WServerNews (formerly W2Knews)

Vol. 13, #20 - May 19, 2008 - Issue #674

What Is Everyone Doing With Virtualization And Macs?

This issue of WServerNews is sponsored by

Editor's Corner
- What Is Everyone Doing With Virtualization And Macs?
- Thought I'd Seen It All. But No... Fake Cisco Routers!
- New TouchWall Is 'Monster iPhone'
- Quote of the Week
Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
Tech Briefing
- Correction SP3 and IE7
- Windows Service Pack Blocker Tool Kit
- Patch Tuesday
- Microsoft Faults OEMs For Some XP SP3 Endless Reboots
- Determine The Cause Of Hung Windows Servers
- Mark Minasi VideoCast: Dissecting Windows Server 2008
- Fast Guide: How To Improve Outlook Web Access Security
- Case Study: Troubleshooting Windows Service Dependency Failures
Windows Server News
- Microsoft Opens Beta Of Its Offline Virtual Machine Servicing Tool
- Multiple Short Outages Can Add Up To Major Data Center Problems
- Hyper-V's Achilles' Heel
WServer Third Party News
- Messaging Archiving Market Trends, 2008-2011
- Should I use Double-Take Or SCR for Exchange Replication?
- Sunbelt Exchange Archiver V3.4 New Features
- And The Holes Keep Coming
WServerNews FAVE Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
WServerNews - Product of the Week
- Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields

Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields

Receive new eBrief from noted IT consultant and author Greg Shields on understanding Security implications of RODC's in Server 2008 when you try Active Administrator from ScriptLogic. Active Administrator is a comprehensive AD management and auditing solution providing centralized auditing, RSoP, offline GPO repository, & object-level restores of AD objects. In the ebrief, learn best practices for implementing RODC's (Read-Only Domain Controllers) new in Windows Server 2008, & implications for its uses. Download now!
http://www.wservernews.com/080519-RODC

	Editor's Corner

What Is Everyone Doing With Virtualization And Macs? Hi all, we have a very interesting survey, one that will get you some really good data on virtualization and Macs. It's 'point and click' and will take only a few minutes. Please take the time, it will be worth it! Here is the official invite: Yankee Group and Sunbelt Software are conducting an independent survey on two hot technology topics: virtualization and the increased presence of Apple Macintoshes in the corporate network. Please take a few minutes to respond. We will post an Executive Summary of the survey results in an upcoming issue of this newsletter. And as always, anyone who participates and completes the survey, is eligible to get a complimentary copy of the full Yankee Group Report by sending an Email to Laura DiDio at: ldidio@yankeegroup.com. Thanks in advance for your participation. http://www.wservernews.com/080519-Yankee-Survey Thought I'd Seen It All. But No... Fake Cisco Routers! Have you seen this article about fake Cisco routers? This is quite something. They are being counterfeited in China and then sold via various supply chains back to the U.S. It's a tricky scene and here are the specifics, so if you buy your hardware on eBay... Buyer Beware: http://www.wservernews.com/080519-Fake-Cisco-Routers Next, a security researcher developed malicious rootkit software for Cisco's routers that has placed increasing scrutiny on the routers that carry the majority of the Internet's traffic. Sebastian Muniz, a researcher at Core Security Technologies Inc., developed the software, which he will unveil on May 22 at the EuSecWest conference in London. More at: http://www.wservernews.com/080519-Router-Rootkit-Software New TouchWall Is 'Monster iPhone' TouchWall refers to the touch screen hardware setup itself; the corresponding software to run TouchWall, which is built on a standard version of Vista, is called Plex. See it in action here at this link. I think we want one: http://www.wservernews.com/080519-TouchWall Quote of the Week "No gold-digging for me... I take diamonds! We may be off the gold standard someday." -- Mae West (Smart gal. Nixon did that a few decades later.) Thank you for being a WServerNews subscriber. Please tell your friends about us. They can subscribe here: http://www.wservernews.com/080519-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu |

Email me: feedback@wservernews.com

Vote For Ninja Blade In Community Choice Awards

The Community Choice Awards is an award program that lets visitors to the Windows IT Pro website nominate and vote on their favorite products and services. It provides an opportunity for the IT community to say what products are the BEST in the industry. Ninja Blade was nominated! One of our customers said: "As an admin I truly appreciate the time you have spent on creating a quality administrative interface." -- N. I.

Please click on this link and in the category 'Antispam Solutions for Business', vote for Ninja Blade. (There are seven other categories as well that make good short-lists). Thanks so much in advance!
http://www.wservernews.com/080519-Vote-for-Ninja-Blade

	Admin Toolbox

Admin Tools We Think You Shouldn't Be Without FREE Self-Service Change Password SharePoint Webpart and Web Interface for Active Directory & AD/AM. Installs in Minutes. Get Started Today! http://www.wservernews.com/080519-AdSelfServiceSuite iPrism...Better than Websense, Better than 8e6 - Better Get a Quick Quote! http://www.wservernews.com/080519-iPrism Download Active Administrator and receive a free eBrief written by Greg Shields: http://www.wservernews.com/080519-Active-Administrator Just released! PerfectDisk 2008 defragger w/ unattended defrag & exclusive VMware support. Vista Certified by Microsoft. Free evals: http://www.wservernews.com/080519-PerfectDisk-2008 Free Web-based Online Directory, Self Service Editing, LCS/OCS presence! Want more? Check out the other editions with Enforced Data Integrity + Provisioning! http://www.wservernews.com/080519-Namescape

	Tech Briefing

Correction SP3 and IE7 Phil in the UK sent me this: "I think that your piece "WinXP SP3 Means You Are Locked Into IE7" is slightly misleading and takes the IE Blog out of context. For a start, the heading of your tech briefing implies that SP3 includes IE7, which it doesn't. It ships with IE6. Next, you aren't really locked into IE7 with SP3. The blog - and the first paragraph of your item - makes it quite clear that if users have installed IE7 before they install SP3, they will need to uninstall SP3 if they want to revert back from IE 7 to IE6. Finally, if you install IE7 after installing SP3, you retain the option to uninstall IE7 and revert to IE6 so, again, you aren't locked in." We stand corrected. Thanks Phil ! Windows Service Pack Blocker Tool Kit Brief Description: A blocking tool is available for organizations that would like to temporarily prevent installation of Service Pack updates through Windows Update. http://www.wservernews.com/080519-SP-Blocker-Tool-Kit Patch Tuesday Microsoft released 4 new security bulletins in May. Of the 4 May bulletins, 3 are rated Critical on Microsoft's severity rating system. Critical: MS08-026: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (951207) MS08-027: Vulnerability in Microsoft Publisher Could Allow Remote Code Execution (951208) MS08-028: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749) Moderate: MS08-029: Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044) Additional information about these new security bulletins can be found on Microsoft's TechNet Web site: http://www.wservernews.com/080519-Patch-Tuesday Microsoft Faults OEMs For Some XP SP3 Endless Reboots A Microsoft document claims the fault for endless reboots lies in the Windows XP image originally installed on the PC by the computer manufacturers. Read on: http://www.wservernews.com/080519-XP-SP3-Reboots Determine The Cause Of Hung Windows Servers In the final part of this three-part series, SearchWinComputing.com contributor Bruce MacKenzie-Low focuses on resolving the issue of hung servers by analyzing a forced crash dump with the Windows Kernel Debugger, also called Windbg. This tip includes the necessary commands to isolate the problem to a particular application or system resource. (registration required) http://www.wservernews.com/080519-Hung-Windows-Servers Mark Minasi VideoCast: Dissecting Windows Server 2008 Whether you are looking for reasons to deploy Windows Server 2008 or waiting, best-selling Windows server author Mark Minasi offers his usual trenchant opinion in this exclusive video interview. (registration required) http://www.wservernews.com/080519-Minasi-VideoCast Fast Guide: How To Improve Outlook Web Access Security Outlook Web Access (OWA) is a convenience for mobile and remote users, but a continuous security headache for Exchange administrators. In this fast guide, get tips on how to combat OWA security concerns associated with email attachments and OWA user authentication. You'll also find some best practices for setting up SSL certificates and customizing OWA's security features in Exchange. http://www.wservernews.com/080519-Improve-OWA-Security Case Study: Troubleshooting Windows Service Dependency Failures Debugging a dependency service that has failed to start is easier than you think. Check out this step-by-step approach to resolving problems with Windows services that do not start automatically during the boot process. http://www.wservernews.com/080519-Dependency-Failures

	Windows Server News

Microsoft Opens Beta Of Its Offline Virtual Machine Servicing Tool Microsoft has opened up the Beta program for one of its latest virtualization tools, the Offline Virtual Machine Servicing Tool. The tool aims to address one of the new IT challenges created by virtualization - how do I keep my offline, stored or template virtual machine images up-to-date? More of this blog at: http://www.wservernews.com/080519-Offline-Virtual-Machine Multiple Short Outages Can Add Up To Major Data Center Problems Interesting and timely article with some good hints and tips. Corporate executives have long created IT plans to cope with major disasters, but now they're increasingly taking steps to prevent the brief shutdowns that can cost companies hundreds of thousands of dollars or more in their own right. Users and analysts at IDC's Enterprise Data Center Forum here last week listed several options for quickly recovering from or preventing relatively minor incidents - like user miscues or electricity brownouts - that can shut down systems for an hour to a half-day or so. More at: http://www.wservernews.com/080519-Data-Center-Outages Hyper-V's Achilles' Heel One of Microsoft's virtualization technology's greatest strengths, the host partition's ability to work with generic Windows device drivers, is also its greatest weakness. Randall Kennedy learned that the hard way while experimenting with the Release Candidate of Hyper-V. Read on: http://www.wservernews.com/080519-Hyper-V

	WServer Third Party News

Messaging Archiving Market Trends, 2008-2011 Plan to archive email and want to know where this market is heading? Here are some key findings from Osterman Research. This report focuses on demand drivers for messaging archiving and related technologies in the North American market. The research conducted for this report, as well as the report itself, are focused on the needs of vendors, investors and others who are interested in participating in the messaging archiving market in some way, whether as providers of the archiving systems, forensics services or other offerings. T he information presented is designed to help these vendors and interested parties make informed decisions about the future opportunities available in this market. (There are some good statistics here!) http://www.wservernews.com/080519-Messaging-Trends Should I use Double-Take Or SCR for Exchange Replication? Q: Should I use Double-Take Or SCR for Exchange Replication? A: There are some essential differences between SCR and Double-Take, but first some definitions: "Local Continuous Replication" (LCR) is a single-server solution that uses built-in asynchronous log shipping technology to create and maintain a copy of a storage group on a second set of disks that are connected to the same server as the production storage group. "Cluster Continuous Replication" (CCR) is a high availability feature of Microsoft Exchange Server 2007 that combines asynchronous log shipping and replay technology built into Exchange 2007 with the failover and management features provided by the Microsoft Cluster Service. The failover cluster is built using the Microsoft Cluster Service, and a new type of cluster quorum model called a Majority Node Set (MNS) Quorum with File Share Witness. This new quorum model is available when a hotfix is installed prior to forming the failover cluster. This will not work with the shipping version MSCS available with Windows Server 2003 - hotfixes must be installed or the customer must wait for Windows Server 2008 to be released. Standby Continuous Replication (SCR) is only available for E2K7 SP1 and uses asynchronous log shipping and reply to create a backup "standby" database on a target Exchange server. Unlike CCR, which relies on clustering and provides high availability, SCR sends data from a standalone or clustered Exchange server to a standalone Exchange server and provides no failover capabilities. SCR shares some of the same limitations as LCR and CCR and introduces some new limitations. Some items to consider about SCR: SCR provides no failover. SCR is designed to create a standby database that matches the source database, similar to LCR but with the database residing on a separate server. To provide high availability and DR, Microsoft recommends combining CCR and SCR. SCR recovery is complex. The SCR recovery process is a series of manual steps executed on the command line to bring the target database online. This is a complex process compared to the ease-of-use with DoubleTakeAM's automatic or push-button failover and failback capabilities. SCR is not real-time protection of Exchange data. SCR works by shipping log files locally and applying them to a second copy of the Exchange database. It is not real-time replication. SCR replication is delayed. There is an enforced delay of 50 log files with SCR replication. This means that 50 log files must be replayed into the target datastore before the target server can be brought online for recovery. You must use a single database per storage group. When a storage group has been enabled for SCR, it can only contain a single database. This prevents you from scaling up by having multiple databases per storage group. Double-Take does not have this limitation. Here is the link to download an eval: http://www.wservernews.com/080519-Double-Take Sunbelt Exchange Archiver V3.4 New Features This latest version has a bunch new features and bug fixes: Export search result. It is possible to export mails to a mailbox or to a PST file. Faster folder processing in ArchiveWeb. Enhanced caching of data makes the ArchiveWeb faster for big mailboxes. Many design changes in ArchiveWeb. Redesigned database indexes for faster processing. Optimized PST import. The limitation of one PST file per mailbox was removed. It is possible to start more imports/exports for the same mailbox. It is possible to archive again (re-archive) delayed and backup shortcuts. This option must be allowed in Tools - Options. Fulltext search in envelope journal messages. Fulltext compatible with Office 2007 iFilters. Full support of case sensitive databases. The database objects must be updated with a special script if the database already exists. Delayed shortcuts are detected for changes when the shortcut is created. If the message was modified after the archiving, a new version is created. Get more information at: http://www.wservernews.com/080519-Sunbelt-Exchange-Archiver And The Holes Keep Coming SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories. New Checks L691 Sun Java multiple vulnerabilities - SuSE L692 Tk ReadImage GIF image flaw - SuSE L693 Lighttpd $HOME, mod_cgi and descriptor array flaws - SuSE L694 Silc-toolkit silc_pkcs1_decode PKCS#1 error - SuSE L695 Xgl multiple XFree86 related vulnerabilities - SuSE L696 Xine-lib multiple integer overflows filetype .FLV .MOV .MVE - SuSE L697 OTRS SOAP interface read and modify error - SuSE L698 Wireshark multiiple vulnerabilities - SuSE L699 Apache HTTPD XSS errors - SuSE L700 Flash-plugin content display & TCP establish errors - SuSE L701 Openoffice.org EMF image add error - SuSE L702 ClamAV multiple vulnerabilities - SuSE L703 Java-1.5.0-ibm multiple vulnerabilities - SuSE L705 LICQ file-descriptor exhaustion flaw -- SuSE L706 LibPNG PNG zero length chunk memory errror - SuSE L707 Asterisk RTP codec ane SIP bypass flaws - FC L708 OpenLDAP slapd BDB modify flaw - RHE L709 Audit log_user_command function error - MDV L710 Blender imb_loadhdr and other flaws - SuSE S526 SCTP Vulnerabilities - Solaris 10 S527 Tcl GUI Toolkit Library GIF handling Vulnerability - Solaris 9 - 10 M57 Adobe Reader 8, 7 Vulnerabilities - Mac OS X W3345 MS Word 2000 Could Allow Remote Code Execution - W2K, W2K3, XP W3346 MS Word 2002 Could Allow Remote Code Execution - W2K, W2K3, XP W3347 MS Word 2003 Could Allow Remote Code Execution - W2K, W2K3, XP W3349 MS Publisher Could Allow Remote Code Execution - W2K, W2K3, XP W3350 MS Publisher Could Allow Remote Code Execution - W2K, W2K3, XP W3351 MS Publisher Could Allow Remote Code Execution - W2K, W2K3, XP W3353 MS Jet Database Engine Could Allow Remote Code Execution - W2K, W2K3, XP W3354 MS Malware Protection Engine Could Allow Denial of Service - W2K, W2K3, XP Sunbelt Network Security Inspector version 1.6.101.0 was released May 15, 2008. Sunbelt Software recommends you download the new SNSI version 1.6.101.0, scan, and patch your machines today. To get the latest SNSI version, visit: http://www.wservernews.com/080519-SNSI

	WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff. Did you know that Google has a Webmaster Central with a whole bunch of resources for you? They even warn you when your site is hacked... http://www.wservernews.com/080519-Webmaster-Central Vote at You Tube for the Cannes 2008 Film Festival Online Competition. "Struck" is a 7 minute film I liked the best. If you like it too, vote for it on the link below the video and it might win in Cannes! http://www.wservernews.com/080519-Struck Want to see the same images that scientists at NASA use for their research or perform your own research with those images? Or do you want to see the Earth from the same perspective that astronauts see as they descend to Earth? How about taking a 5 minute break and viewing a panorama of a different city? Install Microsoft World Wide Telescope (WWT) and start your explorations: http://www.wservernews.com/080519-MS-Wide-World-Telescope Israel may become the first country to mass produce electric cars, thanks to "Project Better Place" and its partners Renault and Nissan: http://www.wservernews.com/080519-Electric-Cars Allegedly first look of Windows 7. Some of the new features are: Re-designed Windows Explorer with 2-panel option, FTP/SFTP locations, a common folder with keyboard shortcuts, screen and animation capture, an automated Website and Blog designer. I'm not sure this is legit but interesting anyway: http://www.wservernews.com/080519-Windows-7 Racing Around The World In A Ferrari Formula One Car. Pretty cool ad: http://www.wservernews.com/080519-Ferrari-F1 Gilberto Graham and his 992 pound pet crocodile: http://www.wservernews.com/080519-Pet-Crocodile Hands on the highly anticipated 8.9" Asus Eee PC 900, featuring a bigger screen, bigger SSD drive, more memory and Windows XP: http://www.wservernews.com/080519-Asus-Eee-PC-900 Is it a bird? Is it a plane? No - it's Swiss Jet Man. It has taken Yves Rossy five years to design and build his jet-powered wings and turn a fantasy of flying over the Alps into a jet-powered reality. On May 14, 2008, Rossy jumped from a plane at 8,000 feet and completed several loops at 300 kms per hour, using only his body to change position for five minutes over the Swiss Alps: http://www.wservernews.com/080519-Jet-Man This pet monkey works at a bar in Utsunomiya, Japan. He learned how to bring things to customers through observation. This is weird: http://www.wservernews.com/080519-Pet-Monkey

	WServerNews - Product of the Week

Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields Receive new eBrief from noted IT consultant and author Greg Shields on understanding Security implications of RODC's in Server 2008 when you try Active Administrator from ScriptLogic. Active Administrator is a comprehensive AD management and auditing solution providing centralized auditing, RSoP, offline GPO repository, & object-level restores of AD objects. In the ebrief, learn best practices for implementing RODC's (Read-Only Domain Controllers) new in Windows Server 2008, & implications for its uses. Download now! http://www.wservernews.com/080519-RODC-eBrief