1. EDITORS CORNER
   • NT's New Name - Results
2. TECH BRIEFING
   • And Now: A SuperCool Link!!
   • Network Downtime Survey Results
3. NT/2000 RELATED NEWS
   • Solution for HIPAA and Service Pack 3 Situation
   • What Do The Analysts Say About MS?
   • Example Of Chinese Hackers Penetrating W2K Advanced Server
4. NT/2000 THIRD PARTY NEWS
   • New Version 3.1 iHateSpam Has Powerful Features
   • Too Much $ecurity?
   • What You Don't Know Can Hurt You
5. W2Knews 'FAVE' LINKS
   • This Week's Links We Like. Tips, Hints And Fun Stuff
6. PRODUCT OF THE WEEK
   • Pentax Digibino DB 100 Digital Camera/Binoculars

NT's New Name - Results

Well, you guys voted like mad, thanks! The overwhelming majority said "call the thing NT6 and be over with it". But as always, things aren't as simple as that, although I agree that would be the best. If you look at the build numbers, in reality Windows 2000 is NT5, Windows XP is NT 5.1 and WinNet is NT 5.2. The next really (really) large new build has the code name Longhorn and will be the true NT6.

More over, the lawyers are throwing a spanner in the works anyway re the "NT" letters. To my best knowledge, Microsoft had to let go of NT as NT is a registered trademark for Northern Telecom. In fact, on some of the older NT4 boxes, there's even a note indicating that. So, for the moment we'll just go with "WinNet" as the indicator for NT 5.2, which was the second most popular vote.

And talking about voting, you have just two days left to vote for the W2Knews Target Awards! We close the poll on September 23-rd, 11:59pm. Please indicate your fave tools. It will help you and your colleagues to have a ready-made shortlist when you need your essential system management tools! Vote here, click on the Target Awards Icon.
http://www.w2knews.com/rd/rd.cfm?id=020923ED-Target_Awards

And while you are there, here is the new SunPoll as well:
"Which area is your single biggest "admin pain point" at the moment?

• Network Security
• Disaster Recovery
• W2K and AD Migration
• Storage Management
• User Administration

PS: W2Knews has a 5 star rating. Freetechmail is a good example. Please forward a copy to a friend and tell them to subscribe?!
http://www.w2knews.com/rd/rd.cfm?id=020923ED-FreeTechMail

And Now: A SuperCool Link!!

For the last two years, our tech guys were asking for a special project. I finally caved in a month ago. This project had to do with their so-called "physics project". What was the experiment they wanted to do? Well, the discussion had been about the following scientifically very significant matter: What would a 50-pound ball of "silly putty" really DO when you would drop it from a 5-story parking garage? Would it wind up three blocks down the road on top of another building? Would it explode? We had no idea but (nerds that we are) had an urgent need to find out. And, we are relieved to say, the results are in.

We bought 50 pounds of the stuff from a Dow Corning distributor, and last Saturday, the Sunbelt Silly Putty Task Force made the jump. With spectacular results!! We have several camera angles, slo-mo high-speed shots, and the inevitable sponsor (W2Knews) in a really cool video that you can watch RIGHT NOW. Have fun, we sure had. Oh, and please forward this story plus the following link to your friends too:
http://www.w2knews.com/rd/rd.cfm?id=020923TB-Putty

Network Downtime Survey Results

Zeus Kerravala and Laura Didio of the Yankee Group and Sunbelt Software recently completed a Survey on Network Infrastructure Trends and Issues. Here is the executive summary:

"Two-thirds of corporate enterprises do not implement configuration management software to track changes and network and systems errors – despite the fact that 70% of companies experience at least one-to-two network outages per month.

Those are the results of the latest joint Yankee Group/Sunbelt Software, Inc. survey on Network Infrastructure Trends and Issues. The survey polled 250 IT administrators worldwide spanning a wide variety of vertical businesses.

Not surprisingly, the corporate respondents cited the lack of available IT capital dollars and a lack of manpower and time as the chief culprits in their decision not to deploy configuration management solutions. Nine out of 10 administrators –90% -- said they lacked the necessary monetary resources and 75% of those polled said they had no time to implement configuration management solutions. At the same time, the survey respondents noted that the greatest number of errors were attributable to telecommunications outages. In a departure from other recent trends, a majority of the IT administrators polled said that only 15% of network errors are caused by "human error." But the survey also showed that despite the hype and publicity surrounding network security, many organizations are still lax. Nearly nine out of 10 survey respondents admitted that they still employ shared passwords. And only a small percentage of organizations presently employ any secure ID mechanisms.

Key Findings

Other key survey findings included:

• More than two-thirds of organizations -- 69% -- said they experience at least one or two network outages per month. Eight (8%) percent of the survey respondents claimed they had three-to-five network outages per month.
• Of the reported errors, 52% of those polled claimed that 1-15% of the errors were caused by operator error. By contrast, only 13% of the respondents claimed that more than 15% were caused by human errors.
• Telecommunications outages were the largest cause of network and systems errors. One-quarter or 25% of respondents pointed to telecommunications failures as the cause of 60% or more of their network errors.
• And in another statistic that buttresses recent trends, 84% of the IT managers who responded to the survey acknowledged that their firms routinely use shared passwords. By contrast only eight percent (8%) used TACACS+, only 14% use Radius and only 13% used any kind of secure ID methodology.
• Two-thirds of organizations -- 65% -- admitted they currently have no accurate means of tracking operator changes and only 11% have a method of correlating changes with errors, which would explain the number of "human errors."

Solution for HIPAA and Service Pack 3 Situation

As you know, HIPAA is a set of rules in the USA that requires the health care organizations to comply with a series of privacy regulations. And it requires them to protect their IT infrastructure vigilantly. But MS' new end user license agreements (EULA) for SP3 basically give them free reign on your machine to change stuff. At least it's worded that way. (Lawyers - grumble) MS mainly refer to updates and fixing security holes with their new EULA.

Here is a possible solution though that was cooked up by someone smart: Since the automatic update/security holes only apply to Microsoft, the health care industry needs to go to Microsoft with a joint NDA (non-disclosure agreement) and indemnification agreement, requiring Microsoft to hold their HIPAA-compliant customers harmless should patient information be leaked via this mechanism. Let the lawyers have at it!

What Do The Analysts Say About MS?

Often you might want to know what the industry pundits are thinking about MS or their product strategy. But it is difficult to find some place where all this stuff is. And even more, who has the time to do all that research? The Analyst Views site can help. Run by TechRepublic alum Jim Zimmermann, Analyst Views tracks and links to all the free research that analysts publish, every business day. Check it out at:
http://www.w2knews.com/rd/rd.cfm?id=020923RN-AnalystsViews

Example Of Chinese Hackers Penetrating W2K Advanced Server

This is a good example of an intrusion analysis that shows Chinese hackers having penetrated several systems. The report is of 8-26-2002, and the machine compromised was a Windows 2000 Advanced Server.

"An active system compromise on two of the three client systems in the domain was discovered. SystemA (Windows 2000 Advanced Server, IIS, SQL Server, Commerce Server 2000, Content Management Server) and systemB. (Windows 2000 Advanced Server, IIS, Commerce Server 2000, SQL Server) had both been compromised, and had been used to scan other computers for security vulnerabilities. These systems were in need of various security hotfixes and service packs from Microsoft, and also appeared to be configured in a manner that created opportunities for attackers to gain unauthorized access. In addition, system logging was not properly configured, making evidence of the original attack vector(s) difficult, if not impossible, to find."

We found a nice surprise. Security experts are using PestPatrol to scan for hacking tools and other files that are unwanted guests on the systems of their customers. "The use of Pest Patrol was very helpful in this, and other instances, to help find tools hidden in obscure directories, as well as tools that I was not personally familiar with."

But read through the whole analysis and see why it is important to scan for vulnerabilities and patch the holes that are found. Essentially, you need a toolkit of security software that creates several layers of security and protection, plus a separate kit to scan systems for evidence of having already been penetrated and clean them up. Here are three very popular tools (all Top 10 Sellers) that you may want to check out:

PestPatrol: http://www.w2knews.com/rd/rd.cfm?id=020923RN-PestPatrol

Retina: http://www.w2knews.com/rd/rd.cfm?id=020923RN-Retina

UpdateExpert: http://www.w2knews.com/rd/rd.cfm?id=020923RN-UpdateExpert

New Version 3.1 iHateSpam Has Powerful Features

New features:
Spam Abuse Reporting:
The spam abuse reporting feature, designed for the advanced user, allows an end user to simply click on a spam email and report a spammer to both the spammer's ISP as well as Spamabuse.org. Additional contact information is provided on other agencies, such as the FTC (general spam); the Spam Recycling Center (which collects statistics on spam); the SEC and the North American Securities Administrators Association (to report securities fraud); and the USDA (to report medical fraud).

Since the program relies on potentially forged or incorrect header information from the email to detect the primary and secondary relay servers, users are cautioned in the program to be careful with using this feature to avoid misreporting.

Other improvements:
Additionally, the Outlook and Outlook Express versions both have been beefed up. Since the Outlook and Outlook Express versions are architecturally different products, the specific improvements by version are listed below.

New features in Outlook version:

• Spam abuse reporting.
• Improved management of quarantine folders: In the 3.1 version, users can have their quarantine folders located in either the Deleted Items folder or under their inbox. There is also an option to have only one quarantine folder, or four separate folders.
• Customization: Users can now customize the iHateSpam toolbar.
• Toolbar enhancement: Added the ability to empty the quarantine folder(s) with one click.
• Statistics and diagnostics: The program now provides a statistic of the amount of spam caught, and adds diagnostic information for technical troubleshooting.
• Getting Started Wizard is accessible as an option: iHateSpam's simple "Getting Started" wizard had previously been only available on the first use of the program. Now, this feature is accessible at any time.
• Improved bounce functionality: iHateSpam's bounce functionality, which attempts to send a message to a spammer that the user's email address is invalid, is now improved.
• More information in the Quarantine Window: iHateSpam Outlook has an option to show what spams have been caught, known as the Quarantine Window. This window has been improved to tell the user under what primary criteria the message was determined to be spam.
• Seamless support of Hotmail accounts in Outlook XP: Previously, Hotmail support had primarily been available to the Outlook XP user as a manual function—the user had to actually initiate a spam cleaning process. Now, the spam detection in Hotmail is completely automatic. (Note: Hotmail is only supported in Outlook XP).

• Spam abuse reporting.
• Enemy Phrases: Basic rule functionality has been added in that users can create their own "enemy phrases", which are phrases that occur in the email message body, subject or "To" line. Emails with enemy phrases will be automatically quarantined.
• Diagnostics: The program now provides diagnostic information for technical troubleshooting.
• Getting Started Wizard is accessible as an option: iHateSpam's simple "Getting Started" wizard had previously been only available on the first use of the program. Now, this feature is accessible at any time.
• Improved bounce functionality: iHateSpam's bounce functionality, which attempts to send a message to a spammer that the user's email address is invalid, is now improved.

Too Much $ecurity?

Here's a better way to manage security and keep costs under control. Managing a growing number of incomplete security utilities that only do part of the job is a major headache. And what's worse is that it consumes valuable staff time better spent elsewhere. The result? Managing your security utilities can be more work than managing your overall IT security.

Check out VigilEnt Security Agent for Windows -- an integrated security product that provides complete vulnerability assessment, correction, real-time event detection and coordinated security management -- enabling you to accomplish more with fewer staff resources than ever before. Want effective security with reduced cost of ownership? Take a close look at VigilEnt Security Agent for Windows. We can give you a 15 minute web-demo that shows you everything you need.
http://www.w2knews.com/rd/rd.cfm?id=020923TP-PentaSafe

What You Don't Know Can Hurt You

Have you ever thought your Windows network was under control only to discover half a dozen "extra servers" in your network --- all running unpatched versions of IIS? VigilEnt Security Agent for Windows identifies the workstations and servers on your network, shows you the services running on those machines, and even identifies any missing service packs or patches. So now what do you do?

This Week's Links We Like. Tips, Hints And Fun Stuff

Pentax Digibino DB 100 Digital Camera/Binoculars

More than a pair of binoculars. More than a digital camera. It's two-in-one! The Pentax DigiBino DB100 is the world's first combination digital camera and binocular. Ideal for birdwatchers, outdoorsmen, sports fans or anyone looking to capture images electronically that you normally only see with a pair of binoculars. Cool to check out at the W2Knews PriceGrabber where you always find the best price on-line.