W2Knews[tm] (the original NTools E-News) Electronic Newsletter Vol. 5, #49- October 16, 2000 - Issue #223 Published by sunbelt-software.com since 1996 - ISSN: 1527-3407 'Immediate Notification Of Important Windows NT/2000 Events' *******************over 600,000 Readers****************************** This Issue of W2Knews contains: 1. EDITORS CORNER: * An Immense Amount of News This Week. 2. TECH BRIEFING: * The Name Of The Security Game: Proactive 3. NT/2000 RELATED NEWS: * You Can Now TweakUI Windows ME/NT/2000 * MS Intro's TAHOE Document Server * Enormous EDS Navy Contract: MS & Dell Share Bounty 4. NT/2000 THIRD PARTY NEWS: * MS Drops 175Mil on NetIQ * NEW Security Tool Released: Enterprise Security Reporter * NEW: Tired of AT scripting? Replace it with Opalis JobEngine! * How Sprint Keeps Servers From Running Out of Space * Change Member Servers to BDC and back? Use U-Promote 5. W2Knews 'FAVE' LINKS: * This week's three Fave Links from Sunbelt. 6. THE NT/2000 STOCK WATCH - Week ending Friday October 13, 2000 7. HOW TO USE THE MAILING LIST Instructions on how to subscribe, sign off or change your address. *********************** SPONSOR: NETIQ******************************* ARE YOU SURE YOU'RE SECURE? Get your FREE copy of Windows NT Security: Step-by-Step, a valuable 36-page resource guide produced by the highly regarded SANS Institute. Order now! Limited quantities available. http://www.missioncritical.com/sponsor.asp?id=74 Lock out potential violators to your Windows NT and Windows 2000 network with security protection from NetIQ. Nobody does Windows 2000 better. Nobody. **************************What Is W2Knews?*************************** Sunbelt W2Knews is the World's first and largest e-zine designed for NT/2000 System Admins and Power Users that need to keep these platform up & running. Every week we get you pragmatic, from-the- trenches news regarding NT/2000 and 3-rd party System Management Tools. W2Knews will help you to better understand NT/2000 and pass your Certification Exams. You will get breaking news like new tools, service packs, sites, or killer viruses via W2KNewsFlashes. Sunbelt Software is THE NT/2000 e-business tools site. At the end of this message are links to all indexed and searchable back issues. --------------------------------------------------------------------- 1. "EDITORS CORNER" Hi NT/W2K Pros, * An Immense Amount of News This Week. With me being at the MEC in Dallas last week, you would not believe the amount of mail and news that has piled up while I was away. I have been scanning stuff for *hours* before I could even start writing this week's newsletter. So I'm going to keep all items relatively short, to get you at least the most important headlines all in one go. Pardon Our Dust: a small section of you received an old newsletter dated May 4 last week. Our Lyris listserver had some major database corruption. Then we found that the very last version of the backup tool we used, had not made valid backups for about a week: Aaaugh! After a whole day messing with restores we got back a version of the October 3-rd. Sorry for the dust during the reconstruction. Everything is back to normal now. Still mystified what caused it though. Warm regards, Stu. (email me with feedback: [EMAIL PROTECTED]) PS, If I see any good 'end-of-year' deals I'll send you a W2KnewsFlash *************************SPONSOR: NETWORK-1************************** Now -a Firewall that operates like a Bridge, not a Router Now you can install a firewall into your network without having to touch any IP addresses. In fact, even the firewall has no IP address! Try hacking that. CyberwallPLUS is even ISCA-certified for reliability. CyberwallPLUS - the way firewalls are supposed to work. Free 14-day evaluation: <http://www.network-1.com/IPeval/index.htm ********************************************************************* Want to sponsor W2Knews? Email [EMAIL PROTECTED] --------------------------------------------------------------------- 2. TECH BRIEFING: * The Name Of The Security Game: Proactive How many of your users walk away from their workstations without locking it for hours at a time? And how many happily click on the "save my password" button on a website? That option is another way of saying: 'store my password in a persistent cookie on my harddisk'. And don't tell me you are not guilty. Everybody is, except for some secure sites where the punishment is death if you forget to give your workstation the three-finger salute and press Enter. [grin]. So, what to do? Being proactive in your Security management is the thing to do. That means a series of policies and procedures in place, that sometimes are a headache for users which then rebel. That is why Top Management involvement providing air cover is a must. You also need to talk about a separate budget for IT Security, and ideally not bundled into the normal IT soft- and hardware expenses. It is a separate discipline, and way too often overlooked, under- estimated, and only activated after the damage has been done. Does your company have a separate IT Security Audit officer? Should it? You bet your boots you should. If not full-time, train some one to wear this hat at least part- time and give them the tools to get the job done. If staff *know* some one is doing regular scans for illegal software, if strong passwords are simply enforced, if weekly checks for excessive permissions are done and action taken if found, you are getting in the right direction. But for Pete's sake, DO SOMETHING! More suggestions below. If you run into a bug or suspected security vulnerability, this is where you can go to check and/or report on it. It's the Microsoft Security Response Center. http://www.microsoft.com/technet/security/sectour.asp If you want to do a regular excessive permissions scan, here is a brand new tool that will help to find them and report on these for action: It's called Enterprise Security Reporter. http://www.sunbelt-software.com/product.cfm?id=787 IDG News reported that half of small and midsize enterprises will suffer Internet attack as per Gartner Group. They claim small and midsize enterprises need to watch their backs, as they are likely targets for Internet attacks, and many will fall victim between now and 2003. More than half of those that manage their own network security and use the Internet for more than e-mail will be hit and more than 60% of companies that are targeted won't even know what hit them. Gartner recommends four steps for protection: Security checkup, firewall configuration, boundary services and consolidated remote access with strong authentication. Here is the full article: http://www.nwfusion.com/news/2000/1011attack50.html And here are all the Best-of-Breed Sunbelt Security tools: http://www.sunbelt-software.com/search_category.cfm#SEC ********************************************************************* 3. NT/2000 RELATED NEWS: * You Can Now TweakUI Windows ME/NT/2000 Tweaking the User Interface is always fun, you can make it behave exactly as you want it to. TweakUI is one of those free, unsupported but very useful little tools provided by MS. The latest version now supports W2K as well. Good for people with paranoia as it can erase all the tracks of your recent activity. [LINK IS WRAPPED] http://www.microsoft.com/ntworkstation/downloads/powertoys/ networking/nttweakUI.asp ---------------------- * MS Intro's TAHOE Document Server At the MEC, I got curious about what Tahoe was all about. Well, in a nutshell it's like YAHOO for your Intranet, and with automatic indexing to boot. They were showing a beta version that of course crashed at the show and needed a wipeout and rebuild but while that was happening, I got a verbal explanation. BTW, the MS-guy that did the demo commented: "When in doubt, wipe out!" Interesting motto. Anyway, this puppy manages internal documents for workgroups of 1000 people and below. It scans Word, Excel and PowerPoint docs and indexes them for easy retrieval. It comes with its own search engine which is a spider comparable with an internet crawler. The way you get a document on the Tahoe server goes like this: 1) You make it, no one else can see it. Phase= Checkout 2) You release the lock, for peer review. Phase= Checkin 3) Now it will be published and is visible. Phase= Publish 4) (Conditional) Final Issue Authority: Phase= Approval The last phase can be combined with 3) above when needed. What you get out of this? Better documentation of the work done, and easier to find who wrote what and where is it. Ideal for groups that have to generate a lot of documents. Look for it mid to end 2001. Beta's are available for the strong of heart. ---------------------- * Enormous EDS Navy Contract: MS & Dell Share Bounty It was all over the newspapers and the EDS stock went up immediately. They won the bid for the U.S. Navy for a Windows-based corporate network. This contract is the largest ever for the US government. It's a 5-year deal covering $4.1 billion, and if they decide to extend the contract for 3 more years the total could even be $6.9B. EDS needs to first install and then manage a humongous intranet of 350,000 seats. The network links all 300 Marine and Navy bases. The interesting thing is that this was a PC versus Mainframe battle. EDS was bidding against a combine of CSC, General Dynamics and IBM. The winning EDS partners are Raytheon, MCI Worldcom and Waminet. MS and Dell provide software and hardware for the deal so stand to win substantially. Cisco was tapped for all the networking gear. EDS claims the contract will save the Navy a cool $ 1 Billion per year. Seems the Navy has done their homework and agrees. Interesting to see if that actually pans out. ********************************************************************* 4. NT THIRD PARTY NEWS: * MS Drops 175Mil+ on NetIQ It's a small world. In 1996, Sunbelt decided that an event log monitor tool called SeNTry made by Serverware in the UK would be excellent for NT system administrators. We did well with it. But a while later, the Serverware people sold their tool to MissionCritical (MC) for a good chunk of cash but not more than $10-20Mil in my estimation. MC did not want Sunbelt to distribute it, so we needed to find another event tool. The MC people kept developing SeNTry further, and after a year or so, renamed it to 'OnePoint Operations Manager'. Then NetIQ merged with MC, and the 'Onepoint' was lopped off. Next, NetIQ continued to develop it. And guess what? Microsoft thought it was a good idea to provide event management with W2K. I thought so too, just a little earlier. [grin] NetIQ sold off the code to MS this week, but for a whopping 175Mil to be included in the new .NET initiative. Neat profit margin. I wish my friend and the original technical developer Selim Kohen was still here to see this happen, but he passed away recently due to a heart attack at the too young age of just 50. Selim, RIP, your original idea just got the ultimate endorsement. The code will now be called Microsoft Operations Manager. MS will grab the existing code, spruce it up and run it through their internal quality control. It will see the light of day in a new retail deal by MS somewhere in 2001. No idea what it will cost yet though. MS pays NetIQ $175Mil for OpsMan, next they will pay $6M/yr more in the next 3 years to develop additional projects, $5M/yr for co-op marketing and MS will also buy NetIQ stock for three years at the rate of $5M a year. Sum Total: 211Mil. Not to be sneezed at. ---------------------- * New Security Tool Released: Enterprise Security Reporter (ESR) So how do you find out which objects on a network a user or group has *effective* permissions to, without manually examining each individual object on your network? And ever asked yourself: - To which groups does a user belong? - To which folders and files does a user and/or group have access? - How can I view *all* the shares and their permissions on the LAN? Using the tools that come natively with NT/W2K you quickly realize that it is nearly impossible to gather the data to produce the reports you need. ESR is a powerful security reporting package that was created to comb through the vast amount of data on your network so you can analyze, query and report on the security and configuration of your network. Some of the features: Create unique summarized permissions reports - - ESR's exclusive Delta Permissions Reporting technology targets and reports permission changes on folders and files that differ from those of its parent folder, enterprise wide. Powerful Reports - Featuring reports developed using Seagate Software's Crystal Reports, ESR reports can be exported to numerous formats and you can email them to others. Support for Microsoft Access Reports - By natively supporting Microsoft Access reports, ESR allows you complete flexibility in developing your own reports in a tool most people are familiar with, and then letting you run these reports from the ESR interface. Scalable Data Discovery - Using either a centralized data discovery agent or distributed data discovery agents, ESR can accommodate both small and large networks without becoming intrusive. Remote Agent Installation - Install the agents on remote servers without having to log onto the server itself. Open Database - ESR uses MS-SQL Server 7 or the scaled-down Microsoft Data Engine as its back-end database. This means you can use any tool you want to connect to and query the data. The ESR database is fully documented so you can write your own queries and reports. And more features like: - Parameterized Queries - Enterprise Scopes - Browse Real-time Data - User Extensible Check it out at: http://www.sunbelt-software.com/product.cfm?id=787 ---------------------- * NEW: Tired of AT scripting? Replace it with Opalis JobEngine! For just 199 bucks you can automate Job Processing instead of spending tons of time with the AT command. Opalis JobEngine is one of the Modules of Opalis Robot we have broken out of the package at popular request. It's an advanced job scheduling and automation tool for Windows NT/2000 environments. You can use it to automate routine tasks and multi-step job sequences to improve productivity and availability of resources. JOB SCHEDULING & PROCESS AUTOMATION The Opalis JobEngine enables you to schedule jobs that run unattended. Daily tasks such running batch files, launching the back-up, connecting to the Internet and transferring files can all be automated. Weekly or monthly reboots, reports and file purges can also be scheduled. This is one of those little gems that can save you time and increase your productivity. Schedule uploads, downloads, file transfers, database updates, report generation, email distribution, backups, server reboots, internet connections, program executions, batch files and more, all without one line of writing a script. MANAGEMENT & NOTIFICATION You've got one cool interface to build and manage automated tasks. A detailed log provides a centralized view of job status, errors and a job description of each process. Receive real-time status on automated jobs. Detailed logging and reporting options available through standard communication channel such as email, telephone, pager, pop-up and ODBC/SQL databases. We have said enough. Here are the specs: http://www.sunbelt-software.com/product.cfm?id=585 Buy it online with 24/7 delivery and a key emailed within 24 hours: http://www.sunbelt-software.com/onlineshop.cfm ---------------------- * How Sprint Keeps Servers From Running Out of Space I decided to give you a case study on how one of the largest telecom outfits controls their disk space. Three call center groups at Sprint, in Kansas City, Missouri, use WQuinn's StorageCeNTtral on Windows NT file and print servers to make sure 5,000 employees don't run out of disk space. At the same time, these three call center groups don't want employees to misuse the amount of space that is assigned to them. For the past year, Eric Bosch, a systems integrator at Sprint's Business Service Group, has relied upon StorageCeNTral to monitor space usage on about 28 servers - a mix of Dells and Proliants - with an average of about 36 Gbytes of internal RAID. When Bosch first got StorageCeNTral, he immediately ran a report to find out why some servers were running out of space and others were at peak capacity. He says, "A few employees had 100s of Mbytes of .mp3 files in their home directory." Since the computer policy forbids certain types of files, such as .mp3's, from being stored on servers, Bosch deleted the files. He adds that he freed up about three Gbytes of space on some servers. StorageCeNTral allows Bosch easily to allocate a 150-Mbyte space quota to each home directory of the 2,500 employees on these servers. As employees get within 70 percent of their quota, then StorageCeNTral sends them an on-screen, pop-up message saying they need to clean up their file or they'll run out of space. They receive another message when they reach 90 percent of their quota, and again at 100 percent. He says, "When they reach 100 percent, we allow them about 10 percent more so they've enough room to store files they're working on. When they've cleaned up their area, then we readjust the quota to 150-MB." Bosch says that some employees grumble about having to clean up their space. On the other hand, he says, rapid disk growth is a real problem in a large company such as ours. Without StorageCeNTral, we'd have a difficult time finding out who is using all the disk space on a server." Bosch uses StorageCeNTral's reporting capabilities to look at disk space by users, ranked in descending order by the largest users. With the release of StorageCeNTral 4.1, Bosch will be able to give employees an HTML-page listing links to their largest files and or oldest files. An employee can first view a file by double clicking on a link. To delete the file, an employee can go back and click on the link and hit delete. Blocking certain types, such as .mp3's, from being stored on the servers has become an important concern for Bosch. He says, "Right now I delete any copies of games, such as Doom, or any .mp3. Since we use Tivoli for network management, someone suggested that we use it to set filters for blocking certain file types from being stored on servers. But you can't do this with Tivoli." StorageCeNTral 4.1's filescreening capability will allow Bosch easily to set filters on just about any type of file, such as The Love Bug's Visual Basic Script, and prevent the file from being stored on a server. With the servers being upgraded to 80 Gbytes Bosch says he looks forward to using StorageCeNTral 4.1, which he recently downloaded. He says, "StorageCeNTral just sits there keeping an eye on your disk usage. It doesn't require any maintenance or put any strain on a server's CPU." http://www.sunbelt-software.com/product.cfm?id=423 ------------------- * Change Member Servers to BDC and back? Use U-Promote On the NTSYSADMIN list the following question was asked: "Does any one have any experience using Utools "U Promote". Any feedback especially any comments why I should not use this product would be appreciated. I need to rebuild several Domain Controls for a major domain migration project. This tool seems like a tremendous time saver". Two answers came: "It's worked very well for us. No problems to report. (I've not experienced it fail, but it would be wise to take a full backup before doing this.) This question has come up often over the past several months so you should be able to find many hits in the archives. and "I have used it on 2 machines in our domain. Changing a member server to a BDC and a BDC back to a member server. Worked very well. Easy and quick. No complaints". Where? http://www.sunbelt-software.com/onlineshop.cfm Single copies: $99.95 Unlimited: $239.95. ********************************************************************* 5. W2Knews 'FAVE' LINKS: === Want to understand how LDAP (Lightweight Directory Access Protocol) works? Here is a white paper that explains. [WRAPPED] http://www. microsoft.com/windows2000/library/howitworks/activedirectory/ldap.asp === Want to get into the latest IT fashion fast? SearchXMLresources.com will do the trick. Check out http://www.searchXMLresources.com/p1 === Where the IT gossip hits first: The Register site in the UK: http://www.theregister.co.uk === ********************************************************************* 6. THE NT/2000 STOCK WATCH - Closing numbers Friday 13, 2000 (00s) SYMBL SECURITY CLOSE CHANGE VOL --------------------------------------------------------------------- AMD Advanced Micro Devices............. 21 7/8 - 1/4 131977 BMCS BMC Software....................... 16 + 1/2 38218 BVEW BindView Development Corporation... 4 15/16 - 1/8 14582 CSCO Cisco Systems...................... 56 1/16 +6 1/4 728731 CTXS Citrix Systems Inc................. 18 3/16 +1 36452 CPQ Compaq Computer.................... 25 3/16 +2 21/32 152506 CA Computer Associates................ 25 15/16 + 11/16 24591 DRTN Data Return Corporation............ 15 +2 5210 DELL Dell Computer...................... 27 5/16 +4 1/8 577766 EMC EMC Corp........................... 94 15/16 +9 3/16 129733 EDS Electronic Data Systems Corp....... 49 1/2 +3 11/64 44192 GTW Gateway Inc........................ 53 7/64 +9 15/32 60076 HWP Hewlett Packard Co................. 90 5/8 +6 59/64 61275 INTC Intel Corp......................... 40 3/8 +3 1/4 796088 INGR Intergraph Corp.................... 6 3/32 + 9/64 489 IBM International Business Machines.... 109 1/8 +6 90894 LGTO Legato Systems Inc................. 9 9/16 - 3/64 19492 MUEI Micron Electronics Inc............. 7 9/16 + 3/8 7294 MSFT Microsoft Corp..................... 53 3/4 - 5/8 509611 NCR NCR Corp........................... 41 + 3/4 3362 NTIQ NetIQ Corporation.................. 70 + 1/4 20434 NETA Network Associates Inc............. 20 5/8 +1 59/64 21620 NOVL Novell Inc......................... 8 11/32 + 7/32 47050 ORCL Oracle Corp........................ 35 5/8 +4 1/8 376819 QCOM Qualcomm Incorporated.............. 69 15/16 +5 9/16 139214 QSFT Quest Software Inc................. 52 1/16 +6 3/8 3863 SEG Seagate Technology................. 68 3/8 +7 7/8 25470 SGI Silicon Graphics................... 3 3/4 + 3/64 12577 SUNW Sun Microsystems Inc............... 111 +13 3/64 283073 SYBS Sybase Inc......................... 20 3/16 +1 1/4 4330 SYMC Symantec Corp...................... 43 3/4 +2 12439 UIS Unisys Corp........................ 10 9/16 + 11/16 36612 VRTS Veritas Software Corp.............. 140 13/16 +19 11/64 112041 DJIA Dow Jones 30 Industrials........... 10,192.18 +157.60 ********************************************************************* 7. "HOW TO USE THE MAILING LIST" Instructions on how to subscribe, sign off or change your email address TO SUBSCRIBE TO THE LIST (Tell your friends!) Click: http://lyris.sunbelt-software.com/scripts/lyris.pl?join=w2knews and fill out the form, simple & easy: 1 minute work. Or by email, send a blank message to the following address: [EMAIL PROTECTED] _____________________________________________________ TO QUIT THE LIST Go here, choose the list you are on, and follow instructions: http://lyris.sunbelt-software.com/scripts/lyris.pl and unsubscribe from either the nt-list or w2knews. You can see which list you are on looking at the FROM address of the newsletter. (It takes a week for this change to filter through so you may still get one or two news items before the flow stops). ____________________________________________________ TO CHANGE YOUR ADDRESS First unsubscribe and then resubscribe as per the procedure above. ********************************************************************* FOR MORE INFORMATION On the World Wide Web point your browser to: For the newsletter and our website: http://www.sunbelt-software.com For Tech Support on Sunbelt products mentioned: http://www.sunbelt-software.com/scripts/rightnow.exe Back Issues are here, all searchable and indexed. NT-list: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=nt-list&text_mode=0 Back Issues of W2Knews are all here: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=w2knews&text_mode=0 Cannot unsubscribe? Send an email to a live person: [EMAIL PROTECTED] (It will take about a week for the change to filter through the systems, so you may still receive one or two newsletters before the flow stops.) Email for US sales information to: [EMAIL PROTECTED] Email for US Tech support to: [EMAIL PROTECTED] Email to the US Editor: [EMAIL PROTECTED] Email for European Sales to: [EMAIL PROTECTED] Email for European Tech support to: [EMAIL PROTECTED] At the time of this newsletter's release, all links were checked to verify their accuracy and validity. However, due to the ever changing pages of various sites, some links may later prove to be invalid. We regret any inconvenience should you be unable to open any of these links. ********************************************************************* Things Our Lawyers Make Us Say: This document is provided for informational purposes only. The information contained in this document represents the current view of Sunbelt Software Distribution on the issues discussed as of the date of publication. Because Sunbelt must respond to changes in market conditions, it should not be interpreted to be a commitment on the part of Sunbelt and Sunbelt cannot guarantee the accuracy of any informa- tion presented after the date of publication. INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND FREEDOM FROM INFRINGEMENT. The user assumes the entire risk as to the accuracy and the use of this document. This document may be copied and distributed subject to the following conditions: 1) All text must be copied without modification and all pages must be included; 2) All copies must contain Sunbelt's copyright notice and any other notices provided therein; and 3) This document may not be distributed for profit. All trademarks acknowledged. Copyright Sunbelt Software Distribution, Inc. 1996-2000.