|
Vol. 14, #6 - Jan 30, 2009 - Issue #711
|
|
The 7 Dirty Secrets Of The Security Industry
|
| This issue of WServerNews is sponsored by |
|---|
 |
|---|
- Editors Corner
- The 7 Dirty Secrets Of The Security Industry
- New and Free: VIPRE Rescue Program
- ITIC Sunbelt 2009 Application Availability Survey
- Quotes of the Week
- Webinars and Seminars
- Feb 2009 Webinar Calendar:
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Tech Briefing
- Don't Be The Guy (Or Gal) Who Blows Up The Network!
- Windows 7 Beta Uses Trickery To Fix Vista Compatibility
- Tip: New Data Profiling Tools In SQL Server 2008
- Windows Server News
- Microsoft Exchange Server 2007 Performance Tutorial
- Sharepoint Enterprise Search Gets Boost From Governance Planning
- WServer Third Party News
- Some Of The VIPRE Enterprise Roadmap
- Double-Take New GeoCluster Enables Stretch Clustering for Hyper-V
- WServerNews Fave Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- Dude, where's my Surf control?
|
|
Dude, where's my Surf control?
Catch the next wave in Web filtering with iPrism. Sign up for a web demo
today and get a free WIPEOUT t-shirt. You'll also be entered to win a custom
St. Bernard surfboard. iPrism, the World's #1 Web Filtering Appliance.
http://www.wservernews.com/090202-Web-Filtering
|
|
 |
Editors Corner |
|
The 7 Dirty Secrets Of The Security Industry
This was a header in an InfoWorld newsletter that caught my attention, as
I'm sure you can imagine! They are actually very right, especially in their
Secret Number One which I will repeat. You need to go to the article itself
for the other six secrets which are interesting too. Here goes:
"Antivirus certification omissions. The dirtiest secret in the industry
is that, while antivirus tools detect replicating malicious code like worms,
they do not identify malcode such as nonreplicating Trojans. So, even though
Trojans have been around since the beginning of malicious code, there is no
accountability in antivirus certification tests. Today Trojans and other
forms on nonreplicating malcode constitute 80% or more of the threats
businesses are likely to face. Antivirus accountability metrics are simply
no longer reflective of the true state of threat."
I can add that viruses as we traditionally know them are actually at the
moment only four percent (Yes, you read that right: 4%) of the total malware
universe. Everything else it other malware, and that is where VIPRE Enterprise
of course shines because of its CounterSpy heritage. Here is the rest of the
InfoWorld article:
http://www.wservernews.com/090202-Security-Secrets
New and Free: VIPRE Rescue Program
We are releasing something new and free: The VIPRE Rescue Program. It's for
system admins that need a tool to revive a "dead' (or almost so) PC.
The VIPRE Rescue Program is a command-line utility that will scan and
clean an infected computer that is so bad off that programs cannot be
easily run.
The VIPRE Rescue Program is packaged into a self-extracting executable file
that prompts you for an "unpack" or installation location, then starts the
scanner and performs a quick scan. You can start the program either by
opening it via windows or from the command line.
Virus definitions are included, and the program is self-running once executed.
The initial scan, and all subsequent scans, include Rootkit Detection. Four
command line options are available, enabling the program to perform a boot
scan during the next start-up, perform a deep scan, log the events, and
disabling the rootkit.
Detections are consistent with the full VIPRE, updated daily, and the Rescue
Program is designed to disinfect a system so infected that a user cannot
install VIPRE. It is at an easy to remember spot: live.sunbeltsoftware.com
http://www.wservernews.com/090202-VIPRE-PC-Rescue
ITIC Sunbelt 2009 Application Availability Survey
We hope that 2009 is off to a good start for all of you, without any server
or application downtime anywhere. We'd like to invite you to participate in
the latest joint ITIC/Sunbelt Software survey. The topic of this survey is
Application Availability and the impact on your organization. It should only
take a few minutes of your time to answer the 10 multiple choice and one
essay question. As always, we thank you in advance for your participation.
And to show our appreciation, anyone who completes the survey can get a
complimentary copy of the Report once it's published. Simply send an Email
to Laura DiDio at: ldidio@itic-corp.com.
Once the survey is finalized,
we'll publish the Executive Summary and survey highlights in this newsletter.
http://www.wservernews.com/090202-Survey
Quotes of the Week
"The Greeks...labored under the delusion that their democracy was a guarantee
of peace and plenty, not realizing that unrestrained majority rule always
destroys freedom, puts the minority at the mercy of the mob, and works at
cross-purposes to the effective use of human energy and individual initiative."
-- Henry Grady Weaver, "The Mainspring of Human Progress"
"Passion is a positive obsession. Obsession is a negative passion."
-- Paul Carvel
Warm regards, and thank you for being a WServerNews subscriber. No trees
were killed in the sending of this message, but a large number of electrons
were terribly inconvenienced. Please tell your friends about us.
They can subscribe here:
http://www.wservernews.com/090202-Subscribe
|
|
Own a Single-user VIPRE? Upgrade Now To Home Site License For Just $29.95
Want to put VIPRE on all your PCs at the house? We have a special Super Bowl weekend
upgrade offer. To celebrate the Super Bowl we have in our back yard in Tampa
this weekend, you can save on the difference between a single
and home site license. Regularly $49.95 but for this weekend only, through February
1st, 2009 you can upgrade your single license to the Site License for $29.95.
To make this offer possible we created a special Coupon: SUPERBOWL43.
Click on this link and you will see the cart filled with the unlimited home
site license, and the coupon discount already applied. All you need to do is
check out. Remember this is for a limited time only, the sale ends Sunday!!
http://www.wservernews.com/090202-VIPRE-Coupon
|
|
|
Webinars and Seminars |
|
Feb 2009 Webinar Calendar:
- Tuesday, February 3, 2009: VIPRE Enterprise Product Demonstration
- Tuesday, February 10, 2009: Protecting Your Organization from Spam and
Other Malware with Ninja Email Security
- Tuesday, February 17, 2009: Sunbelt Exchange Archiver Product Demo
- Tuesday, February 24, 2009: The End of Antivirus as You Know It:
A Look at VIPRE Enterprise
More info and registration at the Sunbelt Events Page:
http://www.wservernews.com/090202-Webinar-Calendar
|
|
Tech Briefing |
|
Don't Be The Guy (Or Gal) Who Blows Up The Network!
Jeremy Moskowitz, Group Policy MVP has finally released his (long awaited)
Group Policy University Online Home Study Course. You'll learn how to secure,
manage and lock down your desktops, laptops and servers and keep your users
out of trouble. Enrollment comes with up to five mentoring sessions with the
GPO master himself plus a full hands-on lab environment to verify your
skills, or get the free stuff like his Tip of the Week. Check it out at:
http://www.wservernews.com/090202-GPanswers
Windows 7 Beta Uses Trickery To Fix Vista Compatibility
The latest beta of Windows 7, released to TechNet and Microsoft
Developer Network (MSDN) subscribers in early January, fixes some
significant low-level compatibility issues with software targeted to
Windows Vista. Windows 7 does this by masquerading as Vista with
software installers and applications that check for a specific Windows
version ID before running. This white lie is that the behavior that
Microsoft designed is with Windows 7, but which was apparently only
partially implemented in builds preceding the latest public beta.
More of this InfoWorld blog at:
http://www.wservernews.com/090202-Vista-Compatibility-Fix
Tip: New Data Profiling Tools In SQL Server 2008
Without profiling data sources and providing a high level of data inspection,
your business could be open to issues involving incorrect data, invalid
reporting and bad decision making. New data profiling tools native to SQL
Server 2008 Integration Services, such as the Data Profiling task and the
Data Profiler Viewer, can help manage your business intelligence strategy
up front. At: (registration required)
http://www.wservernews.com/090202-Data-Profiling-Tools
|
|
Windows Server News |
|
Microsoft Exchange Server 2007 Performance Tutorial
Monitoring, troubleshooting and enhancing Exchange Server 2007 performance
can help optimize server functionality. Analyzing native and third-party
tools, understanding hardware dos and don'ts and implementing configuration
best practices are critical to keeping your Exchange Server 2007 running
smoothly. In this tutorial, learn how to maintain peak Exchange Server 2007 performance. (registration required)
http://www.wservernews.com/090202-Performance-Tutorial
Sharepoint Enterprise Search Gets Boost From Governance Planning
Like all parts of SharePoint, there is good news and bad news about
governance. This tip answers the questions: what should a SharePoint
governance plan address, who will be on the governance committee, and
what happens at a governance meeting? Also, find out how governance
will likely affect SharePoint over the coming year:
http://www.wservernews.com/090202-SharePoint
|
|
WServer Third Party News |
|
Some Of The VIPRE Enterprise Roadmap
Alex Eckelberry, Sunbelt's CEO recently wrote on the VIPRE Forum:
"I just wanted to give you a quick heads-up to some things we're doing to
VIPRE. If all goes to plan, we will start beta-testing our new 3.2 core
engine next week. This is not an upgrade to the product itself, rather
simply an upgrade to our detection engine (which comes as an automating
update to the defs). We expect to go live on this new engine sometime
in mid-February. This new engine has some very important new enhancements
for the detection of new, unknown threat/variants (which are coming out
at a pace that's fairly extraordinary). First, we have dramatically
improved the GenScan technology (a method of doing pattern analysis on
files).
Secondly, we have added a lot of improvements in our detection methods
overall. Lots of little things, too many to list. But finally, the really
big news will be our release of our new proprietary MX-Virtualization
technology (MX-V). As a bit of background, VIPRE uses a number of
different techniques to detect the presence of malware, including
classic signature detection and heuristics. MX-V adds to this arsenal
an extremely compact virtualized Windows environment to test for the
presence of malware.
The rapidly evolving sophistication of malware makes classic detection
methods increasingly obsolete, as new strains of malware use highly
complex obfuscation techniques designed to hide from even the most
sophisticated analysis systems. Primary among these methods is the
use of compression systems ("packers") that require antivirus vendors
to create specialized de-compression methods ("unpackers") to analyze
a file. The necessity to continue to add specialized unpackers to a
virus engine is one of the major challenges faced by antivirus companies
today. It also creates an additional danger for users faced with new
threats, since antivirus companies are unable to create signatures
rapidly enough to meet the onslaught of new obfuscation techniques.
In the MX-V system, malware is executed in a virtual Windows environment
that mimics many of the core Windows functions. The actions of the malware
are then analyzed for behavioral characteristics common to malware, or to
look for certain malware signatures. By analyzing malware in this fashion,
VIPRE is able to detect many types of malware without the necessity of
creating a constant stream of dedicated unpackers and signatures for each
variant of a piece of malware.
Technically, MX-V is an extension of VIPRE's built-in emulation, which
uses an advanced method known as Dynamic Translation to break the
performance barrier of standard emulation. (Classic CPU emulation is
generally unable to achieve a speed higher than 10 MIPS, making it
unusable for large-scale use.) Dynamic Translation is a technology
which recompiles, on-the-fly, large parts of a program in order to
boost performance up to 400 MIPS. It is the use of Dynamic Translation
that makes Vipre's built-in emulation, and the MX-V layer that is an
adjunct to it, capable of rapidly analyzing systems for the presence
of malware.
If you're technically curious, dynamic translation is a form of binary
translation. You can read more about the subject here:
http://www.wservernews.com/090202-Binary-Translation
MX-V's main appeal is its ability to enhance the detection of completely
new variants or families of malware. It's a significant technology.
Again, we expect to begin beta-testing this new engine sometime next week,
and it will be open to testers. We'll let you know when it's up.
Separately, we expect to have a product upgrade in the next several weeks
that will add some additional under-the-hood functionality to help detection
and removal of malware (particularly those pesky rogue antispyware products).
It's not related to the above new core engine update, but it also will
continue to improve VIPRE's detection and remediation.
And, of course, in Q2, we will be shipping VIPRE 4.0 and VIPRE Endpoint
Protection (VEP). VIPRE 4 will add some nice additional features to the
existing product; VIPRE Endpoint Protection will add a firewall, HIPS, IDS,
and a number of other nifty features. VIPRE 4.0 will be a free upgrade if
you're under maintenance; VEP will have a nominal upgrade charge to
additional functionality.
As always, feel free to post any questions, observations, or comments.
And for those of you who are helping us spread the word on VIPRE, thank
you for all your help!"
Double-Take New GeoCluster Enables Stretch Clustering for Hyper-V
Double-Take Software's New GeoClusterŪ Enables Cost Effective Stretch
Clustering for Microsoft Hyper-V. The replication solution was designed
to integrate seamlessly with failover clustering & remove requirement
for shared storage.
Double-Take today announced that it is extending its GeoCluster offering
to support failover clustering and the hypervisor-based virtualization
in Windows Server 2008. GeoCluster is a software-based replication solution
designed to integrate seamlessly with failover clustering, removing the
requirement for shared storage and enabling customers to easily create
geographically disparate clusters.
GeoCluster extends the clustering capabilities provided as part of Windows
Server by making it possible to build a failover cluster without the need
for shared storage, allowing cluster nodes to be in different physical
locations. Removing the requirement for shared storage also eliminates
it as a single point of failure for clustered applications, improving
the reliability and availability of applications running on Windows
Server 2008. By extending the capabilities of Windows Server 2008 failover
clustering, available with the Enterprise and Datacenter editions of
Windows Server 2008, GeoCluster offers added data protection, enhanced
disaster recovery, and provides continual access to data and applications
across sites.
To learn more about Double-Take Software and GeoCluster, please visit
our website at:
http://www.wservernews.com/090202-Double-Take
|
|
WServerNews Fave Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
WServerNews - Product of the Week |
|
Dude, where's my Surf control?
Catch the next wave in Web filtering with iPrism. Sign up for a web demo
today and get a free WIPEOUT t-shirt. You'll also be entered to win a custom
St. Bernard surfboard. iPrism, the World's #1 Web Filtering Appliance.
http://www.wservernews.com/090202-iPrism
|
|
|
|
|
Email me: 