Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 13, #38 - Sep 15, 2008 - Issue #692
When Windows Goes All 64-Bit

This issue of WServerNews is sponsored by
  1. Editors Corner
    • When Windows Goes All 64-Bit
    • Enterprise Antivirus Survey
    • Quotes of the Week
  2. Webinars and Seminars
    • Fighting SQL Injection Attacks
    • Upcoming Sunbelt Seminars
  3. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  4. Tech Briefing
    • Fake Antispyware Purveyor Doubles as Domain Registrar
    • How To Plan And Design A Windows IT Infrastructure
    • Tip: Associating Proper Applications With File Types In Windows
    • Tuning SQL Server Performance Via Memory And CPU Processing
  5. Windows Server News
    • Redmond Matches VMware's Zero Price Tag
  6. WServer Third Party News
    • The End Of AV As You Know It
    • Check Out This New Collection of Vulnerabilities
  7. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • Attend an 8-minute Webinar and get a Rock Your World t-shirt
Helpdesk Driven Mad By Password Reset and Locked Account Calls?

The two most common problems in self-service password management are:
  1. Getting users to fill out their Password Reset Profile
  2. Securing the issuance of new passwords by the Helpdesk
myPassword is a great self-service Active Directory Password Reset tool. You configure it to send an email to a user to verify identity and provide an easy means of resetting passwords, unlocking accounts, or edit their password reset profile. It even has OWA Support. Find out about the excellent security features, as users struggle to remember their growing collection of credentials. Eliminate Help Desk calls by 70%. Quick ROI. Compatible with rDirectory. Click here for an evaluation copy:
http://www.wservernews.com/080915-myPassword


Editors Corner

When Windows Goes All 64-Bit

I found a really interesting article by Larry Seltzer in the Security section of eWeek that went into the details of 64-bit Windows becoming more common and eventually being the norm. Such transitions never go as smoothly as you'd like, and as a system admin there are a few good points in this article:
  1. It's likely that Windows 7 will be the last OS with a 32-bit flavor
  2. Each new version of Windows is designed for the next generation hardware
  3. Upgrades never work as well as preloaded installs
  4. End-Users trying to upgrade by themselves run into trouble
  5. Specific Memory benefits of 64-bit
  6. Additional 64-bit security features
It's the 'Recommended Read' this week:
http://www.wservernews.com/080915-When-Windows-Goes-All-64Bit


Enterprise Antivirus Survey

If you'd like to make your voice heard to the antivirus industry, now is your chance! This survey is part of a global study on antivirus product customer satisfaction, and will be presented at an upcoming major security conference. Your time would be really appreciated in answering this short survey:
http://www.wservernews.com/080915-Survey


Quotes of the Week

"We don't stop playing because we grow old; we grow old because we stop playing." -- George Bernard Shaw

"A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people." -- John F. Kennedy

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/080915-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

The End Of AV As You Know It

Finally, powerful endpoint security that ISN'T a resource hog. Sunbelt Software introduces VIPRE Enterprise; a completely new technology combining corporate antivirus plus an enterprise antispyware solution for total endpoint security designed by admins for admins. Save your IT budget and don't renew products from Symantec, McAfee and Trend Micro, Learn how VIPRE Enterprise takes much less resources than the competition! It's clearly time to ditch expensive, bloated, old-style AV products. "Wow, what an easy install, I am not used to being able to install such Major Software package in 10 minutes on our server, and then completed the install on our 11 clients in the next hour, including restarts, in two different buildings." Get your 30-day eval here:
http://www.wservernews.com/080915-VIPRE-Enterprise

Webinars and Seminars

Fighting SQL Injection Attacks

Randy at Ultimate Windows Security sent me the following very interesting webinar invite:

Fighting SQL injection attacks is tough, I can tell you. I've just come out of a long battle this summer against the same bot-powered SQL injection/java script attacks that many of you have been fighting too. A couple times we thought we had the problem fixed and a few minutes later - or the next day - the problem was back. If you ask me, Microsoft's "harden every line of web application code" advice is a great example being theoretically correct but impractical for the real world. For the rest of us who don't live in the Ivory Tower we need solutions that work and fixing things at the code level isn't a realistic, comprehensive solution because:
  1. Most of us aren't web application coders
  2. Most of us don't have control of all the code on our sites
Maybe you are using a shrink wrapped application from an ISV who may or may not fix code problems on a timely basis. Sure get a new app and all but what about the meantime? Or maybe your site is like mine - it's grown over the years and is a hodgepodge of classic ASP, custom asp.net, asp and asp.net applications and scripts from all over. Best practice? No. Real world? Yes. So, if you can't harden every line of code, what do you do? You can try to block/intercept SQL injection attacks and related URL, http attacks and there are a variety of methods and tools available for doing so that ultimately depend on your expertise, commitment, available time and budget. In this webinar I will give you a brief case study of what my experience with these attacks for the past couple months and share my failures and eventual success. A technical webinar with live demos and links to tools. It won't be a thinly veiled infomercial for the sponsor - although I'm very happy with their results for my site. I will show you a number of real alternatives.

Can't make the live event? Register anyway to get the recorced version.

Title: Successfully Combating the Recent Surge in SQL Injection Attacks
Date: Tuesday, October 7, 2008 12:00 PM - 1:00 PM EDT

To make this webinar possible your registration data will be shared with our sponsor. This is real training. Space is limited. Reserve your Webinar seat now at:
http://www.wservernews.com/080915-Webinar-Registration


Upcoming Sunbelt Seminars

We'd like to invite you to attend the following seminars:

"Implementing an Effective Email Archiving Strategy for Exchange" - Join Sunbelt and Mike Osterman, president and founder of Osterman Research, Inc., one of the leading analyst firms in the messaging and collaboration space, for an engaging discussion on how an effective email archiving strategy can help you deal with the issues resulting from growth in email storage and new discovery and privacy requirements.

Hosted at Delta Chelsea Hotel in Toronto, ON, Canada on Tuesday, September 16th. Register here:
http://www.wservernews.com/080915-Effective-Email-Archiving-Seminar

"Protecting Against the New Wave of Malware: A New Approach to Endpoint Security" - Join Sunbelt and Mike Osterman, president and founder of Osterman Research, Inc., for an informative seminar that will examine why older, traditional antivirus approaches don't work and why a new approach to endpoint security is required to better protect your users, your data and your long-term viability as a company from malicious threats.

Hosted at Microsoft in Waltham, MA on Thursday, October 2nd. Register here:
http://www.wservernews.com/080915-New-Wave-of-Malware-Seminar

"Recovery Made Easy for Exchange, SQL, and other Critical Apps" - Join Sunbelt and Double-Take Software as we discuss strategies for implementing high availability, remote availability and offsite disaster recovery solutions for SQL, Exchange and other mission critical apps using Double-Take. Learn about Double-Take v5.0 and Double-Take's NEW solutions that power your keys to recoverability.

Hosted at Microsoft in Hartford, CT on Thursday, September 25th. Register here:
http://www.wservernews.com/080915-Recovery-Made-Easy-Seminar


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

These 8 new TSA-approved checkpoint-friendly bags mean you don't have to pull your laptop out at airport security:
http://www.wservernews.com/080915-Checkpoint-Friendly-Bags

Automatically fix file links when implementing global namespaces. Patented technology lets you perform data migrations without broken links:
http://www.wservernews.com/080915-Automatic-File-Fix

Looking to improve efficiency of you help desk? Try BridgeTrak. Intuitive, Customizable & Scalable Help Desk Software, Free Trial
http://www.wservernews.com/080915-BridgeTrak

Watch an online demo of iPrism Web Filter and get a cool t-shirt free! Plus, you'll be entered to win a 50" Plasma:
http://www.wservernews.com/080915-iPrism-Web-Filter

Simplify your life with mPowerTools - 100+ Reports - Tackle AD chores in bulk A Search & Replace Tool - you'll never script again & no 3rd party databases!
http://www.wservernews.com/080915-mPowerTools



Tech Briefing

Fake Antispyware Purveyor Doubles as Domain Registrar

Patrick Jordan, a researcher at Sunbelt Software who has long tracked the group's activities, said Klik's fake anti-spyware programs come disguised as video "codecs," which some porn and YouTube look-alike sites claim users need to install in order to view video content. In reality, the codecs hijack search engine traffic and serve fake alerts about bogus security threats in order to convince the victim to purchase some worthless security software. Article in the Washington Post:
http://www.wservernews.com/080915-Fake-Antispyware


How To Plan And Design A Windows IT Infrastructure

Windows managers must be able to understand what the business needs, prepare the IT infrastructure plan accordingly and be able to articulate this plan to upper management when planning their IT budgets. This tip from SearchWinIT.com outlines the key steps IT managers should follow in order to ensure that budgetary needs are met for next year:
http://www.wservernews.com/080915-Windows-Infrastructure


Tip: Associating Proper Applications With File Types In Windows

Learn how to reset file extensions in Windows Vista and to assign the applications that should be used to open certain files on your computer.
http://www.wservernews.com/080915-Associating-Applications


Tuning SQL Server Performance Via Memory And CPU Processing

Storage isn't the only part of SQL Server hardware that needs special consideration when designing your infrastructure. This tip on SearchSQLServer.com explains how SQL Server memory can also impact performance and how you can properly manage it.
http://www.wservernews.com/080915-SQL-Server-Performance


Windows Server News

Redmond Matches VMware's Zero Price Tag

And ther's the next salvo in the hypervisor wars. Matching VMware, Microsoft this week cut the expected price of its hypervisor to zero. When we get our hot little hands on the gold code in about a month, Hyper-V Server 2008 will be free for the download and can be used to consolidate both Windows and Linux workloads onto a single physical server. Previously the price was supposed to be $28 a pop. Remember that the hypervisor is already bundled or free in W2K8. Noteworthy is that Redmond gave the first public demo of w2K8's Live Migration feature, which is expected in 2010, in the next version of Hyper-V. Redmond also said System Center Virtual Machine Manager 2008, would be available in the next 30 days, allowing it to catch up with VMware.

Live In Europe? Check this Product Overview

For All Europeans
Products overview


TimeData: Continuous Data Protection for Windows-based servers.

Point-in-time data recovery for Microsoft SQL Server, Microsoft Exchange Server and Windows File Server.
TimeData is a Windows-based, cluster-aware application that protects files on NTFS volumes, SQL Server® databases and Exchange Server mailbox stores. TimeData software provides file-based Continuous Data Protection (CDP) with Zero Data Loss technology, which means that no data is ever lost or corrupted.
Learn about benefits and systems requirements of TimeData:
http://www.wservernews.com/080915-Data-Protection

*** NEW ***
In order to help you understand better Double-Take visit our Brand New Websites!
- For everyone based in the U.K, the Nordics, Benelux and Eastern Europe: www.doubletake.en
- For everyone based in France: www.doubletake.fr
- For German speakers: www.doubletake.de
- For Spanish speakers: www.doubletake.es
- For Italian speakers: www.doubletake.it


WServer Third Party News

The End Of AV As You Know It

Finally, powerful endpoint security that ISN'T a resource hog. Sunbelt Software introduces VIPRE Enterprise; a completely new technology combining corporate antivirus plus an enterprise antispyware solution for total endpoint security designed by admins for admins. Save your IT budget and don't renew products from Symantec, McAfee and Trend Micro, Learn how VIPRE Enterprise takes much less resources than the competition! It's clearly time to ditch expensive, bloated, old-style AV products. "Wow, what an easy install, I am not used to being able to install such Major Software package in 10 minutes on our server, and then completed the install on our 11 clients in the next hour, including restarts, in two different buildings." Get your 30-day eval here:
http://www.wservernews.com/080915-VIPRE-Enterprise


Check Out This New Collection of Vulnerabilities

SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks
L1022 Django HTTP Post storage vulnerability - FC
L1023 Condor wild card DENY rules errors -FC
L1025 BitlBee account hijack by overwrite - FC
L1026 Wordpress get_edit_ function errors - FC
L1027 Adminutil XSS and Accept-Language errors - FC
L1028 Libtiff LZWDecode function flaws - FC
L1029 Bluez SDP parser string length flaw - FC
L1030 Libxml2 XML recursion error - FC
L1031 Xine-lib - crafted OGG file and other overf errors - FC
L1032 Xastir insecurity auxiliary/tmp file usage flaw - FC
L1033 Drupal multiple security vulnerabilities - FC
L1034 AWStats awstats.pl guery_string flaw - FC
L1035 Rpy unsafe temp directory handling in javareconf - FC
L1037 Amarok symlink predictable name weakness - FC
L1038 Yelp window_error format string vulnerability - FC
N92 SIP/SSL/VPN/IPSec Vulnerabilities - PIX/ASA
S556 Gnu tar archive PAX header handling - Solaris 9 - 10
W1975 Google Chrome Beta Browser Installed
W3438 Holes in GDI+ with .NET Framework 1.0 - W2K
W3439 Holes in GDI+ with .NET Framework 1.1 - W2K
W3440 Holes in GDI+ with .NET Framework 2.0 - W2K
W3441 Holes in GDI+ with .NET Framework 2.0 SP1 - W2K
W3442 Holes in GDI+ with Office XP SP3 - W2K/XP/W2K3
W3443 Holes in GDI+ with Office 2003 - W2K/XP/W2K3/Vista
W3444 Holes in GDI+ with Office 2007 - W2K3/Vista/W2K8
W3445 Holes in GDI+ with Visio 2002 SP 2 - W2K/XP/W2K3
W3446 Holes in GDI+ with PowerPoint Viewer 2003 - W2K/XP/W2K3/Vista
W3447 Holes in GDI+ with SQL Server 2000 - W2K/W2K3/XP/Vista
W3449 Holes in GDI+ with SQL Server 2005 - W2K/W2K3/W2K8/Vista/XP
W3450 Holes in GDI+ with .NET 2002 SP1 - W2K/XP/W2K3
W3451 Holes in GDI+ with .NET 2003 SP1 - W2K/XP/W2K3
W3452 Holes in GDI+ with Visual Studio 2005 SP1 - W2K/XP/W2K3/Vista/2K8
W3453 Holes in GDI+ with Visual Studio 2008 - W2K/XP/W2K3/Vista/2K8
W3454 Holes in GDI+ with Report Viewer 2005 SP1 - W2K/XP/W2K3/Vista/2K8
W3455 Holes in GDI+ with Report Viewer 2008 - W2K^ XP^ 2K3^ Vista^ 2K8
W3456 Holes in GDI+ with Forefront Client 1.0 - W2K
W3459 Microsoft Office XP SP3 OneNote flaw - W2K/W2K3/XP
W3460 Microsoft Office 2003 OneNote flaw - W2K/W2K3/XP
W3461 Microsoft Office 2007 OneNote flaw - Vista/W2K8/W2K3/XP
W3462 Microsoft Office OneNote URL flaw - Vista/W2K8/W2K3/XP 


Updated Checks 
S295 Libtiff image file handling - Solaris 8-10
S453 Mozilla 1.7 browser/mail client JavaScript holes - Solaris 8-10
W1142 Anti-virus Signature Outdated - McAfee
W1986 Anti-virus Signature Outdated - Symantec
W1999 Anti-virus Signature Outdated - Trend Micro
W2067 Anti-virus Signature Outdated - F-Secure
W2070 Anti-virus Signature Outdated - CA eTrust
W2493 Microsoft Windows Malicious Software Tool Not Updated
Sunbelt Network Security Inspector version 1.6.115.0 was released September 10, 2008. Sunbelt Software recommends you download the new SNSI version 1.6.115.0, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/080915-SNSI


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Attend an 8-minute Webinar and get a Rock Your World t-shirt

Why did 85,000 Admins download rDirectory? They needed an easy-to-use internal employee directory with headroom. Why? They needed to get access management under control and wanted something that could evolve in a real Resource Management app. In a nutshell, they wanted to unleash Active Directory but not be locked into a small point-solution silo. Find out what rDirectory can do for your organization! rDirectory is pre-configured with applications that securely deploy out-of-the-box and quickly customize. Downloads in less than 5 minutes. Compatible with myPassword. See rDirectory in action and get a free rock your world t-shirt while supplies last!
http://www.wservernews.com/080915-rDirectory