=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= SEARCHWIN2000.COM | Security Administration Tip June 17, 2003
Essential tools and advice for the security-focused administrator. More tips: http://searchwin2000.techtarget.com/tips/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= FROM OUR SPONSORS: - Automate patch discovery and analysis with FREE patch management tool: http://searchWin2000.com/r/0,,15253,00.htm?ecora - Find out how your salary stacks up http://searchwin2000.techtarget.com/salarySurvey/0,289712,sid1,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= IN THIS ISSUE | Table of Contents 1. SECURITY TIPS - Remediation for security problems - Step-by-step guide: How to block NetBIOS connections to XP Pro - Clear the Windows pagefile for security - Which key is which? - Ask Roberta Bragg: Set up dual controls for tighter security 2. IMPORTANT ANNOUNCEMENTS AND LINKS - Exclusive Article: Are terminal services terminally confusing? - Featured Topic: The lowdown on licensing changes - Tip Contest: Time is running out! Submit your tip today! - Know-IT-All Quiz #38: The ties that bind - True IT Blooper Contest: Vote for your favorites! ____________________________________________________________________ Sponsored by: Ecora Ecora's FREE PatchLite utility discovers and analyzes ALL missing or installed security patches on servers and workstations in your enterprise. An intuitive user interface enables easy viewing of analysis by host, product or a particular patch. Reports on Windows NT/2000/XP, Exchange, IIS, SQL, MSDE, Windows Media Player, Microsoft Office, IE and Sun Solaris systems. >> Download this free utility now! http://searchWin2000.com/r/0,,15253,00.htm?ecora ____________________________________________________________________ REMEDIATION FOR SECURITY PROBLEMS | by Tom Lancaster If you're one of the many security admins who regularly runs system scans for potential weaknesses, you know that the result of such a scan is a listing of vulnerabilities with some suggestions and advice on what to do about them. Wouldn't it also be nice to have an automatic way to handle those vulnerabilities? Right now you're limited to manual solutions like installing a patch or correcting a setting -- and it's time consuming and hit-or-miss. >> CLICK for the full tip... http://www.searchWin2000.com/tip/1,289483,sid1_gci906498,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= HOW TO BLOCK NETBIOS CONNECTIONS TO XP PRO | by Laura Hunter The Windows server service, while indispensable on a file, print or application server, can create quite a headache when administering Windows workstations. Since the service advertises on well-known NetBIOS ports, it is a common attack vector for hackers attempting to gain access to the computers on your network. There are a number of ways to block this avenue of attack, as discussed in this tip. >> CLICK for the full tip... http://searchwin2000.techtarget.com/tip/1,289483,sid1_gci904693,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= CLEAR THE WINDOWS PAGEFILE FOR SECURITY | by James Michael Stewart Notebook computers pose many of the same security risks as desktop computers and servers, but they pose some unique risks as well. For example, it's much more likely for a notebook computer to be stolen than a desktop PC. The Windows pagefile, which Windows uses for virtual memory, is a potential source of sensitive data. >> CLICK for the full tip... http://searchwin2000.techtarget.com/tip/0,289483,sid1_gci905342,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= WHICH KEY IS WHICH? | by Mike Chapple Users new to the world of cryptography often find themselves confused about the appropriate cryptographic key to use for various applications. It's actually a relatively straightforward selection process that depends upon the algorithm you're using and the goal(s) you're trying to achieve. >> CLICK for the full tip... http://searchwin2000.techtarget.com/tip/1,289483,sid1_gci904078,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= SET UP DUAL CONTROLS FOR TIGHTER SECURITY | Ask Roberta Bragg Dear Roberta: Is there any way that AD could be configured such that a password reset could trigger removal from certain sensitive network groups that the AD administrator would NOT have control over? This would allow for dual administration and less risk of an internal hacker accessing sensitive network resources. Is there another way that dual administration could be implemented when resetting a user's password? Would group policies help? Should we monitor event logs and send alerts that would run VB scripts to remove the member? >> CLICK here for Bragg's expert answer... http://searchwin2000.techtarget.com/ateQuestionNResponse/0,289625,sid1_cid535199_tax285120,00.html Want more tips like this one? Then sign up to receive SearchWin2000.com's "Tips From Our Experts" biweekly newsletter. Just one click will automatically activate your free subscription: http://searchWin2000.techtarget.com/OptIn/1,290894,sid1,00.html?cid=457574&em=&tid=3107&FE=1 ___________________________________________________________________ Find out how your salary stacks up | SearchWin2000.com Salary Survey Have you ever wondered if you are earning what you are worth? If so, you should take the SearchWin2000.com Salary Survey. You just need to answer a few questions and then you can view the results and compare your salary to those of your colleagues. It's anonymous and it's easy! This interactive survey also allows you to take a look at detailed reports, such as the top 10 paying jobs. And you can create your own custom reports by specifying the survey criteria you're interested in. Take the survey today! http://searchwin2000.techtarget.com/salarySurvey/0,289712,sid1,00.html ___________________________________________________________________ IMPORTANT MESSAGES AND LINKS: =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ARE TERMINAL SERVICES TERMINALLY CONFUSING? | Exclusive Article Christa Anderson, an internationally known speaker, writer and authority on server-based computing, has joined SearchWin2000.com as an expert to answer your terminal services questions. In this article, Christa fields questions on everything from testing to connecting through a VPN. >> CLICK here for the full article... http://searchwindowsmanageability.techtarget.com/originalContent/0,289142,sid33_gci905426,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= THE LOWDOWN ON LICENSING CHANGES | Featured Topic Microsoft is overhauling its licensing program to include more support and services. Some think it's a good move. Others just appreciate the gesture. And several think Microsoft just doesn't get it -- is it simply too little too late? We've collected some info to help you decide for yourself. http://searchwin2000.techtarget.com/featuredTopic/1,290042,sid1_gci905811,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= TIME IS RUNNING OUT! SUBMIT YOUR TIP TODAY! | Tip Contest We're over halfway through the month of June and your submission window is closing fast! Submit any Windows-related tip for your chance to win this month's awesome prize -- an iAUDIO 128 MB MP3 player with FM and voice recorder! The iAUDIO MP3 player is the size of a credit card and only weighs 1.4 ounces! It also has a 5-star rating at Amazon.com with over 34 customer reviews! >> Read more about the prize and submit your tip here: http://searchwin2000.techtarget.com/tipsPrize/0,289492,sid1_prz891383_cts891374,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= THE TIES THAT BIND | Know-IT-All Quiz #38 Test your knowledge with this week's quiz, then visit the list of related information you'll find on the answer page. On local area networks, ARP (address resolution protocol) is used by TCP/IP to: a. Store ARP bindings in a local cache on each networked computer b. Bind a network interface's physical address to an IP address c. Start the gratuitous ARP broadcast function d. Check if another machine on the network is using the same IP e. Ensure your Alaskan Malamute is leashed at all times >> CLICK for the correct answer... http://www.searchWin2000.com/originalContent/0,289142,sid1_gci905565,00.html =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= VOTE FOR OUR FAVORITES! | True IT Blooper Contest You've submitted them, you've gotten angry as all heck when they've rubbed you the wrong way and you've been enjoying them for over a year now. But there's one area of our True IT Blooper Contest that you haven't quite mastered -- rating them! So tell us who made an honest mistake, and who needs their server room pass revoked. Take a closer look at three of this month's contenders below. Read `em, rate 'em and submit your own for a chance to win the current, and very cool, prize: a SanDisk Cruzer portable storage device! >> Oops! True IT blooper #101: I told you so... http://searchwindowsmanageability.techtarget.com/tip/1,289483,sid33_gci900766,00.html >> Oops! True IT Blooper #102: When techies love football http://searchwindowsmanageability.techtarget.com/tip/1,289483,sid33_gci902545,00.html >> Oops! True IT blooper #104: Partial plug-in equals partial power http://searchwindowsmanageability.techtarget.com/tip/1,289483,sid33_gci905657,00.html >> Read all of this month's Bloopers or submit your own here: http://searchwindowsmanageability.techtarget.com/tipsIndex/0,289482,sid33_tax292236,00.html ___________________________________________________________________ CERTIFICATION, TRAINING AND CAREER TIPS | Free Newsletter SearchWin2000.com's free biweekly newsletter provides expert certification and career tips and advice, and the latest updates on Microsoft certification and training developments. Just one click here will automatically activate your subscription: http://searchWin2000.techtarget.com/OptIn/1,290894,sid1,00.html?cid=457982&em=&tid=141&FE=1 ___________________________________________________________________ ********************* SEARCHWIN2000 CONTACTS ********************** TIP MAILBOX, (mailto:[EMAIL PROTECTED]) >> Send feedback on tips and ideas for new tip content. ____________________________________________________________________ ED PARRY, News Editor (mailto:[EMAIL PROTECTED]) >> Send me your news, press releases and product announcements. _____________________________________________________________________ MARILYN COHODAS, Senior Site Editor, SearchWin2000.com & SearchWindowsManageability.com (mailto:[EMAIL PROTECTED]) >> Send me your original articles and best practices. _____________________________________________________________________ CATHERINE KETCHER, Site Editor, SearchWin2000.com & SearchWindowsManageability.com (mailto:[EMAIL PROTECTED]) >> Send me your bloopers and Featured Topic ideas. _____________________________________________________________________ MARGIE SEMILOF, Senior News Writer (mailto:[EMAIL PROTECTED]) >> Send me your news and story ideas. _____________________________________________________________________ MATT DEBELLIS, News Writer (mailto:[EMAIL PROTECTED]) >> Send me your Windows manageability news and press releases. _____________________________________________________________________ CHRISTINE POLEWARCZYK, Associate Editor (mailto:[EMAIL PROTECTED]) >> Send me your ideas for online event and discussion day topics. _____________________________________________________________________ DAVID PYE, Assistant Editor (mailto:[EMAIL PROTECTED]) >> Send me your tips and true IT bloopers. _____________________________________________________________________ DANA MCCURLEY, Assistant Editor (mailto:[EMAIL PROTECTED]) >> Send me your favorite Web sites and white papers. _____________________________________________________________________ MIKE KELLY (mailto:[EMAIL PROTECTED]) >> Contact me to sponsor this or any other TechTarget newsletter. ____________________________________________________________________ ********************* ABOUT THIS NEWSLETTER ************************ Published by TechTarget (http://www.techtarget.com) TechTarget - The Most Targeted IT Media Copyright 2003 TechTarget. All rights reserved. ___________________________________________________________________ :::::::::::::::::::: ABOUT THIS NEWSLETTER ::::::::::::::::::::: Published by TechTarget (http://www.techtarget.com) TechTarget - The Most Targeted IT Media Copyright 2003, All Rights Reserved. Unsubscribe from 'Windows Security Tips' - Simply Reply to this Email with REMOVE within the Body or Subject > or - Go to: http://searchWin2000.techtarget.com/register - Log in to edit your profile. - Click on the link to Edit email subscriptions. - Uncheck the box next to the newsletter you wish to unsubscribe from. - When finished, click "Save Changes to My Profile."
