W2Knews[tm] (the original NTools E-News) Electronic Newsletter Vol. 5, #32- July 31, 2000 - Issue #206 Published by sunbelt-software.com since 1996 - ISSN: 1527-3407 'Immediate Notification Of Important Windows NT/2000 Events' *******************over 600,000 subscribers********************* This Issue of W2Knews contains: 1. EDITORS CORNER: * ! W2K Service Pack 1 IS HERE ! 2. TECH BRIEFING: * The Worst Security Mistakes You Can Make 3. NT/2000 RELATED NEWS: * Linux takes over NetWare as the #2 Server OS. * MS casts its .NET spells on Analysts * Tempest of Outlook Security Fixes * Special offer from SQL Server Mag for W2Knews Subscribers * Microsoft tries to woo Novell NDS customers. * Need to design a new Lan? Ask Ed Tittel Live 4. NT/2000 THIRD PARTY NEWS: * OpalisRobot Improves Availability and Performance * NEW: Enterprise Config. Manager 3.1: Mobile Users Support * Dow Chemical Fires 50 After E-Mail Probe * Hate coding? Tired of login-script debugging? Move Fast! 5. W2Knews 'FAVE' LINKS: * NEW: This Week's 3 Cool HotLinks 6. HINTS AND TIPS: * MS Comes Out With IIS 5.0 Security Checklist 7. THE NT/2000 STOCK WATCH - Week of July 28, 2000 - Selloff City! 8. HOW TO USE THE MAILING LIST Instructions on how to subscribe, sign off or change your address. *************************SPONSOR********************************* Having difficulty managing your mobile and remote users? Looking to gather hardware and software inventory from these "sometimes" and "never connected" systems? Computing Edge Inventory +Solution makes gathering inventory from LAN and remote users simple. Run Inventory +Solution from the network, floppy (never connected) and even gather inventory from users who only have a dial-up Internet connection. Seamless Microsoft SMS integration. Inventory +Solution web reports will blow you away. FREE 30-day eval. Register to win a Compaq 18" flat panel monitor. http://www.computingedge.com/ntools **********************What Is W2Knews?************************** Sunbelt W2Knews is the World's first and largest e-zine designed for NT/2000 System Admins and Power Users that need to keep these platform up & running. Every week we get you pragmatic, from-the- trenches news regarding NT/2000 and 3-rd party System Management Tools. W2Knews will help you to better understand NT/2000 and pass your Certification Exams. You will get breaking news like new tools, service packs, sites, or killer viruses via W2KNewsFlashes. Sunbelt Software is THE NT/2000 e-business tools site. At the end of this message are links to all indexed and searchable back issues. ------------------------------------------------------------------- 1. "EDITORS CORNER" Hi NT/2000 Pros, THIS IS A RESEND. I started today at about 3 pm to send this issue but at 8pm I received an email that SP1 for W2K was available so I interrupted the broadcast to tell you the news. Keep in mind that often after being posted, it disappears again for a while before it comes back with even more bugfixes. So be warned: test, test, test! These links worked when I tested them Sat July 29, 2000 at 20:15 http://mschus.www.conxion.com/download/win2000platform/sp/sp1/NT5/EN-US/sp1network.exe http://mssjus.www.conxion.com/download/win2000platform/sp/sp1/NT5/EN-US/sp1network.exe http://msvaus.www.conxion.com/download/win2000platform/sp/sp1/NT5/EN-US/sp1network.exe And remember to vote in the new SunPoll[tm] Q: In which area is currently your biggest System Admin Headache? - User Account Management - Storage Management - Security - W2K Migration You will see immediate and surprising results! Click & Vote: http://www.sunbelt-software.com Now, let's have a look at those Security Mistakes. Warm regards, Stu. (Email feedback to [EMAIL PROTECTED]) ***************************SPONSOR********************************* ALLEVIATE MIGRATION PAIN. REDUCE COSTS. KEEP USERS HAPPY. Personality Tranxport(tm) Professional(PT PRO)- Rated BEST overall migration product by PC Mag. Perform deep migrations. Great for mass PC replacements and cross WIN OS/application upgrades. Capture the complete user state including data (6,500 personality items) and transfer it to new desktops in minutes. Purchase online: http://www.tranxition.com/ **************************************************************** 2. TECH BRIEFING: * The Worst Security Mistakes You Can Make Now, I have to immediately admit that I did not think all these up myself. I'd be making millions as a security consultant in that case <grin>. They are a small part from a SANS institute poster that I got in the mail with the invitation to come to their Network Security Seminars. A whole team created these most unwanted flaws. If you want to get Security Certified, these SANS seminars are truly excellent. You will find a hotlink to SANS at the bottom of this section. (BTW, You could send these below lists to the respective groups, and ask for management permission to get security trained). And read through them as a checklist of the most urgent things you want to fix right away. THE FIVE WORST SECURITY MISTAKES END USERS MAKE: 1) Opening unsollicited email attachments without verifying their source and checking their content first. 2) Failing to install security patches, especially MS Office, IE and Netscape. 3) Installing Screen Savers or games without safety guarantees. 4) Not making and testing backups. 5) Connecting a modem to a phone line while the same computer is connected to a LAN. THE SEVEN WORST SECURITY MISTAKES SENIOR EXECUTIVES MAKE: 1) Assigning untrained people to maintain security and providing neither the training nor the time to make it possible to learn and do the job. 2) Failing to understand the relationship of information security to the business problem - they understand physical security but do not see the consequences of poor information security. 3) Failing to deal with the operational aspects of security: making a few fixes and then not allowing the follow through necessary to ensure that problems stay fixed. 4) Relying primarily on a firewall. 5) Failing to realize how much money their information and organizational reputations are worth. 6) Authorizing reactive, short term fixes so problems re-emerge rapidly. 7) Pretending the problem will go away if they ignore it. THE TEN WORST SECURITY MISTAKES INFORMATION TECHNOLOGY PEOPLE MAKE: 1) Connecting systems to the Internet before hardening them. (removing unnecessary devices and patching necessary ones). 2) Connecting test systems to the Internet with default accounts and passwords. 3) Failing to update systems when security vulnerabilities are found and patches or upgrades are available. 4) Using telnet and other unencrypted protocols for managing systems, routers, firewalls and PKI (Public Key Infrastructure). 5) Giving users passwords over the phone, or changing passwords in response to telephone or personal request when the requester is not authenticated. 6) Failing to maintain and test backups. 7) Running unnecessary services, especially ftpd, telnetd, finger, rpc, mail, rservices (some of these are Unix specific). 8) Implementing firewalls with rules that allow malicious or dangerous traffic - incoming or outgoing. 9) Failing to implement or update virus detection software. 10)Failing to educate users on that to look for and what to do when they see a potential security problem. And SANS gave a bonus one too ;-) Allowing untrained, uncertified people to take responsibility for securing important systems. Well, you got the message: Get Trained! www.SANS.org. **************************************************************** 3. NT/2000 RELATED NEWS: * Linux takes over NetWare as the #2 Server OS. Some interesting numbers from IDC. Last year, in terms of new licenses shipped, Linux overtook NetWare. That is no wonder of course. Novell (and SCO Unix too) have lost the commitment of their resellers and OEM's to a very large degree. These are now all mainly installing Linux and NT/2000 for their customers. IDC forecasts that Linux will grow fast, but will stay so small that MS will not lose any sleep over it. IDC just came out with its new "Server Operating Environments Market Forecast and Analysis, 2000-2004. They predict that Linux shipments will grow at 28% and revenue will grow at a compound annual rate of 23%. The unit volume of all OSes together will increase 17%. But if you look a little closer at these numbers, the conclusion is that Linux server revenues in 2004 will be only around $85 million. And MS makes that kind of money in just a couple of days. -------------------------- * MS casts its .NET spells on Analysts Last Thursday MS tried to explain their new .NET magic to the financial analysts who had traveled to the Redmond Mountain. In a nutshell, MS spun a story about the Internet in a few years from now, where people do not buy software, they rent it. (I warned about this in NTools E-News - June 12, 1999) MS was painting a picture of the transition from the old client/ server model to the 'New Net World' where the platform is the Internet. Here, everything talks to everything else and often via the ether with the XML language as the chief Wizard. What MS really is planning to do is breaking up all their software in small modules, that you can use on whatever device you happen to have around. No more monolithic Office applications, no more BackOffice bundles that you buy all-in-one. You only rent the stuff you need. That means MS-Word could shrink to normal size again. That would be a relief, except for the monthly fees. Money wise, it looks like they are going by something like rental fees that are so low that you pay in 2 years what you otherwise would pay to buy the software outright. After that 2 years they will start to make out. The software you rent would blur the distinction between stuff running on the desktop, the server or anywhere on the Internet, via some sort of Browser on steroids. Sounds like this dream may take a while to materialize. I'm wondering about the time it will take to go from NT to .NET. -------------------------- * Tempest of Outlook Security Fixes Microsoft has released a tempest of fixes for Outlook and Outlook Express in the last couple of weeks. There are too many to mention. If you are deploying Outlook in your corporate environment, it is a very good idea to regularly check the following site: http://windowsupdate.microsoft.com/ -------------------------- * Special offer from SQL Server Mag for W2Knews Subscribers Subscribe to SQL Server Magazine today and receive a 25% discount off your subscription. SQL Server Magazine is the only magazine devoted to how-to advice and articles about SQL Server. If you work with SQL Server, this magazine will save you time, energy and frustration - subscribe right away, click here and do it now! http://www.sqlmag.com/sub.cfm?code=er00erpxsun -------------------------- * Microsoft tries to woo Novell NDS customers. MS released last Wednesday Microsoft Metadirectory Services 2.2. If you are running multiple directories in your enterprise, MMS is a tool that makes it easier to manage those. It also simplifies the deployment of Active Directory. But this thing is aimed straight at loosening up the hold that NDS has on large enterprises. What MMS does, is extend the network management capabilities of Active Directory across multiple types of directories. If you have information about your employees, customers, systems and resources, MMS enables real-time synchronization of directory information into Active Directory. The next step that MS envisions is that you use AD primarily, and in the long run phase out NDS or other directories. It's going to take a while as NDS has about 5 years head start on AD and is better developed. AD still needs some work to be up to par with NDS. I'm being mild here. But over time MS will catch up, and third party tools will certainly come to help. -------------------------- * Need to design a new Lan? Ask Ed Tittel live Have questions about designing a new LAN or integrating existing multiprotocol LANs? Then join a Live Expert Q&A session with Ed Tittel, president of LANWrights Inc. and vice president of IT certifications at LeapIt.com. Tittel, who has coauthored numerous networking books, like Windows NT Power Toolkit with yours truly, will answer your questions about wired LANs of 4 Mbits/sec or higher. Log on at: www.SearchNetworking.com on Tuesday, August 1, at 11:00 EDT and engage in the interactive discussion with Ed Tittel. ***************************************************************** 4. NT THIRD PARTY NEWS: * OpalisRobot Improves Availability and Performance OpalisRobot was reviewed & recommended by NT/2000 Guru Ed Tittel. This tool allows you to improve the availability and performance of your servers. OpalisRobot actually covers more than one 'tool category' with its unique combination of job scheduling, application /event log monitoring, and notification and corrective action features. It automatically fixes network errors before they affect your business critical resources. You can automate routine tasks, monitor critical resources and do job processing with one product! I suggest you get a 30-day eval and Download OpalisRobot over at: http://www.sunbelt-software.com/product.cfm?id=585 --------------------------------- * NEW Enterprise Config. Manager 3.1: Mobile Users Support The new ECM 3.1 is a powerful tool that arms you with configuration management. You need this to keep large environments under control. ECM now also supports mobile Windows NT/ 2000 systems. It alerts you, the help desk, and/or enterprise management frameworks like Unicenter, Tivoli or OpenView of critical system configuration changes. These new features reduce downtime for mobile users, as you can now standardize their notebook systems like you can desktops and servers. You can resolve problems faster with ECM 3.1’s high power collection and filtering of registry configuration settings. ECM enables you to efficiently and cost-effectively standardize server, workstation and mobile system configurations, and keep them in compliance, minimize downtime, accelerate problem resolution, reduce help desk calls and enhance system performance. Actually, ECM can help you to identify and help correct configuration problems _before_ users even know they exist. Major time and money saver: http://www.sunbelt-software.com/product.cfm?id=522 ---------------------------- * Dow Chemical Fires 50 After E-Mail Probe (Reported by TechRepublic.com from an Associate Press Article). I'm giving you a short version of what happened there. Last week during an investigation by The Dow Chemical Co. of their employee e-mail they found that people at all levels had sent pornography and violent images from company computers. This lead to 50 people being fired and 200 others disciplined. Eric Grates, spokesman for Dow's Michigan Operations said: "There was a whole range of things, from mild pornography to very graphic pornography and some seriously violent images." The investigation by the nation's No. 2 chemical company was sparked by an employee complaint in May. The company does not monitor e-mail on a regular basis, Grates said. When DowChem officials looked into the complaint, they quickly found out that it was more than just one worker. They then decided to make a snapshot of all e-mail use during one week in May. Grates said: "We have to protect our other employees, this sort of activity creates a harassment environment that we can't tolerate." Last March, employees were sent books that outlined company policies, including the prohibition of computer use for personal and objectionable subject matter, he said. "It specifically discusses what is and is not tolerated," Grates said. Last year, the New York Times fired 22 employees in Virginia for something similar and Xerox Corp. fired 40 workers for spending work time - in some cases up to eight hours a day - surfing pornographic and shopping sites on the Web. I strongly suggest you talk to your management and get two tools in place that nip this in the bud. Use TrafficMax to monitor web traffic and stop the 'employee time drain'. Use Mail essentials to monitor your (Exchange) email traffic. You need this tool anyway to filter for malignant virus attachments. 30-day Downloads over at: TrafficMax: http://www.sunbelt-software.com/product.cfm?id=740 Mail Essentials: http://www.sunbelt-software.com/product.cfm?id=610 ------------------------- * Hate coding? Tired of login-script debugging? Move Fast! Let me ask you some questions: - Are you still modifying the registry of new computers manually? - Still installing the latest service packs by hand? - Still creating Outlook profiles manually? - Would you like to know who logged on to what station, with what IP address, privilege level and when? - Frustrated by trying to create a real "logon script" with a myriad of MS-DOS batch file commands? - Sick and tired of login-script modifications and debugging? We have found ScriptLogic to be extremely popular in this area. As a matter of fact, this tool is the world's best selling enterprise logon-script generator. (Version 3 is coming soon but there is a BUY NOW special going for the current version. Ask your Rep about it quickly). You have the ability to display your own company's bitmap logo in place of the default Inteletek ScriptLogic splash screen during the logon process, and you can redirect shell folders such as bookmarks, desktops, start menus, etc. to network shares or user home directories. All without coding a single line. Looking for a logon-script time saver? Mouse your way over here: http://www.sunbelt-software.com/product.cfm?id=299 **************************************************************** 5. W2Knews 'FAVE' LINKS: July 3, 2000 ============== Need to construct a Disaster Recovery Plan? Here's an outline. http://www.dlttape.com/ProveIt/steps/plan/drp/toolkit.asp ============== Need to check last login? NET USER /domain command, or else DumpACL/DumpSec utility at www.systemtools.com/somarsoft ============== Vote for your FAVE TOOLS! Very useful resource. See what your colleagues prefer: http://www.sunbelt-software.com/targetawards/ ============== **************************************************************** 6. HINTS AND TIPS: * MS Comes Out With IIS 5.0 Security Checklist MS recently came out with a new security-related checklist that will help you to harden your IIS 5.0 systems. They called the document "Secure Internet Information Services 5 Checklist". It shows you 12 areas you have to address, and some more W2K things you need to tweak. http://www.ntsecurity.net/go/2c.asp?f=/news.asp?IDF=178&TB=news **************************************************************** 7. THE NT/2000 STOCK WATCH - July 28,2000 - Selloff City! PS, if this looks all messed up, change the font to Courier New 10pt 52 WK 52 WK P/E WEEK SECURITY CLOSE HIGH LOW RATIO CHNG --------------------------------------------------------------------- Advanced Micro Devices... 70 1/2 97 15 5/8 34 -12.1% BMC Software............. 17 7/16 86 5/8 16 1/8 18 -7.0% BindView Development Corp 8 11/16 45 3/4 6 5/16 -27.6% Cisco Systems............ 62 13/16 82 28 1/8 -7.7% Citrix Systems Inc....... 15 1/8 122 5/16 14 3/4 26 -12.0% Compaq Computer.......... 28 34 18 1/4 41 +0.9% Computer Associates...... 24 3/4 79 7/16 24 1/2 12 -8.3% Data Return Corporation.. 26 94 1/4 13 1/4 -9.3% Dell Computer............ 43 11/16 59 3/4 34 7/8 68 -16.5% EMC Corp................. 81 1/2 89 7/8 26 1/4 -7.8% Electronic Data Systems C 42 5/16 76 11/16 38 3/8 29 -4.1% Gateway Inc.............. 55 1/8 84 35 1/4 37 -12.3% Hewlett Packard Co....... 106 15/16 136 3/16 52 1/4 33 -13.3% Intel Corp............... 129 1/8 147 1/2 62 3/4 57 -6.5% Intergraph Corp.......... 6 3/32 9 3 3/16 -3.9% International Business Ma 111 13/16 137 11/16 89 3/4 28 -2.2% Legato Systems Inc....... 9 3/4 82 1/2 9 1/4 -10.8% Micron Electronics Inc... 9 15/16 20 11/16 8 3/16 29 -11.6% Microsoft Corp........... 69 11/16 119 15/16 60 41 -3.6% NCR Corp................. 35 3/16 48 1/2 26 11/16 11 -1.0% NetIQ Corporation........ 47 1/2 81 1/2 14 3/4 +3.2% Network Associates Inc... 18 3/16 37 3/16 15 52 -15.1% Novell Inc............... 9 1/64 44 9/16 7 13/16 16 -12.4% Oracle Corp.............. 72 3/8 90 17 3/8 34 -4.0% Qualcomm Incorporated.... 62 7/16 200 34 80 -0.5% Quest Software Inc....... 47 1/8 98 1/8 10 1/4 -22.4% Seagate Technology....... 44 3/8 76 25 7/16 10 -17.4% Silicon Graphics......... 4 3/8 6 3/4 2 -6.6% Sun Microsystems Inc..... 102 13/16 110 33 94 -1.1% Sybase Inc............... 23 13/16 31 9 1/2 33 0.0% Symantec Corp............ 49 1/16 81 5/8 25 3/8 17 -18.9% Unisys Corp.............. 9 3/8 49 11/16 9 1/8 6 -5.0% Veritas Software Corp.... 87 11/16 174 21 1/4 -19.7% Dow Jones 30 Industrials. 10,511.17 -2.0% ******************************************************************* 8. "HOW TO USE THE MAILING LIST" Instructions on how to subscribe, sign off or change your email address TO SUBSCRIBE TO THE LIST (Tell your friends!) Click: http://lyris.sunbelt-software.com/scripts/lyris.pl?join=w2knews and fill out the form, simple & easy: 1 minute work. Or by email, send a blank message to the following address: [EMAIL PROTECTED] _____________________________________________________ TO QUIT THE LIST Go here, choose the list you are on, and follow instructions: http://lyris.sunbelt-software.com/scripts/lyris.pl ____________________________________________________ TO CHANGE YOUR ADDRESS First unsubscribe and then resubscribe as per the procedure above. ****************************************************************** FOR MORE INFORMATION On the World Wide Web point your browser to: For the newsletter and our website: http://www.sunbelt-software.com For Tech Support on Sunbelt products mentioned: http://www.sunbelt-software.com/scripts/rightnow.exe Back Issues are here, all searchable and indexed. NT-list: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=nt-list&text_mode=0 Back Issues of W2Knews are all here: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=w2knews&text_mode=0 Cannot unsubscribe? Send an email to a live person: [EMAIL PROTECTED] Email for US sales information to: [EMAIL PROTECTED] Email for US Tech support to: [EMAIL PROTECTED] Email to the US Editor: [EMAIL PROTECTED] Email for European Sales to: [EMAIL PROTECTED] Email for European Tech support to: [EMAIL PROTECTED] At the time of this newsletter's release, all links were checked to verify their accuracy and validity. However, due to the ever changing pages of various sites, some links may later prove to be invalid. We regret any inconvenience should you be unable to open any of these links. ******************************************************************** Things Our Lawyers Make Us Say: This document is provided for informational purposes only. The information contained in this document represents the current view of Sunbelt Software Distribution on the issues discussed as of the date of publication. Because Sunbelt must respond to changes in market conditions, it should not be interpreted to be a commitment on the part of Sunbelt and Sunbelt cannot guarantee the accuracy of any informa- tion presented after the date of publication. INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND FREEDOM FROM INFRINGEMENT. The user assumes the entire risk as to the accuracy and the use of this document. This document may be copied and distributed subject to the following conditions: 1) All text must be copied without modification and all pages must be included; 2) All copies must contain Sunbelt's copyright notice and any other notices provided therein; and 3) This document may not be distributed for profit. All trademarks acknowledged. Copyright Sunbelt Software Distribution, Inc. 1996-2000.