==================== ==== This Issue Sponsored By ==== Symantec V2i Protector – Real-time Backup/Recovery http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BGbS0As Symantec ON iPatch - Enterprise Patch Management Solution http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BGbT0At ==================== * In Focus: Help Shape This Newsletter * Security News and Features - News: New RSS Feeds; Cisco Buys Twingo; Windows XP2; cPanel Problems; Storage Utilities - Sneak Preview: SUS 2.0 Beta Is Now WUS - News: Chat with Microsoft About WUS and More; New Shell-Coders Resource; eEye on Security; Phishing for Fargo - News: VoIP Security; More Phishing; New Mac OS X Released * New and Improved - Ensure the Reliability of Your Network Security ==================== ==== Sponsor: Symantec V2i Protector ==== In the event of a security event or disaster V2i Protector provides a real-time, disk-based backup and disaster recovery solution designed to capture a system's active state, including all server/desktop files and configurations. Using V2i Protector, you can quickly restore failed systems to a specified point-in-time without taking hours to manually reinstall and restore data from tape backup or rebuilding from scratch. Perform a full system restoration, a complete bare metal restoration or restore individual files and folders in minutes. V2i Protector also creates exact backups of volumes/partitions through the use of snapshot technology. This captures all files and system personalities and configurations. Backups are created without disrupting data access or application usage. Click here to download an evaluation version today: http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BGbS0As ==================== ==== In Focus: Help Shape This Newsletter ==== by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net >From time to time, we like to ask readers how we might improve our products. It's been a while since we've asked you--the readers of Security UPDATE--for your opinions. So this week, we want to pose some general questions and request your input into how we can improve this newsletter. One question we often contemplate is whether Security UPDATE is too long, too short, or just right. Knowing how busy you all are, we try to keep it as short as we can, but please tell us what you think about the length. For example, do you prefer to have the complete In Focus in the newsletter, or would you rather see a short summary of it with a link to the full text on our Web site? Are our News and Feature summaries long enough, or are they too short? In each Security UPDATE, we typically include In Focus, news, an FAQ, a forum thread, and new products. We sometimes (although not each week) include feature-article summaries and Virus Alerts. Do you want to see more or less of any of the above? Are there other types of information you'd like to see covered? You might have noticed that we've recently adjusted the format of Security UPDATE's table of contents (TOC). We wonder whether you like having a TOC, and if so, whether you prefer a complete TOC or an abbreviated one. Also, does a numbered TOC (with matching numbers in the body of the newsletter) help you navigate the newsletter, or do you prefer a simple bulleted TOC? Those are some of the particular areas we'd like your opinion about, but we're also open to any other suggestions, critiques, and comments you might want to share with us. So please feel free to send any feedback to me at "mark at ntsecurity dot net." Please use a subject prefix of "SECUPD:" to help me more easily identify responses to this editorial. One other content-related item I want to point out this week is our new Really Simple Syndication (RSS) feeds. We've recently added several such feeds to our Web site, and you can learn more about them in the "New RSS Feeds" news story below. ==================== ==== Sponsor: Symantec ON iPatch ==== ON iPatch allows you to proactively patch and secure thousands of computers simultaneously - including remote and mobile computers, no matter where they are located or connected - and rapidly recover from virus corruption, without the significant cost and time delay by sending IT staff to remote locations. As a result, ON iPatch allows you to cost effectively protect all your business-critical systems and minimize the substantial risk of lost revenue and downtime caused by future virus and worms. Click here for more information: http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BGbT0At ==================== ==== Security News and Features ==== Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://www.winnetmag.com/departments/departmentid/752/752.html News: New RSS Feeds; Cisco Buys Twingo; Windows XP2; cPanel Problems; Storage Utilities Windows & .NET Magazine has numerous new Really Simple Syndication (RSS) feeds that you can use to stay abreast of our latest news and articles or to integrate our content into your own Web site. Cisco Systems bought desktop security company Twingo Systems for $5 million in cash. Windows XP Service Pack 2 (SP2) is on the way--you can learn more about it now. New bugs were discovered in cPanel. Making the storage utility a compelling service offering isn't easy. Jerry Cochran talks about how manageability--including Storage Resource Management (SRM), disaster recovery and business continuance, and security--is one key reason for the difficulty. http://www.winnetmag.com/article/articleid/42046/42046.html Sneak Preview: SUS 2.0 Beta Is Now WUS Microsoft announced that Software Update Services (SUS) 2.0 is now renamed Windows Update Services (WUS). The company released the new version of the product into public beta testing and evaluation on March 16. You can learn all about it in the documentation (in Microsoft Word format) on the Microsoft Web site and sign up for the beta or evaluation program. http://www.winnetmag.com/article/articleid/42051/42051.html News: Chat with Microsoft about WUS and More; New Shell Coders Resource; eEye on Security; Phishing for Fargo If you missed the March 16 chat with Microsoft about Windows Update Services (WUS), you might find the chat archived for your review on the Microsoft chat Web page. Or chat with the company about other security topics and other Microsoft products. A new book is available from John Wiley & Sons that helps you learn shell-coding techniques to help you defend your network. eEye Digital Security's eEye Research discovered five new vulnerabilities in IBM, Apple Computer, and Microsoft products. A new phishing scam targets Wells Fargo customers, so watch out. http://www.winnetmag.com/article/articleid/42075/42075.html News: VoIP Security; More Phishing; New Mac OS X Released Because Voice over IP (VoIP) technologies rely on computers, software, and networks, you must consider many potential threats when implementing them. Learn more about defending VoIP. Yet another phishing scam is under way, targeting users of the Regulations.gov Web site. The Federal Trade Commission (FTC) has issued a consumer alert. Apple Computer released Mac OS X 10.3.3, which includes--among other enhancements--all previous standalone security updates. http://www.winnetmag.com/article/articleid/42050/42050.html ==================== ==== Sponsor: Virus Update from Panda Software ==== Are your traditional antivirus solutions really protecting your network? Panda Antivirus GateDefender is a dedicated hardware device installed at the Internet gateway to block viruses before they contaminate your network. It scans 7 different communication protocols, achieving optimum protection against external attacks. Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus GateDefender 7200 (500 seats+) provide the highest scalability with native load balancing that transparently adapts to traffic volume. Visit "Panda's GateDefender Stands Guard!" at http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BEGa0Ad for more information. ==================== ==== Announcements ==== (from Windows & .NET Magazine and its partners) Free eBook--"The Expert's Guide for Exchange 2003: Preparing for, Moving to, and Supporting Exchange Server 2003" This eBook will educate Exchange administrators and systems managers about how to best approach the migration and overall management of an Exchange 2003 environment. The book will concentrate on core issues such as configuration management, accounting, and monitoring performance with an eye toward migration, consolidation, security, and management. http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BGSd0Au Event Central--a Comprehensive Resource for the Latest Events in Your Field Looking for one place to find the latest Web seminars, roadshows, and conferences? Event Central has every topic you're looking for. Stay current on the latest developments in your field. Visit Event Central and find answers now! http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BEtb0AP Get 2 Sample Issues of SQL Server Magazine! SQL Server Magazine is a 360-degree resource loaded with must-read information covering database modeling, ADO.NET, XML, performance tuning, security, and the latest topics that SQL Server database developers, administrators, and business intelligence architects need to know. Try two (no-risk) sample issues today, and discover the timesaving qualities the magazine has to offer. Click here: http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BGbU0Au ==================== ==== Hot Release ==== FREE DOWNLOAD: New Sitekeeper(R) 3.0 Find machines that are missing patches and service packs, distribute patches and updates, track licenses, and inventory hardware and software-all within an hour of installation! Sitekeeper makes automated systems management fast, affordable and easy. Start managing your systems RIGHT NOW-Download FREE Sitekeeper trialware! http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BGbV0Av ==================== ==== Instant Poll ==== Results of Previous Poll The voting has closed in the Windows & .NET Magazine Network Security Web page nonscientific Instant Poll for the question, "Does your company plan to implement a server-based mail-authentication solution?" Here are the results from the 187 votes. - 53% Yes, Sender Policy Framework - 3% Yes, DomainKeys - 5% Yes, Caller ID for E-Mail - 11% Yes, two or more of the above - 27% No (Deviations from 100 percent are due to rounding.) New Instant Poll The next Instant Poll question is, "Does your company use or intend to use Voice over IP (VoIP) technology?" Go to the Security Web page and submit your vote for - Yes, we use it now - Yes, we intend to use it - No, we don't plan to use it - Not sure http://www.winnetmag.com/windowssecurity ==== Security Toolkit ==== Virus Center Panda Software and the Windows & .NET Magazine Network have teamed to bring you the Center for Virus Control. Visit the site often to remain informed about the latest threats to your system security. http://www.winnetmag.com/windowssecurity/panda FAQ: After I use the Microsoft Exchange Server 2003 Recovery Storage Group, do I need to delete its contents? by John Savill, http://www.winnetmag.com/windowsnt20002003faq A. Yes, after you finish a recovery operation, you should delete all databases in the Recovery Storage Group and delete the group itself. If you fail to do so, you'll encounter problems when you try to perform a typical restore because Exchange might still store the data in the Recovery Storage Group instead of placing it in the usual storage group (SG) location. If you want to leave the Recovery Storage Group in place, you must tell the backup API to ignore the group by performing the following steps: 1. Start a registry editor (e.g., regedit.exe). 2. Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet \Services\MSExchangeIS\ParametersSystem registry subkey. 3. From the Edit menu, select New, DWORD Value. 4. Enter the name Recovery SG Override, double-click the new value, set it to 1, then click OK. Be careful when you perform these steps. If you later delete the Recovery Storage Group but you neglect to delete (or set to 0) the registry value that you created in steps 3 and 4 and another administrator later recreates the Recovery Storage Group for a restore operation, that restore operation will overwrite the original database rather than use the Recovery Storage Group database. This behavior will result in serious production problems. Featured Thread: How Do I Encrypt Everything? (Two messages in this thread) A reader writes that his or her company has decided to encrypt all the data on the company systems as well as data traveling to and from the systems. The company has a Windows 2000 and Active Directory (AD) environment and wants to know whether anyone can recommend one solution that handles data encryption for desktops, laptops, servers, TCP/IP networks, Web, and email. Lend a hand or read the responses: http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=118325 ==== Events Central ==== (A complete Web and live events directory brought to you by Windows & .NET Magazine: http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BEtb0AP ) New--Microsoft Security Strategies Roadshow! We've teamed with Microsoft, Avanade, and Network Associates to help you better protect your infrastructure and applications against security threats. Learn how to implement a patch-management strategy; lock down servers, workstations, and network infrastructure; and implement security policy management. Register now for this free event. http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BELe0Am ==== New and Improved ==== by Jason Bovberg, products@private Ensure the Reliability of Your Network Security MetaInfo announced Meta IP NG Feature Pack 4, which extends the functionality of Meta IP DHCP through three separately deployable modules: the DHCP MAC Address Authentication module, the Check Point UserAuthority Authentication module, and the Authenex ASAS module. Each module ensures that only authenticated users can obtain leases to privileged IP addresses. Meta IP NG Feature Pack 4 also extends the software's reliability features. Users can create scheduled backups of Meta IP system configurations within the UI and from the command line, creating further layers of redundancy and failover consistency across networks. For more information about Meta IP NG Feature Pack 4, including pricing, contact MetaInfo at sales@private, 206-674-3700, or on the Web. http://www.metainfo.com Tell Us About a Hot Product and Get a T-Shirt! Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to whatshot@private =================== ==== Sponsored Links ==== Microsoft(TM) Enter the Microsoft Windows Server 2003 Challenge. Win BIG prizes. http://list.winnetmag.com/cgi-bin3/DM/y/efBZ0CJgSH0CBw0BGIT0AU =================== ==== Contact Us ==== About the newsletter -- letters@private About technical questions -- http://www.winnetmag.com/forums About product news -- products@private About your subscription -- securityupdate@private About sponsoring Security UPDATE -- emedia_opps@private ==================== ==== Contact Our Sponsors ==== Primary/Secondary Sponsor: Symantec -- http://www.symantec.com Hot Release Sponsor: Executive Software -- http://www.executive.com ==================== This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today. http://www.winnetmag.com/sub.cfm?code=wswi201x1z View the Windows & .NET Magazine privacy policy at http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy Windows & .NET Magazine, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2004, Penton Media, Inc. All rights reserved. _______________________________________________ isn mailing list isn@private http://www.attrition.org/mailman/listinfo/isn
This archive was generated by hypermail 2b30 : Thu Mar 25 2004 - 05:38:10 PST