Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #20 - May 19, 2008 - Issue #674
What Is Everyone Doing With Virtualization And Macs?

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • What Is Everyone Doing With Virtualization And Macs?
    • Thought I'd Seen It All. But No... Fake Cisco Routers!
    • New TouchWall Is 'Monster iPhone'
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • Correction SP3 and IE7
    • Windows Service Pack Blocker Tool Kit
    • Patch Tuesday
    • Microsoft Faults OEMs For Some XP SP3 Endless Reboots
    • Determine The Cause Of Hung Windows Servers
    • Mark Minasi VideoCast: Dissecting Windows Server 2008
    • Fast Guide: How To Improve Outlook Web Access Security
    • Case Study: Troubleshooting Windows Service Dependency Failures
  4. Windows Server News
    • Microsoft Opens Beta Of Its Offline Virtual Machine Servicing Tool
    • Multiple Short Outages Can Add Up To Major Data Center Problems
    • Hyper-V's Achilles' Heel
  5. WServer Third Party News
    • Messaging Archiving Market Trends, 2008-2011
    • Should I use Double-Take Or SCR for Exchange Replication?
    • Sunbelt Exchange Archiver V3.4 New Features
    • And The Holes Keep Coming
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields
Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields

Receive new eBrief from noted IT consultant and author Greg Shields on understanding Security implications of RODC's in Server 2008 when you try Active Administrator from ScriptLogic. Active Administrator is a comprehensive AD management and auditing solution providing centralized auditing, RSoP, offline GPO repository, & object-level restores of AD objects. In the ebrief, learn best practices for implementing RODC's (Read-Only Domain Controllers) new in Windows Server 2008, & implications for its uses. Download now!
http://www.wservernews.com/080519-RODC

Editor's Corner

What Is Everyone Doing With Virtualization And Macs?

Hi all, we have a very interesting survey, one that will get you some really good data on virtualization and Macs. It's 'point and click' and will take only a few minutes. Please take the time, it will be worth it! Here is the official invite:

Yankee Group and Sunbelt Software are conducting an independent survey on two hot technology topics: virtualization and the increased presence of Apple Macintoshes in the corporate network. Please take a few minutes to respond. We will post an Executive Summary of the survey results in an upcoming issue of this newsletter. And as always, anyone who participates and completes the survey, is eligible to get a complimentary copy of the full Yankee Group Report by sending an Email to Laura DiDio at: [email protected] Thanks in advance for your participation.
http://www.wservernews.com/080519-Yankee-Survey


Thought I'd Seen It All. But No... Fake Cisco Routers!

Have you seen this article about fake Cisco routers? This is quite something. They are being counterfeited in China and then sold via various supply chains back to the U.S. It's a tricky scene and here are the specifics, so if you buy your hardware on eBay... Buyer Beware:
http://www.wservernews.com/080519-Fake-Cisco-Routers

Next, a security researcher developed malicious rootkit software for Cisco's routers that has placed increasing scrutiny on the routers that carry the majority of the Internet's traffic. Sebastian Muniz, a researcher at Core Security Technologies Inc., developed the software, which he will unveil on May 22 at the EuSecWest conference in London. More at:
http://www.wservernews.com/080519-Router-Rootkit-Software


New TouchWall Is 'Monster iPhone'

TouchWall refers to the touch screen hardware setup itself; the corresponding software to run TouchWall, which is built on a standard version of Vista, is called Plex. See it in action here at this link. I think we want one:
http://www.wservernews.com/080519-TouchWall


Quote of the Week

"No gold-digging for me... I take diamonds! We may be off the gold standard someday." -- Mae West (Smart gal. Nixon did that a few decades later.)

Thank you for being a WServerNews subscriber. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/080519-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Vote For Ninja Blade In Community Choice Awards

The Community Choice Awards is an award program that lets visitors to the Windows IT Pro website nominate and vote on their favorite products and services. It provides an opportunity for the IT community to say what products are the BEST in the industry. Ninja Blade was nominated! One of our customers said: "As an admin I truly appreciate the time you have spent on creating a quality administrative interface." -- N. I.

Please click on this link and in the category 'Antispam Solutions for Business', vote for Ninja Blade. (There are seven other categories as well that make good short-lists). Thanks so much in advance!
http://www.wservernews.com/080519-Vote-for-Ninja-Blade

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

FREE Self-Service Change Password SharePoint Webpart and Web Interface for Active Directory & AD/AM. Installs in Minutes. Get Started Today!
http://www.wservernews.com/080519-AdSelfServiceSuite

iPrism...Better than Websense, Better than 8e6 - Better Get a Quick Quote!
http://www.wservernews.com/080519-iPrism

Download Active Administrator and receive a free eBrief written by Greg Shields:
http://www.wservernews.com/080519-Active-Administrator

Just released! PerfectDisk 2008 defragger w/ unattended defrag & exclusive VMware support. Vista Certified by Microsoft. Free evals:
http://www.wservernews.com/080519-PerfectDisk-2008

Free Web-based Online Directory, Self Service Editing, LCS/OCS presence! Want more? Check out the other editions with Enforced Data Integrity + Provisioning!
http://www.wservernews.com/080519-Namescape


Tech Briefing

Correction SP3 and IE7

Phil in the UK sent me this: "I think that your piece "WinXP SP3 Means You Are Locked Into IE7" is slightly misleading and takes the IE Blog out of context. For a start, the heading of your tech briefing implies that SP3 includes IE7, which it doesn't. It ships with IE6. Next, you aren't really locked into IE7 with SP3. The blog - and the first paragraph of your item - makes it quite clear that if users have installed IE7 before they install SP3, they will need to uninstall SP3 if they want to revert back from IE 7 to IE6. Finally, if you install IE7 after installing SP3, you retain the option to uninstall IE7 and revert to IE6 so, again, you aren't locked in." We stand corrected. Thanks Phil !

Windows Service Pack Blocker Tool Kit

Brief Description: A blocking tool is available for organizations that would like to temporarily prevent installation of Service Pack updates through Windows Update.
http://www.wservernews.com/080519-SP-Blocker-Tool-Kit


Patch Tuesday

Microsoft released 4 new security bulletins in May. Of the 4 May bulletins, 3 are rated Critical on Microsoft's severity rating system.
  • Critical:
    • MS08-026: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207)
    • MS08-027: Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208)
    • MS08-028: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749)
  • Moderate:
    • MS08-029: Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)
Additional information about these new security bulletins can be found on Microsoft's TechNet Web site:
http://www.wservernews.com/080519-Patch-Tuesday


Microsoft Faults OEMs For Some XP SP3 Endless Reboots

A Microsoft document claims the fault for endless reboots lies in the Windows XP image originally installed on the PC by the computer manufacturers. Read on:
http://www.wservernews.com/080519-XP-SP3-Reboots


Determine The Cause Of Hung Windows Servers

In the final part of this three-part series, SearchWinComputing.com contributor Bruce MacKenzie-Low focuses on resolving the issue of hung servers by analyzing a forced crash dump with the Windows Kernel Debugger, also called Windbg. This tip includes the necessary commands to isolate the problem to a particular application or system resource. (registration required)
http://www.wservernews.com/080519-Hung-Windows-Servers


Mark Minasi VideoCast: Dissecting Windows Server 2008

Whether you are looking for reasons to deploy Windows Server 2008 or waiting, best-selling Windows server author Mark Minasi offers his usual trenchant opinion in this exclusive video interview. (registration required)
http://www.wservernews.com/080519-Minasi-VideoCast


Fast Guide: How To Improve Outlook Web Access Security

Outlook Web Access (OWA) is a convenience for mobile and remote users, but a continuous security headache for Exchange administrators. In this fast guide, get tips on how to combat OWA security concerns associated with email attachments and OWA user authentication. You'll also find some best practices for setting up SSL certificates and customizing OWA's security features in Exchange.
http://www.wservernews.com/080519-Improve-OWA-Security


Case Study: Troubleshooting Windows Service Dependency Failures

Debugging a dependency service that has failed to start is easier than you think. Check out this step-by-step approach to resolving problems with Windows services that do not start automatically during the boot process.
http://www.wservernews.com/080519-Dependency-Failures


Windows Server News

Microsoft Opens Beta Of Its Offline Virtual Machine Servicing Tool

Microsoft has opened up the Beta program for one of its latest virtualization tools, the Offline Virtual Machine Servicing Tool. The tool aims to address one of the new IT challenges created by virtualization - how do I keep my offline, stored or template virtual machine images up-to-date? More of this blog at:
http://www.wservernews.com/080519-Offline-Virtual-Machine


Multiple Short Outages Can Add Up To Major Data Center Problems

Interesting and timely article with some good hints and tips. Corporate executives have long created IT plans to cope with major disasters, but now they're increasingly taking steps to prevent the brief shutdowns that can cost companies hundreds of thousands of dollars or more in their own right.

Users and analysts at IDC's Enterprise Data Center Forum here last week listed several options for quickly recovering from or preventing relatively minor incidents - like user miscues or electricity brownouts - that can shut down systems for an hour to a half-day or so. More at:
http://www.wservernews.com/080519-Data-Center-Outages


Hyper-V's Achilles' Heel

One of Microsoft's virtualization technology's greatest strengths, the host partition's ability to work with generic Windows device drivers, is also its greatest weakness. Randall Kennedy learned that the hard way while experimenting with the Release Candidate of Hyper-V. Read on:
http://www.wservernews.com/080519-Hyper-V


WServer Third Party News

Messaging Archiving Market Trends, 2008-2011

Plan to archive email and want to know where this market is heading? Here are some key findings from Osterman Research. This report focuses on demand drivers for messaging archiving and related technologies in the North American market. The research conducted for this report, as well as the report itself, are focused on the needs of vendors, investors and others who are interested in participating in the messaging archiving market in some way, whether as providers of the archiving systems, forensics services or other offerings. T he information presented is designed to help these vendors and interested parties make informed decisions about the future opportunities available in this market. (There are some good statistics here!)
http://www.wservernews.com/080519-Messaging-Trends


Should I use Double-Take Or SCR for Exchange Replication?

Q: Should I use Double-Take Or SCR for Exchange Replication?

A: There are some essential differences between SCR and Double-Take, but first some definitions:
  • "Local Continuous Replication" (LCR) is a single-server solution that uses built-in asynchronous log shipping technology to create and maintain a copy of a storage group on a second set of disks that are connected to the same server as the production storage group.
  • "Cluster Continuous Replication" (CCR) is a high availability feature of Microsoft Exchange Server 2007 that combines asynchronous log shipping and replay technology built into Exchange 2007 with the failover and management features provided by the Microsoft Cluster Service. The failover cluster is built using the Microsoft Cluster Service, and a new type of cluster quorum model called a Majority Node Set (MNS) Quorum with File Share Witness. This new quorum model is available when a hotfix is installed prior to forming the failover cluster. This will not work with the shipping version MSCS available with Windows Server 2003 - hotfixes must be installed or the customer must wait for Windows Server 2008 to be released.
  • Standby Continuous Replication (SCR) is only available for E2K7 SP1 and uses asynchronous log shipping and reply to create a backup "standby" database on a target Exchange server. Unlike CCR, which relies on clustering and provides high availability, SCR sends data from a standalone or clustered Exchange server to a standalone Exchange server and provides no failover capabilities. SCR shares some of the same limitations as LCR and CCR and introduces some new limitations.
Some items to consider about SCR:
  • SCR provides no failover. SCR is designed to create a standby database that matches the source database, similar to LCR but with the database residing on a separate server. To provide high availability and DR, Microsoft recommends combining CCR and SCR.
  • SCR recovery is complex. The SCR recovery process is a series of manual steps executed on the command line to bring the target database online. This is a complex process compared to the ease-of-use with DoubleTakeAM's automatic or push-button failover and failback capabilities.
  • SCR is not real-time protection of Exchange data. SCR works by shipping log files locally and applying them to a second copy of the Exchange database. It is not real-time replication.
  • SCR replication is delayed. There is an enforced delay of 50 log files with SCR replication. This means that 50 log files must be replayed into the target datastore before the target server can be brought online for recovery.
  • You must use a single database per storage group. When a storage group has been enabled for SCR, it can only contain a single database. This prevents you from scaling up by having multiple databases per storage group.
Double-Take does not have this limitation. Here is the link to download an eval:
http://www.wservernews.com/080519-Double-Take


Sunbelt Exchange Archiver V3.4 New Features

This latest version has a bunch new features and bug fixes:
  • Export search result. It is possible to export mails to a mailbox or to a PST file.
  • Faster folder processing in ArchiveWeb. Enhanced caching of data makes the ArchiveWeb faster for big mailboxes. Many design changes in ArchiveWeb.
  • Redesigned database indexes for faster processing.
  • Optimized PST import. The limitation of one PST file per mailbox was removed. It is possible to start more imports/exports for the same mailbox.
  • It is possible to archive again (re-archive) delayed and backup shortcuts. This option must be allowed in Tools - Options.
  • Fulltext search in envelope journal messages. Fulltext compatible with Office 2007 iFilters.
  • Full support of case sensitive databases. The database objects must be updated with a special script if the database already exists.
  • Delayed shortcuts are detected for changes when the shortcut is created. If the message was modified after the archiving, a new version is created.
Get more information at:
http://www.wservernews.com/080519-Sunbelt-Exchange-Archiver


And The Holes Keep Coming

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks
L691 Sun Java multiple vulnerabilities - SuSE
L692 Tk ReadImage GIF image flaw - SuSE
L693 Lighttpd $HOME, mod_cgi and descriptor array flaws - SuSE
L694 Silc-toolkit silc_pkcs1_decode PKCS#1 error - SuSE
L695 Xgl multiple XFree86 related vulnerabilities - SuSE
L696 Xine-lib multiple integer overflows filetype .FLV .MOV .MVE - SuSE
L697 OTRS SOAP interface read and modify error - SuSE
L698 Wireshark multiiple vulnerabilities - SuSE
L699 Apache HTTPD XSS errors - SuSE
L700 Flash-plugin content display & TCP establish errors - SuSE
L701 Openoffice.org EMF image add error - SuSE
L702 ClamAV multiple vulnerabilities - SuSE
L703 Java-1.5.0-ibm multiple vulnerabilities - SuSE
L705 LICQ file-descriptor exhaustion flaw -- SuSE
L706 LibPNG PNG zero length chunk memory errror - SuSE
L707 Asterisk RTP codec ane SIP bypass flaws - FC
L708 OpenLDAP slapd BDB modify flaw - RHE
L709 Audit log_user_command function error - MDV
L710 Blender imb_loadhdr and other flaws - SuSE
S526 SCTP Vulnerabilities - Solaris 10
S527 Tcl GUI Toolkit Library GIF handling Vulnerability - Solaris 9 - 10
M57 Adobe Reader 8, 7 Vulnerabilities - Mac OS X
W3345 MS Word 2000 Could Allow Remote Code Execution - W2K, W2K3, XP
W3346 MS Word 2002 Could Allow Remote Code Execution - W2K, W2K3, XP
W3347 MS Word 2003 Could Allow Remote Code Execution - W2K, W2K3, XP
W3349 MS Publisher Could Allow Remote Code Execution - W2K, W2K3, XP
W3350 MS Publisher Could Allow Remote Code Execution - W2K, W2K3, XP
W3351 MS Publisher Could Allow Remote Code Execution - W2K, W2K3, XP
W3353 MS Jet Database Engine Could Allow Remote Code Execution - W2K, W2K3, XP
W3354 MS Malware Protection Engine Could Allow Denial of Service - W2K, W2K3, XP
Sunbelt Network Security Inspector version 1.6.101.0 was released May 15, 2008. Sunbelt Software recommends you download the new SNSI version 1.6.101.0, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/080519-SNSI


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.

  • Did you know that Google has a Webmaster Central with a whole bunch of resources for you? They even warn you when your site is hacked...
    http://www.wservernews.com/080519-Webmaster-Central
  • Vote at You Tube for the Cannes 2008 Film Festival Online Competition. "Struck" is a 7 minute film I liked the best. If you like it too, vote for it on the link below the video and it might win in Cannes!
    http://www.wservernews.com/080519-Struck
  • Want to see the same images that scientists at NASA use for their research or perform your own research with those images? Or do you want to see the Earth from the same perspective that astronauts see as they descend to Earth? How about taking a 5 minute break and viewing a panorama of a different city? Install Microsoft World Wide Telescope (WWT) and start your explorations:
    http://www.wservernews.com/080519-MS-Wide-World-Telescope
  • Israel may become the first country to mass produce electric cars, thanks to "Project Better Place" and its partners Renault and Nissan:
    http://www.wservernews.com/080519-Electric-Cars
  • Allegedly first look of Windows 7. Some of the new features are: Re-designed Windows Explorer with 2-panel option, FTP/SFTP locations, a common folder with keyboard shortcuts, screen and animation capture, an automated Website and Blog designer. I'm not sure this is legit but interesting anyway:
    http://www.wservernews.com/080519-Windows-7
  • Racing Around The World In A Ferrari Formula One Car. Pretty cool ad:
    http://www.wservernews.com/080519-Ferrari-F1
  • Gilberto Graham and his 992 pound pet crocodile:
    http://www.wservernews.com/080519-Pet-Crocodile
  • Hands on the highly anticipated 8.9" Asus Eee PC 900, featuring a bigger screen, bigger SSD drive, more memory and Windows XP:
    http://www.wservernews.com/080519-Asus-Eee-PC-900
  • Is it a bird? Is it a plane? No - it's Swiss Jet Man. It has taken Yves Rossy five years to design and build his jet-powered wings and turn a fantasy of flying over the Alps into a jet-powered reality. On May 14, 2008, Rossy jumped from a plane at 8,000 feet and completed several loops at 300 kms per hour, using only his body to change position for five minutes over the Swiss Alps:
    http://www.wservernews.com/080519-Jet-Man
  • This pet monkey works at a bar in Utsunomiya, Japan. He learned how to bring things to customers through observation. This is weird:
    http://www.wservernews.com/080519-Pet-Monkey


WServerNews - Product of the Week

Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields

Receive new eBrief from noted IT consultant and author Greg Shields on understanding Security implications of RODC's in Server 2008 when you try Active Administrator from ScriptLogic. Active Administrator is a comprehensive AD management and auditing solution providing centralized auditing, RSoP, offline GPO repository, & object-level restores of AD objects. In the ebrief, learn best practices for implementing RODC's (Read-Only Domain Controllers) new in Windows Server 2008, & implications for its uses. Download now!
http://www.wservernews.com/080519-RODC-eBrief