W2Knews[tm] Electronic
Newsletter
Vol. 9, #8 - Feb 23, 2004 - Issue #464
Published by sunbelt-software.com since 1996 - ISSN: 1527-3407
~ The secret of those "who always seem to know" ~
**********************over 500,000 Readers************************
Feel free to refer a friend to this newsletter.
To subscribe, go to
http://www.W2Knews.com/subscribe.cfm?id=RAF
This Issue of W2Knews contains:
1. EDITORS CORNER:
* Is The Big One Coming - Redux
* Two New Interesting WebCasts
2. TECH BRIEFING:
* Simplify Branch Office Connectivity and Security with
the ISA Server 2000 Branch Office Deployment Kit
* VIP PASS InfoSec World: Gratis
* Work with Schools And Donated Computers?
* Establishing Secure AD Boundaries
3. NT/2000 RELATED NEWS:
* Finally, Windows Server Feedback!
* MS Software Assurance -- Hidden Benefits
* Windows Leak No Security Risk? Hah!
* MS Virtual Server Goes to 15K Testers
4. NT/2000 THIRD PARTY NEWS:
* Pharma Spam Soared In January
* Is Your Industry Mandated "For Records Retention"?
* New Super Light 'Always-On' XP-based NoteBook
* Is Your Exchange Server Safe from Virus Attacks?
5. W2Knews 'FAVE' LINKS:
* This Week's Links We Like. Tips, Hints And Fun Stuff.
6. PRODUCT OF THE WEEK:
* The New iHateSpam V4.0 Supports More Platforms!
7. HOW TO USE THE MAILING LIST
* Instructions on how to subscribe, sign off or change your
address.
********************** SPONSOR: iPrism ***************************
Enterprise-class content filtering at a price you can afford.
iPrism is a hardware appliance that monitors, filters and reports
on inappropriate Internet access within businesses, schools and
government agencies. Minimize network bandwidth drain, increase
employee productivity and limit legal liabilities all with a
single appliance. Download up to 5 free tools from iPrism now!
http://www.w2knews.com/rd/rd.cfm?id=040223S1-iPrism
-----------------------------------------------------------------
1. EDITORS CORNER:
* Is The Big One Coming - Redux
Dang, you guys did not pull your punches in telling me I was
a naive optimist regarding a killer virus. I got quite some flame
mail that accused me of a total lack of historical knowledge
regarding virii, electronic and biological. The message was clear:
"While 'scorched earth' virii are relatively rare, they do exist.
Several people told me there was at least one of those in the
nineties which inserted itself in CMOS and was quite difficult
to remove. Several virii assumed IDE drives, and would render
them useless without reflashing the drive firmware - not possible
at the time outside of the factory. These artificial virii mimic
a few quite successful biological diseases like Aids and plague.
Apparently there -are- people evil/stupid enough to write these
things.
OK, OK, OK. I'll admit I'm an optimist. I guess we can all agree
that thorough and layered defenses are more and more an absolute
-must-.
---------------------
* Two New Interesting WebCasts
Topic: Intro to Sunbelt Network Security Inspector
Time: Tue, 24 Feb 2004, 1:00 PM (EST)
Meeting URL:
http://www.w2knews.com/rd/rd.cfm?id=040223ED-SNSI_Webcast
Call in at the numbers below and enter code 104764:
800-416-4956 USA
888-633-2105 Canada
302-709-8433 International
Topic: iHateSpam for Exchange 5.5, 2000, 2003
Time: Wed, 25 Feb 2004, 1:00 PM (EST)
Meeting URL:
http://www.w2knews.com/rd/rd.cfm?id=040223ED-iHateSpam_Webcast
Call in at the numbers below and enter code 104764:
800-416-4956 USA
888-633-2105 Canada
302-709-8433 International
---------------------
Quotes of the Week:
"We are what we repeatedly do. Excellence, then, is not an act,
but a habit." -- Aristotle
UNDO Dept - The Japanese error messages were actually an early
Internet contest run by Salon magazine in February of 1998. Too
bad, would have been fun if it was true.
Warm regards,
Stu
email me: [email protected]
******************** SPONSOR iHateSpam Server ******************
The New Version 1.5 of iHateSpam Server has all the features you
asked for. It is now the best-selling anti-spam solution for MS
Exchange with over 2,600 enterprise licenses. Every week, 50 more
sites decide to protect their enterprise with iHateSpam Server.
It was designed -by- Exchange admins -for- Exchange admins. Very
smooth integration. V1.5 has a new, world-class detection engine
and a host of powerful features. Spam Sucks. Your life shouldn't.
Get 30 award-winning spam-free days here:
http://www.w2knews.com/rd/rd.cfm?id=040223S2-iHateSpamSE
-----------------------------------------------------------------
2. TECH BRIEFING:
* Simplify Branch Office Connectivity and Security with
the ISA Server 2000 Branch Office Deployment Kit
ISA Server Guru Tom Shinder wrote this for us:
"With the world economy on the upswing, we can expect that in
the coming year, more companies will be in the position of
growing out of their current office locations and will require
branch office setups. Inevitably, these branch offices will need
access to information contained on the main office network. The
first question you have to ask is: how are you going to connect
the branch office to the main office in a cost effective and
reliable fashion?
Back in the day, the answer was to install a dedicated point-
to-point connection. These "leased lines" (usually frame relay
or T-1) were prohibitively expensive and weren't very fast
compared to the local network connection. However, they were
very reliable and besides, there weren't many alternatives.
Some organizations tried to make a go of it with dial-up remote
access solutions, but the inherent bandwidth limitations and
the long distance costs made this even less attractive than
leased lines.
Today's solution of choice for branch office connectivity is
virtual private networking (VPN). Branch offices can be connected
over one or more low cost high speed broadband connections
and access resources at the main office via a VPN site-to
site-link. Just install one or more VPN routers at the branch
offices and at the main offices. The VPN routers will route
packets between the main and branch offices.
Branch offices need more than just connectivity to the main
office. Since they're connected to the main office using an
Internet connection, they will need to be protected from
attackers located not only on the Internet, but on the main
and other branch office networks as well. Some additional
requirements for branch offices include:
* Fast and reliable Internet Access
* Centralized Internet access control, logging and reporting
* A cost effective solution
In the full article we will look at these issues and VPN
connectivity in more detail. See the PDF right here:
http://www.w2knews.com/rd/rd.cfm?id=040223TB-VPN
---------------------
* VIP PASS InfoSec World Orlando: Gratis
Below is a link to a PDF file of the Expo-Plus Pass for the
InfoSec World Expo. This will allow you to visit the conference
and enter the expo. This year there were many features to this
pass, including access to specific sessions, panels and other
exciting events at the conference. If anyone registers for this
Expo-Only pass before March 12, 20004, admission does not cost
you a penny.
http://www.w2knews.com/rd/rd.cfm?id=040223TB-InfoSec
-------------------
* Work with Schools And Donated Computers?
Since quite a few of you are volunteers for schools and/or non-
profits, or are with a company that probably donates groups of
computers to organizations, I thought I'd pass along this site
with a link to international "fresh start" MS-licensing.
You could pass this link along to your computer advocate person,
or the super-scrounge at your school, who is responsible for
getting all of those computers donated. Or, if you know of
something valuable that's being updated, replaced, unused,
neglected or abused, give it a home. Here is how non-profits can
benefit from (f)re(e)-licensing of Microsoft stuff, giving that
donated hardware a fresh start:
http://www.w2knews.com/rd/rd.cfm?id=040223TB-Fresh_Start
------------------
* Establishing Secure AD Boundaries
In creating trusts between two forests, two security concerns
arise: SID spoofing for privilege escalation and rogue admins.
The first issue, SID spoofing, creates a vulnerability --
although the attack is not an easy one. The second, rogue
administrators, is more of an issue of AD management policy.
Part three of a three-part series.
http://www.w2knews.com/rd/rd.cfm?id=040223TB-AD_Boundaries
================================================================
3. NT/2000 RELATED NEWS:
* Finally, Windows Server Feedback!
Nobody ever gets frustrated with Windows Server, right? Right.
Ever occurred to you it would be nice to be able to give some
one in Redmond a piece of your mind? Guess what. You finally can.
MS has created a separate site with a feedback form. You can
use it for frustrations, suggestions and more. You can even
use it to provide positive feedback! [grin] Obviously the MS
development team like to get this kind of input to improve
current and future versions of Windows. Make this a FAVORITE:
http://www.w2knews.com/rd/rd.cfm?id=040223RN-Feedback
------------------
* Run SMS, SUS or MOM?
Heard about the FAQShop? This is a cute little site that has
specialized in these three environments. Good resource for you
to get information on Systems Management technologies such as
SMS, SUS and MOM. Check them out here.
http://www.w2knews.com/rd/rd.cfm?id=040223RN-FAQShop
---------------
* MS Software Assurance -- Hidden Benefits
W2Knews subscriber Thomas Philo sent me this: "At our local users
group meeting this past Tuesday (Feb 5) the head of MS training
told us about a benefit I had never heard mentioned at all:
Based on the number of licenses and types that you have, you
may have FREE trainings days though a CTech.
"I checked into it for here at BPA and we have 45 days worth of
training that we can send people to at no $ cost (except the
payroll cost). That equates to $13,500 worth of training built
into SA for BPA (3400 XP, 600 server licenses). Considering each
office must fund its own training - and all training budgets have
been cut - this allows us to send people to training that
otherwise would not be allowed.
"They also launched a new eLearning setup that you get for free,
based on numbers of licenses (I think we get around 200 classes
over eLearning, our internal POC that deals with MS did not even
know about this feature of SA!). Should pass that along as a
benefit of SA."
Get a copy of the updated report on Software Licensing 6.0 and
find out more about these benefits!
http://www.w2knews.com/rd/rd.cfm?id=040223RN-MS_Licensing_Report
------------------
* Windows Leak No Security Risk? Hah!
After the recent Service Pack source code leak, several security
experts said that Windows users are unlikely to face any
increased security risks. Their viewpoint was that it's a simple
matter for hackers to find Windows vulnerabilities without
recourse to the code. Bzzzz! Wrong answer.
Three days after the leak, the first IE 5 exploit came to light,
directly based on the "lost source code". I have been hammering
on security for years, so if you have your defenses in place, you
should be reasonably OK, but stay alert.
A hacker that is gunning for Windows security holes, may very well
be able to find holes by simply looking right in the source code.
You can imagine the results. Times like these -do- call for a
healthy dose of paranoia.
--------------------
* MS Virtual Server Goes to 15K Testers
Redmond announced last Wednesday it sent Virtual Server Beta to
15K brave souls that are not afraid to trash a test server.
Virtual Server 2004 is built on the virtual machine code they
acquired from Connectix in January 2003. It contains new support
for a range of SCSI drives and two-node clustering that will
allow failover from one virtual machine to another.
Eric Berg, a product manager in Microsoft's Windows Server group
stated: "We have also improved and enhanced what we think is one
of our biggest competitive differentiators, which is our COM API.
We have a very rich, programmatic interface into Virtual Server.
This will make it easier for administrators to script and
automate a lot of the different capabilities". Hmmm. Scripting?
I'm not so sure everyone likes to write scripts [grin]
================================================================
4. NT/2000 THIRD PARTY NEWS:
* Pharma Spam Soared In January
Getting sick and tired of pushy email trying to get you on drugs?
We observe that spam comes in waves, and seems to migrate from
one product to another. Spam moves in herds, like many other
phenomena. The January spam index from Clearswift shows that
pharmaceutical-related spam accounted for almost half (42.6 per
cent) of unwanted messages during the month. Personally, I'm
trying to stay off drugs. [grin] I'm glad iHateSpam traps all
that stuff. More over, a lot of these drugs seem to actually be
counterfeit. Did you know that this is a 20 Billion a year racket?
No wonder they resort to spam to peddle their poison.
-----------------
* Is Your Industry Mandated "For Records Retention"?
Health Care, Insurance and some financial institutions may not
mandated for "business continuity", but it is highly likely
that they are mandated for "records retention".
In 1991 President Bush wanted increased efficiency in Healthcare,
and in the year 1996 Clinton signed into Public Law 104-191.
During the years of 2001-2003 the last of three sections were
approved covering interoperability of Transactions and rules
about disclosure of private data.
HIPAA's primary goal is not business continuity, or even data
resiliency. There actually is some verbiage about data backup
and disaster recovery, but it is not really HIPAA as much as
referencing other standardized government data specifications.
Due to the broad reach of HIPAA - from the largest insurance
corporations to the smallest healthcare provider, HIPAA is the
standardization of B2B (Business to Business) within the
Healthcare industry. You could really call it eCommerce.
As a System Admin, why should I care about HIPAA?
If it is B2B (or eCommerce), then it has a very low tolerance for
inaccessibility for any reason. With standardized data fields
(for a particular illness or treatment, for example), there will
be more use of electronic records - since eventually all medical
software will be aligned with them.
Data will have an even higher premium, as more correct data and
more consistent data will yield not only faster processing, but
better reporting. A survey of paid-for procedures and diagnoses
is equally valid as a statistical overview of current health
statistics and/or deficiencies. For example, lower numbers of
prescriptions for a given illness can be an indicator that the
illness is also occurring less frequently. Better data always
results in change for how resources are utilized.
Consider if better statistics are tracked on paid-doctors' visits
that result in a diagnosis of hearing-loss. Manufacturers who
develop hearing aids will have a better understanding of needs
and a stronger impetus to develop products for a particular niche
of the population.
Every benefit associated with the results of HIPAA has a
financial implication associated with the increased value of the
data. As the value of data increases, so does the need for better
backup, for ensured availability and productivity, and a more
justifiable recognition of disaster recovery. So let's have a
look at what's in the § 142.308 Security standard.
(a) Administrative procedures to guard data integrity,
confidentiality, and availability
(3) A contingency plan, a routinely updated plan for
responding to a system emergency, that includes
performing backups, preparing critical facilities that
can be used to facilitate continuity of operations in the
event of an emergency, and recovering from a disaster.
The plan must include all of the following implementation
features:
(i) An applications and data criticality analysis (an
entity's formal assessment of the sensitivity,
vulnerabilities, and security of its programs and
information it receives, manipulates, stores,
and/or transmits).
(ii) Data backup plan (a documented and routinely
updated plan to create and maintain, for a specific
period of time, retrievable exact copies of
information).
(iii) A disaster recovery plan (the part of an overall
contingency plan that contains a process enabling
an enterprise to restore any loss of data in the
event of fire, vandalism, natural disaster, or
system failure).
(iv) Emergency mode operation plan (the part of an
overall contingency plan that contains a process
enabling an enterprise to continue to operate in
the event of fire, vandalism, natural disaster, or
system failure).
(v) Testing and revision procedures (the documented
process of periodic testing of written contingency
plans to discover weaknesses and the subsequent
process of revising the documentation, if
necessary).
The civil penalties that HIPAA sets for violations are:
- $100 per violation, up to $25,000 per person, per year for each
requirement or prohibition violated.
The Criminal Penalties are even less palatable:
- Up to $50,000 and 1 year in prison for obtaining or disclosing
protected information.
- Up to $100,000 and up to 5 years in prison for obtaining or
disclosing protected information under false pretenses.
- Up to $250,000 and up to 10 years in prison for obtaining or
disclosing protected information with the intent to sell,
transfer, or use it for commercial advantage, personal gain, or
malicious harm.
The above shows it makes sense to seriously work on a DR plan,
and get is tested and implemented. Here is the most sold tool to
get disaster recovery plans in production environments.
Double-Take:
http://www.w2knews.com/rd/rd.cfm?id=040223TP-Double-Take
--------------
* New Super Light 'Always-On' XP-based NoteBook
FlipStart is a compact 14.8 x 10.1 x 2.6cm (5.8 x 4 x 1in)
notebook that sports an unnamed 1GHz processor and runs Windows
XP. Vulcan's idea is to offer a machine that has the
compatibility, power and application base of the mainstream
Microsoft OS with a form factor that's little bigger than a PDA
yet features a full QWERTY keyboard.
Like a PDA, the device is designed to operate continuously, going
to sleep when the lid is closed rather than shutting down
completely. It weighs under 450g (1lb), Vulcan claims, and it
runs WinXP. Check it out over here at The Register, they even
have pictures!
http://www.w2knews.com/rd/rd.cfm?id=040223TP-FlipStart
----------------
* Is Your Exchange Server Safe from Virus Attacks?
One thing I have learned from dealing with Panda is that your
network has to be made secure at every level. They preach layered
defense for a reason - today's virus writers look for every weak
link and every opportunity to push their malicious code and
create chaos and disruption. Since email is a major target of
these hackers, the Microsoft Exchange Server is a favorite
target. Panda ExchangeSecure scans and disinfects all inbound and
outbound email and attachments in-memory. ExchangeSecure has
central or remote administration in both local networks and WANs,
and does it all swiftly and with lower resource usage, than many
other antivirus product. ExchangeSecure provides seamless
integration with all Exchange environments, automatic daily virus
updates and is scalable to fit any size enterprise. Panda is
providing W2Knews readers with a special download evaluation
edition of ExchangeSecure if you click here.
http://www.w2knews.com/rd/rd.cfm?id=040223TP-Virus_Attacks
=================================================================
5. W2Knews 'FAVE' LINKS:
Can you imagine tossing a ton of these in the air?
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Light
-------
Ever had a chance to check out MegaMeeting.com? Free and/or low
cost video conferencing.
http://www.w2knews.com/rd/rd.cfm?id=040223FA-MegaMeeting
-------
Are you into mobile computing? This is a good site to track
developments.
http://www.w2knews.com/rd/rd.cfm?id=040223FA-MobileTrax
-------
The -very- last thing you want to see while surfing the web.
(Warning, may not be appropriate for an office environment)
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Oops
-------
You are your own tour guide inside the Gates estate. Simply click
on the active areas of the image.
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Gates_Tour
-------
Microsoft is offering ad space on the BSOD Screen.
http://www.w2knews.com/rd/rd.cfm?id=040223FA-BSOD_Ads
-------
Great short movies, while you are waiting for a backup to finish
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Short_Films
-------
The Flash animations on this Vodafone site are really cool. My
fave? Scroll over Quick Launch, then select Entertaining.
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Vodafone_Flash
-------
How to set up a high tech credit card swiping
http://www.w2knews.com/rd/rd.cfm?id=040223FA-ATM_Camera
-------
Microsoft and Sunbelt Software Present: How to Protect Your
Enterprise from Spam: Solutions for Microsoft Exchange
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Webcast
-------
Serious, radical car modification. Very cool!
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Vroom
-------
You all know Isaac Asimov. Here's what he wrote about the four(!)
stanzas of the USA National Anthem.
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Asimov
-------
They are watching Microsoft like a hawk. More Microsoft news than
necessary. Every day.
http://www.w2knews.com/rd/rd.cfm?id=040223FA-Hawk
=================================================================
6. W2Knews - PRODUCT OF THE WEEK
* The New iHateSpam V4.0 Supports More Platforms!
Eliminate Annoying Spam with iHateSpamT. It is a great spam filter
that will dramatically reduce the junk email you find in your
mailbox! Super simple installation, available for Outlook
Express, Outlook 2000, 2002 and 2003. The new Version 4.0 also
works for Hotmail, Incredimail and Eudora. Only $19.95 so this is
a no-brainer. The Outlook Version is winner of the PC Magazine
Best Buy Award, and their exclusive World Class 2003 Award.
http://www.w2knews.com/rd/rd.cfm?id=040223PW-iHateSpam
=================================================================
7. HOW TO USE THE MAILING LIST
About Your Subscription to W2Knews.
This is a posting from W2Knews. To manage your profile or (gasp!)
unsubscribe, please click on the following customized link:
http://www.W2Knews.com/login.cfm?id=2655865308573424
What Our Lawyers Make Us Say
These documents are provided for informational purposes only. The
information contained in this document represents the current
view of Sunbelt Software Distribution on the issues discussed as
of the date of publication. Because Sunbelt must respond to
changes in market conditions, it should not be interpreted to be
a commitment on the part of Sunbelt and Sunbelt cannot guarantee
the accuracy of any information presented after the date of
publication.
INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT
WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT
LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR
A PARTICULAR PURPOSE AND FREEDOM FROM INFRINGEMENT.
The user assumes the entire risk as to the accuracy and the use
of this document. This document may be copied and distributed
subject to the following conditions: 1) All text must be copied
without modification and all pages must be included; 2) All
copies must contain Sunbelt's copyright notice and any other
notices provided therein; and 3) This document may not be
distributed for profit. All trademarks acknowledged.
Copyright Sunbelt Software Distribution, Inc. 1996-2003.
Sunbelt Software
101 N Garden Ave
Clearwater, FL 33755
USA