the-kitchen-sink' approach
that goes from the desktop all the way to the data center is a better
approach than VMWare. To some degree they have a point as they plan
a single set of management tools for both physical and virtual computing.
Redmond cut the price of the Vista Enterprise Centralized Desktop which
you get through your Software Assurance from $78 per user a year to $23.
And in an attempt to fire back some volleys to Redmond, VMware announced
their public beta of the Stage Manager management software. This code is
to speed up the delivery of new or updated apps from staging to production.
The Stage Manager product takes the perspective of using virtual instead of
real servers to roll out software, claiming it's safer and cheaper. It's
supposed to automate the management of complete multi-tier application
environments including servers, storage and networking as they move from
integration to testing to staging and approval and then production. They
hope to release the gold bits this summer. The beta is available at:
http://www.wservernews.com/080128-Stage-Manager-Beta
Vista SP1 Due Out In Next Few Weeks, Sources Say
ComputerWorld reported January 24 that the wait is nearly over for the first
service pack for Windows Vista, according to sources close to Redmond.
Microsoft has said the highly anticipated service pack will be out in the
first quarter of this year, but some say it could be available in the next
few weeks, more than a month before the quarter ends on March 31.
A Taiwanese news service yesterday reported that Vista SP1 will be released
Feb. 15, but "that date is as good as any other," said Michael Cherry, an
analyst at Directions on Microsoft. "For all we know, they could make it
available tomorrow."
http://www.wservernews.com/080128-Vista-SP1
|
|
WServer Third Party News |
|
New Spam Appliance From Sunbelt Software
"I came across this article in the Ninja newsgroups, and was pleased to see
that Sunbelt now has a spam appliance called Ninja Blade. It sounds fantastic
and let me tell you, if I had the extra cash to spend $2000 on spam filtering
for two people, I'd buy it! While I have not tried this system out, I can
tell you that its probably going to be a huge success. I checked out the
demo admin interface and its especially good for a brand new product. They
will be adding all the "bells and whistles" to it as it matures, but I was
very impressed with the features in its initial release." Link:
http://www.wservernews.com/080128-Ninja-Blade
Nice Feedback From A New Ninja Customer
"Ninja is amazing. Hands down the best Anti-Spam program I've come across.
The large difference was noticeable on day 1. Very satisfied customer."
http://www.wservernews.com/080128-Ninja-Email-Security
Which Software Company Saves 150,000 Trees A Month?
The printer control company, Software Shelf International, has been included
in the international green online directory GuideMeGreen which lists companies
and charities that offer ethical and environmentally-friendly products and
services. Software Shelf's print management tool, Print Management Plus,
limits users' ability to print their files by setting quotas or restricting
printing by file size and type. The result is a dramatic reduction in wasted
paper and ink which not only saves a vast amount of cost for the organization,
but is also great for the environment.
According to the environmental site Conservatree, 17 reams of paper can be
made from one tree. As there are about 10,000 schools using Print Manager
Plus worldwide (each with an average of 1100 students), each school using
Print Manager Plus is saving around 15 trees a month. In total, that
represents a saving of 150,000 trees every month among its school customers
alone; this figure does not even take into account the thousands of
companies that also use this print limiting software.
http://www.wservernews.com/080128-Software-Shelf
And The Holes Keep On Coming
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE)
list of computer incidents. It also contains the latest SANS/FBI top 20
vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and
FedCIRC (Department of Homeland Security) advisories.
New Vulnerabilities
W2935 Winamp MP3 handling Vulnerability
W3006 Novell Client Vulnerabilities - W2K, XP, W2K3
W3253 Oracle Database Vulnerabilities (Jan. 2008)
W3255 Oracle Collaboration Suite Vulnerabilities (Jan. 2008)
W3256 Oracle E-Business Suite Vulnerabilities (Jan. 2008)
W3257 Oracle Enterprise Manager Vulnerabilities (Jan. 2008)
W3258 Excel header handling vulnerability - Excel 2K, XP, 2003, Viewer 2003
S0481 Xorg XServer may permit unauthorized data access - Solaris 8 - 10
S0482 Xsun Xserver may permit unauthorized access - Solaris 8 - 10
N0074 Cisco Firewall Services application inspection flaw
L0392 Samba multiple vulnerabilities - SciLinux
L0394 Thunderbird multiple vulnerabilities - SL
L0395 Python-paramiko RandomPool processing flaw - FC
L0396 Xine-lib rmff_dump_cont SDP error - FC
L0397 Syslog-ng timestamp NULL dereference error - FC
L0398 E2fsprogs lebext2fs memory allocation error - FC
L0400 Cairo PNG processing flaw - FC
L0401 ClamAV multiple code errors - FC
L0402 Boost invalid regex errors - FC
H0068 X Font Server QueryX Vulnerabililties - HP-UX 11
Updated Checks
H0064 X Font Server Vulnerability - HP-UX 10,11
L0022 Moodle install.php XSS error - FC
L0354 Mantis Most Active Bugs XSS flaw - FC
L1565 Xorg-X11 libXfont PCF font difference error - FC
W1142, W1986, W1999, W2067 Anti-Virus Signatures
Revised Checks
S0471 SSL RSA Signature verification vulnerability - Solaris 9 - 10
S0443 Libtiff multiple vulnerabilities Solaris 8 - 10
Sunbelt Network Security Inspector version 1.6.89.0 was released January
24, 2008). Sunbelt Software recommends you download the new SNSI version
1.6.89.0, scan, and patch your machines today. Get the latest SNSI, visit:
http://www.wservernews.com/080128-SNSI
|
|
WServerNews FAVE Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
WServerNews - Product of the Week |
|
Be Ready For Lawsuits Now With SEA
Sunbelt Exchange Archiver (SEA) makes your organization ready for lawsuits,
either for suing some other entity, or being sued yourself. At that time,
your attorneys are going to ask you for an e-discovery and you will be forced
to go through ALL sent and received email and query it for specific things.
If you are not ready for this, prepare for weeks of agony, no weekends and
14-hour days to find all PST files and painstakingly search through all of
them. But having SEA implemented, you will be ready for legal action, and
your CEO and Legal Counsel will be highly appreciative. Get a quote and
compare SEA cost versus Symantec Enterprise Vault.
http://www.wservernews.com/080128-Sunbelt-Exchange-Archiver
|
|
|
|
|
Email me: