Windows Client UPDATE, February 19, 2004

==== This Issue Sponsored By ====

Windows & .NET Magazine http://www.winnetmag.com/rd.cfm?code=fsep204xup

====================

Commentary: Wireless Networks in Small Spaces News & Views
- Source Code Leak Prompts Vulnerabilities, Warning from Microsoft

Resources
- Tip: Notebook Hibernation Problems in XP
- Featured Thread: Removing the Read-Only Attribute from the Temp Folder in XP

New and Improved
- Take Control of Your Program Windows
- Tell Us About a Hot Product and Get a T-Shirt!

==== Sponsor: Windows & .NET Magazine ====

Get 2 Sample Issues of Windows & .NET Magazine! Every issue of Windows & .NET Magazine includes intelligent, impartial, and independent coverage of security, Active Directory, Exchange Server, and more. Our expert authors deliver content you simply can't find anywhere else. Try two, no-risk sample issues today, and find out why 100,000 IT professionals read Windows & .NET Magazine each month! http://www.winnetmag.com/rd.cfm?code=fsep204xup

====================

==== Commentary: Wireless Networks in Small Spaces ====
by David Chernicoff, [email protected]

Recently, I helped a friend set up a wireless network for his small business. The offices are located in a converted factory building that's divided into separate office spaces. The office spaces are large and airy, with few walls except those that define the offices. The physical setup creates very little interference problems for the half–dozen workstations that reside within my friend's business's 3000-square-foot space.

However, problems began to arise when I started to configure the client computers. Every other business in the building was running a wireless network, and each of these networks was visible on the other networks and completely unprotected. At one point, I saw no less than seven other wireless networks from the network I was setting up. I had to explain to my friend that not only did his business need the firewall we'd already set up to protect his network from external attacks, but for the security of his data, given the vulnerability of Wireless Application Protocol (WAP) networks, he'd also need to put some internal safeguards into place. Fortunately, I'd already pretty well convinced him that even in his small environment he could do everything he needed with Microsoft Small Business Server (SBS) 2003. He uses a local Value Added Reseller (VAR) who configures and supports SBS, which relieves the vast majority of any potential IT-related headaches. Using SBS also meant that my friend would be using Active Directory (AD) and would have the internal network security that AD provides.

But the immediate major problem that plagued us wasn't the potential security concern. The problem was that the other networks in the office building appeared and disappeared on my friend's network. In addition, all of his staff used notebook computers that they took home at night to use on their unsecured home wireless networks. These users had just enough knowledge of how Windows XP wireless networking works to access the other networks when they were in the office. The kicker was that the default behavior of XP encouraged these users to make connections to the other networks, in the following way. As each external network popped up on my friend's network, his users would receive an alert that a new wireless network was available. When one of these users checked on the network by clicking View Available Wireless Networks, the user would receive a message that the network isn't secure, with the option to connect to it anyway. If a curious user selected the box to allow connection, the network moved to the top of the preferred network connection list, meaning that the user's system would connect to that network before checking on any other network's availability and would do so every time the network was available.

Because of this situation, users started complaining that they couldn't access applications on their network. They shouldn't have been surprised, because they weren't connected to their network. Because Internet-based activities weren't adversely affected in this situation, users didn't notice that they weren't connected to their network until they needed something from their local server or a shared printer.

The easiest solution turned out to be configuring each of the clients manually so that my friend's network was at the top of the preferred networks list. Then, I took some time to knock on a few doors. The other businesses in the building with wireless networks were thrilled when I stopped by to give them the 5-minute course on using XP's tools for securing their networks. Keeping wireless networks independent from one another in a limited space is a difficult task for the nontechnical user to master. Given that my friend's six-employee business is the largest in the building (which caters to arts-and-crafts businesses), the lack of technical know-how in the building didn't surprise me.

I had a brief conversation with the building owner, who told me he was planning a number of similar factory building conversions. After I explained to him the technical problems I was resolving for his tenants, he realized that he could offer wireless networking as part of the package he sells to his tenants. His company already had a small IT staff, and he saw that he could generate some additional revenue by taking advantage of the staff's skills. For IT, directly generating revenue is no small accomplishment.


And Now for Something Completely Different

I'd like to thank the couple dozen readers who let me know that they've turned off the automatic bounce notification features of their email antivirus gateways. I think that makes them better citizens of the World Wide Web.

==== News & Views ====
by Paul Thurrott, [email protected]

Source Code Leak Prompts Vulnerabilities, Warning from Microsoft

Hackers and security researchers who downloaded the Windows 2000 source code over the weekend have already found a security vulnerability to exploit, although the vulnerability affects only the out-of-date Microsoft Internet Explorer (IE) version that shipped with the original Win2K. The vulnerability, which affects IE 5.01, lets attackers compromise users' PCs when they access a malicious Web site. Microsoft says that not only does the vulnerability affect only one older version of IE, but the company found and fixed the vulnerability during its Trustworthy Computing code review 2 years ago. About 10 percent of Web browser users--more people than use Mozilla, Netscape, Opera, and Apple Computer's Safari combined--still use IE 5.01.

"\[The vulnerability\] doesn't affect IE 6," Mike Reavey, a Microsoft security program manager, said. "It does look like it was one of the things that was found during the code review." Microsoft is cautioning users to upgrade to the most recent IE version--IE 6.0 with Service Pack 1 (SP1)--to ensure the safest possible Web experience. But the near-instantaneous release of a vulnerability based on the Windows source-code leak makes me wonder how many other vulnerabilities will be found in the coming days. And, unlike the IE vulnerability, some of those vulnerabilities might also affect the most current versions of Windows, including Windows Server 2003 and Windows XP, which are based on Win2K. "We take this seriously," a Microsoft spokesperson said Friday. "It's illegal for third parties to post or make our source code available. From that standpoint we've taken appropriate legal action to protect our intellectual property."

Microsoft has also taken the interesting step of warning users to keep their hands off the stolen source code. On Monday, the company issued legal warnings to people who had downloaded or distributed the code. "The unauthorized copying and distribution of Microsoft's protected source code is a violation of both civil and criminal copyright and trade secret laws," the warning said. "If you have downloaded and are making the source code available for downloading by others, you are violating Microsoft's rights, and could be subject to severe civil and criminal penalties." Microsoft then demanded that downloaders destroy their copies of the source code and tell Microsoft where they got it.

==== Announcements ====
(from Windows & .NET Magazine and its partners)

Try a Sample Issue of Security Administrator!

Security Administrator is the monthly newsletter from Windows & .NET Magazine that shows you how to protect your network from external intruders and control access for internal users. Sign up now to get a 1-month trial issue--you'll feel more secure just knowing you did. Click here! http://www.secadministrator.com/rd.cfm?code=fsep254xup

Download the Latest eBook--"Best Practices for Managing Linux and UNIX Servers"

This free eBook will educate systems managers about how to best approach the complex realm of Linux and UNIX management and performance monitoring. You'll learn core issues such as configuration management, accounting, and monitoring performance with an eye toward creating a long-term strategy for sustainable growth. http://www.windowsitlibrary.com/ebooks/managingunixlinuxservers/index.cfm

==== Resources ====

Tip: Notebook Hibernation Problems in XP
by David Chernicoff, [email protected]

After I configured a few Windows XP notebook computers for some friends recently, I was surprised when they all called me to report that their computers didn't work properly. If they hit Ctrl+Alt+Del and used the resulting drop-down menu to tell the computer to hibernate, when they powered up again, no shell was running. The problem didn't occur after my friends activated hibernation by closing their notebook cover to store the computer.

The problem is that if you force hibernation from the Ctrl+Alt+Del drop-down menu, XP shuts down the shell before it writes the hibernation file to disk. This behavior occurs only when a notebook uses the XP Welcome screen for logon (it doesn't occur with the Windows Classic Welcome screen). Disabling the XP Welcome screen prevents the problem. Users running XP in a domain environment will be properly configured by default to escape this behavior.

Featured Thread: Removing the Read-Only Attribute from the Temp Folder in XP

Forum member Stef wants to remove the read-only attribute from the C:\Windows\Temp folder in Windows XP. However, every time Stef changes the attribute, it resets to read-only. If you can help, join the discussion at the following URL: http://www.winnetmag.com/forums/rd.cfm?cid=36&tid=67519

==== Events Central ====
(A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events)

New Web Seminar--Realizing the Return on Active Directory

Join Mark Minasi and Indy Chakrabarti for a free Web seminar and discover how to maximize the return on your Active Directory investments and cut the cost of security exposures with secure task delegation, centralized auditing, and Group Policy management. Register now and receive NetIQ's free "Securing Access to Active Directory-A Layered Security Approach" white paper. http://www.winnetmag.com/seminars/activedirectoryroi

==== New and Improved ====
by Dianne Russell, [email protected]

Take Control of Your Program Windows

Actual Tools announced Actual Windows Guard 2.0, desktop productivity software that lets you manage the size and position of program windows, including pop-ups. Actual Windows Guard lets you automatically minimize or maximize the startup windows of programs that you specify. The Stay On Top feature lets you place specific program windows on top of other windows and maintain the "on top" positioning. You can configure the software to prompt you whenever a window closes, helping you guard against accidental window closures. The tool includes an automatic pop-up closure feature. Actual Windows Guard supports Windows XP/2000/NT/Me/9x. Pricing begins at $14.95. http://www.actualtools.com/windowsguard

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==== Sponsored Links ====

NetSupport Free Trial - Fast and Easy Network Management. - NetSupport DNA http://ad.doubleclick.net/clk;7276793;8214395;y?http://www.netsupport-inc.com/dna/netsupport_dna_overview.htm

====================

==== Contact Us ====

About the newsletter -- [email protected] About technical questions -- http://www.winnetmag.com/forums About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]

TAGS: Security
Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish