Windows & .NET Magazine UPDATE--August 19, 2003

1. Commentary: Blasting the Blaster Worm, and Some Microsoft Storage Moves

2. Hot Off the Press
- Microsoft Thwarts Worm Attack

3. Keeping Up with Win2K and NT
- MSBlaster Fallout
- MBSA Upgrade Supports Windows Server 2003

4. Announcements
- Get the eBook That Will Help You Get Certified!
- Try Windows & .NET Magazine!

5. Inside Windows Scripting Solutions
- September 2003 Issue
- Focus: A Jam-Packed Issue

6. Instant Poll
- Results of Previous Poll: Database Administration
- New Instant Poll: IT Content Area Interest

7. Resources
- Tip: How Can I Stop Internet Page Links from Opening in My Microsoft Internet Explorer (IE) Session?

8. Event
- New--Mobile & Wireless Road Show!

9. New and Improved
- Repair Damaged Systems
- Verify Installed Hardware and Software
- Submit Top Product Ideas

10. Contact Us
- See this section for a list of ways to contact us.

==== Sponsor: Windows Scripting Solutions ====
Windows Scripting Solutions for the Systems Administrator
You might not be a programmer, but that doesn't mean you can't learn to create and deploy timesaving, problem-solving scripts. Discover Windows Scripting Solutions, the monthly print publication that helps you tackle common problems and automate everyday tasks with simple tools, tricks, and scripts. Try a sample issue today at:
http://www.winscriptingsolutions.com/rd.cfm?code=fsei263xup

==== 1. Commentary: Blasting the Blaster Worm, and Some Microsoft Storage Moves ====
by Paul Thurrott, News Editor, [email protected]

Last week, the MSBlaster (LovSan) worm rocked the IT world. The worm took down more than 385,000 Windows-based computers, according to antivirus vendor Symantec, and forced Microsoft to redirect its Windows Update Web site to prevent a scheduled August 16 Distributed Denial of Service (DDoS) attack. Windows & .NET Magazine UPDATE warned readers about the security vulnerability that paved the way for the MSBlaster worm in the July 22 issue ("Windows Server 2003 Gets Its First Major Security Vulnerability," http://www.winnetmag.com/windowsserver2003/index.cfm?articleid=39649 ), and of course our other publications also provided ample warning that IT administrators should seriously consider applying the patch that Microsoft first supplied on July 15, 2003. Furthermore, the US Department of Homeland Security (DHS) twice warned the public that this security vulnerability could cause problems if users didn't install the patch; print and TV media around the globe covered this news.

Despite these and other warnings, the MSBlaster worm, which launched a month after Microsoft patched the affected vulnerability, took down computers in companies large and small. Individuals, including a friend of mine, saw their computers spontaneously reboot because of this problem, which made downloading the patch impossible. My friend had plugged in a new computer, navigated to Windows Update to download all the available critical security updates, and was infected immediately before the download was able to finish. That's incredible.

Last week, I wrote a somewhat controversial opinion piece for WinInfo Daily UPDATE titled "Windows Worm Should Never Have Been a Problem" ( http://www.wininformant.com/articles/index.cfm?articleid=39849 ), in which I noted that we expend a lot of energy blasting Microsoft, often rightfully so, for its security problems. These vulnerabilities have cost IT administrators countless hours of frustration, testing time, and downtime, and the flood of updates that these problems necessitate probably isn't going to end soon. But with the MSBlaster worm, I have to wonder if we're not taking the blame game a little too far. We'd been warned adequately that this worm was coming, and I honestly feel that many people simply weren't being responsible and doing their jobs: This worm shouldn't have been so disruptive.

In the matter of full disclosure, yes, I live in the proverbial ivory tower. Yes, the infrastructure I manage is sub-small-business-small. And yes, it has been years since I worked in the field, being responsible for production machines at a real company. Just the same, blaming Microsoft for everything is easy, isn't it? After all, the company is a convenient target and, not coincidentally, often at fault. My point isn't that administrators are solely responsible for the devastating effects of MSBlaster, but they're part of the problem--a part that could have done more to fix things proactively. I know your jobs are hard, and I know you're not appreciated as much as you should be; but as systems administrators, you're personally responsible for protecting your network, computers, and users. We can blame Microsoft for not creating a more secure system, but we must also accept the blame for not working with the tools we do have to ensure that this worm was contained. This worm was an embarrassment for both the Windows IT community and Microsoft.

Coming Soon: Windows Storage Server 2003

Two weeks ago, I wrote about small-business storage needs. Shortly thereafter, I heard from Microsoft because I somehow managed to ignore Windows Storage Server 2003, which the company just released to manufacturing (RTM). Like Windows Server 2003, Web Edition, Windows Storage Server will be made available only with new server hardware from major PC and storage companies such as Dell, EMC, Fujitsu, HP, IBM, and Iomega. And because it's based on Windows 2003, it appears to be an interesting and capable storage alternative for businesses of all sizes.

Windows Storage Server replaces the previous version of Microsoft's storage offering, called Windows Powered Network Attached Storage (NAS). Basically, Window Storage Server is a special version of Windows 2003 optimized for file serving (and, optionally, print serving). Windows Storage Server includes simple, Web-based management software, integrates in minutes into any Windows environment, offers access to all the best storage capabilities in Windows 2003--including the full functionality of the Volume Shadow Copy Service (VSS)--and scales from small blade systems up to some of the largest server arrays available: Low-end systems use a 160GB hard disk, but high-end systems currently scale to 48TB, and storage giant EMC has agreed to use the OS in its high-end boxes. As Microsoft told me, from a capacity standpoint, the

Like any network-based storage hardware, devices based on Windows Storage Server are more expensive than off-the-shelf storage. But like other NAS devices, these devices are also far more manageable and require no downtime during installation. Thanks to its Windows 2003 backbone, Windows Storage Server offers other advantages as well. The aforementioned VSS capabilities, for example, will let these systems take advantage of data snapshots, ensuring that you can recover key data files that get overwritten or changed. And an HP-based Windows Storage Server system is currently the only NAS or Storage Area Network (SAN) solution that Microsoft Exchange Server 2003 supports. Going forward, Exchange and Microsoft SQL Server will be aware of Windows Storage Server-based products, ensuring compatibility.

Like many of its current products, Microsoft sees Windows Storage Server as a boon to companies seeking to consolidate Windows NT 4.0 boxes. With a Windows Storage Server device, enterprises can consolidate multiple NT 4.0-based file servers to one compatible device, reducing management overhead and costs. And because Windows Storage Server is scalable, there's always room to grow.

I don't have any hands-on experience with Windows Storage Server, but it looks capable. And unlike most Windows 2003 versions, it doesn't come with any Client Access License (CAL) baggage. If you're in the market for NAS, check out Windows Storage Server at the following URL:
http://www.microsoft.com/windows/storage/productinformation/whitepapers/wss2k3storagechal.mspx

==== Sponsor: Oracle Collaboration Suite ====
Revolutionize the Way You Do Business
Click here for a free Radicati report and see why Oracle Collaboration Suite is #1 in reliability and TCO.
http://ad.doubleclick.net/clk;6027111;8317485;f?http://www.oracle.com/go/?&Src=1754531&Act=271

==== 2. Hot Off the Press ====
by Paul Thurrott, [email protected]

Microsoft Thwarts Worm Attack
Using a technical sleight of hand, Microsoft was able to stave off a planned Internet attack on its Windows Update Web site over the weekend, keeping the site open for legitimate users. You're likely familiar by now with the fact that the infamous MSBlaster worm, which compromises a remote procedure call (RPC) vulnerability in all Windows NT-based OSs, was set to launch a Distributed Denial of Service (DDoS) attack on the Windows Update Web site on August 16. Microsoft says it was able to turn back that attack by changing the way the company routes computers to the Web site, and Saturday came and went without any Windows Update performance problems or downtime. For the complete story, visit the following URL:
http://www.wininformant.com/articles/index.cfm?articleid=39886

==== 3. Keeping Up with Win2K and NT ====
by Paula Sharick, [email protected]

MSBlaster Fallout
The hoopla about the MSBlaster (LovSan) worm really flowed last week. I received daily reports from security companies around the world about the effects of the latest entrant to leverage the remote procedure call (RPC) security flaw in Microsoft OSs. Companies with an IT staff have no acceptable excuse for not installing the July 15 security hotfix that eliminates the MSBlaster vulnerability. It's more difficult, however, to find fault with the millions of small businesses and end users for whom the daily update scenario is at best confusing and at worst, far beyond the technical acumen of less tech-savvy customers.
Although I in no way endorse a massive Internet attack as a delivery vehicle, I strongly agree with the MSBlaster worm's message--that Microsoft, with its unassailable position as the world's premier technology provider, must do a better job of producing secure code. For years, I've been stunned by endless security flaws in Microsoft products, outraged by the frequency of bugs in OS components, and frustrated by hotfixes and service packs that introduce yet another round of operational inconsistencies. This endless flow of flawed code, combined with the never-ending battle to put things right, places an impossible and unrealistic burden on Microsoft technology providers, both external to and within the company. As business clients and end consumers, I believe we've been sold a bill of goods. To read the complete story, visit the following URL:
http://www.winnetmag.com/articles/index.cfm?articleid=39897

WEB-EXCLUSIVE ARTICLES: The following items are posted on the Windows & .NET Magazine Web site. For the complete story, use the following link and scroll to the appropriate article.
http://www.winnetmag.com/articles/index.cfm?articleid=39897

- MBSA Upgrade Supports Windows Server 2003

==== 4. Announcements ====
(from Windows & .NET Magazine and its partners)

Get the eBook That Will Help You Get Certified!
The "Insider's Guide to IT Certification," from the Windows & .NET Magazine Network, has one goal: to help you save time and money on your quest for certification. Find out how to choose the best study guides, save hundreds of dollars, and be successful as an IT professional. The amount of time you spend reading this book will be more than made up by the time you save preparing for your certification exams. Order your copy today!
http://winnet.bookaisle.com/ebookcover.asp?ebookid=13475

Try Windows & .NET Magazine!
Every issue of Windows & .NET Magazine includes intelligent, impartial, and independent coverage of security, Active Directory, Microsoft Exchange Server, and more. Our expert authors deliver how-to content you simply can't find anywhere else. Try a sample issue today, and find out what more than 100,000 readers know that you don't!
http://www.winnetmag.com/rd.cfm?code=fsei203xup

==== Hot Release: Veritas ====

* Learn how to Reclaim 30% of Your Windows Storage Space & Control Storage Growth
Download this free technical white paper now from Windows & .NET Magazine's White Paper Central. Brought to you courtesy of Veritas.
http://ad.doubleclick.net/clk;6045409;7402808;i?http://www.veritas.com/offer?a_id=3642

5. ==== Inside Windows Scripting Solutions ====

Windows Scripting Solutions is a monthly paid print newsletter loaded with news and tips to help you manage, optimize, and secure your Web-enabled enterprise. NONSUBSCRIBERS can access all the newsletter content in the online article archive from the premiere issue of Windows Scripting Solutions (December 1998) through the print issue released 1 year ago.
In addition to receiving the monthly print newsletter, SUBSCRIBERS can access all the newsletter content, including the most recent issue, at the Windows Scripting Solutions Web site ( http://www.winscriptingsolutions.com ). Subscribe today and access all 2003 issues online!
https://secure.pentontech.com/nt/winscripting/index.cfm?promocode=00

September 2003 Issue
To access this issue of Windows Scripting Solutions, go to the following URL:
http://www.winscriptingsolutions.com/articles/index.cfm?action=usprint&issueid=659

Focus: A Jam-Packed Issue
Teach your scripts to print, pick up some VBScript and WSH tips, and learn to call a Win32 API in VBScript code. Also, download scripts to query AD for service pack information and to find out which workstations have applied SUS hotfixes.

Active Directory Queries
Learn how to use shell scripts to query for AD information.
--Dick Lewis
http://www.winscriptingsolutions.com/articles/index.cfm?articleid=39631

==== 6. Instant Poll ====

Results of Previous Poll: Database Administration
The voting has closed in Windows & .NET Magazine's nonscientific Instant Poll for the question, "Does your job include database administration?" Here are the results from the 154 votes:
- 59% Yes--Microsoft SQL Server
- 8% Yes--Oracle
- 2% Yes--IBM's DB2
- 8% Yes--other database platform
- 23% No

New Instant Poll: IT Content Area Interest
The next Instant Poll question is, "As an IT administrator, what content area are you most interested in?" Go to the Windows & .NET Magazine home page and submit your vote for a) Security, b) Disaster recovery, c) Active Directory, d) DNS, or e) Other.
http://www.winnetmag.com/magazine

==== 7. Resources ====

Tip: How Can I Stop Internet Page Links from Opening in My Microsoft Internet Explorer (IE) Session?
by John Savill, http://www.windows2000faq.com

If IE is open on your system and you click a hyperlink to a Web page from another application in Windows (e.g., from an email message, from the Run command), Windows will attempt to open the Web page in your existing IE session. To prevent this behavior and force Windows to open a new IE session, perform the following steps:
1. Start a registry editor (e.g., regedit.exe).
2. Navigate to the HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main registry subkey.
3. Double-click the AllowWindowReuse value or create this value (of type REG_DWORD) if it doesn't already exist.
4. Set the value data to 0 to force Windows to open a new IE session, then click OK (setting the value to 1 will let Windows use an existing IE session).
5. Close the registry editor.
6. Log off and log on for the change to take effect.

==== 8. Event ====
(brought to you by Windows & .NET Magazine)

New--Mobile & Wireless Road Show!
Learn more about the wireless and mobility solutions that are available today! Register now for this free event!
http://www.winnetmag.com/roadshows/wireless

==== 9. New and Improved ====
by Carolyn Mader, [email protected]

Repair Damaged Systems
Winternals released Administrator's Pak 4.0, a suite of tools that let you repair damaged or unbootable systems, restore lost data, and diagnose Windows OS and file-system problems. The Administrator's Pak comprises ERD Commander 2003, Disk Commander NTFSDOS Professional, Remote Recover, Monitoring Tools, and TCPView Pro. For pricing, contact Winternals at 800-408-8415.
http://www.winternals.com

Verify Installed Hardware and Software
Compulsion Software released AssetDB 1.3, software that scans remote PCs to determine a user's installed hardware and software. AssetDB can provide you with information about services, disk space history, and memory use. The software also maintains a history of software and hardware changes. You can determine the OS version and whether a PC is low in disk space. AssetDB runs on Windows XP/2000/NT and costs $200. Contact Compulsion Software at [email protected].
http://www.compulsionsoftware.com

Submit Top Product Ideas
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions to [email protected].

==== Sponsored Links ====

Ultrabac
FREE live trial-Backup & Disaster Recovery software w/ encryption
http://ad.doubleclick.net/clk;5945485;8214395;x?http://www.ultrabac.com/default.asp?src=WINTxtLAug03tgt=./

CrossTec
Free Download - NEW NetOp 7.6 - faster, more secure, remote support
http://ad.doubleclick.net/clk;5930423;8214395;j?http://www.crossteccorp.com/tryit/w2k.html

==== 10. Contact Us ====

About the newsletter -- [email protected] About technical questions -- http://www.winnetmag.com/forums About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]