Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #29 - Jul 14, 2008 - Issue #683
Redmond's Cloud Formation

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • Webcast: A Brand New Look At On-Box Email Security
    • Webcast: Protecting your Organization from Spam, Viruses, and Phishing
    • OpenDNS Announces New Award For SysAdmins
    • IBM and Linden Lab Teleport Avatars Between Virtual Worlds
    • Quotes of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Tech Briefing
    • This Week's Tech Roundup
    • Microsoft Alert: Coming Update To Windows Update
    • 64-Bit Technology: What It Means For Your Favorite Apps
    • Using Vista's Overhauled Windows Task Scheduler
    • Learning Guide: Microsoft Hyper-V
    • Windows Vista Study Guide
  4. Windows Server News
    • Microsoft To Release New 'Essential' Servers Nov. 12
    • Redmond's Cloud Formation
    • Microsoft's New Tool Secures Offline Virtual Machines
    • How to Avoid Exchange 2007 SP1 Rollup Installation Problems
  5. WServer Third Party News
    • Why Not Move to Google/Postini For Your AS/AV?
    • Amazing, These Holes That Keep Coming Up
  6. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  7. WServerNews - Product of the Week
    • Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields
Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields

Receive new eBrief from noted IT consultant and author Greg Shields on understanding Security implications of RODC's in Server 2008 when you try Active Administrator from ScriptLogic. Active Administrator is a comprehensive AD management and auditing solution providing centralized auditing, RSoP, offline GPO repository, & object-level restores of AD objects. In the ebrief, learn best practices for implementing RODC's (Read-Only Domain Controllers) new in Windows Server 2008, & implications for its uses. Download now!
http://www.wservernews.com/080714-RODC-eBrief


Editor's Corner

Webcast: A Brand New Look At On-Box Email Security

Some people just won't run anything else on an Exchange server. Well, here is a fresh look at new research about that option!

Join Osterman Research and Sunbelt Software for an informative 60-minute Webinar that could help your company improve message security and lower MS Exchange management costs. Alex Eckelberry, CEO of Sunbelt Software, and Michael Osterman, President of Osterman Research, will lead this new Webinar, The Case for Server-based Messaging Security Solutions, to be held on Thursday July 17, 2008 at 1:00pm EDT / 10:00am PDT / 1800 UK Time / 1900 CET.

Michael Osterman will share insights gleaned from a just completed survey that dispel the fears of employing server-based email security solutions. He'll help you understand the latest Exchange security risks and also offer reasons why an installed security solution may be the best option for you in countering those challenges. He will also take a humorous look at one administrator who installed security software on the server (and lived to tell about it).

Alex Eckelberry will then offer examples from the field and discuss the key elements an Exchange security solution must have, including why Sunbelt customers deploy a server-based solution.

In this Webinar you will also learn:
  • What are the latest messaging and Exchange security threats?
  • How can a solution running on Exchange save time and money?
  • How did one admin install software on his server live to tell about it?
  • What are the common challenges and different solutions for Exchange security?
  • What works for less downtime and faster message delivery?
To register please visit:
http://www.wservernews.com/080714-Osterman-Webcast


Webcast: Protecting your Organization from Spam, Viruses, and Phishing

Securing your Exchange Server is key to protecting your enterprise environment from spam, viruses, and phishing. In this webcast Sunbelt will explain the benefits of using an 'all-in-one' integrated and policy-based email security solution versus separate products on your Exchange Server for antivirus, antispam, attachment filtering, and disclaimers. Learn how Ninja Email Security helps you to fight spam, viruses, trojans, phishing and other email security threats with a series of 'best-of-breed' plug-ins.

When: Tuesday, July 15, 2008 2:00 PM (EDT)

Please register here:
http://www.wservernews.com/080714-Ninja-Email-Security-Webcast


OpenDNS Announces New Award For SysAdmins

Behind every network there's at least one SysAdmin, and if you're reading this email now, guess what? There are several SysAdmins that made this possible. July 25 is System Administrator Appreciation Day, so if you think your SysAdmin's a Rockstar, honor your SysAdmin by nominating him/her for a 2008 SysAdmin Award. Click here for all the details:
http://www.wservernews.com/080714-SysAdmin-Awards

You can check out this link for more information about SysAdminDay:
http://www.wservernews.com/080714-SysAdmin-Day


IBM and Linden Lab Teleport Avatars Between Virtual Worlds

July 8, 2008 is a historic day for virtual worlds in general. IBM and Linden Lab have announced that research teams from the two companies successfully teleported avatars from Second Life into a virtual world running on an OpenSim server, marking the first time an avatar has moved from one virtual world to another. It's an important first step toward enabling avatars to pass freely between virtual worlds. These are still early days however. Video (MP4):
http://www.wservernews.com/080714-Avatar-Teleportation


Quotes of the Week

"There are three kinds of men. The one that learns by reading. The few who learn by observation. The rest of them have to pee on the electric fence for themselves." -- Will Rogers

"A diplomat is a man who always remembers a woman's birthday but never remembers her age." -- Robert Frost

Thank you for being a WServerNews subscriber. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/080714-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Sunbelt Exchange Archiver Wins 'Most Valuable Product' Award

The in-depth review of SEA in Redmond Magazine said: "Sunbelt Exchange Archiver makes e-mail archiving and retrieval accessible to the rest of us. In particular, the installation and user documentation are among the best I've seen, and help make the product very usable. If you have a good reason for ensuring your e-mail archives are accurate and easily accessible, Exchange Archiver may be the best way of achieving those goals." Read the full review:
http://www.wservernews.com/080714-SEA-Review

Register for a one-on-one product walk-through over here:
http://www.wservernews.com/080714-Sunbelt-Exchange-Archiver

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Automatically fix broken links when files are moved or renamed! Patented technology lets you migrate files without creating broken links:
http://www.wservernews.com/080714-LinkFixerPlus

Free Web-based Online Directory, Service Editing, LCS/OCS Presence! Want more? Check out our other editions with custom IDm Applications.
http://www.wservernews.com/080714-Namescape

iPrism Web Filter leads the pack in value and performance. See the iPrism in action and get a cool t-shirt free!
http://www.wservernews.com/080714-iPrism-Web-Filter

Download Active Administrator and receive a free eBrief written by Greg Shields
http://www.wservernews.com/080714-Active-Administrator


Tech Briefing

This Week's Tech Roundup

It was busy. First, Microsoft confirmed active Word attacks just a few hours after releasing the monthly Patch Tuesday collection which plugs nine holes in Windows, DNS, and SQL. They acknowledged a new Word zero-day attack that exploits a bug in certain versions. Next, it looks like the XP SP3 automatic download for started Thursday July 10th. EMC kicked out VMware's founder Dianne Greene, and venerable Microsoft alumnus Paul Maritz was put in to replace her. Even with his guidance, VMware faces a challenging environment, and VMware shares plunged on the CEO change and slowing growth.

Next, at its Worldwide Partner Conference in Houston, Redmond released its first major upgrade to Response Point, their small-business VoIP system software. Response Point SP1, available now via a free download, adds support for SIP trunking, click-to-call functionality, a call history log and the ability to select music for parked calls and hold time.

Over the next few weeks, Microsoft will roll out an ad campaign intended to change peoples' minds about Vista. The company is tight-lipped about what those ads will look like, but they should be more aggressive than anything we've seen to date. Last but not least, Redmond offers free Vista-to-XP downgrade help for small business. Here is the FAQ:
http://www.wservernews.com/080714-Vista-Downgrades


Microsoft Alert: Coming Update To Windows Update

"Beginning at the end of this month and continuing over the next few months, we'll be rolling out an infrastructure update to the Windows Update agent," said Michelle Haven, a product manager in the Windows Update group, in a post to the team's blog late last Thursday. Here is the blog:
http://www.wservernews.com/080714-Windows-Update


64-Bit Technology: What It Means For Your Favorite Apps

In this podcast, SearchWinComputing.com contributor Gary Olsen discusses what 64-bit means to applications running in Windows environments. Topics covered include: Active Directory, virtualization, Terminal Services, Exchange and SQL Server. (registration required)
http://www.wservernews.com/080714-64-bit-Computing


Using Vista's Overhauled Windows Task Scheduler

The Task Scheduler has been a crude tool in Windows for a very long time, and Microsoft finally gave it a much needed overhaul with Vista. In this tip, SearchWinComputing.com contributor Brien Posey covers the new timed trigger function, the ability to stipulate conditions, and walks you through the process of creating a basic task.
http://www.wservernews.com/080714-Vista-Task-Scheduler


Learning Guide: Microsoft Hyper-V

Check out this complete guide to the latest virtualization product from Microsoft, Hyper-V. Like any virtualization platform, Hyper-V makes for a more efficient data center, maximizing resources and reducing costs. Learn what gives Hyper-V the edge against other virtualization competitors plus get tips, guides, and resources for Hyper-V installation, configuration, management and much more! (registration required)
http://www.wservernews.com/080714-Hyper-V-Guide


Windows Vista Study Guide

As a channel professional, it is important to understand the ins and outs of Windows Vista in order to ensure your success with clients. But how much do you really know about Vista service packs, new features, Vista security, Vista sales drivers, ways to ease Vista deployment? Test your knowledge now with this quick 5 question quiz from SearchSystemsChannel.com.
http://www.wservernews.com/080714-Vista-Study-Guide


Windows Server News

Microsoft To Release New 'Essential' Servers Nov. 12

Microsoft plans to release a new Windows server operating system aimed at mid-size businesses, as well as the next version of its small-business server software, worldwide on Nov. 12, the company said this week. Both Windows Essential Business Server (EBS) 2008 and Windows Small Business Server (SBS) 2008 will be available that day, the company revealed at its Worldwide Partner Conference in Houston. Hardware providers Dell Inc. and Germany's Wortmann AG will be among the first companies to offer hardware for both operating systems when they are available, Microsoft said. Microsoft expects to post new release candidates for both products on its Web site next week. Customers also can get information about the products on the site. ComputerWorld has the story:
http://www.wservernews.com/080714-Microsoft-Essential-Servers


Redmond's Cloud Formation

Also at its Worldwide Partner Conference in Houston, Redmond came out with its largest move into cloud computing yet by announcing pricing and new partnerships for Microsoft's Online Services. This is a family of products made fit for a rental model and includes Online versions of Exchange, SharePoint, Office Communications, Office Live Meeting, and Dynamics CRM.

It's dubbed the "Deskless Worker Suite", $3 a month per user for deskless SharePoint and Exchange. And yes, they are competing with their own hosting partners. If partners resell the full suite of SharePoint, Exchange, Office Communications and Live Meeting, the cost is $15 a month per user. Partner's cut? 12% the first year, 6% the second year.

Microsoft's New Tool Secures Offline Virtual Machines

If you are interested in security for VMs, this new tool can help you keep virtual environments patched. The Microsoft Offline Virtual Machine Servicing Tool allows you to update your offline virtual machines efficiently without exposing them to several security risks. Here is what Redmond states in its overview:

"The Offline Virtual Machine Servicing Tool helps organizations maintain virtual machines that are stored offline in a Microsoft(r) System Center Virtual Machine Manager library. While stored, virtual machines do not receive operating system updates. The tool provides a way to keep offline virtual machines up-to-date so that bringing a virtual machine online does not introduce vulnerabilities into the organization's IT infrastructure.

"The Offline Virtual Machine Servicing Tool combines the Windows Workflow programming model with the Windows PowerShell(tm) interface to bring groups of virtual machines online just long enough for them to receive updates from either System Center Configuration Manager 2007 or Windows Server Update Services. As soon as the virtual machines are up-to-date, the tool returns them to the offline state in the Virtual Machine Manager library. Here is the free download:
http://www.wservernews.com/080714-Offline-Virtual-Machine-Servicing-Tool


How to Avoid Exchange 2007 SP1 Rollup Installation Problems

Tony Redmond at Exchange & Outlook Update did a very useful write-up how not to get in trouble with this. Here goes:

"Microsoft just released Update Rollup 3 (UR3) for Exchange 2007 SP1. Update rollups collect hotfixes that have been issued since the last service pack or rollup. UR3 contains a number of interesting fixes, including a way to remove the "Sent by Microsoft Exchange 2007" tag line from delivery status notification messages. The complete list of fixes in UR3 is included in Microsoft Knowledge Base article 949870:
http://www.wservernews.com/080714-Exchange-2007-SP1-Rollup-Problems

"There's also a new rollup, UR7, for sites using Exchange 2007 RTM; you can see its list of fixes in KB article 953469.
http://www.wservernews.com/080714-Rollup-UR7

"UR3 and UR2 contain some Microsoft .NET Framework 2.0 managed assemblies that Microsoft applied a digital signature to using Authenticode. During the installation of these rollups, Windows attempts to validate that the key used to apply the digital signature to the assemblies is valid to ensure that you don't load code that someone might have compromised in any way onto a server. During the validation process, the installation procedure attempts to make a connection to a certificate revocation list (CRL) at crl.microsoft.com/pki/crl/products/CSPCA.crl. If the installation procedure can't access this site, it experiences a timeout that eventually passes-or it might cause the installation to fail. During a recent upgrade of fifteen Exchange 2007 servers to SP1 UR2 that I witnessed, the delay ranged from 40 minutes to an hour and the installation failed completely on two of the fifteen servers. This failure is painful because the only indication that anything bad has occurred is the fact that the Microsoft Exchange Service Host service isn't running. "
To view the rest of this article, click here:
http://www.wservernews.com/080714-Exchange-2007-SP1-Article


WServer Third Party News

Why Not Move to Google/Postini For Your AS/AV?

Some one asked the following question on Sunbelt's Exchange Admin Forum: "I'm really interested in knowing why most folks (that aren't using in-house AS/AV solutions) haven't moved to Google/Postini for your AS/AV? At 0.25 USD per month per address, it's almost an order of magnitude cheaper than any other enterprise solution available."

The answers that came back were very interesting and varied. Here are the main reasons that Exchange Admins on our list came back with. Some are edited a bit for brevity:
  1. Tried to get a hold of them for a quote and they wouldn't return my calls. We aren't huge (~1200 users) but they pretty much ignored us for over a week while we were shopping solutions. Also I wanted to know what types of support were available when stuff happens on the weekends and after hours and I was told that support was only through their website, which is not acceptable.
  2. The pricing I am looking at for Google/Postini is $1 US per user/month (that price is for the Message Security service which in my opinion is comparable to most AV/AS). That isn't really any cheaper than what I pay for most enterprise solutions. We have had terrible luck with hosted solutions in the past; not because the solutions, or providers, were bad, but rather because our users just couldn't figure them out. For us simplicity is almost as big a requirement as security is. Not as big, but close. If our users (particularly at the executive level) can't figure out how to use any product we implement, then it won't be in place for long.
  3. Because for the clueful, Maia Mailguard is even cheaper and more flexible, and keeps control in-house.
  4. Because Google is a giant data miner. I'd rather not have my mail go through them at any cost.
  5. Paranoia. Last place I worked, the philosophy was if you let it go, you may never see it again. Plus, we were already looking at bringing an solution in-house for encryption, which also did AV/AS.
  6. There was also HIPAA regulation and confusion about what/how that would impact it that helped take an outsourced solution off the table. As the product that we installed for HIPAA compliance also had SPAM / AV gateway software there seemed no point to outsourcing. At least that was managements partial reason.
  7. Not speaking on behalf of my current employer or the organization I'm contracted to; but why in the world would I want to push my mail through a choke point which could be compromised, shut down by hostile action or have my mail copied, diverted or delayed by some disgruntled or compromised employee?
  8. Having a product like Ninja in house made more sense. Simpler and everything was in Outlook, instead of click here to check your spam folder...yada, yada, yada.
  9. I would *consider* a Google solution if they *paid* me $3/year/user.


Amazing, These Holes That Keep Coming Up

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks
H30 Wu-ftpd Local Directory Escape - HP-UX 11
L862 Seamonkey multiple security vulnerabilities - RHE
L863 Mozilla Firefox multiple security vulnerabilities - RHE
L864 Devhelp multiple security vulnerabilities - RHE
L865 Mozilla-xulrunner multiple security vulnerabilities - RHE
L866 Yelp multiple security vulnerabilities - RHE
L873 Perl Regex Lib pcre_compile.c flaw - FC
L874 OpenLDAP
W1882 Panda Active Scan v2.0 Update ActiveX Vulnerabilities
W2618 VideoLAN VLC player WAV handling vulnerabilities
W3376 Access Snapshot Viewer ActiveX Vulnerability

Updated Checks H156 Useradd incorrect access validation - HP-UX 11 H163 ARPA Transport Vulnerability - HP-UX 11 L17 Epiphany-extensions related Mozilla vulnerabilities - FC L211 OpenVRML mozilla related vulnerabilities - FC L306 Ruby-Gnome2 Mozilla based vulnerabilities - FC L307 Kazehakase Mozilla based vulnerabilities - FC L309 Gnome-web-photo Mozilla based vulnerabilities - FC L310 Miro Mozilla based vulnerabilities - FC L1512 Mozilla Firefox multiple vulnerabilities - FC L1514 Epiphany Mozilla based package vulnerabilities - FC L1515 Mozilla Yelp package vulnerabilities - FC L1516 Mozilla Devhelp package vulnerabilities - FC L1613 Mozilla Galeon package vulnerabilities - FC L1681 Liferea Mozilla flaws - FC W1142 Anti-virus Signature Outdated - McAfee W1986 Anti-virus Signature Outdated - Symantec W1999 Anti-virus Signature Outdated - Trend Micro W2067 Anti-virus Signature Outdated - F-Secure W2070 Anti-virus Signature Outdated - CA eTrust W2493 Microsoft Windows Malicious Software Tool Not Updated
Sunbelt Network Security Inspector version 1.6.108.0 was released July 9, 2008. Sunbelt Software recommends you download the new SNSI version 1.6.108.0, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/080714-SNSI

Live In Europe? Check this Product Overview

For All Europeans
Products overview


TimeData: Continuous Data Protection for Windows-based servers.

Point-in-time data recovery for Microsoft SQL Server, Microsoft Exchange Server and Windows File Server.
TimeData is a Windows-based, cluster-aware application that protects files on NTFS volumes, SQL Server databases and Exchange Server mailbox stores. TimeData software provides file-based Continuous Data Protection (CDP) with Zero Data Loss technology, which means that no data is ever lost or corrupted.
Learn about benefits and systems requirements of TimeData:
http://www.wservernews.com/080714-TimeData

*** NEW ***
In order to help you understand better Double-Take visit our Brand New Websites!
- For everyone based in the U.K, the Nordics, Benelux and Eastern Europe: www.doubletake.en
- For everyone based in France: www.doubletake.fr
- For German speakers: www.doubletake.de
Coming soon: Spanish and Italian Websites by the New Term: September 2008! www.doubletake.es and www.doubletake.it


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Do's and Don'ts of RODC in Windows Server 2008 - Free eBrief from Greg Shields

Receive new eBrief from noted IT consultant and author Greg Shields on understanding Security implications of RODC's in Server 2008 when you try Active Administrator from ScriptLogic. Active Administrator is a comprehensive AD management and auditing solution providing centralized auditing, RSoP, offline GPO repository, & object-level restores of AD objects. In the ebrief, learn best practices for implementing RODC's (Read-Only Domain Controllers) new in Windows Server 2008, & implications for its uses. Download now!
http://www.wservernews.com/080714-eBrief-RODC