|
Vol. 13, #40 - Sep 29, 2008 - Issue #694
|
|
'Whitelisting' - Will It Work?
|
| This issue of WServerNews is sponsored by |
|---|
 |
|---|
- Editors Corner
- 'Whitelisting' - Will It Work?
- Redmond: Developers Will Get Windows 7 Alpha Next Month
- Quotes of the Week
- Webinars and Seminars
- Protecting Against the New Wave of Malware: A New Approach to Endpoint
Security
- Free One-day Seminar: Vista and Virtualization
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without:
- Tech Briefing
- 2008: IT Salaries On The Rise
- How Sarah Palin Was Hacked
- How To Meet Data Retention Compliance In A Windows Environment
- Tip: Troubleshooting Active Directory Database Errors
- Is Virtualizing Microsoft Exchange Server A Good Idea?
- Windows Server News
- BOOK: SQL Server 2008 - A Beginners Guide
- BOOK: The Complete Reference Windows Server 2008
- BOOK: Exchange Server 2007 - with SP1
- WServer Third Party News
- Hackers Resurrect Notorious Attack Tool Kit
- Demand Better Endpoint Protection
- WServerNews FAVE Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- Robust Identity Management for Microsoft-centered Enterprises Arrives
|
Robust Identity Management for Microsoft-centered Enterprises Arrives
|
FREE 30-day VHD trial of the new EmpowerID 4.0 - explore the first enterprise
Identity Management platform specifically designed for Microsoft-centered
enterprises, with support for Users, Groups, Active Directory, AD/AM,
Exchange, SharePoint, SQL, LDAP and more. EmpowerID securely automates
all of your identity functions - with more functionality and at less cost
than competing Java-based platforms. Built with .NET 3.5 and Windows
Workflow Foundation, it includes complete solutions for user and mailbox
provisioning, password management, whitepages, delegated user and group
management, and support for custom applications.
http://www.wservernews.com/080929-Explore-EmpowerID
|
|
 |
Editors Corner |
|
'Whitelisting' - Will It Work?
You may have read about the pros and cons of whitelisting. It's essentially
having a list of files that are allowed to run, instead of a blacklist of
files that are not allowed on a system. There are some difficulties with
each one of these approaches, especially on the Vista platform, due to
Vista's UAC. At the end I'm providing a link to a recent article from
Larry Seltzer, commenting on Mark Russinovich and his views on whitelisting.
Larry states: "Your expectations of whitelists need to be reasonable, you
should know that there are limitations to them: vulnerabilities in software
that lead to arbitrary code execution, such as the typical buffer overflow,
would lead to malicious code running despite a whitelist. The way overflows
work, the system thinks that it's the vulnerable program running the code,
not some outside program, even though the code came in on an HTTP request
or inside a word processing document or some other uninvited channel.
As you can see, this is an issue that is not easy to overcome. More about
whitelisting in this article at eWEEK:
http://www.wservernews.com/080929-Future-of-Security
Redmond: Developers Will Get Windows 7 Alpha Next Month
They confirmed this week that they will give preview copies of Win7 to
attendees at next month's Professional Developers Conference. They posted
on the PDC Web site that devs would get a "pre-beta" release Oct 28th.
"Keynote attendees will be among the first to receive the pre-beta build
of Windows 7," they said. Steven Sinofsky, Senior VP of the Windows
Engineering group will deliver the keynote on Oct. 28. Here is the link
to the PDC website:
http://www.wservernews.com/080929-Unveiling-Windows-7
Quotes of the Week
"Just because you do not take an interest in politics doesn't mean politics
won't take an interest in you." -- Pericles
"Imagine if every Thursday your shoes exploded if you tied them the usual
way. This happens to us all the time with computers, and nobody thinks of
complaining." -- Jef Raskin
Warm regards, and thank you for being a WServerNews subscriber. No trees
were killed in the sending of this message, but a large number of electrons
were terribly inconvenienced. Please tell your friends about us.
They can subscribe here:
http://www.wservernews.com/080929-Subscribe
|
|
Cymphonix
"We just don't have a spyware problem anymore," said New York Eye
and Ear Infirmary Network Engineer, Gene Harrison. "Obviously the
threat of spyware has grown but since the integration of the
Cymphonix Network Composer we are protected from spyware threats
and in compliance with HIPAA." To see how Cymphonix can automate
your Internet security, request a Free 30-day Trial device at:
http://www.wservernews.com/080929-Cymphonix
|
|
|
Webinars and Seminars |
|
We'd like to invite you to attend the following seminars:
Protecting Against the New Wave of Malware: A New Approach to Endpoint
Security
Join Sunbelt and Mike Osterman, president and founder of
Osterman Research, Inc., for an informative seminar that will examine
why older, traditional antivirus approaches don't work and why a new
approach to endpoint security is required to better protect your users,
your data and your long-term viability as a company from malicious
threats.
Hosted at Microsoft in Waltham, MA on Thursday, October 2nd.Register here:
http://www.wservernews.com/080929-New-Malware
Free One-day Seminar: Vista and Virtualization
If you're curious about desktop virtualization or unsure if Windows
Vista is the next right move for your organization, independent experts
Mark Minasi and Barb Goldworm are here to help. The best selling authors
give "just the facts" presentations on Vista and virtualization in this
event coming to Atlanta on October 28 and Minneapolis and Washington DC
in November. Register today!
http://www.wservernews.com/080929-Desktop-Infrastructure
|
|
Tech Briefing |
|
2008: IT Salaries On The Rise
Good news. The joint MCPmag.com and Redmond Magazine Salary Survey shows
IT job and salary strength. All the numbers are at their site, so no
need to repeat them here:
http://www.wservernews.com/080929-IT-Salaries
How Sarah Palin Was Hacked
The ease in which Republican vice presidential candidate Sarah Palin's
e-mail was hacked is striking and underscores the importance of improving
privacy questions for password recovery.
http://www.wservernews.com/080929-Password-Recovery-Backfire
How To Meet Data Retention Compliance In A Windows Environment
To achieve data retention compliance, Windows managers must take an active
role in learning data retention policies and creating procedures to support
them. This tip from SearchWinIT.com gives a roadmap to help you maintain
business-critical data in a logical, easily retrievable manner. (Registration Required)
http://www.wservernews.com/080929-Retention-Compliance
Tip: Troubleshooting Active Directory Database Errors
While database errors in Active Directory can crop up occasionally, they
are usually simple to fix. Read these troubleshooting tips when you think
your AD database might be corrupted. (Requires Registration)
http://www.wservernews.com/080929-Troubleshooting-Active-Directory
Is Virtualizing Microsoft Exchange Server A Good Idea?
With the arrival of Hyper-V and Microsoft's new licensing and technical
support policies, many companies may be considering running Exchange
Server in a virtualized environment. From a server consolidation and
storage standpoint, it makes sense, but what about cost and high
availability concerns? In this webcast, Exchange MVP Richard Luckett
examines the questions surrounding Exchange Server virtualization. He
also compares third-party virtualization platforms and shares best
practices for virtualizing both Exchange Server 2003 and Exchange 2007.
http://www.wservernews.com/080929-Webcast
|
|
Windows Server News |
|
BOOK: SQL Server 2008 - A Beginners Guide
I have finally had time to review some books that were sent to me. Here
they are. The first one is from McGraw-Hill and written by Dusan Petkovic
who is a computer science professor at the Polytechnic in Rosenheim, Germany.
This book will get you started on SQL Server 2008 in no time.
Learn to use all of the powerful features available in SQL Server 2008
quickly and easily. Microsoft SQL Server 2008: A Beginner's Guide explains
the fundamentals of each topic alongside examples and tutorials that walk
you through real-world database tasks. Install SQL Server 2008, construct
high-performance databases, use powerful Transact-SQL statements, create
stored procedures and triggers, and execute simple and complex database
queries. Performance tuning, Database Engine security, Business Intelligence,
and XML are also covered.
- Set up, configure, and maintain SQL Server 2008
- Build and manage database objects using Transact-SQL statements
- Create stored procedures and user-defined functions
- Optimize database performance, availability, and reliability
- Implement solid security using authentication, encryption, and authorization
- Automate tasks using SQL Server Agent
- Create reliable data backups and perform flawless system restores
- Use all-new SQL Server 2008 Business Intelligence, development,
and administration tools
- Learn in detail the SQL Server XML technology (SQLXML)
Get it at Amazon or your fave bookseller:
http://www.wservernews.com/080929-SQL-Server-2008
BOOK: The Complete Reference Windows Server 2008
This one was written by Danielle Ruest, who is a senior enterprise workflow
architect and consultant with more than 20 years of experience in systematic
project implementations. She is the coauthor of Windows Server 2003 Pocket
Administration. Danielle is a Microsoft Most Valuable Professional for the
Virtual Machine product line.
Plan, set up, and administer a powerful, scalable Microsoft W2K8 environment.
Featuring detailed explanations, best practices, pragmatic checklists, and
real-world implementation examples, this comprehensive resource shows you
how to deploy, manage, and secure WS08 on enterprise networks of all sizes.
The book explains how to develop migration plans and transition to W2K8,
configure AD and Internet services, handle print and Web servers, and work
with resource pools and network delegation rights. You'll get full coverage
of the latest virtualization techniques, OU strategies, remote admin
features, and storage maintenance utilities. Find out how to tune
performance, deploy bulletproof security, create reliable system backups,
and design failsafe disaster recovery plans. You'll also learn to rely on
resource pools and virtual service offerings to create the very best
Windows infrastructure implementation. Get it at Amazon or your fave
bookseller:
http://www.wservernews.com/080929-Server-2008
BOOK: Exchange Server 2007 - with SP1
Written by Exchange experts and Microsoft MVPs Richard Luckett, William
Lefkovics (who is a contributor on Sunbelt's Exchange Forum), and Bharat
Suneja have packed this book with practical guidance, useful information,
and years of knowledge and experience. If you're responsible for one or
more aspects of an Exchange 2007-based messaging system, keep this book
close, as you'll be referring to it often!"
Microsoft Exchange Server 2007: The Complete Reference shows you how to
configure a robust messaging environment, manage recipients and servers,
set up mailboxes and public folders, and seamlessly integrate with
Outlook 2007 and Outlook Web Access 2007. You'll learn to provide a
multi-layered defense against spam, create reliable system backups,
work with PKI and data encryption, use replication and clustering
services, and maintain high availability and optimal efficiency.
Get it at Amazon or your fave bookseller:
http://www.wservernews.com/080929-Exchange-Server-2007
|
|
WServer Third Party News |
|
Hackers Resurrect Notorious Attack Tool Kit
Neosploit, the notorious hacker exploit kit that some thought had been
retired months ago, has returned and is believed to be responsible for
a dramatic increase in attacks, a security researcher said. ComputerWorld
has the story:
http://www.wservernews.com/080929-Tool-Kit
Demand Better Endpoint Protection
Sixty-hour work weeks with no overtime or comp time, a BlackBerry hitched
to your belt 24/7, mandates from managers who have no clue what you actually
do - all for a job that could be outsourced tomorrow. It's time for admins
to demand endpoint protection that's not a time sink and a performance drain.
Try out VIPRE Enterprise and see for yourself why your colleagues are
switching to VIPRE:
http://www.wservernews.com/080929-VIPRE-Enterprise
|
|
WServerNews FAVE Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
WServerNews - Product of the Week |
|
Robust Identity Management for Microsoft-centered Enterprises Arrives
FREE 30-day VHD trial of the new EmpowerID 4.0 - explore the first enterprise
Identity Management platform specifically designed for Microsoft-centered
enterprises, with support for Users, Groups, Active Directory, AD/AM,
Exchange, SharePoint, SQL, LDAP and more. EmpowerID securely automates
all of your identity functions - with more functionality and at less cost
than competing Java-based platforms. Built with .NET 3.5 and Windows
Workflow Foundation, it includes complete solutions for user and mailbox
provisioning, password management, whitepages, delegated user and group
management, and support for custom applications.
http://www.wservernews.com/080929-Explore-EmpowerID
|
|
|
|
|
Email me: 