Vol. 13, #7 - Feb 18, 2008 - Issue #661
Best-of-Breed or Best-of-Suite?
- Editor's Corner
- Best-of-Breed or Best-of-Suite?
- We Need To Virtualize
- Quote Of The Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Tech Briefing
- Free Email and File Archiving Seminar
- How VMware Works - The Windows Series
- Have You Experienced A Windows Security Breach?
- Virtual Desktops Promise Much, But Just How Do You Get There?
- Fix Exchange Server 2007 Setup Failures Using The Registry
- Windows Server News
- How Hyper-V burned Robert McLaws's datacenter
- Get Your SQL Server Security Goals In Order
- Microsoft Service Desk Delayed Until 2010
- Hands-on Vista SP1: Better But Slower?
- Microsoft Ships New XP SP3 Code To Testers
- WServer Third Party News
- Double-Take And VMWare: The Ultimate Recovery Platform
- Sunbelt Exchange Archiver Prerequisite Guide
- Check Out The Holes In Microsoft Office
- WServerNews FAVE Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- BOOK: Hacking Exposed Web 2.0
A New Ninja Blade User Talks
"I just want to say thanks to you personally Alex along with all your support
staff for the wonderful job they do. The company we are consulting has always
resisted change and continued to deal with the same products and brands.
Ninja Blade is finally going to get them to see that change is not a bad thing.
We were evaluating the Symantec Gateway filter as well as a few other devices
just the day Sunbelt announced that Ninja Blade was available. Now, after
running Blade in this environment for less than 24 hours, even with the few
minor problems we had, the performance we are getting from the Ninja Blade
is similar to the Symantec device at just a fraction of the cost." -- Mike
Get your own Ninja Blade Evaluation Unit now at:
Best-of-Breed or Best-of-Suite?
I'd like your feedback on something. I recently did a survey over 300,000
readers of CounterSpyNews, and what they thought about the antivirus
product on their PC. The vast majority were talking about their home PC
setup, many of them having multiple PC's. Significant numbers were
complaining about their antivirus slowing down their PC, being a resource
hog and having slow scan times. But many of them were running full security
suites, and it is known that those can easily take 70-100MB average RAM
The question I have, is at this point in time, looking at performance, for
the protection of home PCs, are you leaning toward 'best-of-breed' point
solutions, or do you prefer 'best-of-suites' with the all-in-one approach?
You can vote in the SunPoll below, but I'd appreciate your opinion at
[email protected] after you vote in this new SunPoll:
We Need To Virtualize
This is the shortest item in a long time. Here is the Dilbert Strip that
'sez it all':
Quote Of The Week
"It's not the size of the dog in the fight, it's the size of the fight in
the dog." -- Mark Twain
Thank you for being a WServerNews subscriber. Please
tell your friends about us. They can subscribe here:
A Happy Ninja User
"Ninja seems to be working great. The distribution of spam messages has passed
the 50-50 mark. We do actually get like 60% SPAM and 40% mail on average. My
users are commenting that they are seeing a noticeable reduction of unwanted
e-mails daily. And that is with NO special configuration on the NINJA program!
The reports make the owners happy that their money was well spent! Feel free
to use that quote in your marketing..grin. Thanks, -- Dave King, MCSE, MCITP,
CEH, CUSA. Test drive Ninja for 30 days on your Exchange Server:
Free Email and File Archiving Seminar
Attend this one-day seminar and learn how an email and file archiving strategy
can help you deal with the issues resulting from the explosive data growth
and new discovery and data management requirements. Independent experts Mark
Diamond and Greg Forest of Contoural will share advice gained from extensive
experience helping Fortune 500 companies integrate and manage successful
records retention systems including email and file archiving. This event is
coming to Boston, MA and Toronto, ON in 2 weeks and Portland, OR in March,
and 6 other cities throughout 2008. Register today!
How VMware Works - The Windows Series
VMware Server provides a free and relatively easy entry into server
virtualization, but some aspects of deploying it - particularly
configuration - can be tricky. Even though the product is free,
mistakes in the installation and security process can be costly.
This guide provides instructions for installing, configuring (with
a focus on high security), and maintaining a successful production
instance of VMware Server on Microsoft Windows 2003 Server. This is
part one of the VMware Server on Windows Series - read it today!
Have You Experienced A Windows Security Breach?
This SearchWindowsSecurity.com reader noticed strange IP addresses in the
route print table and wondered if this indicated a Windows security breach.
Find out what expert Kevin Beaver had to say in response.
Virtual Desktops Promise Much, But Just How Do You Get There?
IT managers have desktop virtualization goals in mind, but they are unclear
on the impact of this technology. Find out more in this exclusive article.
Fix Exchange Server 2007 Setup Failures Using The Registry
Exchange Server 2007 is known to experience installation failures. In
response, Microsoft designed Exchange 2007 Setup to detect a failure,
note the problem within the registry using a watermark, and begin the
installation from that point the next time it opens. Unfortunately,
these notations can also cause Setup to freeze. In this tip, read how
to edit the registry to fix this problem.
||Windows Server News
How Hyper-V burned Robert McLaws's datacenter
Yowser! NetworkWorld last week reported this major flap: "Windows-Now
blogger Robert McLaws details a horror story that no network professional
ever wants to endure. He was using beta Hyper-V software in the wild when
two hard drives in his data center failed, costing him thousands of dollars
in lost revenue. Microsoft Subnet asks: should software vendors shoulder
some responsibility for the behavior of beta software in the wild? Plus,
McLaw's experience is revealing about Hyper-V itself. Will it be ready
for enterprise use when Microsoft releases it?
Get Your SQL Server Security Goals In Order
For a more secure SQL Server database, create goals that limit security
weaknesses. Find out how to accomplish this from expert Kevin Beaver.
Microsoft Service Desk Delayed Until 2010
Microsoft will re-engineer System Center Service Manager after receiving
complaints about its performance from participants in the initial beta trial.
Hands-on Vista SP1: Better But Slower?
The final version of Vista SP1 kills the Kill Switch and adds many
under-the-hood improvements -- but on at least one system, file copying
is actually slower. This article in ComputerWorld is worth it.
Microsoft Ships New XP SP3 Code To Testers
Although it's not saying yet when the public will get Service Pack 3 for
Windows XP, another seed of the update to the aging operating system has
been given to a closed set of testers.
||WServer Third Party News
Double-Take And VMWare: The Ultimate Recovery Platform
Double-Take Software has designed recovery tools to run on the VMware
platform, so that you can leverage the feature-rich VMware virtual
machine platform with Double-Take, ensuring cost-effective and seamless
disaster recovery. Leverage virtualization as part of your disaster
recovery strategy with Double-Take:
Sunbelt Exchange Archiver Prerequisite Guide
SEA is an awesome solution to solve a whole host of problems. This is a
enterprise solution with a bit more moving parts than your run-of-the-
mill admin tool though. Please read this PDF document before you install
Sunbelt Exchange Archiver as it contains valuable information needed
before an install can proceed.
Check Out The Holes In Microsoft Office
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list
of computer incidents. It also contains the latest SANS/FBI top 20
vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and
FedCIRC (Department of Homeland Security) advisories.
Sunbelt Network Security Inspector version 18.104.22.168 was released Feb 13, 2008).
Sunbelt Software recommends you download the new SNSI version 22.214.171.124,
scan, and patch your machines today. To get the latest SNSI version, visit:
W3288 Microsoft Office Could Allow Remote Code Execution - Office 2003
W3287 Microsoft Office Could Allow Remote Code Execution - Office 2002/XP
W3286 Microsoft Office Could Allow Remote Code Execution - Office 2000
W3285 MS-Office Publisher 2003 Could Allow Remote Code Execution
W3284 MS-Office Publisher XP/2002 Could Allow Remote Code Execution
W3283 MS-Office Publisher 2000 Could Allow Remote Code Execution
W3282 Microsoft Works File Converter Could Allow Remote Code Execution
W3280 Cumulative Security Update for Internet Explorer - W2K, XP, W2K3
W3279 Microsoft Word Viewer Could Allow Remote Code Execution - W2K, XP, W2K3
W3278 Microsoft Word 2003 Could Allow Remote Code Execution - W2K, XP, W2K3
W3277 Microsoft Word XP Could Allow Remote Code Execution
W3276 Microsoft Word 2000 Could Allow Remote Code Execution
W3275 OLE Automation Could Allow Remote Code Execution - VB 6
W3048 SeaMonkey Multiple Vulnerabilities
W2992 Java Runtime Environment 1.5 latest not installed
W2559 Firefox multiple vulnerabilities
S0546 USB Mouse STREAMS driver may induce panic - Solaris 9-10
M0054 Firefox multiple vulnerabilities - Mac OS X
L0444 LibTorrent bdecode_recursive stack exhaustion flaw - FC
L0445 SDL_image LWZReadByte error - FC
L0446 KDEbase password bypass & local DoS errors - FC
L0449 Deluge bdecode_recursive stack exhaustion flaw - FC
L0450 OpenLDAP BDB slapd NOOP modify error - FC
L0451 Gnumeric XLS HLINK stack corruption error - FC
L0452 TCL/TK animated GIF image error - FC
L0453 Perl-Tk ReadImage GIF vulnerability - FC
L1525 Mozilla Firefox multiple vulnerabilities - RHE
L1529 Seamonkey multiple vulnerabilities - RHE
H0181 OpenView Operations Java GUI vulnerabilities - HP-UX 11
H0135 OpenView Operations/VantagePoint JRE vulnerability
M0048 QuickTime Player RTSP response message-reason phase - Mac OS X
S0441 Java 1.5 applet handling - Solaris
S0539 PostgreSQL 8.1/8.2 multiple vulnerabilities - Solaris 10
W1142, W1986, W1999, W2067 Anti-Virus Signatures
W2493 Microsoft Malware Removal Tool
W2692 QuickTime RTSP response message-reason phase Vulnerability
||WServerNews FAVE Links
This Week's Links We Like. Tips, Hints And Fun Stuff.
||WServerNews - Product of the Week
BOOK: Hacking Exposed Web 2.0
"This book concisely identifies the types of attacks which are faced daily
by Web 2.0 sites, and the authors give solid, practical advice on how to
identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE,
Senior Director of Security, Facebook.
Protect your Web 2.0 architecture against the latest wave of cybercrime
using expert tactics from Internet security professionals. Hacking Exposed
Web 2.0 shows how hackers perform reconnaissance, choose their entry point,
and attack Web 2.0-based services, and reveals detailed countermeasures
and defense techniques. You'll learn how to avoid injection and buffer
overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash,
and XML-driven applications. Real-world case studies illustrate social
networking site weaknesses, cross-site attack methods, migration
vulnerabilities, and IE7 shortcomings.