Windows Client UPDATE, May 8, 2003

Windows Client UPDATE--brought to you by the Windows & .NET Magazine Network



Windows & .NET Magazine ~~~~~~~~~~~~~~~~~~~~

~~~~ SPONSOR: GET WINDOWS & .NET MAGAZINE AT 25% OFF! ~~~~ Every issue of Windows & .NET Magazine includes intelligent, impartial, and independent coverage of security, Active Directory, Exchange, and much more. Our expert authors deliver content you simply won't find anywhere else. Subscribe today at 25% off, and find out what over 100,000 readers know that you don't!


May 8, 2003--In this issue:

1. COMMENTARY - Get to Know The Wi-Fi Protected Access Standard

2. READER CHALLENGE - April 2003 Reader Challenge Winners - May 2003 Reader Challenge

3. NEWS & VIEWS - WinHEC 2003: Microsoft, HP Unveil Athens PC

4. ANNOUNCEMENT - Time Is Running Out to Join Our Storage Solutions Road Show!

5. RESOURCES - Tip: Launch Regularly Used Web Sites with a Batch File - Featured Thread: Missing Dial-Up Networking Icon

6. NEW AND IMPROVED - Manage Assets and Their Configurations - Access Systems with KVM OVER IP Switch - Submit Top Products

7. CONTACT US - See this section for a list of ways to contact us.




(David Chernicoff, [email protected])


Every time I write about wireless networking, I receive a lot of email from readers who want to remind me of how insecure wireless networking is and about how simple it is to crack the Wired Equivalent Privacy (WEP) standard that the current generation of wireless networking devices implement. Despite these predictions of doom, I've never heard from anyone whose network security was actually compromised by a WEP crack. But that reality, of course, doesn't make the basic problem go away. Eventually, script tools to crack WEP will be available to the average user.

To prevent wireless network security from becoming a malicious hacker free-for-all, the Wi-Fi Alliance has developed a set of standards that are forward-compatible with the forthcoming IEEE 802.11i security protocol, which is scheduled for release at the end of the year. The new standard, called Wi-Fi Protected Access (WPA), is designed to provide a much higher level of security for wireless users than existing WEP standards provide. Various vendors announced several WPA products at the end of April.

The WPA specification makes allowances both for network-based authentication for corporate networks and for a special home mode for use in a small office/home office (SOHO) or home-user environment. WPA is capable of interoperating with WEP devices, although in cases of interoperability, the default security for the entire wireless infrastructure reverts to the WEP standard. WPA's network-based authentication can make use of existing authentication technologies such as Remote Authentication Dial-In User Service (RADIUS) servers, so adding the secure technology that WPA represents won't disrupt existing network infrastructures too much.

For WPA to work, users need to upgrade the software on all their wireless network adapters, access points, and client programs. Microsoft offers WPA client software for Windows XP users at . You'll find an overview about how WPA will work in XP at;en-us;815485 .

You can find complete details of the Wi-Fi Alliance proposal at . Simple descriptions and complete technical white papers are also available on the site. As you become current with advances in wireless technology, you might also hear about the following wireless standards:
802.11b: 11Mbps wireless standard with backward compatibility with older 2Mbps system
802.11a: 54Mbps wireless standard with no backward compatibility
802.11: 54Mbps wireless standard
802.11i: forthcoming wireless networking security standard

For general information about all of the wireless networking standards, check out the IEEE 802.11 Working Group page at .



(contributed by Kathy Ivens, [email protected])


Congratulations to our April Reader Challenge winners! Sande Nissen of Northfield, Minnesota, wins first prize, a copy of "Admin911: Windows 2000 Registry." Brady W. Decker of Columbia, Maryland, wins second prize, a copy of "Windows 2000: The Complete Reference." Visit to read the answer to the April 2003 Reader Challenge.


Solve this month's Windows Client problem, and you might win a prize! Email your solution (don't use an attachment) to [email protected] by May 22, 2003. You must include your full name, street mailing address, and phone number (all required for shipping your prize).

I choose winners at random from the pool of correct entries. Because I receive so many entries each month, I can't reply to respondents (my email software doesn't respond to a request for a receipt). Look for the solutions to this month's problem at on May 22, 2003.

Every systems administrator has received calls from users that begin with the words, "My computer won't start." The possibilities are endless because "start" is an obscure term in the absence of other information. Is the problem hardware? Software? Actually, the majority of these calls are prompted by errors during the OS startup process, including logon failures. To fix these problems, you need to know at what point the start-up failed. How much do you know about the Windows XP and Windows 2000 startup processes in a Win2K or Windows 2003 domain?

Question 1 At which point does Windows consider start-up complete (and store its settings as the "last known good" configuration)?

A. After the computer finds a domain controller (DC), sends the computer password to the DC, and is authenticated by the DC.

B. After the computer applies any existing local computer security policies.

C. After the user has successfully logged on to the domain.

D. After all device drivers are loaded without error.

Question 2 Which one of the following loads the Master Boot Record (MBR)?

A. NT Loader (NTLDR)

B. The computer's BIOS

C. The boot.ini file

Question 3 Which of the following statements about NTLDR are correct?

A. It operates in read-only mode.

B. It creates the paging file.

C. It reads the boot.ini file and executes instructions in that file (such as displaying a startup menu).

D. It gathers device and configuration information and sends the information to the registry in the subkeys under HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION.

E. If NTLDR is missing or corrupt, an error message to that effect displays.

Question 4 Which of the following statements about are correct?

A. It queries the registry to learn which devices are installed so that it can load drivers.

B. It queries the BIOS to learn which devices are installed so that it can load drivers.

C. If is missing or corrupt, an error message to that effect displays.



(contributed by Paul Thurrott, [email protected])


During his Windows Hardware Engineering Conference (WinHEC) 2003 keynote address this week, Microsoft Chairman and Chief Software Architect Bill Gates unveiled the Athens PC, a joint hardware and software product his company is creating with Hewlett-Packard (HP). The Athens PC is designed for business users, not consumers, and features a striking high-definition wide-screen display; one cable running from the CPU to the screen; and a wireless keyboard, mouse, and phone handset, the latter of which mounts on the side of the display. The point of the prototype, Gates said, is to inspire hardware makers to create next-generation devices that marry collaboration and communications capabilities with the PC. "The hardware industry and Microsoft are leading the next wave of PC development by creating unprecedented levels of synergy between hardware and software," Gates said. "The result will be innovative products that improve the way our customers work, communicate, learn, and are entertained. The Athens PC prototype is just one example of the amazing things that are possible when hardware and software companies collaborate deeply on new designs."

At a demonstration of the Athens PC prototype during the Gates keynote, Chad Magendanz, lead program manager of Microsoft's Hardware Innovation Group, discussed the various hardware and software features that make this solution so compelling. A 20" version of Athens's wide-screen display, he said, might cost several thousand dollars now, but in mid-2004 such a display will retail for less than $400. The display features a mount for a Bluetooth handset, side-mounted ports, and three lights on the top that alert users when they have new voicemail or email messages or a pending appointment. The keyboard has buttons that launch software features such as voicemail.

Based on Longhorn, the next version of Windows, the Athens PC comes out of standby within 2 seconds and uses a USB flash card with security hardware and a thumbprint reader for user authentication. When you pick up the phone handset, the system displays your Microsoft Outlook contacts lists and Windows Messenger changes your presence information to "on the phone." When you make a call, Athens performs a reverse lookup on the person you called and gives you a list of the email and voicemail you've exchanged with that person, the documents you've collaborated on, and notes from previous meetings. "This functionality makes you more effective on the phone," Magendanz noted. Likewise, you can perform the electronic equivalent of closing your office door by marking your presence information as "do not disturb." In this setting, Athens automatically routes incoming calls to voicemail so that your workflow isn't interrupted. You can also answer voice messages by using email with a voice-based reply. "With Athens, voice is a first-class citizen," Magendanz said.



(brought to you by Windows & .NET Magazine and its partners)


Attend the HP & Microsoft Network Storage Solutions Road Show, and learn how existing and future storage solutions can save your company money--and make your job easier! Attendees have lots of chances to win incredible prizes. There is absolutely no fee for this event, but space is limited. We've just added Minneapolis to our list of cities, so register now!



* TIP: LAUNCH REGULARLY USED WEB SITES WITH A BATCH FILE (contributed by David Chernicoff, [email protected])

I typically access the same 10 Web sites every day and use them throughout the day. I got tired of opening the sites one at a time from my Favorites menu, so I wrote a simple batch file to open them all at once. I leave the file, sites.bat, on my desktop and double-click it after my computer boots to launch browsers and open my regularly used sites.

The simplest way to create a batch file is to write it in Notepad. Take the following steps:

1. Launch Notepad.exe.
2. For each Web site you want to automatically open a browser for, use the following syntax: explorer "". Replace the address
3. Enter each explorer command on its own line.
4. Save the file with a .bat extension

To edit sites.bat to add or change sites, right-click it and select the Edit command from the context menu. Double-clicking sites.bat launches the file; it will exit after processing the last line in the file.


Forum member Eugene accidentally deleted the dial-up networking icon from the taskbar. To find out whether he's connected to the Internet, he has to check the dial-up networking folder. He wants to restore the icon to the taskbar but doesn't have a backup of the registry file containing the dial-up networking icon. If you can help, join the discussion at the following URL:



(contributed by Sue Cooper, [email protected])


Netopia released netOctopus Enterprise Systems Manager 4.2, software that provides asset management, remote configuration, software distribution, and software license compliance for your networked systems. Through a partnership with MindVision, netOctopus includes a special version of Installer VISE for Windows and Macintosh and a new netOctopus application, File Scripter Pro. When you use these tools, you can take a snapshot of a hard disk before and after installing new software, compare differences between the snapshots, and create custom installer packages to push to other computers on the network. Contact Netopia at 972-855-6600.


Avocent announced the DSR800 KVM OVER IP switch, which uses standard IP connections to provide local and remote access to servers or serial devices. The DSR800 switch offers one port for local access and one digital port for IP access. Avocent's DSView, available in either a browser or client version, centrally manages the 8-port DSR800 switch and allows the management of administrative rights, permissions, and auditing for each IP address. The DSR800 is scheduled to ship in June and will cost approximately $1750. Contact Avocent at 866-286-2368 or 256-430-4000.


Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future What's Hot column. Send your product suggestions to [email protected]



Here's how to reach us with your comments and questions:

* ABOUT THE COMMENTARY -- [email protected]

* ABOUT THE NEWSLETTER IN GENERAL -- [email protected] (please mention the newsletter name in the subject line)


* PRODUCT NEWS -- [email protected]



Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.