MY PROFILE | PRIVACY 
Vol. 14, #27 - Jun 22, 2009 - Issue #732
The OS That WILL Not Die...

This issue of WServerNews is sponsored by
  1. Editors Corner
    • The OS That WILL Not Die...
    • Investigating Abuse? Five Ways To Stay Anonymous
    • What Are The Best Security Blogs?
    • Quotes Of The Week
  2. Webinars and Seminars
    • Windows Internals Classes From David Solomon Expert Seminars
    • BriForum 2009 - You May Qualify For A Registration Discount
  3. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  4. Tech Briefing
    • Google Add-in Breaks Outlook Search
    • IT Infrastructure: Seven Steps For Cutting Data Center Costs
    • Virtualization Testing And Development Environments
    • Gathering And Documenting Your Windows Desktop Security Policies
    • Troubleshooting Poor Windows Logon Performance In AD Environments
  5. Windows Server News
    • Novell Tool To Link Linux Management To MS System Center Server
    • Running Office Communications Server? Here's Two Free Books
    • What Windows 7 And Server 2008 R2 Can Do For Your Business
  6. Third Party News
    • It's Amazing - The Constant Amount Of New Vulnerabilities
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - Product of the Week
    • Tighten Network Security Breaches With Mypassword
Tighten Network Security breaches with myPassword

Security breaches have become more of a problem in the past 12 months, according to the CompTIA's latest State of IT Security survey. Even though the number of breaches have remained the same, the damage is more severe and average total costs of each IT breach is $85k+. Is your exposure time to security incidents too long? And, as your company tightens security, do your users struggle to remember their growing collection of ever-changing credentials? Use myPassword, a self-service password management tool. Streamlines AD password administration by empowering users to reset their own passwords and unlock accounts through an easy and secure web interface!
http://www.wservernews.com/090622-myPassword


Editors Corner

The OS That WILL Not Die...

I cannot believe I'm writing this, but Redmond just did it again. Yup, XP's death was again greatly exaggerated. They initially said that sales of the old warhorse would stop six months after the release of Win7. But Michael Silver of Gartner screamed bloody murder as that would cause a whole lot of trouble for managing PCs in enterprises. Guess what, a few hours later Redmond backtracked and said it would extend the aged OS's lifespan in the post-Windows 7 world to as late as April 2011. You definitely want to do your "migration homework" before going to Win7, and deal with the IE6 apps you may have forgotten about...

"Windows 7 Professional and Ultimate customers will have the option to downgrade to Windows XP Professional from PCs that ship within 18 months following the general availability of Windows 7 or until the release of a Windows 7 service pack, whichever is sooner, and if a service pack is developed," a company spokeswoman said in an e-mail.

It's obvious that Redmond would -like- to kill XP as soon as they can. They only make 15 bucks selling it to netbook vendors, compared to an estimated $75 or more per copy of Vista on a notebook. Win7's biggest competitor is not Mac, or Linux, or even Vista, it's XP. And if I can end off with a bit of a tongue-in-cheek remark.. some one last week commented that Win7 really is nothing more than Vista SP2, but cleverly repositioned and re-branded. ;-)

Investigating Abuse? Five Ways To Stay Anonymous

I found a longish article that described the tools you can use to stay fully anonymous when you are doing some sleuthing to investigate wrongdoing on your network or other abuse. The first five FAVE LINKS show where to find these (mostly online) tools.

What Are The Best Security Blogs?

Some one asked our CEO Alex Eckelberry this question. Since he's deep into this area, he came up with a few suggestions that make a lot of sense if you want to keep up-to-date with this field. Here goes, with the first two being the most important:

Quotes Of The Week

"Those to whom evil is done / Do evil in return" -- W.H. Auden

"We have the greatest opportunity the world has ever seen, as long as we remain honest -- which will be as long as we can keep the attention of our people alive. If they once become inattentive to public affairs, you and I, and Congress and Assemblies, judges and governors would all become wolves." -- Thomas Jefferson

"Life's not about waiting for the storms to pass... It's about learning to dance in the rain." -- Vivian Greene


Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/090622-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/090622-WXPNews

PPS: And of course we also have our weekly VistaNews. You can subscribe here, and tell your friends too:
http://www.wservernews.com/090622-VistaNews

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Automated Uninstall of Symantec AV

No more 2-day SEP V11 Migration Classes! Sunbelt built VIPRE Enterprise; a completely new technology combining corporate antivirus plus an enterprise antispyware solution for total endpoint security designed by admins for admins. And that means EASY DEPLOYMENT. Save your IT budget and don't renew products from Symantec, McAfee and Trend Micro, Learn how VIPRE Enterprise takes much less resources than the competition! It's clearly time to ditch expensive, bloated, old-style AV products. Competitive Upgrade price: $10 per seat:
http://www.wservernews.com/090622-VIPRE-Enterprise


Webinars and Seminars

Windows Internals Classes From David Solomon Expert Seminars

Dave Solomon and his cohorts will be teaching his Windows OS internals classes in Sydney (Sept 14), San Francisco (Sept 28), and a virtual class Oct 19&21 - find out more at:
http://www.wservernews.com/090622-Solomon-Seminar


BriForum 2009 - You May Qualify For A Registration Discount

Hosted by industry analyst and blogger, Brian Madden, this exclusive three day event brings together top notch virtualization experts from across the globe and is only happening once this year - July 21 - 23 at the Hilton Chicago Hotel. Now more than ever, you can't afford to fall behind the learning curve or be uninformed on any cost or time saving technology like desktop and application virtualization. Learn how to leverage these projects now and get hands on experience with the tools and resources that should be on your radar for the second half of the year and beyond. To learn more about this event and to find out if you qualify for one of the many registrant fee discounts, visit the event website or contact Jackie Anderson, 781-657-1380.
http://www.wservernews.com/090622-BriForum


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Simplify your life with mPowerTools - 100+ Reports - Tackle AD chores in bulk A Search & Replace Tool - you'll never script again & no 3rd party databases!
http://www.wservernews.com/090622-mPowerTools

Leverage your log data: collect, archive, search, proactively diagnose issues, with EventTrackerPULSE:
http://www.wservernews.com/090622-Pulse

Ben Zachary from the Sunbelt NTSYSADMIN List wrote this: "I came across this today, pretty slick, even has its own web engine you can enable if you want to hit the indexer remotely." It locates files and folders by name instantly:
http://www.wservernews.com/090622-VoidTools


Tech Briefing

Google Add-in Breaks Outlook Search

Redmond and Google exchanged harsh words this week. Redmond Microsoft said on its blog that Google's new Outlook plug-in has a "serious bug/flaw" that could break Outlook Search as it changes a registry key and disables the ability to search Outlook data.
http://www.wservernews.com/090622-Outlook-Search

Google spokesperson Andrew Kovacs has answered that users of the Apps Sync plug-in can still search Outlook data by using Outlook's default search, "and we're working with Microsoft to enable search with Windows Desktop Search as well." It appears that uninstalling the plug-in should fix the problem. More at Google:
http://www.wservernews.com/090622-Google-Apps-Sync


IT Infrastructure: Seven Steps For Cutting Data Center Costs

eWEEK has a good item that may help you a lot doing more with less budget: "Rationalizing hardware, consolidating facilities and better managing energy costs are among the ways IT administrators can reduce their data center costs, according to a report from industry research firm Gartner. While all seven suggestions put forth by Gartner are common-sense steps that have been discussed to some extent for years, the global recession is putting even more pressure on IT managers to find ways to do more while trimming expenses, according to Gartner analyst Rakesh Kumar. By taking the necessary steps, enterprises can find significant savings in their data centers.

For example, Kumar said, removing a single x86 server can save more than $400 a year in energy costs alone. The recommendations are part of a study by Gartner titled "How to Cut Your Data Center Costs" that the research firm announced June 11." Point 4, 'Renegotiate Contracts' is especially applicable to yearly maintenance contracts that are already budgeted.

Having a good look at the high renewal cost of endpoint security tools and renegotiate or swapping them out wholesale might save you a significant chunk of budget. Here are the seven slides:
http://www.wservernews.com/090622-Data-Center-Costs


Virtualization Testing And Development Environments

This expert video reviews the best practices for using virtualization to create testing and development environments. Learn which hypervisors are best and find out how to test 64-bit operating systems on the leading hypervisors.
http://www.wservernews.com/090622-Using-Virtualization


Gathering And Documenting Your Windows Desktop Security Policies

Having the right security documentation for your Windows-based network should be a top priority. Once you've designed the proper foundation for the security of your Windows desktop environment, the next step is putting the right security policies in place. Follow these proven techniques for ensuring success with this process and making sure they're actually working to your advantage:
http://www.wservernews.com/090622-Desktop-Security


Troubleshooting Poor Windows Logon Performance In AD Environments

When troubleshooting any performance problem, you must first define what is an acceptable delay. Establishing these standards helps provide a benchmark for completing projects in a timely fashion. Learn what factors and steps you have to look at to create a timing template for troubleshooting Windows logon performance issues at your organization:
http://www.wservernews.com/090622-Logon-Performance


Windows Server News

Novell Tool To Link Linux Management To MS System Center Server

Novell plans to release yet another tool that is the product of its three-year-old integration agreement with Microsoft, this time a plug-in for Microsoft's management tools that lets users manage Novell's Suse Linux. The tool, which will ship June 19, was produced as part of Novell's involvement with the Microsoft/Novell Interoperability Lab, which opened in 2007.

Novell's Suse Linux Enterprise Management Pack for Microsoft System Center Operations Manager, is designed to extend across seven Suse Linux Enterprise OS services the monitoring capabilities within Operations Manager 2007 R2. Users will be able to monitor both Linux and Windows environments from one console.
http://www.wservernews.com/090622-Novell-Tool


Running Office Communications Server? Here's Two Free Books

For those of you who are into OCS: Here is where you can pick up two free and useful books about it at MS Press:
  1. Microsoft Office Communications Server 2007 R2 Resource Kit at:
    http://www.wservernews.com/090622-R2-Resource-Kit
  2. Programming for Unified Communications with Microsoft Office Communications Server 2007 R2
    http://www.wservernews.com/090622-E-Book


What Windows 7 And Server 2008 R2 Can Do For Your Business

Microsoft has confirmed that Windows 7 and Server 2008 R2 will be generally available to end users on October 22. The final versions will be available much earlier for partners and vendors, probably as early as the end of July. It's a good time to determine the potential benefit these two new OSen will have on your enterprise. This tip discusses key features of each product and considerations for determining which product will provide the greatest return on investment:
http://www.wservernews.com/090622-Win7-Server-2008-R2


Third Party News

It's Amazing - The Constant Amount Of New Vulnerabilities

You really need a network vulnerability scanner. This is not a luxury, it's a -must- have tool. The Top 5 Reasons why it's a great idea to buy SNSI together with VIPRE Enterprise are:
  1. Both are essential pieces of the layered security you need to make your network compliant.
  2. The SNSI vulnerability scanner is essential to find zero-day threats and helps you fix them.
  3. SNSI's weapons-grade database is constantly updated by top security experts.
  4. Scans all MS apps but also dozens of other popular apps (that often need patching).
  5. Licensed by Admin, not IP, meaning it's extremely affordable - and multi platform!
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list of computer incidents. It also contains the latest SANS/FBI top 20 vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and FedCIRC (Department of Homeland Security) advisories.
New Checks
L2475	Ocsinventory authentication result vulnerability - FC	
L2476	Pidgin XMPP file transfer weakness - FC	
L2477	OpenSC mingw32 incorrect public key exponent vulnerability - FC	
L2489	Pidgin XMPP file transfer weakness - Oracle Linux	
L2495	Wireshark CPHAP/PN-DCP dissector & Tektronix .rf5 flaws - Oracle Linux
L2496	Wireshark CPHAP/PN-DCP dissector & Tektronix .rf5 flaws - RHE	
L2497	Cscope long #include & source-code tokens pathnames flaw - RHE	
L2498	Cscope long #include & source-code tokens pathnames flaw - RHE	
L2506	Wireshark CPHAP/PN-DCP dissector & Tektronix .rf5 flaws - CentOS	
L2507	Cscope long #include & source-code tokens pathnames flaw - CentOS	
H24	OpenSSL ASN.1 string printing Vulnerabilities HP-UX	
H165	OVNNM 7.5 SNMP/MIB Vulnerability - HP-UX 11	
L2380	SquirrelMail map_yp_alias/XSS & style sheet flaws - Oracle Linux	
L2386	Freetype font engine file linking weakness - Oracle Linux	
L2470	Libmodplug CSoundFile::ReadMed vulnerability - MDV	
L2471	File cdf_read_sat compound document weakness - MDV	
L2472	Gstreamer plugins PNG info_callback & endrow_callback flaws - MDV	
L2473	MySQL Apr-utl .htaccess/mod_dav & apr_brigade flaws - MDV	
L2474	Libsndfile1 voc_ & aiff_ read_header errors - MDV	
L2478	Apache HTTPD compression structure & NOEXEC errors RHE	
L2479	CUPS NULL pointer dereference flaw - RHE	
L2480	Firefox multiple security vulnerabilities June 2009 - RHE	
L2481	Kernel maximum NFS length & - Rhexit_notify errors - RHE	
L2482	CUPS pdftops/directory services/&- R ippreadIO flaws - RHE	
L2483	SeaMonkey multiple security vulnerabilities June 2009 - RHE	
L2484	Apache HTTPD compression structure & NOEXEC errors - Sci Linux	
L2485	CUPS pdftops/directory services/&- R ippreadIO flaws - Sci Linux	
L2486	Firefox multiple security vulnerabilities June 2009 - Sci Linux	
L2487	SeaMonkey multiple security vulnerabilities June 2009 - Sci Linux	
L2488	NTP NTPv4 public key authentication flaw - Oracle Linux	
L2490	Apache HTTPD compression structure & NOEXEC errors - Oracle Linux	
L2491	CUPS NULL pointer dereference flaw - Oracle Linux	
L2492	CUPS pdftops/directory services/&- R ippreadIO flaws - Oracle Linux
L2493	Firefox multiple security vulnerabilities June 2009 - Oracle Linux
L2494	SeaMonkey multiple security vulnerabilities June 2009 - Oracle Linux
L2499	Cscope long #include & source-code tokens pathnames flaw - Oracle Linux	
L2500	Cscope long #include & source-code tokens pathnames flaw - RHE	
L2501	SquirrelMail map_yp_alias/XSS & style sheet flaws - CentOS	
L2502	Apache HTTPD compression structure & NOEXEC errors - CentOS	
L2503	CUPS pdftops/directory services/&- R ippreadIO flaws - CentOS	
L2504	CUPS NULL pointer dereference flaw - CentOS	
L2505	SeaMonkey multiple security vulnerabilities June 2009 - CentOS	
M11	Safari Multiple Vulnerabilities	
M22	MS Office 2004 Multiple Vulnerabilities - Mac OS X	
M23	MS Office 2008 Multiple Vulnerabilities - Mac OS X	
M52	Java Multiple Vulnerabilities - Mac OS X 10.5	
M53	Java Multiple Vulnerabilities - Mac OS X 10.4 and older	
M57	Adobe Reader Multiple Vulnerabilities - Mac OS X	
M140	Mozilla Firefox XSL and XUL Vulnerabilities - Mac OS X	
S314	GnuTLS X.509 certificate chain validation vulnerability - Solaris 10
S473	Rpc.nisd server vulnerability - Solaris	
W206	CA BrightStor ArcServe Backup Message Engine RPC Vulnerability	
W1019	Gumblar.cn/JSRedir-R Trojan Evidence Found	
W2096	IBM DB2 Remote Access Vulnerability	
W2358	Rollup of ActiveX Kill Bits (June 2009)	
W2536	IBM WebSphere Application Server Vulnerability	
W2559	Firefox Multiple Vulnerabilities	
W2984	Adobe Acrobat/Reader Multiple Vulnerabilities	
W3120	Apple Safari Multiple Vulnerabilities - XP/W2K3/Vista/W2K8	


Updated Checks
W1142	Anti-virus Signature Outdated - McAfee	
W1986	Anti-virus Signature Outdated - Symantec	
W1999	Anti-virus Signature Outdated - Trend Micro	
W2067	Anti-virus Signature Outdated - F-Secure	
W2070	Anti-virus Signature Outdated - CA eTrust	
H131	OpenView NNM 7.01/7.51/7.53 vulnerabilities - HP-UX 11	
H159	Kerberos admin/client vulnerabilities - HP-UX 11	
M76	ClamXav / ClamAV signatures not the latest - Mac OS X	
M80	Virex signature file out of date - Mac OS X	
S198	OpenSSL ASN.1 printing vulnerability - Solaris 10	
W2012	Anti-virus signature outdated - Avast! 4	
W2013	Anti-virus signature outdated - AVG 8 - W2K/XP/W2K3	
W2842	Thunderbird Engine Crash Vulnerabilities	
W2843	SeaMonkey POST Vulnerability	
W3608	Active Directory Application Mode memory handling flaws - W2K3/XP
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 182 was released June 19, 2009. Sunbelt Software recommends you download the new SNSI Vulnerability Update Definitions 182, scan, and patch your machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/090622-SNSI


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.



WServerNews - Product of the Week

Tighten Network Security Breaches With Mypassword

Security breaches have become more of a problem in the past 12 months, according to the CompTIA's latest State of IT Security survey. Even though the number of breaches have remained the same, the damage is more severe and average total costs of each IT breach is $85k+. Is your exposure time to security incidents too long? And, as your company tightens security, do your users struggle to remember their growing collection of ever-changing credentials? Use myPassword, a self-service password management tool. Streamlines AD password administration by empowering users to reset their own passwords and unlock accounts through an easy and secure web interface!
http://www.wservernews.com/090622-My-Password