|
Vol. 13, #33 - Aug 11, 2008 - Issue #687
|
|
Black Hat News: Vista Security 'Rendered Useless'
|
| This issue of WServerNews is sponsored by |
|---|
 |
- Editor's Corner
- More On Electronic Bermuda Triangles
- Black Hat News: Vista Security 'Rendered Useless'
- WEBCAST: Fight Spam, Viruses, Trojans & More...
- Upcoming Sunbelt/Double-Take Seminars
- Quotes of the Week
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Tech Briefing
- Lenovo Crashes Eee Party With IdeaPads
- Windows XP Still Outselling Windows Vista?
- Tools Make Capacity Planning Easier For Windows Shops
- Define SharePoint Parameters Before Installing
- Five Exchange Server Backup Worst Practices To Avoid
- Understanding Hyper-V Partitions And Device Drivers
- Windows Server News
- Microsoft's SQL Server 2008 Goes Gold
- VMware Launches Windows Scripting Environment
- Microsoft To Predict Exploitability Of Its Own Bugs
- WServer Third Party News
- ZDNet Shoot-out: VIPRE vs. Norton AV 2008 and Kaspersky AV 2007
- Microsoft To Give Security Vendors Early Peek At Patches
- WServerNews FAVE Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- Do's and Don'ts of RODC in Server 2008-Free eBrief from Greg Shields
|
Do's and Don'ts of RODC in Windows Server 2008-Free eBrief from Greg Shields
|
Receive new eBrief from noted IT consultant and author Greg Shields on
understanding Security implications of RODC's in Server 2008 when you try
Active Administrator from ScriptLogic. Active Administrator is a comprehensive
AD management and auditing solution providing centralized auditing, RSoP,
offline GPO repository, & object-level restores of AD objects. In the ebrief,
learn best practices for implementing RODC's (Read-Only Domain Controllers)
new in Windows Server 2008, & implications for its uses. Download now!
http://www.wservernews.com/080811-RODC-eBrief
|
|
 |
Editor's Corner |
|
More On Electronic Bermuda Triangles
I promised I would come back on this one. Lots of you over the last few
weeks reported back with either personal stories or links to websites
that reported on similar effects at different spots in the world. It
turns out that there are quite a few instances of electromagnetic
interference that have stuck up their ugly heads. We are working on
some kind of way to get this reported and warn other people. Let me
know if you have some creative way you'd suggest to get people to
report on this and be able to check on it. Remember that I had to tow
my Camry to the dealership? After a few weeks, Toyota came through
and refunded my expenses for that mishap, that was good service! Tell
me your ideas for a dedicated website to report on this phenomenon?
Black Hat News: Vista Security 'Rendered Useless'
LAS VEGAS -- Two security researchers have developed a new technique that
essentially bypasses all of the memory protection safeguards in the Windows
Vista operating system, an advance that many in the security community say
will have far-reaching implications not only for Microsoft, but also on how
the entire technology industry thinks about attacks. In a presentation at
the Black Hat briefings, Mark Dowd of IBM Internet Security Systems (ISS)
and Alexander Sotirov of VMware Inc. discussed the new methods they've found
to get around Vista Protections such as Address Space Layout Randomization
(ASLR), Data Execution Prevention (DEP) and others by using Java, ActiveX
controls and .NET objects to load arbitrary content into Web browsers.
By taking advantage of the way that browsers, specifically Internet Explorer,
handle active scripting and .NET objects, the pair have been able to load
essentially whatever content they want into a location of their choice on
a user's machine. More at SearchSecurity:
http://www.wservernews.com/080811-Vista-Security
WEBCAST: Fight Spam, Viruses, Trojans & More...
Protecting your Organization from Spam and Malware with Ninja Email
Security. Securing your Exchange Server is key to protecting your
enterprise environment from spam, viruses, and other malware. In this
webcast Sunbelt will explain the benefits of using an 'all-in-one'
integrated and policy-based email security solution versus separate
products on your Exchange Server for antivirus, antispam, attachment
filtering, and disclaimers.
Learn how Ninja Email Security helps you to fight spam, viruses, trojans,
phishing and other email security threats with a series of 'best-of-breed'
plug-ins. When: August 12, 2008 2:00 PM (EDT) Please register here:
http://www.wservernews.com/080811-Ninja-Email-Security-Webcast
Upcoming Sunbelt/Double-Take Seminars
We'd like to invite you to attend the following seminars:
"Implementing an Effective Email Archiving Strategy for Exchange" - Join
Sunbelt and Mike Osterman, president and founder of Osterman Research,
Inc., one of the leading analyst firms in the messaging and collaboration
space, for an engaging discussion on how an effective email archiving
strategy can help you deal with the issues resulting from growth in email
storage and new discovery and privacy requirements.
Hosted at Microsoft in Chicago, IL on Thursday, August 21st. Register here:
http://www.wservernews.com/080811-DT-Seminar-Chicago
"Recovery Made Easy for Exchange, SQL, and other Critical Applications" -
Join Sunbelt and Double-Take Software as we discuss strategies for
implementing high availability, remote availability and offsite disaster
recovery solutions for SQL, Exchange and other mission critical applications
using Double-Take. Learn about Double-Take v5.0 and Double-Take's NEW
solutions that power your keys to recoverability.
Hosted at Sheraton Suites in Calgary, AB on Tuesday, August 12th. Register here:
http://www.wservernews.com/080811-DT-Seminar-Calgary
Hosted at Microsoft in Seattle, WA on Wednesday, August 13th. Register here:
http://www.wservernews.com/080811-DT-Seminar-Seattle
Hosted at Microsoft in Kansas City, KS on Friday, August 15th. Register here:
http://www.wservernews.com/080811-DT-Seminar-Kansas-City
Hosted at Microsoft in Hartford, CT on Thursday, September 25th. Register here:
http://www.wservernews.com/080811-DT-Seminar-Hartford
Quotes of the Week
"My grandfather once told me that there are two kinds of people, those who
work and those who take the credit. He told me to try to be in the first
group; there was less competition there." -- Indira Gandhi (1917-1984)
"We make money the old fashioned way. We print it."
-- Art Rolnick, former Chief Economist, Minneapolis Federal Reserve Bank
"All that is necessary for evil to triumph is for good men to do nothing."
-- attributed to Edmund Burke
Thank you for being a WServerNews subscriber. No trees
were killed in the sending of this message, but a large number of electrons
were terribly inconvenienced. Please tell your friends about us.
They can subscribe here:
http://www.wservernews.com/080811-Subscribe
|
Time To Kill Those PST Files!
|
You all are aware of the fact that PST files are a major contributor to
loss of time, especially on the admin side of email. Importing these
PST files in a searchable archive, which is a central and transparent
repository for all users, can save enormous amounts of time for all email
users and the admin alike. PST files cause -all- kinds of storage problems,
like bloated and slow backups and backup windows rapidly expanding so
that they run into the next morning. They also cause risks in the legal
and security areas like lost email, laptops that disappear, and no
oversight which is a lawyer's nightmare. You should really check out
Sunbelt Exchange Archiver. It solves all these problems in one fell swoop:
http://www.wservernews.com/080811-Sunbelt-Exchange-Archiver
|
|
|
Tech Briefing |
|
Lenovo Crashes Eee Party With IdeaPads
Better late than never, Lenovo has launched the IdeaPad S9 and S10
sub-notebooks, the company's answer to the embarrassing success of the
Eee PC from rival Asus. The S9 features an 8.9-inch screen, integrated
802.11g Wi-Fi, 512MB of memory, 80GB of hard disk space or a 4GB solid
state drive (SSD), and is built around Intel's 1.6GHz Intel Atom N270
chip. The more expensive S10 features a 10.2-inch screen, 1GB of RAM,
and a larger 160GB hard disk. Users can choose from Linux or the
supposedly extinct Windows XP. More of this article at ComputerWorld:
http://www.wservernews.com/080811-Lenovo-IdeaPads
Windows XP Still Outselling Windows Vista?
While Microsoft excitedly tries to sway public opinion by touting that Vista
License sales top 180 Million units, Hewlett-Packard (HP) was busy smacking
Microsoft down -- reportedly shipping PCs with a Vista Business license but
with Windows XP pre-loaded in the majority of business computers sold since
the June 30 Windows XP execution date established by Microsoft -- casting
a lot of doubt over how many copies of Vista have actually been sold.
InfoPackets has the story:
http://www.wservernews.com/080811-Vista-Licenses
Tools Make Capacity Planning Easier For Windows Shops
One of the most important and perhaps most difficult tasks facing IT managers
is meeting current hardware needs while predicting future needs for growth.
In this tip, SearchWinIT.com contributor Gary Olsen describes how Microsoft's
System Center Capacity Planner and other capacity planning tools can help you
get started with mapping out the future. (registration required)
http://www.wservernews.com/080811-System-Center-Capacity-Planner
Define SharePoint Parameters Before Installing
One of the biggest mistakes IT shops make with Microsoft Office SharePoint
Server (MOSS) is that they often install it with little forethought. In
this Q&A, SharePoint expert Bill English outlines some common pitfalls to
avoid when installing MOSS.
http://www.wservernews.com/080811-MOSS
Five Exchange Server Backup Worst Practices To Avoid
There are many ways to be creative when protecting Exchange Server data,
but not all methods are flawless. If you're backing up Microsoft Exchange
Server, you should be aware of these five Exchange Server backup worst
practices to avoid any disasters.
http://www.wservernews.com/080811-Exchange-Worst-Practices
Understanding Hyper-V Partitions And Device Drivers
Like many other technologies, Microsoft's Hyper-V has its own language
of terms and definitions, separate from that of our normal virtualization
vernacular. In this tip, learn the terms that are relevant to how device
drivers work in Hyper-V, which will help with installation of the product,
managing performance and troubleshooting any issues that may arise.
(registration required)
http://www.wservernews.com/080811-Hyper-V-Partitions
|
|
Windows Server News |
|
Microsoft's SQL Server 2008 Goes Gold
Redmond released SQL Server 2008 to manufacturing and, as an evaluation
edition, to subscribers of its Microsoft Development Network and TechNet
services. Policy-based management is one feature of Microsoft SQL Server
2008 expected to appeal to IT managers and database administrators. Learn
more about what's new with SQL Server 2008.
http://www.wservernews.com/080811-SQL-Server-2008-Gold
VMware Launches Windows Scripting Environment
VMware released its VMware Infrastructure (VI) Toolkit (for Windows). The
kit is a free addition to its scripting toolbox, meant to help automate
your virtual datacenter. It is essentially an easy-to-use scripting interface
if you have multiple VMware ESX hypervisors or VMware VirtualCenter instances.
The thing is based on PowerShell, and you can do things like cloning, moving,
starting or stopping virtual machines and hosts. The toolkit includes easy
"commandlets" for deploying hundreds of VMs across IT infrastructure. They
encourage you to submit your scripts to the community, and there will be
a contest for the best script created using the VI Toolkit. The winner will
get an all-expense paid trip to VMworld 2008 Las Vegas or $5,000.
The VI Toolkit (for Windows) is at:
http://www.wservernews.com/080811-VMware-Infrastructure-Toolkit
Microsoft To Predict Exploitability Of Its Own Bugs
In a move toward improving its metrics mojo, Microsoft has announced that as
of October, it will rate all new vulnerabilities according to the likelihood
that they can actually be exploited. It will also will share information with
some vendors before everyone else gets patches. More at ComputerWorld:
http://www.wservernews.com/080811-Microsoft-Bugs
|
|
WServer Third Party News |
|
ZDNet Shoot-out: VIPRE vs. Norton AV 2008 and Kaspersky AV 2007
We told you we had put a lot of thought into making sure that VIPRE would
not be a performance hog. Well, ZDNet's Adrian Kingsley-Hughes put our
claims to the test. He compared VIPRE with the latest Norton and Kaspersky
code, and showed the graphs. We really have nothing to add. Just look at
his results. He wrote: "The bottom line - Security software can have a
shocking effect on performance, and can take a new system and make it feel
like one that's a few years old. I'm pleased to see that Sunbelt Software's
claim that VIPRE doesn't hog system resources and doesn't slow down a PC
isn't just marketing hyperbole but is actually true." Check out those
graphs!
http://www.wservernews.com/080811-VIPRE-vs-Norton2008-vs-Kaspersky2007
Microsoft To Give Security Vendors Early Peek At Patches
Microsoft plans to give security vendors a head start in what has become a
monthly race against the hackers. Starting in October, the company will
provide security vendors with early access to technical details of its
monthly security patches before the software updates are actually released.
This will give the companies that write attack-blocking code a bit of a
cushion as they write and test their security software.
Microsoft calls this initiative the Microsoft Active Protections Program
(MAPP) and says that participating companies must sell commercial Windows
security products and have a large customer base -- and no, sellers of
attack-based penetration testing tools are not invited.
Early participants include IBM, Juniper Networks, and 3Com's Tipping Point
division, but other companies are expected to sign up. More at NetworkWorld:
http://www.wservernews.com/080811-MAPP
|
|
WServerNews FAVE Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
- This unique specimen of "EuroGeek" is worth watching. They created a new
supercomputer with standard gaming hardware that costs less than $6,000
to build. The system uses four NVIDIA GeForce 9800 GX2 graphics cards:
http://www.wservernews.com/080811-Fastra-GPU-Supercomputer
- How to carjack a top Google exec -- according to Google. To demonstrate how
they feel that Google Street View and Google Earth invade personal privacy,
computer users at the National Legal And Policy Center put together a
"detailed dossier" of information on one of Google's leading lights (PDF).
http://www.wservernews.com/080811-Google-Carjack
- Katie Hodgson and Darren McWalters are getting married in the air while
standing on top of three biplanes:
http://www.wservernews.com/080811-Biplane-Wedding
- MIT has developed a simple method to split water molecules and produce oxygen
gas, a discovery that paves the way for large-scale use of solar power:
http://www.wservernews.com/080811-Solar-Energy
- Video with Funny Windows error messages:
http://www.wservernews.com/080811-Windows-Errors
- A flight demonstration of a huge radio-controlled C-17 model aircraft
with four jet engines:
http://www.wservernews.com/080811-RC-C-17
- Japanese automaker Mitsuoka has revealed the production version of it's
unique-looking mid-engined Orochi sports car, Top Gear takes it for a
test drive:
http://www.wservernews.com/080811-Mitsuoka-Orochi
- Slow Motion Lightning. If you thought lightning couldn't be any more awesome,
you thought wrong. The power of slow motion lets you see every last spark as
it dances across the sky.
http://www.wservernews.com/080811-Slow-Motion-Lightning
- In the future, we'll be able to make anything we want on 3-D printers. Paper
prices are going to go through the roof, and recycling will have a whole new
meaning:
http://www.wservernews.com/080811-3D-Printer
- Forgotten PC history: The true origins of the personal computer, 40 years now!
http://www.wservernews.com/080811-PC-History
- These two short videos show the recent DNS problem and how long it took for
everyone to patch it, worldwide, graphically... Very interesting:
http://www.wservernews.com/080811-DNS-Problem
|
|
WServerNews - Product of the Week |
|
Do's and Don'ts of RODC in Server 2008-Free eBrief from Greg Shields
Receive new eBrief from noted IT consultant and author Greg Shields on
understanding Security implications of RODC's in Server 2008 when you try
Active Administrator from ScriptLogic. Active Administrator is a comprehensive
AD management and auditing solution providing centralized auditing, RSoP,
offline GPO repository, & object-level restores of AD objects. In the ebrief,
learn best practices for implementing RODC's (Read-Only Domain Controllers)
new in Windows Server 2008, & implications for its uses. Download now!
http://www.wservernews.com/080811-ScriptLogic-RODC-eBrief
|
|
|
|
|
Email me: