Windows Client UPDATE, May 23, 2002

Windows Client UPDATE—brought to you by the Windows & .NET Magazine Network
http://www.winnetmag.net


THIS ISSUE SPONSORED BY

Windows & .NET Magazine Webinars
http://www.winnetmag.com/seminars/veritas


SPONSOR: WINDOWS & .NET MAGAZINE WEBINARS

RAISING WINDOWS 2000 AVAILABILITY—FREE WEBINAR
How can you reduce (or eliminate) data loss and downtime in the event of a site-wide disaster? Attend the latest free Webinar from Windows & .NET Magazine and get the answers including what kind of fault-tolerant disk setup to use, what clustering is (and isn't!) good at, and best practices for boosting SQL and Exchange availability. Register (for FREE) today!
http://www.winnetmag.com/seminars/veritas


May 23, 2002—In this issue:

1. COMMENTARY

  • Controlling What Users Install on Their Office Computers

2. ANNOUNCEMENT

  • Attend Our Free Windows Security Solutions Webinar!

3. RESOURCES

  • Tip: Configuring a DUN Connection in Windows XP
  • Featured Thread: Copying and Pasting in Windows XP Terminal Services

4. NEW AND IMPROVED

  • Catalog Your Files and Folders
  • Protect the Intellectual Property on Your Web Page

5. CONTACT US

  • See this section for a list of ways to contact us.

1. COMMENTARY
(David Chernicoff, News Editor, [email protected])

  • CONTROLLING WHAT USERS INSTALL ON THEIR OFFICE COMPUTERS

  • Many users don't get the point of why systems administrators have a zero-tolerance policy about installing "harmless" applications on their computers at the office. The point, of course, is security. With the demise of the Napster network, many systems administrators breathed a sigh of relief. Not only did the problem of users sucking up expensive network bandwidth by trading files on the best-known peer-to-peer (P2P) network go away, but the number of files that might introduce viruses to the network diminished.

    Many systems administrators try to enforce a zero-tolerance policy by blocking the ports that P2P file transfers use. Of course, this step doesn't stop users who use laptops from installing P2P software at home on their own time, but that isn't really something that a local administrator can easily control. So, company systems remain vulnerable when users bring their laptops back to work.

    Although Napster might be little more than a painful memory for systems administrators, other P2P file-sharing networks have cropped up. One of the most popular of these newer services is Sharman Networks' KaZaA Media Desktop ( http://www.kazaa.com ). Unfortunately, but unsurprisingly, KaZaA has attracted its first virus, Worm.Kazaa.Benjamin, written explicitly to exploit the way users use the KaZaA software to share files. Kaspersky Lab has added Worm.Kazaa.Benjamin to its virus library ( http://www.viruslist.com/eng/viruslist.html?id=49790 ) and explains in detail how the worm works.

    As with many of today's exploits, Worm.Kazaa.Benjamin requires user interaction. Users need to launch the worm locally on their own machines to cause a security threat. If users bring infected files to the office on their laptops, such "harmless" applications can put the company's systems at risk. Fortunately, all Worm.Kazaa.Benjamin seems to do is launch a German Web page that displays an advertisement. Because the Web page that the worm points to merely reveals a message that says that the domain has been closed down because of massive bandwidth abuse, other major antivirus software vendors haven't yet bothered to announce definition files for Worm.Kazaa.Benjamin.

    Although Worm.Kazaa.Benjamin might be harmless, KaZaA and similar software add a new entry vector for potentially harmful attacks. Training users not to install unapproved software on their work computers is difficult—especially users who use laptops and have higher access levels than network-attached users have. What are you doing to educate your users and counteract the antivirus threat unapproved software causes? I'd like to hear from systems administrators who've dealt successfully with this user-behavior problem. Even users who tell me that their companies have a zero-tolerance policy in place can relate stories about what happens when that policy catches a senior executive. (I'll bet you can guess the results.) So, let me know what you do to control your mobile users: I'll organize the responses and present the results in a future Windows Client UPDATE.

    2. ANNOUNCEMENT
    (brought to you by Windows & .NET Magazine and its partners)

  • ATTEND OUR FREE WINDOWS SECURITY SOLUTIONS WEBINAR!

  • If you're using Windows 2000 to run mission-critical applications, you know Win2K has security concerns. Windows & .NET Magazine's Security Solutions Summit, a half-day online event, addresses where the vulnerabilities lie, how you can strengthen your enterprise's security, and how you can exploit the same tools that hackers use. Register today!
    http://www.winnetmag.com/seminars/security

    3. RESOURCES

  • TIP: CONFIGURING A DUN CONNECTION IN WINDOWS XP

  • (contributed by David Chernicoff, [email protected])

    I don't know why, but for some reason, every time I configure a DUN connection in Windows XP, the OS decides to dial the connection when I restart the computer. Even though I make sure that when I configure the DUN connection I clear the "Make this the default Internet connection" check box, the OS still dials the connection at restart. XP doesn't correctly set the registry to configure the DUN connection the way I want. Now, when I create a DUN connection, I check the registry to make sure that the connection is configured correctly. To check the configuration in the registry, follow these steps:

    1. Launch regedit.
    2. Open HKEY_CURRENT_USER\RemoteAccess\Profile\(DUN connection name).
    3. Double-click the REG_DWORD "Autoconnect."
    4. To disable autoconnect, set the data value to 0; to enable autoconnect, set the value to 1.
    5. Close the editor.

  • FEATURED THREAD: COPYING AND PASTING IN WINDOWS XP TERMINAL SERVICES CLIENT

  • Jose wants to know how to make the copy and paste features work in the Windows XP Terminal Services client. To read more about the problem or offer your help, join the discussion at the following URL:
    http://www.winnetmag.net/forums/rd.cfm?app=83&id=104341

    4. NEW AND IMPROVED
    (contributed by Judy Drennen, [email protected])

  • CATALOG YOUR FILES AND FOLDERS

  • B&P Technologies released APrintDirect 4.0, a Windows utility that lets you manage and create a catalog listing of your files and folders. With the utility, you can select up to 11 different property fields to include in each listing. APrintDirect prints the contents of a disk drive's directory and file structure. APrintDirect 4.0 runs on Windows 2000, Windows NT, and Windows 9x and costs $14 for a single-user license. Contact B&P Technologies at [email protected]
    http://www.bpsoftware.com

  • PROTECT THE INTELLECTUAL PROPERTY ON YOUR WEB PAGE

  • GoldStone Software announced Web Protector 2.0, Web-authoring software for Windows OSs that lets you prevent visitors to your Web site from copying intellectual property that appears on your Web pages. Web Protector runs on Windows XP, Windows 2000, Windows NT, Windows Me, and Windows 9x and costs $49.95. Contact GoldStone at [email protected]
    http://www.protecthtml.com

    5. CONTACT US
    Here's how to reach us with your comments and questions:

    (please mention the newsletter name in the subject line)

    This weekly email newsletter is brought to you by Windows & .NET Magazine, the leading publication for Windows professionals who want to learn more and perform better. Subscribe today.
    http://www.winnetmag.com/sub.cfm?code=wswi201x1z

    Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters.
    http://www.winnetmag.net/email

    Hide comments

    Comments

    • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

    Plain text

    • No HTML tags allowed.
    • Web page addresses and e-mail addresses turn into links automatically.
    • Lines and paragraphs break automatically.
    Publish