NTools E-News[tm] Win 2000 Expo: Stay Up To Date. [1/2]
Konstantin Gusev
Vol. 5, #7- Feb 14, 2000
Published by sunbelt-software.com since 1996 - ISSN: 1527-3407
'Immediate Notification Of Important Windows NT/2000 Events'
******************* over 600,000 SUBSCRIBERS*****************
This Issue of NTools E-News (soon renamed to W2Knews) contains:
1. EDITORS CORNER:
2. TECH BRIEFING: How to protect NT against Cyber-marauders?
3. NT RELATED NEWS
* WINDOWS 2000 EXPO: STAY UP TO DATE!
* SUNBELT LAUNCHES DISASTER RECOVERY LIST
* IBM COMES OUT WITH FREE W2K MIGRATION REDBOOK
* INSTALL W2K WITH JUST ONE FLOPPY? YUP.
4. NT THIRD PARTY NEWS
* StorageCeNTral V4.1 UPGRADE DOES CAPACITY PLANNING
* LOW COST SERVER CONSOLIDATION WITH SECURE COPY V2.0
5. HINTS AND TIPS
6. THE NT STOCK WATCH - Feb 11, 2000
*************** SPONSOR: ST. BERNARD SOFTWARE *******************
Now you see it.................... Now you don't.
Don't let your data do a disappearing act on you. Trusted by
leading cutting edge companies as the ultimate source of data
protection, Open File Manager is the only open file solution
that works with all leading backup packages and guarantees 100%
data capture.
www.stbernard.com
********************WHAT IS NTOOLS E-NEWS?***************************
Sunbelt Windows NTools E-News is the World's first and largest
E-Newsletter designed for NT/2000 System Managers that have the job
to get and keep NT up & running in a production environment. Sunbelt
launched this electronic newsletter early 1996. Every week we keep
the Windows NT/2000 community informed and aware of new developments
of NT and 3-rd party NT System Management Tools. You get hints and
tips that will enable you to better utilize and understand Windows
NT/2000 and help you to pass your Certification Exams.
Via (separate) NTools E-NewsFlashes we will send you important
breaking news like new service packs, killer viruses, etc. Sunbelt
Software is the first and largest provider worldwide of Third
Party System Management Tools for Windows NT. Tell Your Friends!
All back issues are here, searchable and indexed on key words:
http://lyris.sunbelt-software.com/scripts/lyris.pl?enter=nt-list&text_mode=0
-------------------------------------------------------------------
1. "EDITORS CORNER"
Hi NT-ers,
Coming Monday morning I'm jumping on a plane to San Francisco to
hear BillG intro Win2K, and be at the Windows 2000 Expo. Sunbelt
has a booth there of course. Easy to remember, it's booth number
2000! Come see me there, and pick up a free permanent copy of
AutoPilot. I'll be there till Thursday and will roam the isles for
all the Tools News which you will get next weekend. If you want
'Hot Show News' earlier, go to www.searchnt.com and subscribe.
This issue is focused on NT Security again. Better keep up with it,
you do not want to be hacked.
Warm regards,
Stu.
Email me at ntn...@gte.net
***************************SPONSOR********************************
Spending too much time diagnosing end-user support issues only to
discover that the machine has a wrong DLL or an old EXE? Worried
about what users are installing on their systems? Baseline +Plus
provides help desk, systems administrators, and SMS administrators
a way to easily isolate software configuration problems. Track
software rollouts such as W2K and immediately detect any differences
from the standard set in your test lab. And quickly discover how
each individual machine deviates over time. Now with Web Reports,
track all your machines from any web browser with numerous pre-
packaged reports. http://www.computingedge.com/ntools
********************************************************************
2. TECH BRIEFING: How to protect NT against Cyber-marauders?
Start with these extremely useful conclusions: The TOP 7 Management
Errors That Lead To Computer Security Vulnerabilities:
Number Seven: Pretend the problem will go away if they ignore it.
Number Six: Authorize reactive, short-term fixes so problems re-
emerge rapidly
Number Five: Fail to realize how much money their information and
organizational reputations are worth.
Number Four: Rely primarily on a firewall.
Number Three: Fail to deal with the operational aspects of security:
make a few fixes and then not allow the follow through necessary to
ensure the problems stay fixed
Number Two: Fail to understand the relationship of information
security to the business problem -- they understand physical security
but do not see the consequences of poor information security.
Number One: Assign untrained people to maintain security and provide
neither the training nor the time to make it possible to do the job.
(Source: http://www.sans.org/newlook/resources/errors.htm)
----
It's another HOT TOPIC this week. All the big sites being attacked.
But security is _always_ an issue. Well just WHY is that? We all know
that security is more than strong passwords, encryption and standard
IT practices that I am sure you heard ad nauseam.
And BTW how many little yellow sticky notes leave your company with
data on them that could compromise security in YOUR area? The docs
that people take home and trash after printing the draft because it's
easier to read on paper than on the screen?
To sell security tools, sales people often ask: "How much would it
cost your company if just one piece of your customer data were used
against you?" Well how about shredding all the paper that leaves
your company? How many passwords or customer addresses and phone #'s
have been written down on little yellow sticky notes in the past year?
Your guess is as good as mine but it's likely to be a lot.
There are many good articles about this but it gets to the point of
information overload with questionable experts being quoted on really
ludicrous subjects. While you should have resources to help you, it
is hard to keep up. A great resource is the monthly NT Digest from
the SANS institute, warmly recommended and required reading in IT:
I'm giving you an extract out of a Computer World story, and you
should REALLY read it in its entirety.
11/22/99 On Jan. 21, The New York Times described the malicious
destruction of the U.S. Information Agency (USIA) Web site. Quoting
a USIA official, it said, "We can't have this happening every six
months; people depend on us." Had it happened before? Had agency
officials been embarrassed? Had they directed staff to tighten
security? If the answers are all yes, then why weren't the problems
fixed the first time?
Staff at the SANS (Systems Administration, Networking and Security)
Institute in Bethesda, Md., interviewed system and security managers
at two dozen other government and commercial sites that were compro-
mised and found a surprisingly consistent pattern of decisions,
actions and results that may explain the USIA outcome. What pattern
did they find? Read this and come back!
http://www.computerworld.com/home/print.nsf/all/991122CD52
What's this mean to you? Well, we can't make you shred everything
on paper that leaves your company or actually implement and enforce
security guidelines, or read the latest vulnerability updates, but
we can offer you the tools to make your job easier in this area and
offer you the TIME to handle the other areas.
STAT is updated regularly with all the latest vulnerabilities so
that you are always up to date ( and don't have to so much reading :)
-- and so are your NT servers and NT workstations. Security Explorer
will allow you a degree of control over NT file permissions that you
may not have thought possible, RESKIT or no RESKIT. Trusted Enterprise
Manager will allow you to lock down security and give, for example,
the Help Desk ONLY those rights they need to do their jobs in addition
to easing your migration to AD and being ready for it when the time
comes. Security tools, with full data and eval copies are here:
http://www.sunbelt-software.com/category_search.cfm#4
Another excellent resource related to the recent spate of Distributed
Denial Of Service Attacks is here: http://www.sans.org/y2k/egress.htm
it explains how to protect the Internet from these things.
Looking for some good PDF's that explain how to ward off bad guys?
http://www.sans.org/newlook/misc/NS99talks.htm#4-1
What to do when Firewalls, VPNs and Intrusion Detection Fail? Some
of the recent hacks show that current Internet security is not always
sufficient. Depending on your line of business, you may need to move
beyond typical network technologies such as firewalls, VPNs and
Intrusion Detection. You can upgrade your security to the next level
with digital certificates that secure individual access to software.
Digital certificates provide the critical security needed to ensure
that people are who they say they are, that they are authorized to
enter specific apps and that communications, documents and transactions
haven坱 been hacked.
The rest is up to you and I would have in writing somewhere that you
_did_ suggest that your company shreds all the paper that is trashed.
CYA. Hacker kids doing dumpster diving should only find coffee
grounds, yesterdays leftovers and confetti!
********************************************************************
3. "NT RELATED NEWS"
* WINDOWS 2000 EXPO: STAY UP TO DATE!
Obviously it's going to be interesting to get the latest news
from the show on an hourly basis. This is Microsoft's biggest
announcement ever. I will fly there myself and come back with
tools news, but if you want to get day to day coverage, the guys
from SearchWin2000.com (formerly SearchNT.com) are your ticket.
They will be reporting directly from the Windows 2000 Expo:
News, new product announcements and highlights of key sessions.
So if you did not yet register for their daily news, now is the
time to sign up, absolutely free at http://www.searchnt.com
------------------------------
* SUNBELT LAUNCHES DISASTER RECOVERY LIST
As a service to the IT Community, and to make Disaster Recovery (DR)
a more accessible discipline for our IT colleagues, Sunbelt Software
announces the NEW free Sunbelt Disaster Recovery List! This is our
first multi-platform list. What can you do on this list? Discuss DR
Admin and Tech problems and/or workarounds, how to, what to, why to,
type questions platform independent. This list covers Servers running
Novell, Win NT/2000, But also Solaris, Linux, VMS, AS/400, Unix and
other platforms. Discuss third-party DR products, services, and/or
methodologies, provided these are designed to aid in DR Admin. Now
you Microsoft Cluster guys have a place to chat too. And most important:
the list is ON TOPIC, LOW NOISE, and FRIENDLY. This is no place for O/S
wars. Sign up here: http://www.sunbelt-software.com/dr_list_charter.htm