Manage your WServerNews profileWServerNews privacy policy
WServerNews (formerly W2Knews)
Vol. 14, #6 - Jan 30, 2009 - Issue #711
The 7 Dirty Secrets Of The Security Industry

This issue of WServerNews is sponsored by
  1. Editors Corner
    • The 7 Dirty Secrets Of The Security Industry
    • New and Free: VIPRE Rescue Program
    • ITIC Sunbelt 2009 Application Availability Survey
    • Quotes of the Week
  2. Webinars and Seminars
    • Feb 2009 Webinar Calendar:
  3. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  4. Tech Briefing
    • Don't Be The Guy (Or Gal) Who Blows Up The Network!
    • Windows 7 Beta Uses Trickery To Fix Vista Compatibility
    • Tip: New Data Profiling Tools In SQL Server 2008
  5. Windows Server News
    • Microsoft Exchange Server 2007 Performance Tutorial
    • Sharepoint Enterprise Search Gets Boost From Governance Planning
  6. WServer Third Party News
    • Some Of The VIPRE Enterprise Roadmap
    • Double-Take New GeoCluster Enables Stretch Clustering for Hyper-V
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • Dude, where's my Surf control?
Dude, where's my Surf control?

Catch the next wave in Web filtering with iPrism. Sign up for a web demo today and get a free WIPEOUT t-shirt. You'll also be entered to win a custom St. Bernard surfboard. iPrism, the World's #1 Web Filtering Appliance.
http://www.wservernews.com/090202-Web-Filtering


Editors Corner

The 7 Dirty Secrets Of The Security Industry

This was a header in an InfoWorld newsletter that caught my attention, as I'm sure you can imagine! They are actually very right, especially in their Secret Number One which I will repeat. You need to go to the article itself for the other six secrets which are interesting too. Here goes:
"Antivirus certification omissions. The dirtiest secret in the industry is that, while antivirus tools detect replicating malicious code like worms, they do not identify malcode such as nonreplicating Trojans. So, even though Trojans have been around since the beginning of malicious code, there is no accountability in antivirus certification tests. Today Trojans and other forms on nonreplicating malcode constitute 80% or more of the threats businesses are likely to face. Antivirus accountability metrics are simply no longer reflective of the true state of threat."
I can add that viruses as we traditionally know them are actually at the moment only four percent (Yes, you read that right: 4%) of the total malware universe. Everything else it other malware, and that is where VIPRE Enterprise of course shines because of its CounterSpy heritage. Here is the rest of the InfoWorld article:
http://www.wservernews.com/090202-Security-Secrets


New and Free: VIPRE Rescue Program

We are releasing something new and free: The VIPRE Rescue Program. It's for system admins that need a tool to revive a "dead' (or almost so) PC. The VIPRE Rescue Program is a command-line utility that will scan and clean an infected computer that is so bad off that programs cannot be easily run.

The VIPRE Rescue Program is packaged into a self-extracting executable file that prompts you for an "unpack" or installation location, then starts the scanner and performs a quick scan. You can start the program either by opening it via windows or from the command line.

Virus definitions are included, and the program is self-running once executed. The initial scan, and all subsequent scans, include Rootkit Detection. Four command line options are available, enabling the program to perform a boot scan during the next start-up, perform a deep scan, log the events, and disabling the rootkit.

Detections are consistent with the full VIPRE, updated daily, and the Rescue Program is designed to disinfect a system so infected that a user cannot install VIPRE. It is at an easy to remember spot: live.sunbeltsoftware.com
http://www.wservernews.com/090202-VIPRE-PC-Rescue


ITIC Sunbelt 2009 Application Availability Survey

We hope that 2009 is off to a good start for all of you, without any server or application downtime anywhere. We'd like to invite you to participate in the latest joint ITIC/Sunbelt Software survey. The topic of this survey is Application Availability and the impact on your organization. It should only take a few minutes of your time to answer the 10 multiple choice and one essay question. As always, we thank you in advance for your participation. And to show our appreciation, anyone who completes the survey can get a complimentary copy of the Report once it's published. Simply send an Email to Laura DiDio at: [email protected]. Once the survey is finalized, we'll publish the Executive Summary and survey highlights in this newsletter.
http://www.wservernews.com/090202-Survey


Quotes of the Week

"The Greeks...labored under the delusion that their democracy was a guarantee of peace and plenty, not realizing that unrestrained majority rule always destroys freedom, puts the minority at the mercy of the mob, and works at cross-purposes to the effective use of human energy and individual initiative." -- Henry Grady Weaver, "The Mainspring of Human Progress"

"Passion is a positive obsession. Obsession is a negative passion." -- Paul Carvel

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/090202-Subscribe

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Own a Single-user VIPRE? Upgrade Now To Home Site License For Just $29.95

Want to put VIPRE on all your PCs at the house? We have a special Super Bowl weekend upgrade offer. To celebrate the Super Bowl we have in our back yard in Tampa this weekend, you can save on the difference between a single and home site license. Regularly $49.95 but for this weekend only, through February 1st, 2009 you can upgrade your single license to the Site License for $29.95. To make this offer possible we created a special Coupon: SUPERBOWL43. Click on this link and you will see the cart filled with the unlimited home site license, and the coupon discount already applied. All you need to do is check out. Remember this is for a limited time only, the sale ends Sunday!!
http://www.wservernews.com/090202-VIPRE-Coupon

Webinars and Seminars

Feb 2009 Webinar Calendar:

  • Tuesday, February 3, 2009: VIPRE Enterprise Product Demonstration
  • Tuesday, February 10, 2009: Protecting Your Organization from Spam and Other Malware with Ninja Email Security
  • Tuesday, February 17, 2009: Sunbelt Exchange Archiver Product Demo
  • Tuesday, February 24, 2009: The End of Antivirus as You Know It: A Look at VIPRE Enterprise
More info and registration at the Sunbelt Events Page:
http://www.wservernews.com/090202-Webinar-Calendar


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Dude, where's your Surf control? Catch the next wave in Web Filtering with iPrism. Sign up for a Web Demo today and get a free WIPEOUT T-shirt. Plus, you could win a custom Surfboard!
http://www.wservernews.com/090202-WebFilter

Download any ScriptLogic Product for a Chance to Win a Free ASUS Mini Laptop, Limited Time Only
http://www.wservernews.com/090202-Active-Directory-Management

IDm initiatives are mission-critical. Security, privacy, and managing credentials is increasing. Get instant ROI with rDirectory and myPassword:
http://www.wservernews.com/090202-rDirectory

Kiss your antivirus bloatware goodbye... Finally! Powerful endpoint security that's not a resource hog. The VIPRE Competitive Upgrade is $10 per seat:
http://www.wservernews.com/090202-VIPRE-Enterprise


Tech Briefing

Don't Be The Guy (Or Gal) Who Blows Up The Network!

Jeremy Moskowitz, Group Policy MVP has finally released his (long awaited) Group Policy University Online Home Study Course. You'll learn how to secure, manage and lock down your desktops, laptops and servers and keep your users out of trouble. Enrollment comes with up to five mentoring sessions with the GPO master himself plus a full hands-on lab environment to verify your skills, or get the free stuff like his Tip of the Week. Check it out at:
http://www.wservernews.com/090202-GPanswers


Windows 7 Beta Uses Trickery To Fix Vista Compatibility

The latest beta of Windows 7, released to TechNet and Microsoft Developer Network (MSDN) subscribers in early January, fixes some significant low-level compatibility issues with software targeted to Windows Vista. Windows 7 does this by masquerading as Vista with software installers and applications that check for a specific Windows version ID before running. This white lie is that the behavior that Microsoft designed is with Windows 7, but which was apparently only partially implemented in builds preceding the latest public beta. More of this InfoWorld blog at:
http://www.wservernews.com/090202-Vista-Compatibility-Fix


Tip: New Data Profiling Tools In SQL Server 2008

Without profiling data sources and providing a high level of data inspection, your business could be open to issues involving incorrect data, invalid reporting and bad decision making. New data profiling tools native to SQL Server 2008 Integration Services, such as the Data Profiling task and the Data Profiler Viewer, can help manage your business intelligence strategy up front. At: (registration required)
http://www.wservernews.com/090202-Data-Profiling-Tools


Windows Server News

Microsoft Exchange Server 2007 Performance Tutorial

Monitoring, troubleshooting and enhancing Exchange Server 2007 performance can help optimize server functionality. Analyzing native and third-party tools, understanding hardware dos and don'ts and implementing configuration best practices are critical to keeping your Exchange Server 2007 running smoothly. In this tutorial, learn how to maintain peak Exchange Server 2007 performance. (registration required)
http://www.wservernews.com/090202-Performance-Tutorial


Sharepoint Enterprise Search Gets Boost From Governance Planning

Like all parts of SharePoint, there is good news and bad news about governance. This tip answers the questions: what should a SharePoint governance plan address, who will be on the governance committee, and what happens at a governance meeting? Also, find out how governance will likely affect SharePoint over the coming year:
http://www.wservernews.com/090202-SharePoint


WServer Third Party News

Some Of The VIPRE Enterprise Roadmap

Alex Eckelberry, Sunbelt's CEO recently wrote on the VIPRE Forum:

"I just wanted to give you a quick heads-up to some things we're doing to VIPRE. If all goes to plan, we will start beta-testing our new 3.2 core engine next week. This is not an upgrade to the product itself, rather simply an upgrade to our detection engine (which comes as an automating update to the defs). We expect to go live on this new engine sometime in mid-February. This new engine has some very important new enhancements for the detection of new, unknown threat/variants (which are coming out at a pace that's fairly extraordinary). First, we have dramatically improved the GenScan technology (a method of doing pattern analysis on files).

Secondly, we have added a lot of improvements in our detection methods overall. Lots of little things, too many to list. But finally, the really big news will be our release of our new proprietary MX-Virtualization technology (MX-V). As a bit of background, VIPRE uses a number of different techniques to detect the presence of malware, including classic signature detection and heuristics. MX-V adds to this arsenal an extremely compact virtualized Windows environment to test for the presence of malware.

The rapidly evolving sophistication of malware makes classic detection methods increasingly obsolete, as new strains of malware use highly complex obfuscation techniques designed to hide from even the most sophisticated analysis systems. Primary among these methods is the use of compression systems ("packers") that require antivirus vendors to create specialized de-compression methods ("unpackers") to analyze a file. The necessity to continue to add specialized unpackers to a virus engine is one of the major challenges faced by antivirus companies today. It also creates an additional danger for users faced with new threats, since antivirus companies are unable to create signatures rapidly enough to meet the onslaught of new obfuscation techniques.

In the MX-V system, malware is executed in a virtual Windows environment that mimics many of the core Windows functions. The actions of the malware are then analyzed for behavioral characteristics common to malware, or to look for certain malware signatures. By analyzing malware in this fashion, VIPRE is able to detect many types of malware without the necessity of creating a constant stream of dedicated unpackers and signatures for each variant of a piece of malware.

Technically, MX-V is an extension of VIPRE's built-in emulation, which uses an advanced method known as Dynamic Translation to break the performance barrier of standard emulation. (Classic CPU emulation is generally unable to achieve a speed higher than 10 MIPS, making it unusable for large-scale use.) Dynamic Translation is a technology which recompiles, on-the-fly, large parts of a program in order to boost performance up to 400 MIPS. It is the use of Dynamic Translation that makes Vipre's built-in emulation, and the MX-V layer that is an adjunct to it, capable of rapidly analyzing systems for the presence of malware.

If you're technically curious, dynamic translation is a form of binary translation. You can read more about the subject here:
http://www.wservernews.com/090202-Binary-Translation

MX-V's main appeal is its ability to enhance the detection of completely new variants or families of malware. It's a significant technology. Again, we expect to begin beta-testing this new engine sometime next week, and it will be open to testers. We'll let you know when it's up.

Separately, we expect to have a product upgrade in the next several weeks that will add some additional under-the-hood functionality to help detection and removal of malware (particularly those pesky rogue antispyware products). It's not related to the above new core engine update, but it also will continue to improve VIPRE's detection and remediation.

And, of course, in Q2, we will be shipping VIPRE 4.0 and VIPRE Endpoint Protection (VEP). VIPRE 4 will add some nice additional features to the existing product; VIPRE Endpoint Protection will add a firewall, HIPS, IDS, and a number of other nifty features. VIPRE 4.0 will be a free upgrade if you're under maintenance; VEP will have a nominal upgrade charge to additional functionality.

As always, feel free to post any questions, observations, or comments. And for those of you who are helping us spread the word on VIPRE, thank you for all your help!"

Double-Take New GeoCluster Enables Stretch Clustering for Hyper-V

Double-Take Software's New GeoClusterŪ Enables Cost Effective Stretch Clustering for Microsoft Hyper-V. The replication solution was designed to integrate seamlessly with failover clustering & remove requirement for shared storage.

Double-Take today announced that it is extending its GeoCluster offering to support failover clustering and the hypervisor-based virtualization in Windows Server 2008. GeoCluster is a software-based replication solution designed to integrate seamlessly with failover clustering, removing the requirement for shared storage and enabling customers to easily create geographically disparate clusters.

GeoCluster extends the clustering capabilities provided as part of Windows Server by making it possible to build a failover cluster without the need for shared storage, allowing cluster nodes to be in different physical locations. Removing the requirement for shared storage also eliminates it as a single point of failure for clustered applications, improving the reliability and availability of applications running on Windows Server 2008. By extending the capabilities of Windows Server 2008 failover clustering, available with the Enterprise and Datacenter editions of Windows Server 2008, GeoCluster offers added data protection, enhanced disaster recovery, and provides continual access to data and applications across sites.

To learn more about Double-Take Software and GeoCluster, please visit our website at:
http://www.wservernews.com/090202-Double-Take


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Dude, where's my Surf control?

Catch the next wave in Web filtering with iPrism. Sign up for a web demo today and get a free WIPEOUT t-shirt. You'll also be entered to win a custom St. Bernard surfboard. iPrism, the World's #1 Web Filtering Appliance.
http://www.wservernews.com/090202-iPrism