W2Knews[tm] (the original NTools E-News) Electronic Newsletter Vol. 5, #53- November 6, 2000 - Issue #227 Published by sunbelt-software.com since 1996 - ISSN: 1527-3407 'Immediate Notification Of Important Windows NT/2000 Events' *******************over 600,000 Readers****************************** This Issue of W2Knews contains: 1. EDITORS CORNER: * W2K Survival Kit - Limited Edition - Selling Out Fast! 2. TECH BRIEFING: * How To Protect Against the 'QAZ Microsoft Crack'? 3. NT/2000 RELATED NEWS: * New IT Training And Certification Portal * What Is New In 'Windows 2002'? * More On Sending 'Out Of Office' to mailing lists * More on The Page File Is A Possible Vulnerability 4. NT/2000 THIRD PARTY NEWS: * Migration to W2K Still A Headache? * Another NEW Security Tool: Service Account Password Mgmt * Where Did That EX-EMPLOYEE Have Access? 5. W2Knews 'FAVE' LINKS: * This week's three Fave Links from Sunbelt. 6. SECURITY BOOKS OF THE WEEK: - Hacking Exposed Second Edition - Network Intrusion Detection - Designing Security for a Windows 2000 Network 7. THE NT/2000 STOCK WATCH - Week ending Nov 3, 2000 8. HOW TO USE THE MAILING LIST Instructions on how to subscribe, sign off or change your address. *********************** SPONSOR: MAIL.COM**************************** Whether upgrading from a previous version of Exchange, migrating to Exchange from existing systems, or choosing Exchange as your company's first system, Mail.com provides Hosted Microsoft Exchange solutions to suit the needs of organizations of every size. Mail.com provides enhanced applications such as virus scanning, content control and integrated faxing. Without requiring any additional hardware or software, we'll provide Exchange 2000 that is more reliable, secure and affordable than running it yourself-virtually overnight. www.netmoves.com/cgi-bin/url?who=NAME&what=exchange **************************What Is W2Knews?*************************** Sunbelt W2Knews is the World's first and largest e-zine designed for NT/2000 System Admins and Power Users that need to keep these platform up & running. Every week we get you pragmatic, from-the- trenches news regarding NT/2000 and 3-rd party System Management Tools. W2Knews will help you to better understand NT/2000 and pass your Certification Exams. You will get breaking news like new tools, service packs, sites, or killer viruses via W2KNewsFlashes. Sunbelt Software is THE NT/2000 e-business tools site. At the end of this message are links to all indexed and searchable back issues. --------------------------------------------------------------------- 1. "EDITORS CORNER" * W2K Survival Kit - Limited Edition - Selling Out Fast! You may have missed this, and I do not want you to tell me afterward that I did not warn 'ya. :-) I pulled together something really special for you guys as a Christmas present from Sunbelt. OK, OK, it's not completely free, but normally you pay 5 times more than this. Basically we do this once a year as a special, and it's practically at cost. We can now also deliver internationally, (but shipping is higher, send an email to [EMAIL PROTECTED] to get details). The combo is: 1) the W2K Admin Black Book I co-wrote, 2) 5 CD's (videos put on CD) that completely cover the new W2K system. You could consider this your very own home 'W2K boot camp' at about 10% of the cost, and will prep you for the 70-240 exam. Remember the old 'MCSE Complete' kit we had? This is something similar. 'The Book, the Booster and the Movie'. How does the new AutoPilot for Windows 2000 perform? Well, I'll let Drew Megarry do the talking, he sent the following two paragraphs to us a few days ago: "Our company specializes in outsourcing IT assistance for small to mid-sized companies that can't afford their own IT Department. Most of them have only a single server, and these servers sometimes run everything from Exchange, to Faxing, File and Printer Sharing, Backups, Proxy Services, Web Publishing and more". "This weekend I was working at a client site and he complained of extremely poor performance on his server. I decided that this would be a good test of your AutoPilot software and downloaded an eval copy. The results were dramatic, I couldn't believe the results!" We are only going to make a 1000 of this Limited Edition. Just in the first week hundreds were already sold, so you have to be quick with this one before the Holiday Rush sets in. You can download and watch two clips from the CD's in the section "White Papers, Documents and Other Files" to get to know Ross who will become your mentor and friend. He presents the data in a clear and humorous way. You want to grab this opportunity while it lasts. Normal $794.90, but now only $195.00 (add s/h). http://www.sunbelt-software.com/product.cfm?id=227 Now, let's have a look at the news! Stu. (email me with feedback: [EMAIL PROTECTED]) PS, If I see any good 'end-of-year' deals I'll send you a W2KnewsFlash ************************SPONSOR: Win2K MAG*************************** WINDOWS 2000 MAGAZINE - GET A FREE SAMPLE ISSUE Windows 2000 Magazine helps you seek out and implement smart solutions and includes unrivaled coverage of security, Exchange, Active Directory, and more. Order a free sample issue now and without risk, and discover the best resource for Windows NT/2000. http://www.win2000mag.com/sub.cfm?code=fsee200k3b ********************************************************************* 2. TECH BRIEFING: * How To Protect Against the 'QAZ Microsoft Crack'? Of course this is a black eye for MS. So how do we prevent getting a shiner like that ourselves? Many have sent me feedback and thanks to all of you. The article below was inspired by a MS TechNet page that goes into security in a generic way, but I added a series of specific links to tools and suggestions. It's in an FAQ-format. Keep in mind that reason number one that your network gets cracked is that YOUR ORGANIZATION was not ready/trained enough to prevent it. This is your challenge Number One. Buy and *Study* the 3 books in the SECURITY BOOKS OF THE WEEK section below. Q: How does an intruder get into my network? A: In many cases it is end-user lack of security awareness that result in errors. You have to be alert for this kind of stuff that often boil down to configuration errors. Crackers look for these and exploit them. You GOTTA, GOTTA, GOTTA have a set of security Policies and Procedures that are drilled into staff on a regular basis and get Top Management Air Cover. They are themselves also subject to these measures. What good are all these measures if the CEO uses his wife's name as a password? Done that myself once as I have to shamefully admit [blush]. The policy and procedures need to be based on 'Security Best Practices'. You will find these in the SECURITY BOOKS OF THE WEEK section below. Once you have these in place, and you have a responsible team (or person) make sure they get implemented, tested, tested, tested and continually monitored. This will limit your exposure. But the *very* first thing you need to do is get a cheap but powerful Event Log Monitor that will ping you when something funky is going on and monitor your network carefully. An example is ELM: http://www.sunbelt-software.com/product.cfm?id=533 Q: Any recommendations about software and configuration that I should follow? A: Since our security perimeter has now moved to the home of employees that 'telecommute', I suggest 4 lines of defense: 1) Virus Scanners, (home and office) 2) Personal Firewalls /maybe combined with VPN's (home) 3) Email Gateway Scanners (office) 4) Traditional Corporate Security Tools (office) 1) MS recommends following Security Best Practices, but that is a conveniently vague term. To begin with, you have to have antivirus software on ALL corporate machines, desktops and servers, whether they are used at home or on the office. Have them automatically update their virus signatures overnight. Also, have the AV software sit on Exchange Internet Mail Connectors, and proxy servers. It slows the machine down a tiny bit, but you should make it a reason for dismissal if employees turn off their virus scanning software. 2) On home systems being used for corporate access I would almost REQUIRE a personal firewall installed to prevent the QAZ hack that MS suffered. These tools are either free or cheap, but need to be compatible with the VPN you might use or work with your existing remote access (Terminal Server?) method. Some examples of these: - Checkpoint's SecurClient, BlackICE by NetworkICE, tools like ZoneAlarm and "eSafe Desktop" from Aladdin, and Norton Internet Security 2000. 3) CNN just reported yesterday that a whopping 80% of *all* USA's corporate mail is now EMAIL! And email also happens to be the Number One source of security breaches at the moment. That means you want some kind of extra scanning going on that protects against attach- ments which can contain viruses or trojan horses like the MS hack. Look at Mail Essentials: www.sunbelt-software.com/product.cfm?id=610 Other good tools are Sybari and Network Associates' GroupShield. 4) There are quite a few categories of traditional corporate security tools. Firewalls are a good example. Configure your firewalls and routers to allow only the network activity necessary to your business. Update them the moment patches become available. Monitor and control application access (turn on Auditing on your servers) and set+enforce a strong password policy. Configure only those service accounts that are actually needed, and change their passwords at least once a month. (See THIRD PARTY TOOLS below for a new utility that can help here) Use other tools as needed. These are the categories: - Active Content Monitoring - Host-Based Intrusion Detection - Network-Based Intrusion Detection - Security Appliances - Security Services: Penetration Testing - Authentication - Network Authentication - Certificate Authority - File and Session Encryption - Virtual Private Networks and Cryptographic Communications - Single Sign-On - Secure Web Servers - Vulnerability Scanners: Network-Based - Vulnerability Scanners: Host-Based - Real-Time Security Awareness - Enterprise Security Administration - Managed Security Services - Security Services: Policy Development - Trusted Operating System More data at www.sans.org, this site explains these and what they do. And your systems need to be configured correctly. Update to the most recent Service packs to begin with. Think about things like restricting null session access via the Registry, or limiting access via named pipes and/or shares. Kill the NetBIOS bindings if that does not break anything by itself, and disable as many Admin shares as possible. And for obvious reasons, make sure only a few of your high priests can get to tools and boxes that capture network traffic. Make sure to 'testbed' this before you break your production environment! Q: How do I detect an intrusion when it occurs? A: Category 2 and 3 above are most used, often in combination with each other and with scripts that show when things out of your ordinary daily routine occur. Decide what activities and events should be audited, and set alarms for them. A rational approach of building your security perimeter is to create multiple layers of security that start with Policy, Procedure, Training, correct configuration, deployment of security tools, followed by continuous testing and monitoring. Microsoft describes this as follows: Prevent, Detect, React, and then Remediate. 1) Prevent - Obviously, the primary goal of a security system should be to prevent intrusions whenever possible, and to ensure that breaching the security of one layer doesn't enable the intruder to breach other ones. 2) Detect - Security measures should be in place that constantly monitor the system for signs of an intrusion. 3) React - When an intrusion is detected, the system should take action to monitor the intruder and limit further damage. 4) Remediate - Once the intrusion has been countered, the security system should be capable of returning the network to its former secure state. Building a security system and a security organization around these principles is the only way to assure robust security for a large organization and network. Q: It sounds like achieving network security is a significant responsibility. A: Yes. The job of security officer is a critical one for any outfit that operates in today's connected world. It is important to designate a security officer, and to give him or her the resources and authority needed to do the job and protect the organization's information assets. Links: http://www.microsoft.com/technet/security/ , and http://www.microsoft.com/technet/security/001027.asp ********************************************************************* 3. NT/2000 RELATED NEWS: * New IT Training And Certification Portal I recently spotted a new IT training and certification portal on the Web called CertReview.com. The site's main focus seems to be Microsoft certifications (MCP, MOUS and MSS), but also has plans to expand into other non-competing certifications, such as CISCO and A+ credential programs. When I dug a little deeper into the site we found in-depth technical reviews on products and services pertaining to Microsoft training and certification, hence the name CertReview.com. In addition, they will soon be offering their own line of digital e-books (MS Approved Study Guides) for sale on their site in the new Microsoft Reader format. CertReview.com offers a different twist on IT training and certifi- cation (it's really an infomediary), and the site is definitely worth visiting and becoming a member, especially if you are a Microsoft Certified Professional, Office User Specialist or Sales Specialist. They are over at: http://www.certreview.com. --------------------- * What Is New In 'Windows 2002'? ENT Magazine reported that MS has sent the future Windows 2000 version for the first time to a real beta test group. I kind of expect the server version only to surface in 2002 , that's the reason for the title of this item. Why so long? Well Windows 2000 deployment has only just started to penetrate. Why push a new flavor to companies that have not even picked up the earlier version. Anyway, the only really interesting things are that this FINALLY merges the code base for consumer and corporate products into one, and includes 64-bit Windows. These are things BillG has been looking forward to for y e a r s. ENT's Scott Bekker said that Beta 1 doesn't have any major features over the earlier versions that were floating around. Stuff like pruning and grafting of AD, IIS 6.0, and extensions for MS-Office should arrive later. One bit of coolness is a drag-and-drop AD snap-in for Users and Computers. MS Officials say that they are going to release desktop 'Whistler' which is the code name for the tool in summer 2001. Knowing MS, I am now officially nicknaming the new version "W2K2" from here on out! The W2K2 server flavors are expected late 2001. Well, we'll see about that [grin]. Since this integrates some old W95 code into NT, I expect a bunch of backward compatibility problems. MS has a press release on this over on their website [HYPE ALERT] http://www.microsoft.com/presspass/press/2000/Oct00/Whistler1PR.asp But ENT Mag has a nice list of features that are new which is far more interesting to check out. Mouse over here and have a look: http://www.entmag.com/breaknews.asp?ID=3603. --------------------- * More On Sending 'Out Of Office' to mailing lists This one I 'stole' from Michèle Hirt's sig on our Exchange list. To avoid sending OOFs to mailing lists, you can do the following: 1. Create a Public Folder & name it whatever you want to. Make a note of its SMTP address. 2. Subscribe that SMTP address to the mailing list (for instance "MS-Exchange Admin Issues"). 3. Set your own mail subscription to the "no mail" option. Then, the PF will receive all mail sent to the list & since PFs can't be out of the office, they won't return OOFs. But some more people sent in suggestions. David Houston said: "Alternatively, you can set conditions for the OOO rule so that it will only send the message if the message has been "Sent directly to me". This also means that you don't send responses to internal user groups (I'm not sure what the MS name for such groups is) that have been set up by system administrators. This is what I have done in the past". And Greg Bromage sent this: Another way of doing this is, rather than set up a blanket OOO mail, create out-of-office rules. For each mailing list you don't want to suspend, create a Sent By rule with the mailing list name in it. Don't set any actions, and ensure that the "Do not process subsequent rules" box is checked. Finally, create an end rule with the OOO reply. The advantage of this is that you can also set up mail from particular mailing lists (or people) to be forwarded to another e-mail address, or have a different OOO reply for different people. Regards, Greg ------------------------- * More on The Page File Is A Possible Vulnerability Quite a few people sent me a response like Steve Morgan did: "Hey Stu: There is a consequence to deleting a pagefile on shutdown. It stretches out the time until the machine shuts down. For security, I specify deleting the pagefile on our Windows 2000 terminal servers. Those servers are specified with a 4 GB pagefile, and it takes the systems about 20 minutes to shutdown. The bigger the pagefile, the longer to shutdown. On public servers like a terminal server, this can be a real pain when you're trying to turn maintenance around real quick." I appreciate the feedback. And also a little 'undo': the 775Meg should be 375Meg. Thanks Guys! ********************************************************************* 4. NT THIRD PARTY NEWS: * Migration to W2K Still A Headache? Well, listen to this. There is some help for network pros, and it's better than aspirin. I found two great (free) opportunities to help you plan, deploy and manage Windows 2000 and Exchange 2000. 1) A completely free e-book and 2) A free half-day Seminar. 1) The e-book: 'The Definitive Guide to Windows 2000 Administration', by industry gurus Sean Daily and Darren Mar-Elia. It gets you beyond the manuals and white papers. Here are real-world experiences that will impact your performance. Written by industry experts - sponsored by NetPro. You can download the first chapter now at: http://www.fastlane.com/windows2000admin/toc.cfm 2) The seminar: 'Plan, Deploy, Manage Windows 2000 & Exchange 2000'. Learn how to: Get to Windows 2000 & Exchange 2000 - faster. It shows how to ensure a smooth upgrade that minimizes disruption to your end-users and HelpDesk personnel, and to facilitate a manageable and enforceable Windows 2000 & Exchange 2000 policy and admin model. You can visit the seminar and learn why large outfits such as Kodak, Shell, AstraZeneca, and Charles Schwab selected FastLane to get to Windows 2000 & Exchange 2000. They told me the attendance will be strictly limited. Better see if you can get in there before it is too late: http://www.fastlane.com/content.cfm?pgID=10&oa=sb103000 -------------------------- * Another NEW Security Tool: Service Account Password Mgmt Hackers and Crackers work hard, but so do the software developers that come out with tools to stop them. Here is your chance to be influencing the development direction of a NEW TOOL. SmallWonders of Atlanta is a successful developer of security tools. They have just *yesterday* announced the BETA program of Service Explorer. No, you cannot buy it yet, we do not know the price even! But what you *can* do is download it, play with it, report the bugs (which we know there are) to Smallwonders, but most importantly, tell them about the features you would like in this tool, and help build that product so it will be optimal in its use. Service Explorer allows W2K/NT admins to manage multiple services across multiple servers simultaneously. Use Service Explorer to solve the common SECURITY LOOPHOLE of unchanged service accounts that have Domain privileges. Service Explorer gives you the capability to remotely install and de-install services, and lets you control the order of changes to different services. It can change services on multiple domains in the same operation. Service Explorer makes it easy to completely manage Services and Service Account Passwords on thousands of Windows 2000/NT Systems in a single operation. If your company uses agent-based and other software that relies on 2000/NT Services (such as SMS and many virus- scanning programs), you will benefit from enhanced security, improved uptime for service-based software and reduced administrative costs. DOWNLOAD THE BETA OVER HERE: (the current limit is 10 servers and 21 days but the developer will extend both if you ask them to). http://www.sunbelt-software.com/product.cfm?id=786 -------------------------- * Where Did That EX-EMPLOYEE Have Access? In today's increasingly security conscious IT environments, it's important to be able to quickly determine who has admin rights over your network and where. Sure, you may know who is a Domain Admin but what if someone has added themselves locally on a key server? What about those administrative level test accounts with blank passwords?! Corporate data may also be at risk - do you know if your file system permissioning standards are actually being followed? Where did those fired employees have access anyway? Sunbelt's Domain Reporter can help you address these and other concerns. With its real time and historical data collection modes, you can gather information on file permissions, unused accounts, blank passwords and even track changes to your administrative group memberships. Don't get cracked. Run the 30-day eval and get ready to be surprised. http://www.sunbelt-software.com/product.cfm?id=866 ********************************************************************* 5. W2Knews 'FAVE' LINKS: === Who uses what OS and how good is their website uptime record? Hot Stuff over at: http://www.netcraft.com/survey/ === If you want to see a REALLY good SMS site, check out Cliff Hobb's site at: http://www.swynk.com/friends/hobbs/ === Looking for the most important and time saving keyboard shortcuts? Chris Pirillo did the work: http://www.lockergnome.com/shortcuts.html === ********************************************************************* 6. BOOKS OF THE WEEK: - Hacking Exposed (Second Edition) [BRAND NEW!] This title has been a bestseller in its version 1.0, and 2.0 is even better. I wanted to update you on this brand spanking new edition of Hacking Exposed. I reviewed V1.0 a while back. I have the 2.0 version in my hot little hands and already started on it. They have added over 220 new pages and you are going to love the new stuff in there. There are two entirely new Chapters on Windows technologies - Win 2000 Hacking and Internet User Hacking (covers insidious attacks on IE and Outlook). And of course, they go into detail on how to defend against everything they describe. Two short soundbytes: "A cross between a spy novel and a tech manual" and "The best full-disclosure security book you can buy". A MUST. http://www.amazon.com/exec/obidos/ASIN/0072127481/sunbeltunivers0c - Network Intrusion Detection, An Analysts Handbook (Sec.Ed.) Excellent title if you are interested to learn how networks work in reality. Great data about network traffic analysis, how you can identify possible attacks, and how best to handle them. Very good book in this area. Strong recommendation. http://www.amazon.com/exec/obidos/ASIN/0735710082/sunbeltunivers0c - Designing Security for a Windows 2000 Network Exam 70-220, Designing Security for a Windows 2000 Network tests the skills required to analyze the business requirements for security and design a security solution that meets your business requirements. Security includes controlling access to resources, auditing access to resources, authentication, and encryption. http://www.sunbelt-software.com/bookclub/ ********************************************************************* 7. THE NT/2000 STOCK WATCH - Closing numbers Friday Nov 3, 2000 52 WK 52 WK P/E WEEK SECURITY CLOSE HIGH LOW RATIO CHNG --------------------------------------------------------------------- Advanced Micro Devices... 23 43/64 48 1/2 10 14 +15.4% BMC Software............. 21 1/2 86 5/8 13 45 +19.4% BindView Development Corp 8 45 3/4 4 1/2 +6.6% Cisco Systems............ 56 3/4 82 35 +11.9% Citrix Systems Inc....... 23 15/16 122 5/16 14 1/4 42 +14.3% Compaq Computer.......... 31 5/64 35 18 5/8 34 +3.8% Computer Associates...... 32 1/4 79 7/16 23 5/8 15 +3.6% Data Return Corporation.. 12 3/8 94 1/4 8 +17.1% Dell Computer............ 32 9/16 59 3/4 22 1/16 49 +16.5% EMC Corp................. 97 104 15/16 35 1/8 +9.2% Electronic Data Systems C 47 7/8 76 11/16 38 3/8 34 -1.9% Gateway Inc.............. 50 25/64 84 42 9/64 33 +0.2% Hewlett Packard Co....... 46 1/4 68 3/32 28 27 +5.4% Intel Corp............... 45 15/16 75 13/16 33 3/8 36 -0.8% Intergraph Corp.......... 6 3/16 9 3 5/8 +13.7% International Business Ma 100 1/2 134 15/16 86 25 +7.2% Legato Systems Inc....... 10 1/8 82 1/2 8 1/8 +8.7% Micron Electronics Inc... 8 1/16 20 11/16 6 1/2 19 +8.1% Microsoft Corp........... 68 1/4 119 15/16 48 7/16 40 +0.8% NCR Corp................. 44 3/16 47 31 13 +7.6% NetIQ Corporation........ 94 7/8 96 28 7/8 +9.0% Network Associates Inc... 19 13/16 37 3/16 15 5/16 52 +3.9% Novell Inc............... 8 27/32 44 9/16 7 1/2 19 +3.6% Oracle Corp.............. 30 5/16 46 1/2 12 78 -11.3% Qualcomm Incorporated.... 70 1/2 200 51 1/2 81 -5.8% Quest Software Inc....... 44 7/8 98 1/8 23 5/8 -0.2% Seagate Technology....... 74 5/16 79 3/16 28 13/16 45 +9.2% Silicon Graphics......... 4 1/2 5 3/16 2 +2.8% Sun Microsystems Inc..... 113 1/16 129 5/16 51 3/8 92 +9.5% Sybase Inc............... 22 1/8 31 13 11/16 31 +5.0% Symantec Corp............ 37 3/4 81 5/8 31 1/16 12 -0.6% Unisys Corp.............. 13 36 1/16 9 1/8 12 +5.0% Veritas Software Corp.... 153 15/16 174 46 1/8 +9.3% Dow Jones 30 Industrials. 10,817.95 +2.1% --------------------------------------------------------------------- 8. "HOW TO USE THE MAILING LIST" Instructions on how to subscribe, sign off or change your email address TO SUBSCRIBE TO THE LIST (Tell your friends!) Click: http://lyris.sunbelt-software.com/scripts/lyris.pl?join=w2knews and fill out the form, simple & easy: 1 minute work. Or by email, send a blank message to the following address: [EMAIL PROTECTED] _____________________________________________________ TO QUIT THE LIST Go here, choose the list you are on, and follow instructions: http://lyris.sunbelt-software.com/scripts/lyris.pl and unsubscribe from either the nt-list or w2knews. You can see which list you are on looking at the FROM address of the newsletter. (It takes a week for this change to filter through so you may still get one or two news items before the flow stops). ____________________________________________________ TO CHANGE YOUR ADDRESS First unsubscribe and then resubscribe as per the procedure above. ********************************************************************* FOR MORE INFORMATION On the World Wide Web point your browser to: For the newsletter and our website: http://www.sunbelt-software.com For Tech Support on Sunbelt products mentioned: http://www.sunbelt-software.com/scripts/rightnow.exe Back Issues are here, all searchable and indexed. NT-list: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=nt-list&text_mode=0 Back Issues of W2Knews are all here: http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=w2knews&text_mode=0 Cannot unsubscribe? Getting it twice? Send an email to a live person: [EMAIL PROTECTED] (It will take about a week for the change to filter through the systems, so you may still receive one or two newsletters before the flow stops.) Email for US sales information to: [EMAIL PROTECTED] Email for US Tech support to: [EMAIL PROTECTED] Email to the US Editor: [EMAIL PROTECTED] Email for European Sales to: [EMAIL PROTECTED] Email for European Tech support to: [EMAIL PROTECTED] At the time of this newsletter's release, all links were checked to verify their accuracy and validity. However, due to the ever changing pages of various sites, some links may later prove to be invalid. We regret any inconvenience should you be unable to open any of these links. ********************************************************************* Things Our Lawyers Make Us Say: This document is provided for informational purposes only. The information contained in this document represents the current view of Sunbelt Software Distribution on the issues discussed as of the date of publication. Because Sunbelt must respond to changes in market conditions, it should not be interpreted to be a commitment on the part of Sunbelt and Sunbelt cannot guarantee the accuracy of any informa- tion presented after the date of publication. INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND FREEDOM FROM INFRINGEMENT. The user assumes the entire risk as to the accuracy and the use of this document. This document may be copied and distributed subject to the following conditions: 1) All text must be copied without modification and all pages must be included; 2) All copies must contain Sunbelt's copyright notice and any other notices provided therein; and 3) This document may not be distributed for profit. All trademarks acknowledged. Copyright Sunbelt Software Distribution, Inc. 1996-2000.