Exchange & Outlook UPDATE, Exchange Edition, August 21, 2003

1. Commentary

- Blaster: It Didn't Have to Happen

2. Announcements

- New Exchange Event from Windows & .NET Magazine Connections

- Active Directory eBook Chapter 3 Published!

3. Resources - Exchange 2000 Static Port Mappings

- Featured Thread: Exchange--Aware Antivirus Programs

- Outlook Tip: Using a Security Group to Create Public Folder Permissions

4. Events

- New--Mobile & Wireless Road Show!

5. New and Improved

- Protect Email from Security Threats

- Submit Top Product Ideas

6. Contact Us

- See this section for a list of ways to contact us.

~~~~ Sponsor: Esker Software ~~~~

One solution seamlessly integrates fax with Exchange and standardizes desktop fax across the enterprise. Esker Fax enables high-performance desktop fax for local and remote users throughout your organization, with clustered and load-balanced implementation support for maximum availability and scalability, least cost routing to cut fax transmission costs, advanced inbound routing technology to speed document delivery and protect sensitive content, centralized management of enterprise fax delivery traffic, and more. Bred in the world of high-volume fax, Esker Fax also automates high-volume production faxing from host-based enterprise applications - without requiring application programming changes. Get your FREE Esker Fax information kit:

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG07IU0Al

==== 1. Commentary: Blaster: It Didn't Have to Happen ==== by Paul Robichaux, News Editor, [email protected]

For the past few months, I've been writing more hands-on pieces about Exchange Server features and gewgaws. But this week, I'm going back to the land of process and policy. Why? One word: Blaster. There's so much differing information surrounding Microsoft's security policy and the things that you should be doing to protect yourself that I feel duty-bound to add my 2 cents.

First, let's talk about the patch. Microsoft released security bulletin 03-026 on July 16. That means we all had about a month to install the patch before Blaster reared its ugly head. Blaster has the unique and annoying habit of infecting desktop systems as well as servers. Therefore, the people least likely to patch---your grandmother, for example---were at equal risk with patch-savvy administrators at major corporations. Unfortunately, despite Microsoft's educational efforts (for an example, check out TechNet's "5-Minute Security Advisor" columns at the URL below), most home users didn't take any of the steps that could have protected them. They didnundefinedt install the patch, they didn't turn on Automatic Update, and they didn't use a firewall. Of course, lots of companies were infected too for exactly the same reasons. I'll get back to these points in a minute.

Second, let's talk about the patch gap. The time between the date that Microsoft released the patch closing the vulnerability that Blaster exploits and the date that Blaster was identified in the wild was much shorter than the 6-month gap between the patch that Microsoft issued for the vulnerability that Slammer exploited and that worm's release; in turn, the Slammer-patch gap was shorter than the Nimda- and CodeRed-patch gaps. Clearly, the time interval between identification of a new vulnerability and the release of code that exploits that vulnerability is shrinking. Fearless prediction: Sometime in the next 9 months, we'll see a "0-day" exploit that's released when (or perhaps before) the vulnerability becomes publicly known. At that point, people who haven't protected themselves are going to be in a world of trouble, especially if the attack does something destructive.

Is patching alone sufficient? No; to borrow a term from my calculus classes in college, it's undefinednecessary but not sufficient.undefined Microsoft's Jim Allchin sent out an internal email that encouraged Microsoft employees to help friends and family members secure their machines by following three simple steps. These same steps can be generalized to cover networks of any size.

Step 1: Apply patches when they become available. Most users should use the Automatic Updates client, available with Windows Server 2003, Windows XP, and Windows 2000 Service Pack 3 (SP3) and later. Several large Microsoft customers reported stellar results after using Microsoft Systems Management Server (SMS) to patch multiple systems simultaneouslyundefinedone company patched 96 percent of its machines overnight. (Of course, if the company had applied the patch when it came out instead of waiting, that kind of fire drill wouldn't have been necessary.)

Step 2: Use a firewall. Firewalls protect your network from unwanted inbound traffic, and they can prevent an infected machine from sending packets to other machines on your network. Recently, Microsoft announced that it was going to turn on the XP Internet Connection Firewall (ICF) by default. ICF is a solid, free solution, but others exist, including BlackIce and Norton Internet Security. It doesn't really matter which of these products you use, as long as you use one. Of course, those of you whose networks are protected by corporate firewalls aren't excused from ensuring that the laptops and home machines that connect to your network are protected by some type of firewall software.

Step 3: Use antivirus software. Sometimes, despite our best efforts, bad code sneaks in. Using an effective desktop antivirus solution will help clean up the resulting mess. Antivirus software seems to be necessary in inverse proportion to users' sophistication. My theory is that less-sophisticated users are most likely to run unknown programs and to fail to apply necessary patches, both of which increase the risk of infection.

These measures seem straightforward enough, but a fourth step is necessary: for IT professionals to take a little responsibility. Is your mom's computer secure? What about the one down in your kids' playroom? How about your nontechnical next-door neighbor's PC? The extra time that you and I take to help secure these systems can benefit all of us by helping to prevent widespread Internet attacks such as Blaster. Now (to paraphrase "The Untouchables")--lets get out there and do some good!

5 Minute Security Advisor

http://www.microsoft.com/technet/columns/security/5min

~~~~ Sponsor: Oracle Collaboration Suite ~~~~

Revolutionize the Way You Do Business

Click here for a free Radicati report and see why Oracle Collaboration Suite is #1 in reliability and TCO.

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BB2v0AE

Or, click here to watch the latest chapter in our online event.

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BB2v0AE

==== 2. Announcements ==== (from Windows & .NET Magazine and its partners)

New Exchange Event from Windows & .NET Magazine Connections

Windows & .NET Magazine Connections will co-locate with the new Exchange Connections. Stay competitive in your job by investing your time to keep pace with technology. Learn the latest tech tips and tricks from gurus like Mark Minasi, Mark Russinovich, Tony Redmond, and Sue Mosher. Register now and get both conferences for the price of one--plus lock in your $300 early bird discount. Go online or call 203-268-3204 or 800-505-1201 for details.

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0KXQ0AI

Active Directory eBook Chapter 3 Published!

The third chapter of Windows & .NET Magazine's popular eBook "Windows 2003: Active Directory Administration Essentials" is now available at no charge! Chapter 3 looks at what's new and improved with Windows Server 2003 Active Directory management. Download it now!

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BALs0Aa

==== 3. Resources ====

Exchange 2000 Static Port Mappings

Each week, Microsoft posts several Exchange Server how-to articles to its Knowledge Base. This week, learn how to determine whether you've properly configured your Exchange 2000 Server's port mappings.

http://support.microsoft.com/?kbid=270836

Featured Thread: Exchange-Aware Antivirus Programs

A forum reader is looking for recommendations about Exchange Server-aware antivirus programs. To offer your advice or join the discussion, go to the following URL:

http://www.winnetmag.com/forums/rd.cfm?cid=40&tid=62274

Outlook Tip: Using a Security Group to Create Public Folder Permissions by Sue Mosher, [email protected]

Q:I created a security group in Active Directory (AD), but I can't use it to set permissions on an Exchange 2000 Server public folder. In Outlook, when I click Add on the folder's Permissions tab, all I can see are users and distribution groups. What am I missing?

A: Try using Exchange System Manager (ESM) instead of Outlook to set the folder permissions. When you're on the Permissions tab for the folder, click Directory Rights, and you'll see your security group.

If you're running AD in native mode, you can also use a Universal Distribution Group, which lets you set client permissions as you would for other mail-enabled users. The Microsoft article "XADM: You Cannot Add a Distribution Group to Permissions of a Public Folder in Exchange 2000" ( http://support.microsoft.com/?kbid=274046 ) explains the process. For more information about distribution lists, see "Distribution Lists in Exchange 2000," February 2002, http://www.exchangeadmin.com, InstantDoc ID 23480.

See the Exchange & Outlook Administrator Web site for more great tips from Sue Mosher.

http://www.exchangeadmin.com

==== 4. Events ==== (brought to you by Windows & .NET Magazine)

New--Mobile & Wireless Road Show!

Learn more about the wireless and mobility solutions that are available today! Register now for this free event!

http://www.winnetmag.com/roadshows/wireless

==== 5. New and Improved ==== by Carolyn Mader, [email protected]

Protect Email from Security Threats

Sybari Software and Realtimepublishers.com announced Paul Robichaux's "The Administrator Shortcut Guide to Email Protection," an ebook that provides information about how to properly protect corporate messaging systems from external and internal security threats. You can learn about third-party, administration, and management tools you can use, learn best practices, and receive sample scenarios for email protection. The ebook is published on a chapter-by-chapter basis, and registered readers will receive email notification when each chapter is available for download.

http://www.sybari.com/ebook

Submit Top Product Ideas

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions to [email protected].

==== Sponsored Links ====

Ultrabac

FREE live trial-Backup & Disaster Recovery software w/ encryption

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BBi50A3

CrossTec

Free Download - NEW NetOp 7.6 - faster, more secure, remote support

http://list.winnetmag.com/cgi-bin3/DM/y/eA0D74EI0CCG0BBnb0As

==== 6. Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.winnetmag.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring UPDATE -- [email protected]