MY PROFILE | PRIVACY 
Vol. 15, #13 - Mar 26, 2010 - Issue #771
BYOW - Amazon Allows Server License Migration To Cloud

This issue of WServerNews is sponsored by
  1. Editor's Corner
    • BYOW - Amazon Allows Server License Migration To Cloud
    • No IE9 For WinXP Redux
    • Which Tech.Ed Give-away Item Would You Like?
    • Quotes Of The Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Webinars & Seminars
    • Securing your Exchange Server with VIPRE Email Security - 3/30
    • Introducing VIPRE Enterprise Premium, Version 4.0 - 4/6
    • Affordable, Enterprise Email Archiving - 4/13
    • VIPRE Enterprise Premium Product Demonstration - 4/20
    • VIPRE Email Security for Exchange Product Demonstration - 4/27
  4. Tech Briefing
    • Job Security In Security Jobs
    • Symantec Names Riskiest U.S. Cities For Cybercrime
    • Hacker Busts IE8 On Windows 7 In 2 Minutes
    • Android Smartphone Invasion Hits CTIA
    • Gmail Now Warns You About Suspicious Account Activity
  5. Windows Server News
    • How To Set Up Remote Desktop Services On Windows 2008 R2
    • Virtualization School: Hyper-V vs. VMware Guide
    • Windows Virtual Machine Security Spotlight
  6. Third Party News
    • Sunbelt Software Updates Sandbox To Tackle Zero-Day Attacks
  7. WServerNews Fave Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff.
  8. WServerNews - PRODUCT OF THE WEEK
    • Need to find out who added "Joe" to the Domain Admins Group?
Need to find out who added "Joe" to the Domain Admins Group?

Auditing the changes in Active Directory can be one of the most important steps in ensuring the security and integrity of your network. Active Administrator monitors the changes in Active Directory, producing a live view of changes as they occur, as well as custom filtered views of changes. Active Administrator's auditing agents can collect "before" and "after" values for all attribute changes on AD objects so you can track all the key information - who made the change, when, where, and what did they change. Download a free trial version of Active Administrator today!
http://www.wservernews.com/100329-Active-Administrator

Editor's Corner

BYOW - Amazon Allows Server License Migration To Cloud

A friend sent me an email that they received from Amazon. Here is an excerpt:

"We are excited to announce the immediate availability of the Microsoft Windows ServerŪ License Mobility Pilot, which enables customers with Microsoft Enterprise Agreements (EA) to migrate their existing Windows Server licenses to Amazon EC2. By moving existing licenses to the cloud, you can leverage licenses that you have already purchased to reduce your cost of running Windows On-Demand or Reserved Instances by up to 41%. Microsoft will stop accepting new enrollments for the pilot on September 23, 2010 so it is important to act quickly." Microsoft has a few requirements, that Amazon spells out on their landing page:
http://www.wservernews.com/100329-Mobility-Pilot

So what does this mean for you as a system admin? Your server admin tasks are going to go away, as this will be done by Amazon. What would your role morph into? More a diagnostic and trouble-shooting type role. You'd be looking at end-to-end response times problems instead of making backups. Is this good? That depends on your circumstances, so... could be good, could be bad.

No IE9 For WinXP Redux

I got a LOT of feedback from you on this. Most of you said something similar to subscriber F. Ross Englefield who remarked: (edited for brevity)

"I just read the latest WServerNews newsletter. I just have to respond to your opening piece though. I couldn't possibly disagree more strongly with your statement of no IE9 on XP being a bad idea. As we both know, XP is aging software, disconnect those PCs from the Internet! XP is not going to be supported much longer, and it will continue to be a BIG target for the maliciously-inclined. That's one reason for not supporting XP.

"Another is that better software is built on better platforms. If IE9 is written to run on the aging XP platform, would that not be the same as simply adding a new number to an aging application? Same tired and buggy foundation for what could be newer, faster and better? If IE is ever to achieve a respectable level of parity with what are being branded, "modern web browsers", then old code needs to be left in the trash where it belongs."

And the only thing I can say to that is... "you're right". Especially for an enterprise environment. I'm just worried about these hundreds of millions of XP machines out there that will become bot fodder. Many of you commented that this problem will be solved by people simply changing to other browsers and this might be a solution, unless Redmond sets a trend, and over time the other browsers stop supporting XP as well. We'll see how this develops.

Which Tech.Ed Give-away Item Would You Like?

As you know, Tech.Ed is a big deal for Sunbelt. This year, we are going to give away a 'VIPRE theme' Ducati high-performance bike. We'll also give away cool items with each 15-minute product presentation. Which of these 'presentation' give-away items would you like to get? Planning to go to Tech.Ed? Come check out the bike at booth # 701.
http://www.wservernews.com/100329-Survey


Quotes Of The Week

"The truth does not change according to our ability to stomach it." -- Flannery O'Connor,

"The pen is mightier than the sword, but only if the sword is very small and the pen is very sharp" -- Terry Pratchett

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/100329-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/100329-WXPNews

PPS: And now we have our new Win7News! You can subscribe here, and tell your friends:
http://www.wservernews.com/100329-Win7News

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Don't Get Caught with Your Compliance Down

Know that feeling when you realize you forgot to do something really important? That's how you'll feel when your company is involved in legal proceedings, and you overlook something during the e-discovery. The consequences could be devastating. Judges are not amused with lost or destroyed evidence, and your organization could be fined millions of dollars. Worse, you could lose a court case that could otherwise be won. Avoid such a scenario with SEA. Sunbelt Exchange Archiver is affordable archiving for SME's. Ask for your quote here:
http://www.wservernews.com/100329-SEA


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Download an exclusive free eBook, Essentials of Effective File Security by Greg Shields, and a free 30-day trial of Security Explorer from ScriptLogic:
http://www.wservernews.com/100329-Security-Explorer

Extend Active Directory to Mac, UNIX, Linux, web and database platforms. Free guide outlines simple way to centralize identity management.
http://www.wservernews.com/100329-Centrify-White-Paper

Just released! PerfectDisk 11 boosts Server performance, low overhead. New BlockViewer. Microsoft Certified. Free trial and Special Offer.
http://www.wservernews.com/100329-PerfectDisk

Granularly elevate users privileges in applications and windows. The free Privilege Authority from Scriptlogic is downloadable here:
http://www.wservernews.com/100329-Privilege-Authority


Webinars & Seminars

Securing your Exchange Server with VIPRE Email Security - 3/30

Securing your Exchange Server is key to protecting your enterprise environment from spam, viruses, phishing, and other messaging threats. In this webinar, learn how the new version of VIPRE Email Security for Exchange (formerly Ninja Email Security) can help protect your network and cut your Exchange admin time in half with this powerful, policy-based email security product.

When: Tuesday, March 30, 2010, 2:00 PM (EDT)
Please register here:
http://www.wservernews.com/100329-VIPRE-Email-Security


Introducing VIPRE Enterprise Premium, Version 4.0 - 4/6

Be among the first to see Sunbelt's new VIPRE Enterprise Premium Version 4.0 - powerful, high-performance endpoint malware protection. The new premium version combines antivirus, antispyware, and now client firewall and malicious website filtering technologies, into a single agent to protect against the ever-changing wave of malware in the most comprehensive, highly efficient manner. Join us to hear how our approach to malware protection is different.

We translated our years of experience in detecting and remediating sophisticated malware into the next-generation endpoint protection technology, VIPRE - without building on older generation AV engines or other sourced technology components. VIPRE is fast, efficient technology in a single, powerful threat engine with low impact on system resources.

Tuesday, April 6, 2010, 2:00pm - 3:00pm EDT
http://www.wservernews.com/100329-VIPRE-Enterprise-Premium


Affordable, Enterprise Email Archiving - 4/13

Exchange performance is suffering. Your users complain about email storage and don't want any quotas. Your CEO requires legal compliance. Want a high-end, feature-rich, admin-friendly product that solves all these issues at a very affordable price? Then don't miss this Sunbelt Exchange Archiver webinar.

Tuesday, April 13, 2010, 2:00pm -3:00pm EDT
http://www.wservernews.com/100329-Enterprise-Email-Archiving


VIPRE Enterprise Premium Product Demonstration - 4/20

Join us for a look at Sunbelt's new VIPRE Enterprise Premium Version 4.0, powerful, high-performance endpoint malware protection. Be among the first to see the new version, which combines antivirus, antispyware and now firewall into a single agent. Plus take a deep dive into other new features including scalable multi-site tiering and role-based access control.

Tuesday, April 20, 2010, 11:00am - 11:30am EDT
http://www.wservernews.com/100329-VIPRE-Premium-Demo


VIPRE Email Security for Exchange Product Demonstration - 4/27

Securing your Exchange Server is key to protecting your enterprise environment from spam, viruses, phishing, and other messaging threats. In this product demonstration, learn how the new version of VIPRE Email Security for Exchange (formerly Ninja Email Security) can help protect your network and cut your Exchange admin time in half with this powerful, policy-based email security product.

Tuesday, April 27, 2010, 2:00pm - 2:30pm EDT
http://www.wservernews.com/100329-VIPRE-Email-Security-Demo


Tech Briefing

Job Security In Security Jobs

BaselineMag took the time to do the homework and created a slideshow with some interesting survey results on IT Jobs in Information Security. A report from the professional organization (ISC)2 shows that companies still crave workers with IT security skills, and they're willing to pay a premium to get them. For its (ISC)2 2010 Career Impact Survey, the organization polled almost 3,000 security professionals. One less-happy finding: Many security pros say the downturn has increased security risks in their organization:
http://www.wservernews.com/100329-Hot-IT-Jobs


Symantec Names Riskiest U.S. Cities For Cybercrime

Cybercriminals are most likely to attack computer users in Seattle, Boston and Washington D.C., according to a report from security vendor Symantec. Read More:
http://www.wservernews.com/100329-Riskiest-Cities


Hacker Busts IE8 On Windows 7 In 2 Minutes

Computerworld had a story on two researchers that won $10,000 each at the Pwn2Own hacking contest by bypassing important security measures of Windows 7. Both Peter Vreugdenhil of the Netherlands and a German researcher who would only identify himself by the first name Nils found ways to disable DEP (data execution prevention) and ASLR (address space layout randomization), which are two of Windows 7's most vaunted anti-exploit features. Each contestant faced down the fully-patched 64-bit version of Windows 7 and came out a winner. Here is a PDF with the exploit:
http://www.wservernews.com/100329-Exploit


Android Smartphone Invasion Hits CTIA

Phone manufacturers and wireless carriers at their CTIA Wireless stomping ground showed support for Google's Android mobile operating system this week. Sprint and Motorola unveiled the rugged Motorola i1, running Android 1.5. Sprint and HTC unveiled the first Android phone based on 4G, the HTC EVO 4G, which runs Android 2.1. AT&T, Samsung and Kyocera had their own notable offerings. Check them out in this slide show:
http://www.wservernews.com/100329-Smartphone-Invasion


Gmail Now Warns You About Suspicious Account Activity

Google added a message to Gmail that warns you when your account may have been hijacked. Using several criteria -- including plotting the IP address of each successful log-on -- Google determines whether to sound the alarm. If an account is accessed from one country, then again a few hours later from a different country, they would likely red-flag you. More here:
http://www.wservernews.com/100329-Gmail-Remote-Sign-Our


Windows Server News

How To Set Up Remote Desktop Services On Windows 2008 R2

Many organizations are considering using Microsoft's Virtual Desktop Infrastructure product, but don't know where to start. Receive expert tips on how to set up Remote Desktop Services on Windows 2008 R2 and gain insight into the basic components involved in the process in this article:
http://www.wservernews.com/100329-Remote-Desktop-Services


Virtualization School: Hyper-V vs. VMware Guide

Deciding between Hyper-V and VMware can be a challenging task. Receive an overview of the unique features of each of these platforms, compare their costs and decide which is the best choice for your organization with the help of this expert guide:
http://www.wservernews.com/100329-HyperV-vs-VMware


Windows Virtual Machine Security Spotlight

IT professionals today must constantly look for ways to improve the security of their Windows networks. In this exclusive article, learn about the impact that virtualization has on IT infrastructure security and ways to help improve the protection of your organization:
http://www.wservernews.com/100329-Security-Spotlight


Third Party News

Sunbelt Software Updates Sandbox To Tackle Zero-Day Attacks

InfoSecurity Mag (and many others) reported that Sunbelt Software has updated its Sandbox automated dynamic malware analysis utility to deal with the increasing problem of zero-day targeted Internet attacks.

According to Sunbelt, Sandbox 3.0 uses behavior analysis technology to identify malicious threats such as Adobe PDF exploits, fake media players and other socially engineered attacks against enterprise or government networks.

Sunbelt says that the advanced offering is the direct result of research from Sunbelt Labs, its malware research and analysis division. In use, Sandbox 3.0 is billed as allowing security analysts and incident response teams to analyze the behavior of suspected files by executing code inside a controlled and monitored environment. While executing the code, the software records all malicious activity, including system changes, network traffic and memory dumps.

Central to the software is its Digital Behavior Traits (DBT) technology, which Sunbelt claims will intelligently interpret the behavior of any file, document or website to automatically determine whether it is malicious. This feature, the Sunbelt says, is critical in the effort to quickly discover new and emerging malware that has not yet been uncovered by traditional antivirus tools.

"Automated threat analysis is essential to organizations that are targeted by malware writers with brand new viruses that have not yet been categorized or cataloged by traditional antivirus solutions", said Chad Loeven, vice president of Sunbelt Labs. Sandbox, he explained, gives users the ability to safely analyze virtually any Windows application or file, including infected documents, malicious URLs, custom applications and scripts in Flash ads.

It also gives researchers the ability to compare multiple data sources for differences and similarities, and to send malware samples to multiple sandbox configurations and centrally manage the process. Unlike other malware analysis tools on the market today, Sunbelt says that Sandbox provides true automation to analyze in bulk and save crucial time.

By simulating the way in which a user would interact with a rogue application, Sandbox automates what is otherwise a manual process:
http://www.wservernews.com/100329-Sandbox-Updates

For more information on the Sunbelt CWSandbox:
http://www.wservernews.com/100329-CWSandbox


WServerNews Fave Links

This Week's Links We Like. Tips, Hints And Fun Stuff.




WServerNews - PRODUCT OF THE WEEK

Need to find out who added "Joe" to the Domain Admins Group?

Auditing the changes in Active Directory can be one of the most important steps in ensuring the security and integrity of your network. Active Administrator monitors the changes in Active Directory, producing a live view of changes as they occur, as well as custom filtered views of changes. Active Administrator's auditing agents can collect "before" and "after" values for all attribute changes on AD objects so you can track all the key information - who made the change, when, where, and what did they change. Download a free trial version of Active Administrator today!
http://www.wservernews.com/100329-POTW-Active-Administrator