Vol. 19, #40 - October 6, 2014 - Issue #1000

Image

Issue #1000!

  1. Editor's Corner
    • Shellshock Update
    • Ask Our Readers - Is there an admin tasks repository
    • From the Mailbag
    • Issue #1000 - Interview with Stu Sjouwerman
    • Tip of the Week - How to become a good troubleshooter
    • Recommended for Learning
    • Microsoft Virtual Academy
    • Quote of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Events Calendar
    • Americas
    • Europe
  4. Webcast Calendar
    • Register for Webcasts
  5. Tech Briefing
    • Cloud computing
    • Microsoft Azure
    • Enterprise IT
    • Security & Privacy
  6. Recommended TechGenix Articles
    • Recommended articles from websites in TechGenix Network
  7. Windows Server News
    • Searching for the elusive hybrid cloud
    • Desktop virtualization advice from your peers
    • Buying guide: Application virtualization tools
    • Learn what vCPU states mean for VM performance
  8. WServerNews FAVE Links
    • Amazing Trick With A Tennis Racket
    • Quantum Mechanics Explained In 60 Seconds By Brian Cox
    • Les Miserables Flash Mob - Orlando
    • Acrobatic Trio - Three's a Charm
  9. WServerNews - Product of the Week
    • Free Tool for Hyper-V Backup

 

Free Tool for Hyper-V Backup

Veeam Backup Free Edition is a completely free tool delivering Hyper-V backups. It has no limits on the number of VMs and no expiration date. Veeam Backup Free Edition can be used as a standalone backup tool or can complement your primary backup solution.

Get it free now!

 

Editor's Corner

This week's newsletter is our ONE THOUSANDTH ISSUE of WServerNews. Our newsletter was started by Stu Sjouwerman way back in September of 1997 and in honor of Stu we've decided to interview him in this week's issue about why he started WServerNews and where he sees the IT profession headed in the coming years. But first we need to start with a cartoon, and not just any cartoon. After all, writing a weekly newsletter like this is a LOT OF WORK and we've often thought of outsourcing it to a team of IT monkeys. After all, if a thousand monkeys can type out the entire works of Shakespeare provided they're given a sufficient amount of time, how many monkeys and how much time would it take to write a simple newsletter like this?

Answer here:
http://www.wservernews.com/go/1412326571674

Shellshock Update

Although the Shellshock BASH bug is primarily a UNIX/Linux problem, administrators of Windows Server-based infrastructures shouldn't just write it off as "not my problem" as it can indirectly impact them as well. Because of this we're going to devote the next issue (#1001) to steps you can take to protect your environment against ShellShock exploits.

Ask our Readers - Is there an admin tasks repository?

In last week's issue we posed the following question we received from Tom, an IT Consultant based in Wellington, New Zealand:

Have you heard of a website or other resource that lists administrative tasks that Sys Admins might come up against? I am thinking everything from the basics of setting up a user in AD to Lync / Exchange integration, SQL mirroring, SharePoint farm implementation, troubleshooting etc... Do you or any of your readers know of such a resource? And if not is there anyone out there who would like to work with me to set one up? I think it would be too big of a job to do by myself, but could be fun if we get a small team of us together.

We received a number of responses from readers concerning this. A reader named Steve pointed out Stack Exchange as a useful resource:

I'm sure you'll get this many times, but if a sys admin isn't using all the various Stack Exchange sites, they are missing out!!

Stack Overflow - mainly developer questions, but also some sys admin:
http://www.wservernews.com/go/1412326577830

Server Fault - designed for sys admins:
http://www.wservernews.com/go/1412326583080

Super User - aimed at 'power' users:
http://www.wservernews.com/go/1412326587815

Ask Ubuntu - great for other Linux flavors also:
http://www.wservernews.com/go/1412326592284

Richard, a Systems Architect in Switzerland, sent us this suggestion:

Well, the ultimate (and very actively maintained) resource is, of course MS TechNet. But if you are not into flipping hamburgers and want chunks of PowerShell developed by lots of people better at it than I am, take a look at the PowerShell Script Browser, a repository of PS scripts:
http://www.wservernews.com/go/1412326596862

Do any other readers have any recommendations that can answer Tom's question? Email us at [email protected]

Ask Our Readers: WServerNews has almost 100,000 subscribers worldwide. That's a lot of expertise to tap into. Do you need help with some issue or need advice on something IT-related? Got a question you'd like us to toss out to our readers to try and answer? Email us at [email protected]

From the Mailbag

In last week's Issue #999 When Microsoft calls YOU, we talked about a new scam that seems to be going around these days, namely someone who says they're from Microsoft Support and tells you your computer has been infected with malware and you need to follow their instructions and/or pay money immediately or the FBI or RCMP or Interpol or whatever will soon be pounding on your door. We received tons of reader feedback on this topic, mostly about how an IT pro might respond to such a blatantly obvious social engineering attack. Here's a sampling of some of the best responses from our readers:

Previously in Issue #998 Shadow IT Revisited, we heard from reader Tony Gore how shadow IT brings both new risks and new benefits, and we need to make the best we can of the benefits while minimizing the risks. A reader named Nick who is a Sales & Marketing Director in Cammeray, Australia, sent us the following comment:

Thank you for the excellent article! It is exactly spot-on and I am experiencing this with so many clients currently that I have been looking for exactly this kind of article that I can use to explain the issues to them. Various other providers sign our clients up to Google Apps and other such cloud solutions and their small SSD drives are suddenly full in a matter of a few weeks (no one envisaged that their fast new networked office computers with 128GB SSD drives would get "abused" like this. So again thanks for the great article!

And now on to our interview with Stu Sjouwerman...

Issue #1000 - Interview with Stu Sjouwerman

We're talking with Stu Sjouwerman the guy who started this newsletter way, way back in September of 1997. Stu, 17 years is a long time in IT, isn't it? That's about 119 dog years, and for old dogs like ourselves who work in the IT profession it feels more like several centuries. What was the IT industry like when you started WServerNews--or W2Knews as it was actually called back then?

Yeah, it's been quite a ride! I started in IT in 1979 with VAX mini-computers from DEC. We started W2Knews in 1996 when Microsoft just came out with their enterprise operating system: Windows NT, soon followed by Windows 2000 which the first version of the newsletter was named after. The industry was jumping on the Redmond bandwagon in a major way, noticing that Bill Gates had "bought" DEC's Dave Cutler, the main VMS Operating System architect for a then astounding amount of a million bucks a year.

What was your goal in starting the newsletter back then? What did you hope to accomplish?

Help system administrators to keep their machines and networks up & running with information, news, hints & tips and system admin tools. And of course a few fave links at the end to provide a bit of levity. System admins are usually super busy putting fires out all day long, and do not get a lot of cooperation from other employees who do not understand the computer and network.

What did readers initially like best about your newsletter? Did you experiment with the format and range of topics you would cover?

In the early days, any news was welcome as NT was a whole new platform and there were hardly any 3rd party tools available. We started with a disk quota management tool, and Octopus, which was real-time backup and failover. We surveyed regularly about which sections in the newsletter were needed, wanted or redundant and finally settled on a format we stuck with for more than 10 years.

How did you come up with fresh ideas for your editorials? As I can testify myself, writing a newsletter every week can be challenging even in an industry like IT where things change very rapidly!

Sunbelt was hosting several forums, one of which was the popular NTSYSADMIN list. Topics discussed there were a never ending source of story ideas and interviews. We also had forums about Exchange, Security and other topics that came up over time.

What changes in the IT profession did you see during your long tenure as Editor of WServerNews?

Wow, interesting question. Overall, over the decades, I would think it's fragmented into more and more specializations. 30 years ago you could know pretty much everything about PCs for instance. Today, you need to be a malware reverse engineering specialist to be able to protect endpoints. The same has happened in many other areas. Your only choice is to become a "serial specialist" if you want to keep up, compare it to a triple major in college, and study never ends. But that is also the attraction, never a dull moment!!  

That's a good point Stu, there seem to be so many different areas of IT specialization nowadays. It's interesting also that the newsletter has attracted such a wide range of readers over the years. TechGenix did a reader survey shortly after my wife and took over as editors in 2012 and they found that about one-sixth of those who had subscribed to WServerNews were sysadmins, about one-sixth IT managers, about one-sixth consultants, and the remainder split between senior IT staff, network admins, owner-operators, CEOs, CIOs, security analysts, specialists, developers…wow. Congratulations on creating a newsletter that has attracted such a wide range of readers! Any trick how you did it?

That was 15 years of hard work in both the areas of marketing and writing newsletters I'm afraid. In the early days of the Internet when opt-in and opt-out simply did not exist, software developers gave me their customer databases and gave me the OK to send the newsletter to them weekly. And I am still writing a weekly newsletter called Cyberheist News that you can subscribe here:
http://www.wservernews.com/go/1412326616455

I'm sure our readers have appreciated all of your hard work over the years! Let's move on though and talk about the future. What do you think are the most significant trends in coming in business computing over the next few years? And how do you think these trends will impact the IT profession as we know it today and especially IT pros who work with the Windows Server platform? Feel free to be wordy here and let us know what you see in your crystal ball...

Hah, I used to do a crystal ball issue once a year, first week of January. That was the shortest newsletter but it was the most work!! First of all, cybercrime and cyberwar are escalating. Many people in large companies, the government and nationwide infrastructure IT are now in the front lines of international hacking attacks sponsored by nation-states. And the rest of us are under constant attack by a very well-funded eastern European cyber mafia.

The irony is that the Windows platform has become the standard, and thus is also the most attacked. Both cybercrime and spy agencies are hoarding hundreds of 0-day threats that they can pluck out of their black bag when they need to get into a network. The biggest change for IT pros that I predict is the change of perspective from: "We can defend against an attack" to "We already have been penetrated; we need to protect the data and get the hackers out". This is a sea change in the way you approach the hacking problem.

What sort of things can IT do if their organization's systems and data has been penetrated? I thought the only answer was to "nuke and pave"?

You need next-generation breach detection. These tools solve, in essence, a classic big-data problem. To be effective, these tools need to analyze a great variety of data in high volume, and at great velocity, to determine potential breaches. Most important, the tools must be precise; too many false positives and their reports will quickly be ignored, which is what happened at Target. A new crop of next-generation startups are working on this, for example:

Aorato
http://www.wservernews.com/go/1412326635002

Bit9
http://www.wservernews.com/go/1412326640034

Cybereason
http://www.wservernews.com/go/1412326644190

Exabeam
http://www.wservernews.com/go/1412326648221

Fortscale
http://www.wservernews.com/go/1412326652768

LightCyber
http://www.wservernews.com/go/1412326656971

Seculert
http://www.wservernews.com/go/1412326661846

Vectra Networks
http://www.wservernews.com/go/1412326665877

Fascinating, I'll have to check those out. Let's finish off by letting you tell us about some of the ventures you've been involved with since you stepped down from editing WServerNews. What are you up to these days?

During the 2007-2010 period when we built VIPRE Antivirus, we found out that most malware infections ware caused by the end-user being social engineered. So when Sunbelt was acquired by GFI in 2010, I already had an idea for a new company that would provide "new school" security awareness training, built from the IT security perspective instead of just being checkbox compliant. That was why I started KnowBe4:
http://www.wservernews.com/go/1412326671143

and teamed up with former hacker (The World's Most Wanted) Kevin Mitnick to create a brand new way for system admins to keep their users on their toes with security top of mind. Things have gone great with KnowBe4, we are in our third year with almost 20 employees and over 700 enterprise accounts using the training.

Sounds great Steve and good luck on all your future endeavors!

Thanks very much Mitch!

About Stu Sjouwerman

Stu Sjouwerman (pronounced "shower-man") is the founder and CEO ofKnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.

Send us feedback

What do you readers think have been the biggest changes in IT over the last 15 years? And what do you think your job will look like in the years to come? Share your predictions and reflections with us at [email protected]

Tip of the Week - How to become a good troubleshooter

This week's tip is about how you can improve your troubleshooting skills. But before I explain how you can do this, let me start off by telling you what happened to me this morning...

Being a "server guy" doesn't mean I'm a brilliant nerd with all kinds of technology. One area where I'm definitely behind the times is digital music. I own a nice CD collection comprised mostly of classical music and cool jazz, but until now I haven't spent a penny downloading digital music for my smartphone or tablet. But today I had to bite the bullet and buy some songs as MP3 files as the original CDs they were taken from are no longer available. The catch is, once I downloaded these MP3s, I wanted to burn them as an audio CD so I can listen to them on my home stereo or in my car. Windows Media Player seemed the obvious choice here, and after a brief check of the online help I confirmed it could convert MP3s to CDA files to burn them onto recordable CD media to make an audio CD.

So I burned myself a CD. Then I tried it out on my stereo and it wouldn't play--ack. So I checked the help again and discovered I needed to select Audio CD instead of Data CD as the burn format in Windows Media Player. In fact, help said Audio CD was the default burn format, but for some reason the default was Data CD when I opened WMP, so I changed the burn option to Audio CD and burned another CD. But once again it wouldn't play in my stereo.

I was now frustrated as I had other work to do. But I'm also stubborn like a bulldog sometimes, so I determined that I must figure this out. I consulted various threads on Microsoft Answers but found no specific thread relating to my problem. So I tried one more time--and then I realized that when I selected Audio CD as the burn option in WMP and created my burn list and clicked Start Burn, for some reason WMP automatically flipped back to the Data CD option before starting the burn. Whaaat? Why is that happening?? Once again, I searched for help online but couldn't find a discussion thread that related to my specific issue i.e. why doesn't the Audio CD burn option "stick" when I select it? Why does it keep flipping back to Data CD?

So then I thought maybe I could download some free utility to convert MP3s to CDA files so I can burn them to CD media. Bad idea. The first program I downloaded installed some additional crapware on my computer that I had some trouble uninstalling. So I went back to WMP again but after playing around some more I still couldn't figure out why the Audio CD burn option kept reverting to Data CD whenever I tried to start a burn.

So then I searched for another free MP3-to-CDA utility, one without the added crapware, and finally sound something that looked lean and usable. I installed the utility and thought "This is finally going to work" and added my MP3 files to the burn list and clicked Start Burn and got an error message:

This utility only works with CD media.

"It couldn't be," I thought. So I checked, and yes it was. I had mistakenly been using blank recordable DVD media instead of recordable CD media, and you can't burn DVD media as an audio CD. Slaps forehead...

What's the moral here? I think it's this: You become a good troubleshooter by realizing through experience how amazingly stupid you can be sometimes.

GOT TIPS you'd like to share with other readers? Email us at [email protected]

Recommended for Learning

Looking for books and/or ebooks from Microsoft Press? Buy them direct from the Microsoft Press store!
http://www.wservernews.com/go/1412326680346

Microsoft Virtual Academy

Some announcements from the Microsoft Virtual Academy:

October 8: Single Page Applications with jQuery or AngularJS  

Next up in MVA's Web Wednesdays series is "Single Page Applications with jQuery or AngularJS," which explores single page apps and looks at Visual Studio and Internet Explorer tools to add structure to your projects. Join popular presenters Stacey Mulcahy and Dave Voyles and learn how to enable your content within Windows 8 and Windows Phone 8 apps, and deploy your apps to Azure. Register now!
http://www.wservernews.com/go/1412326685362

October 9: Azure Resource Manager DevOps Jump Start  

Don't miss this Jump Start on October 9. Hear how to manage your Azure resources more efficiently, and find out how to get want faster and more repeatable application deployments across all of your Azure environments. Experience the new declarative model at work, complete with templates to define and deploy your infrastructure resources. Register now!
http://www.wservernews.com/go/1412326689393

Save 15% on All Microsoft Certified Professional Exams

Do you have goals to pass an MCP exam before the end of 2014? For a limited time, you can save 15% on your next exam! Just use promo code "15OFF" by December 31, 2014 to book and take an exam! Find all the details here:
http://www.wservernews.com/go/1412326694580

Quote of the Week

Last week we shared this quote from a Jason Statham movie which we thought was a useful pearl of wisdom:

"Good judgment comes from experience, and a lot of that comes from bad judgment." --Jason Statham in The Mechanic

A reader named Lance was quick to point out to us that this quote actually predates Jason Statham a bit:

One of my favorite quotes from Will Rogers, the famous American humorist, born in 1879, and who, unfortunately, died in a plane piloted by Wiley Post that crashed in 1935.

We stand corrected. But we still like Jason Statham's movies a lot ;-)

Until next week,
Mitch Tulloch

Note to subscribers: If for some reason you don’t receive your weekly issue of this newsletter, please notify us at [email protected] and we’ll try to troubleshoot things from our end.

Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Veeam Task Manager for Hyper-V provides live performance monitoring metrics for CPU and memory for both host and guest VMs. Get it for free!
http://www.wservernews.com/go/1412327939454

Start observing your users and vendors that have access to sensitive data in minutes. Know exactly who is doing what on your critical servers. Try it now.
http://www.wservernews.com/go/1412327942282

Do you know which users have access to sensitive files or directories? Using Permissions Analyzer, you’ll be able to easily see what permissions a user or group of users has for an object and why.
http://www.wservernews.com/go/1412327945064

Need to mount a tablet under a cabinet or shelf? Try this from Belkin:
http://www.wservernews.com/go/1412327952142

AutoAdministrator is a free tool that allows you to automate all kinds of system administration tasks with an easy-to-use GUI:
http://www.wservernews.com/go/1412327958017

 

Events Calendar

Americas

Microsoft SQL Server PASS Summit 2014 on November 4-7, 2014 in Seattle, Washington, USA
http://www.wservernews.com/go/1412326703424

Convergence 2014 on March 16-19 in Atlanta, Georgia, USA
http://www.wservernews.com/go/1412326705518

Microsoft will be hosting an inaugural, unified Microsoft commercial technology conference the week of May 4, 2015 in Chicago, Illinois, USA
http://www.wservernews.com/go/1412326708049

Europe

TechEd Europe on October 27-31, 2014 in Barcelona, Spain
http://www.wservernews.com/go/1412326710830

Convergence 2014 Europe on November 4-6, 2014 in Barcelona, Spain
http://www.wservernews.com/go/1412326713393

Add your event

PLANNING A CONFERENCE OR OTHER EVENT you'd like to tell our 95,000 subscribers about? Contact [email protected]

 

Webcast Calendar

Register for Webcasts

Add your Webcast

PLANNING A WEBCAST you'd like to tell our subscribers about? Contact [email protected]

 

Tech Briefing

Cloud computing

All Clouds are not Created Equal: The Personal Cloud in the Corporate World (Part 1) (CloudComputingAdmin.com)
http://www.wservernews.com/go/1412326732877

Managing Contractual Risk in Cloud Contracts (Part 1) (CloudComputingAdmin.com)
http://www.wservernews.com/go/1412326737518

Microsoft Azure

Windows Client images for MSDN subscribers (Azure Blog)
http://www.wservernews.com/go/1412326742080

Deploying a WordPress Blog on Microsoft Azure (CloudComputingAdmin.com)
http://www.wservernews.com/go/1412326745877

Enterprise IT

Prevent Windows password reset hacks (4sysops)
http://www.wservernews.com/go/1412326751721

Some Mandatory Reading for Sys Admins (Third Tier)
http://www.wservernews.com/go/1412326755924

Security and Privacy

Enterprise Web Proxy Performance Optimization Tips for Forefront Threat Management Gateway (TMG) 2010 (ISAserver.org)
http://www.wservernews.com/go/1412326764299

Securing the cloud in 2014 (CloudComputingAdmin.com)
http://www.wservernews.com/go/1412326768299


Recommended TechGenix Articles

Azure Virtual Networks and Cloud Services (Part 3): Communications Scenarios
http://www.wservernews.com/go/1412592754253

E-mail Forensics in a Corporate Exchange Environment (Part 4)
http://www.wservernews.com/go/1412592756596
 
Tips for Assigning Wi-Fi Channels
http://www.wservernews.com/go/1412592759315

Back to Basics: Groups vs. Organizational Units in Active Directory
http://www.wservernews.com/go/1412592761862

System Center Virtual Machine Manager for Beginners (Part 5)
http://www.wservernews.com/go/1412592764081

 

Windows Server News

Searching for the elusive hybrid cloud

There's a lot of hype around what a hybrid cloud really is. Many companies claim they're using the hybrid model, when instead; they're really just using both public and private cloud. Find out what makes up a true hybrid cloud and how to distinguish it from of a pairing of public and private cloud.
http://www.wservernews.com/go/1412326773549

Desktop virtualization advice from your peers

Your peers have completed post-project reports detailing their desktop virtualization experiences, including challenges faced, costs incurred, and benefits gained. Access this report by weighing in on your own VDI priorities and projects.
http://www.wservernews.com/go/1412326777768

Buying guide: Application virtualization tools

Virtualization techniques and tools can improve application deployment and management. XenApp, ThinApp and App-V are all very similar tools for application virtualization. Find out which one can meet your needs and work compatibly with your existing infrastructure in this exclusive buyer's guide.
http://www.wservernews.com/go/1412326782237

Learn what vCPU states mean for VM performance

Having a good understanding of vCPU run, wait, and ready, can help you deliver more responsive VMs. Get an in-depth look at these three basic states, and find out how this knowledge will build to your understanding of your CPU performance in VMs and get the most out of it.
http://www.wservernews.com/go/1412326786862

 

WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff

GOT FUN VIDEOS or other fun links to suggest you'd like to recommend? Email us at [email protected]

Image

Amazing Trick With A Tennis Racket

Unbelievable trick by Japanese tennis player Kei Nishikori during the US Open tennis match against Novak Djokovic from Serbia:
http://www.wservernews.com/go/1412326796221

Quantum Mechanics Explained In 60 Seconds By Brian Cox

Do you understand quantum mechanics? Physicist Brian Cox explains the most basic rule of quantum physics in under a minute:
http://www.wservernews.com/go/1412326801049

Les Miserables Flash Mob - Orlando

The cast of 'Les Miserables' had an amazing pop-up performance of 'One Day More' at the Mall of Millenia in Orlando, Florida:
http://www.wservernews.com/go/1412326806205

Acrobatic Trio - Three's a Charm

The acrobatic trio 'Three's a Charm' with their amazing performance at the French television show The Worlds's Greatest Cabaret:
http://www.wservernews.com/go/1412326812221


WServerNews - Product of the Week

Free Tool for Hyper-V Backup

Veeam Backup Free Edition is a completely free tool delivering Hyper-V backups. It has no limits on the number of VMs and no expiration date. Veeam Backup Free Edition can be used as a standalone backup tool or can complement your primary backup solution.

Get it free now!

 

WServerNews - Editors

Mitch Tulloch is Senior Editor of WServerNews and is a widely recognized expert on Windows administration, deployment and virtualization. Mitch was lead author of the bestselling Windows 7 Resource Kit and has been author or series editor for almost fifty books mostly published by Microsoft Press. Mitch is also a ten-time recipient of Microsoft's Most Valuable Professional (MVP) award for his outstanding contributions in support of the global IT pro community. Mitch owns and runs an information technology content development business based in Winnipeg, Canada. For more information see www.mtit.com.

Ingrid Tulloch is Associate Editor of WServerNews and was co-author of the Microsoft Encyclopedia of Networking from Microsoft Press. Ingrid is also manages research and marketing for our content development business and has co-developed university-level courses in Information Security Management for a Masters of Business Administration program.