W2Knews[tm] (the original NTools E-News) Electronic Newsletter
Vol. 5, #49- October 16, 2000 - Issue #223
Published by sunbelt-software.com since 1996 - ISSN: 1527-3407
'Immediate Notification Of Important Windows NT/2000 Events'
*******************over 600,000 Readers******************************
This Issue of W2Knews contains:
1. EDITORS CORNER:
* An Immense Amount of News This Week.
2. TECH BRIEFING:
* The Name Of The Security Game: Proactive
3. NT/2000 RELATED NEWS:
* You Can Now TweakUI Windows ME/NT/2000
* MS Intro's TAHOE Document Server
* Enormous EDS Navy Contract: MS & Dell Share Bounty
4. NT/2000 THIRD PARTY NEWS:
* MS Drops 175Mil on NetIQ
* NEW Security Tool Released: Enterprise Security Reporter
* NEW: Tired of AT scripting? Replace it with Opalis JobEngine!
* How Sprint Keeps Servers From Running Out of Space
* Change Member Servers to BDC and back? Use U-Promote
5. W2Knews 'FAVE' LINKS:
* This week's three Fave Links from Sunbelt.
6. THE NT/2000 STOCK WATCH - Week ending Friday October 13, 2000
7. HOW TO USE THE MAILING LIST
Instructions on how to subscribe, sign off or change your address.
*********************** SPONSOR: NETIQ*******************************
ARE YOU SURE YOU'RE SECURE? Get your FREE copy of Windows NT
Security: Step-by-Step, a valuable 36-page resource guide
produced by the highly regarded SANS Institute.
Order now! Limited quantities available.
http://www.missioncritical.com/sponsor.asp?id=74
Lock out potential violators to your Windows NT and
Windows 2000 network with security protection from NetIQ.
Nobody does Windows 2000 better. Nobody.
**************************What Is W2Knews?***************************
Sunbelt W2Knews is the World's first and largest e-zine designed
for NT/2000 System Admins and Power Users that need to keep these
platform up & running. Every week we get you pragmatic, from-the-
trenches news regarding NT/2000 and 3-rd party System Management
Tools. W2Knews will help you to better understand NT/2000 and pass
your Certification Exams. You will get breaking news like new
tools, service packs, sites, or killer viruses via W2KNewsFlashes.
Sunbelt Software is THE NT/2000 e-business tools site. At the end
of this message are links to all indexed and searchable back issues.
---------------------------------------------------------------------
1. "EDITORS CORNER"
Hi NT/W2K Pros,
* An Immense Amount of News This Week.
With me being at the MEC in Dallas last week, you would not
believe the amount of mail and news that has piled up while I
was away. I have been scanning stuff for *hours* before I could
even start writing this week's newsletter. So I'm going to keep all
items relatively short, to get you at least the most important
headlines all in one go.
Pardon Our Dust: a small section of you received an old newsletter
dated May 4 last week. Our Lyris listserver had some major database
corruption. Then we found that the very last version of the backup
tool we used, had not made valid backups for about a week: Aaaugh!
After a whole day messing with restores we got back a version of
the October 3-rd. Sorry for the dust during the reconstruction.
Everything is back to normal now. Still mystified what caused it
though.
Warm regards,
Stu.
(email me with feedback: [EMAIL PROTECTED])
PS, If I see any good 'end-of-year' deals I'll send you a W2KnewsFlash
*************************SPONSOR: NETWORK-1**************************
Now -a Firewall that operates like a Bridge, not a Router
Now you can install a firewall into your network without having to
touch any IP addresses. In fact, even the firewall has no IP address!
Try hacking that. CyberwallPLUS is even ISCA-certified for reliability.
CyberwallPLUS - the way firewalls are supposed to work.
Free 14-day evaluation: <http://www.network-1.com/IPeval/index.htm
*********************************************************************
Want to sponsor W2Knews? Email [EMAIL PROTECTED]
---------------------------------------------------------------------
2. TECH BRIEFING:
* The Name Of The Security Game: Proactive
How many of your users walk away from their workstations without
locking it for hours at a time? And how many happily click on the
"save my password" button on a website? That option is another way
of saying: 'store my password in a persistent cookie on my harddisk'.
And don't tell me you are not guilty. Everybody is, except for some
secure sites where the punishment is death if you forget to give
your workstation the three-finger salute and press Enter. [grin].
So, what to do? Being proactive in your Security management is the
thing to do. That means a series of policies and procedures in place,
that sometimes are a headache for users which then rebel. That is
why Top Management involvement providing air cover is a must.
You also need to talk about a separate budget for IT Security, and
ideally not bundled into the normal IT soft- and hardware expenses.
It is a separate discipline, and way too often overlooked, under-
estimated, and only activated after the damage has been done.
Does your company have a separate IT Security Audit officer? Should
it? You bet your boots you should.
If not full-time, train some one to wear this hat at least part-
time and give them the tools to get the job done. If staff *know*
some one is doing regular scans for illegal software, if strong
passwords are simply enforced, if weekly checks for excessive
permissions are done and action taken if found, you are getting
in the right direction. But for Pete's sake, DO SOMETHING! More
suggestions below.
If you run into a bug or suspected security vulnerability, this is
where you can go to check and/or report on it. It's the Microsoft
Security Response Center.
http://www.microsoft.com/technet/security/sectour.asp
If you want to do a regular excessive permissions scan, here is
a brand new tool that will help to find them and report on these
for action: It's called Enterprise Security Reporter.
http://www.sunbelt-software.com/product.cfm?id=787
IDG News reported that half of small and midsize enterprises will
suffer Internet attack as per Gartner Group. They claim small and
midsize enterprises need to watch their backs, as they are likely
targets for Internet attacks, and many will fall victim between
now and 2003.
More than half of those that manage their own network security and
use the Internet for more than e-mail will be hit and more than
60% of companies that are targeted won't even know what hit them.
Gartner recommends four steps for protection: Security checkup,
firewall configuration, boundary services and consolidated remote
access with strong authentication. Here is the full article:
http://www.nwfusion.com/news/2000/1011attack50.html
And here are all the Best-of-Breed Sunbelt Security tools:
http://www.sunbelt-software.com/search_category.cfm#SEC
*********************************************************************
3. NT/2000 RELATED NEWS:
* You Can Now TweakUI Windows ME/NT/2000
Tweaking the User Interface is always fun, you can make it behave
exactly as you want it to. TweakUI is one of those free, unsupported
but very useful little tools provided by MS. The latest version now
supports W2K as well. Good for people with paranoia as it can erase
all the tracks of your recent activity. [LINK IS WRAPPED]
http://www.microsoft.com/ntworkstation/downloads/powertoys/
networking/nttweakUI.asp
----------------------
* MS Intro's TAHOE Document Server
At the MEC, I got curious about what Tahoe was all about. Well, in
a nutshell it's like YAHOO for your Intranet, and with automatic
indexing to boot. They were showing a beta version that of course
crashed at the show and needed a wipeout and rebuild but while that
was happening, I got a verbal explanation. BTW, the MS-guy that did
the demo commented: "When in doubt, wipe out!" Interesting motto.
Anyway, this puppy manages internal documents for workgroups of
1000 people and below. It scans Word, Excel and PowerPoint docs
and indexes them for easy retrieval. It comes with its own search
engine which is a spider comparable with an internet crawler.
The way you get a document on the Tahoe server goes like this:
1) You make it, no one else can see it. Phase= Checkout
2) You release the lock, for peer review. Phase= Checkin
3) Now it will be published and is visible. Phase= Publish
4) (Conditional) Final Issue Authority: Phase= Approval
The last phase can be combined with 3) above when needed.
What you get out of this? Better documentation of the work done,
and easier to find who wrote what and where is it. Ideal for
groups that have to generate a lot of documents. Look for it
mid to end 2001. Beta's are available for the strong of heart.
----------------------
* Enormous EDS Navy Contract: MS & Dell Share Bounty
It was all over the newspapers and the EDS stock went up immediately.
They won the bid for the U.S. Navy for a Windows-based corporate
network. This contract is the largest ever for the US government.
It's a 5-year deal covering $4.1 billion, and if they decide to
extend the contract for 3 more years the total could even be $6.9B.
EDS needs to first install and then manage a humongous intranet
of 350,000 seats. The network links all 300 Marine and Navy bases.
The interesting thing is that this was a PC versus Mainframe battle.
EDS was bidding against a combine of CSC, General Dynamics and IBM.
The winning EDS partners are Raytheon, MCI Worldcom and Waminet.
MS and Dell provide software and hardware for the deal so stand to
win substantially. Cisco was tapped for all the networking gear.
EDS claims the contract will save the Navy a cool $ 1 Billion per
year. Seems the Navy has done their homework and agrees. Interesting
to see if that actually pans out.
*********************************************************************
4. NT THIRD PARTY NEWS:
* MS Drops 175Mil+ on NetIQ
It's a small world. In 1996, Sunbelt decided that an event log monitor
tool called SeNTry made by Serverware in the UK would be excellent for
NT system administrators. We did well with it. But a while later, the
Serverware people sold their tool to MissionCritical (MC) for a good
chunk of cash but not more than $10-20Mil in my estimation. MC did not
want Sunbelt to distribute it, so we needed to find another event tool.
The MC people kept developing SeNTry further, and after a year or so,
renamed it to 'OnePoint Operations Manager'. Then NetIQ merged with MC,
and the 'Onepoint' was lopped off. Next, NetIQ continued to develop it.
And guess what? Microsoft thought it was a good idea to provide event
management with W2K. I thought so too, just a little earlier. [grin]
NetIQ sold off the code to MS this week, but for a whopping 175Mil to
be included in the new .NET initiative. Neat profit margin. I wish my
friend and the original technical developer Selim Kohen was still here
to see this happen, but he passed away recently due to a heart attack
at the too young age of just 50. Selim, RIP, your original idea just
got the ultimate endorsement.
The code will now be called Microsoft Operations Manager. MS will grab
the existing code, spruce it up and run it through their internal
quality control. It will see the light of day in a new retail deal by
MS somewhere in 2001. No idea what it will cost yet though.
MS pays NetIQ $175Mil for OpsMan, next they will pay $6M/yr more in
the next 3 years to develop additional projects, $5M/yr for co-op
marketing and MS will also buy NetIQ stock for three years at
the rate of $5M a year. Sum Total: 211Mil. Not to be sneezed at.
----------------------
* New Security Tool Released: Enterprise Security Reporter (ESR)
So how do you find out which objects on a network a user or group
has *effective* permissions to, without manually examining each
individual object on your network?
And ever asked yourself:
- To which groups does a user belong?
- To which folders and files does a user and/or group have access?
- How can I view *all* the shares and their permissions on the LAN?
Using the tools that come natively with NT/W2K you quickly realize
that it is nearly impossible to gather the data to produce the
reports you need. ESR is a powerful security reporting package that
was created to comb through the vast amount of data on your network
so you can analyze, query and report on the security and configuration
of your network.
Some of the features:
Create unique summarized permissions reports - -
ESR's exclusive Delta Permissions Reporting technology targets
and reports permission changes on folders and files that differ
from those of its parent folder, enterprise wide.
Powerful Reports - Featuring reports developed using Seagate
Software's Crystal Reports, ESR reports can be exported to
numerous formats and you can email them to others.
Support for Microsoft Access Reports - By natively supporting
Microsoft Access reports, ESR allows you complete flexibility in
developing your own reports in a tool most people are familiar
with, and then letting you run these reports from the ESR interface.
Scalable Data Discovery - Using either a centralized data
discovery agent or distributed data discovery agents, ESR can
accommodate both small and large networks without becoming intrusive.
Remote Agent Installation - Install the agents on remote servers
without having to log onto the server itself.
Open Database - ESR uses MS-SQL Server 7 or the scaled-down
Microsoft Data Engine as its back-end database. This means you
can use any tool you want to connect to and query the data. The
ESR database is fully documented so you can write your own queries
and reports.
And more features like:
- Parameterized Queries
- Enterprise Scopes
- Browse Real-time Data
- User Extensible
Check it out at: http://www.sunbelt-software.com/product.cfm?id=787
----------------------
* NEW: Tired of AT scripting? Replace it with Opalis JobEngine!
For just 199 bucks you can automate Job Processing instead of spending
tons of time with the AT command. Opalis JobEngine is one of the Modules
of Opalis Robot we have broken out of the package at popular request.
It's an advanced job scheduling and automation tool for Windows NT/2000
environments. You can use it to automate routine tasks and multi-step
job sequences to improve productivity and availability of resources.
JOB SCHEDULING & PROCESS AUTOMATION
The Opalis JobEngine enables you to schedule jobs that run unattended.
Daily tasks such running batch files, launching the back-up, connecting
to the Internet and transferring files can all be automated. Weekly or
monthly reboots, reports and file purges can also be scheduled.
This is one of those little gems that can save you time and increase
your productivity. Schedule uploads, downloads, file transfers,
database updates, report generation, email distribution, backups,
server reboots, internet connections, program executions, batch
files and more, all without one line of writing a script.
MANAGEMENT & NOTIFICATION
You've got one cool interface to build and manage automated tasks. A
detailed log provides a centralized view of job status, errors and a
job description of each process. Receive real-time status on automated
jobs. Detailed logging and reporting options available through standard
communication channel such as email, telephone, pager, pop-up and
ODBC/SQL databases. We have said enough. Here are the specs:
http://www.sunbelt-software.com/product.cfm?id=585
Buy it online with 24/7 delivery and a key emailed within 24 hours:
http://www.sunbelt-software.com/onlineshop.cfm
----------------------
* How Sprint Keeps Servers From Running Out of Space
I decided to give you a case study on how one of the largest telecom
outfits controls their disk space.
Three call center groups at Sprint, in Kansas City, Missouri, use
WQuinn's StorageCeNTtral on Windows NT file and print servers to make
sure 5,000 employees don't run out of disk space. At the same time,
these three call center groups don't want employees to misuse the
amount of space that is assigned to them.
For the past year, Eric Bosch, a systems integrator at Sprint's
Business Service Group, has relied upon StorageCeNTral to monitor
space usage on about 28 servers - a mix of Dells and Proliants
- with an average of about 36 Gbytes of internal RAID.
When Bosch first got StorageCeNTral, he immediately ran a report
to find out why some servers were running out of space and others
were at peak capacity. He says, "A few employees had 100s of Mbytes
of .mp3 files in their home directory." Since the computer policy
forbids certain types of files, such as .mp3's, from being stored
on servers, Bosch deleted the files. He adds that he freed up about
three Gbytes of space on some servers.
StorageCeNTral allows Bosch easily to allocate a 150-Mbyte space
quota to each home directory of the 2,500 employees on these servers.
As employees get within 70 percent of their quota, then StorageCeNTral
sends them an on-screen, pop-up message saying they need to clean up
their file or they'll run out of space. They receive another message
when they reach 90 percent of their quota, and again at 100 percent.
He says, "When they reach 100 percent, we allow them about 10 percent
more so they've enough room to store files they're working on. When
they've cleaned up their area, then we readjust the quota to 150-MB."
Bosch says that some employees grumble about having to clean up their
space. On the other hand, he says, rapid disk growth is a real problem
in a large company such as ours. Without StorageCeNTral, we'd have a
difficult time finding out who is using all the disk space on a server."
Bosch uses StorageCeNTral's reporting capabilities to look at disk
space by users, ranked in descending order by the largest users.
With the release of StorageCeNTral 4.1, Bosch will be able to give
employees an HTML-page listing links to their largest files and or
oldest files. An employee can first view a file by double clicking
on a link. To delete the file, an employee can go back and click on
the link and hit delete.
Blocking certain types, such as .mp3's, from being stored on the
servers has become an important concern for Bosch. He says, "Right
now I delete any copies of games, such as Doom, or any .mp3. Since
we use Tivoli for network management, someone suggested that we use
it to set filters for blocking certain file types from being stored
on servers. But you can't do this with Tivoli." StorageCeNTral 4.1's
filescreening capability will allow Bosch easily to set filters on
just about any type of file, such as The Love Bug's Visual Basic
Script, and prevent the file from being stored on a server.
With the servers being upgraded to 80 Gbytes Bosch says he looks
forward to using StorageCeNTral 4.1, which he recently downloaded. He
says, "StorageCeNTral just sits there keeping an eye on your disk
usage. It doesn't require any maintenance or put any strain on a
server's CPU." http://www.sunbelt-software.com/product.cfm?id=423
-------------------
* Change Member Servers to BDC and back? Use U-Promote
On the NTSYSADMIN list the following question was asked:
"Does any one have any experience using Utools "U Promote". Any
feedback especially any comments why I should not use this product
would be appreciated. I need to rebuild several Domain Controls
for a major domain migration project. This tool seems like a
tremendous time saver".
Two answers came: "It's worked very well for us. No problems
to report. (I've not experienced it fail, but it would be wise
to take a full backup before doing this.) This question has come
up often over the past several months so you should be able to
find many hits in the archives. and
"I have used it on 2 machines in our domain. Changing a member
server to a BDC and a BDC back to a member server. Worked very
well. Easy and quick. No complaints".
Where? http://www.sunbelt-software.com/onlineshop.cfm
Single copies: $99.95
Unlimited: $239.95.
*********************************************************************
5. W2Knews 'FAVE' LINKS:
===
Want to understand how LDAP (Lightweight Directory Access Protocol)
works? Here is a white paper that explains. [WRAPPED] http://www.
microsoft.com/windows2000/library/howitworks/activedirectory/ldap.asp
===
Want to get into the latest IT fashion fast? SearchXMLresources.com
will do the trick. Check out http://www.searchXMLresources.com/p1
===
Where the IT gossip hits first: The Register site in the UK:
http://www.theregister.co.uk
===
*********************************************************************
6. THE NT/2000 STOCK WATCH - Closing numbers Friday 13, 2000
(00s)
SYMBL SECURITY CLOSE CHANGE VOL
---------------------------------------------------------------------
AMD Advanced Micro Devices............. 21 7/8 - 1/4 131977
BMCS BMC Software....................... 16 + 1/2 38218
BVEW BindView Development Corporation... 4 15/16 - 1/8 14582
CSCO Cisco Systems...................... 56 1/16 +6 1/4 728731
CTXS Citrix Systems Inc................. 18 3/16 +1 36452
CPQ Compaq Computer.................... 25 3/16 +2 21/32 152506
CA Computer Associates................ 25 15/16 + 11/16 24591
DRTN Data Return Corporation............ 15 +2 5210
DELL Dell Computer...................... 27 5/16 +4 1/8 577766
EMC EMC Corp........................... 94 15/16 +9 3/16 129733
EDS Electronic Data Systems Corp....... 49 1/2 +3 11/64 44192
GTW Gateway Inc........................ 53 7/64 +9 15/32 60076
HWP Hewlett Packard Co................. 90 5/8 +6 59/64 61275
INTC Intel Corp......................... 40 3/8 +3 1/4 796088
INGR Intergraph Corp.................... 6 3/32 + 9/64 489
IBM International Business Machines.... 109 1/8 +6 90894
LGTO Legato Systems Inc................. 9 9/16 - 3/64 19492
MUEI Micron Electronics Inc............. 7 9/16 + 3/8 7294
MSFT Microsoft Corp..................... 53 3/4 - 5/8 509611
NCR NCR Corp........................... 41 + 3/4 3362
NTIQ NetIQ Corporation.................. 70 + 1/4 20434
NETA Network Associates Inc............. 20 5/8 +1 59/64 21620
NOVL Novell Inc......................... 8 11/32 + 7/32 47050
ORCL Oracle Corp........................ 35 5/8 +4 1/8 376819
QCOM Qualcomm Incorporated.............. 69 15/16 +5 9/16 139214
QSFT Quest Software Inc................. 52 1/16 +6 3/8 3863
SEG Seagate Technology................. 68 3/8 +7 7/8 25470
SGI Silicon Graphics................... 3 3/4 + 3/64 12577
SUNW Sun Microsystems Inc............... 111 +13 3/64 283073
SYBS Sybase Inc......................... 20 3/16 +1 1/4 4330
SYMC Symantec Corp...................... 43 3/4 +2 12439
UIS Unisys Corp........................ 10 9/16 + 11/16 36612
VRTS Veritas Software Corp.............. 140 13/16 +19 11/64 112041
DJIA Dow Jones 30 Industrials........... 10,192.18 +157.60
*********************************************************************
7. "HOW TO USE THE MAILING LIST" Instructions on how to subscribe,
sign off or change your email address
TO SUBSCRIBE TO THE LIST (Tell your friends!)
Click: http://lyris.sunbelt-software.com/scripts/lyris.pl?join=w2knews
and fill out the form, simple & easy: 1 minute work.
Or by email, send a blank message to the following address:
[EMAIL PROTECTED]
_____________________________________________________
TO QUIT THE LIST
Go here, choose the list you are on, and follow instructions:
http://lyris.sunbelt-software.com/scripts/lyris.pl
and unsubscribe from either the nt-list or w2knews. You can see which
list you are on looking at the FROM address of the newsletter. (It
takes a week for this change to filter through so you may still get
one or two news items before the flow stops).
____________________________________________________
TO CHANGE YOUR ADDRESS
First unsubscribe and then resubscribe as per the procedure above.
*********************************************************************
FOR MORE INFORMATION
On the World Wide Web point your browser to:
For the newsletter and our website:
http://www.sunbelt-software.com
For Tech Support on Sunbelt products mentioned:
http://www.sunbelt-software.com/scripts/rightnow.exe
Back Issues are here, all searchable and indexed. NT-list:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=nt-list&text_mode=0
Back Issues of W2Knews are all here:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=w2knews&text_mode=0
Cannot unsubscribe? Send an email to a live person:
[EMAIL PROTECTED]
(It will take about a week for the change to filter through the
systems, so you may still receive one or two newsletters before
the flow stops.)
Email for US sales information to:
[EMAIL PROTECTED]
Email for US Tech support to:
[EMAIL PROTECTED]
Email to the US Editor:
[EMAIL PROTECTED]
Email for European Sales to:
[EMAIL PROTECTED]
Email for European Tech support to:
[EMAIL PROTECTED]
At the time of this newsletter's release, all links were
checked to verify their accuracy and validity. However,
due to the ever changing pages of various sites, some links
may later prove to be invalid. We regret any inconvenience
should you be unable to open any of these links.
*********************************************************************
Things Our Lawyers Make Us Say:
This document is provided for informational purposes only.
The information contained in this document represents the
current view of Sunbelt Software Distribution on the issues
discussed as of the date of publication. Because Sunbelt
must respond to changes in market conditions, it should not
be interpreted to be a commitment on the part of Sunbelt
and Sunbelt cannot guarantee the accuracy of any informa-
tion presented after the date of publication.
INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS"
WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
FREEDOM FROM INFRINGEMENT.
The user assumes the entire risk as to the accuracy and the
use of this document. This document may be copied and
distributed subject to the following conditions: 1) All text
must be copied without modification and all pages must be
included; 2) All copies must contain Sunbelt's copyright
notice and any other notices provided therein; and 3) This
document may not be distributed for profit. All trademarks
acknowledged. Copyright Sunbelt Software Distribution, Inc.
1996-2000.
