Security UPDATE: Eliminate Junk Mail, Stop Malicious Software


==== This Issue Sponsored By ====

Symantec V2i Protector–-Real-time Backup/Recovery

Symantec ON iPatch--Enterprise Patch Management Solution


* In Focus: Fending Off Viruses and Spam

* Security News and Features

- Feature: Email Security Suites

- Feature: Using Windows Mobile 2003 to Access Exchange

- Feature: Windows XP SP2 Beta Review

- News: Hundreds of Windows XP Registry Tweaks

* New and Improved

- Enable Secure Remote Access

- Policy-Based Remote-Access Security Solution


==== Sponsor: Symantec V2i Protector–-Real-time Backup/Recovery ====

In the event of a security threat or disaster V2i Protector provides a real-time, disk-based backup and disaster recovery solution designed to capture a system's active state, including all server/desktop files and configurations.

Using V2i Protector, you can quickly restore failed systems to a specified point-in-time without taking hours to manually reinstall and restore data from tape backup or rebuilding from scratch. Perform a full system restoration, a complete bare metal restoration or restore individual files and folders in minutes.

V2i Protector also creates exact backups of volumes/partitions through the use of snapshot technology. This captures all files and system personalities and configurations. Backups are created without disrupting data access or application usage.

Click here to download an evaluation version today


==== In Focus: Fending Off Viruses and Spam ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net

Last week, I wrote about three SMTP authentication solutions that might help curb junk email and the influx of viruses, worms, and Trojan horses. Sender Policy Framework (SPF) is already rolled out to more than 7500 networks; the other two solutions, DomainKeys and Caller ID for E-Mail, are still in the design and testing phases. However, it's possible that later this year, DomainKeys and Caller ID will become available to the public, so you might soon be able to begin implementing and testing them on your own networks.

For the next 2 weeks, we're conducting a poll that asks which of the three solutions your company might implement. Please take a moment to respond to the poll, which you'll find on our Security Web page.

In the meantime, a couple other options can help you eliminate junk mail and prevent malicious software (malware) from entering your network. One technique that many people use is disposable email addresses--in other words, using a free email address when you sign up for newsgroups and mailing lists and changing the address when it begins to receive a lot of unwanted email.

Spammers harvest email addresses from Web sites, newsgroups, and mailing lists, so if your email address is posted in any of those formats or forums, it's likely to begin receiving junk mail. For example, you might think your participation in a private, members-only mailing list wouldn't lead to the exposure and misuse of your email address. But if someone archives that mailing list to a Web site (which is the case with numerous security-related mailing lists), eventually spammers will harvest the email addresses for their own use.

Managing disposable email addresses might seem tedious at first. You must delete the old address, create a new one, and change your email address for any forum memberships, but those steps take only a few minutes and are probably far less time-consuming than filtering junk mail over long periods of time.

Another technique some of you can use is called selective mail download. Email clients such as Eudora and Pegasus have such a feature; Microsoft Outlook and Mozilla don't (at least they didn't the last time I checked). Selective mail download is when a mail client downloads a list of the headers of all the messages waiting for the user on the mail server. The displayed list typically includes the To, From, Subject, Date, and Size parameters of each waiting message. The user can then choose which messages to download and which messages to delete. The user can also view a message's complete SMTP header as written by the mail servers.

The selective mail download technique doesn't prevent you from having to work with junk mail, but it does let you filter out countless viruses, worms, Trojan horses, and junk messages before they make it to your email client. It also lightens the load on desktop antivirus and spam-filtering solutions.

Check whether your email client software supports a selective mail download feature. If your client does, consider using the feature; if not, consider asking your email software vendor to add it.

Microsoft Security Strategies

Network security is at the forefront of everyone's minds. Microsoft has teamed with Avanade and Network Associates to bring you a full day of training to better help you secure your organization and keep it secure. The event is scheduled for April 8 in Phoenix.

If you haven't visited our Event Central Web site recently, check it out. You'll find information about this event and many others. Event Central provides a comprehensive listing of trade shows, conferences, and Web seminars targeted to the IT user.


==== Sponsor: Symantec ON iPatch - Enterprise Patch Management Solution ====

ON iPatch allows you to proactively patch and secure thousands of computers simultaneously--including remote and mobile computers, no matter where they are located or connected--and rapidly recover from virus corruption, without the significant cost and time delay by sending IT staff to remote locations.

As a result, ON iPatch allows you to cost effectively protect all your business-critical systems and minimize the substantial risk of lost revenue and downtime caused by future virus and worms.

Click here to download an evaluation version today


==== Announcements ====

(from Windows & .NET Magazine and its partners)

Windows Scripting Solutions for the Systems Administrator

You might not be a programmer, but that doesn't mean you can't easily learn to create and deploy timesaving, problem-solving scripts. Discover Windows Scripting Solutions, the monthly print publication that helps you tackle common problems and automate everyday tasks with simple tools, tricks, and scripts. Try a sample issue today!

Register Today for Microsoft Tech·Ed 2004

Don't miss Tech·Ed 2004 -- May 23-28, 2004 in San Diego, CA -- the definitive Microsoft conference for building, deploying, securing and managing connected solutions. You'll find 11 conference tracks and over 400 sessions. Get answers to your technical questions, meet industry experts, evaluate new products, and take advantage of extensive networking opportunities. Register today.

Free Web Seminar--Streamline User Provisioning and Password Management

Analysts estimate that it costs as much as $50 every time a user calls the Help desk with a password-related problem. In this Web seminar, you'll discover the tangible benefits of automating, provisioning, and centralizing password management as well as how to reduce support costs and security breaches by leveraging Windows Server 2003 technology. Register today!


==== Sponsor: Virus Update from Panda Software ====

Are your traditional antivirus solutions really protecting your network? Panda Antivirus GateDefender is a dedicated hardware device installed at the Internet gateway to block viruses before they contaminate your network. It scans 7 different communication protocols, achieving optimum protection against external attacks. Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus GateDefender 7200 (500 seats+) provide the highest scalability with native load balancing that transparently adapts to traffic volume.

Visit "Panda's GateDefender Stands Guard!" at for more information.


==== Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

Feature: Email Security Suites

The enterprise is experiencing an email security crisis. Spam now constitutes more than 50 percent of all email, and one in every 30 email messages contains a computer worm or virus. Apart from the real damage these scourges can do, they eat up CPU resources, deplete bandwidth, take up disk space, and waste our time. Protecting and reclaiming email servers from this onslaught should be a top priority for every network administrator. Check out products that can help in our Email Security Suites Buyer's Guide.

Feature: Using Windows Mobile 2003 to Access Exchange

Last summer, Microsoft released Windows Mobile 2003, the successor to Pocket PC 2002. If you're considering implementing a Windows Mobile device as a PDA standard in your enterprise, you'll want to know about the new and updated Windows Mobile 2003 connectivity and email features and some improvements that will enhance the security of your mail system and your enterprise. Read all about how Windows Mobile 2003 accesses Exchange Server in Joseph Neubauer's article.

Feature: Windows XP SP2 Beta Review

In January, Microsoft issued a semipublic beta of its upcoming Windows XP Service Pack 2 (SP2), a major upgrade that's focused largely on security. The XP SP2 beta isn't complete, but it does provide an interesting look at the direction the company is taking with its so-called "Springboard" security technologies, which are designed to retroactively apply recent security thinking to older products. Sneak a peek into XP SP2 in Paul Thurrott's review.

News: Hundreds of Windows XP Registry Tweaks

The Daily Rotation Web site mirrors news from Geek News Central (GNC) and various other sites. Recently, when I was scanning headlines at Daily Rotation, I noticed that GNC had posted a link to the Kelly's Korner site, which has loads of information for Windows XP users. One resource I found interesting is the XP Tweaks section, in which you'll find hundreds of registry tweaks for all sorts of situations, many of which are tweaks that affect security in one way or another. If you use XP, you might want to check it out.


==== Hot Release ====

Assure On-line Compliance--an on-demand Webcast

Is your organization up to speed on best practices in website management?

Many organizations find that website management is a critical top and bottom line business issue, but surprisingly, on-line compliance is often overlooked. To view an on-demand Webcast "Assuring On-line Compliance with Industry Standards and Current Legislation" go to:


==== Instant Poll ====

Results of Previous Poll

The voting has closed in the Windows & .NET Magazine Network Security Web page nonscientific Instant Poll for the question, "Do you rely on bootable Windows or Linux disks for system recovery and analysis?" Here are the results from the 58 votes.

- 33% Yes (Windows)

- 36% Yes (Linux)

- 19% No, but I plan to start

- 12% No, and I don't plan to start

New Instant Poll

The next Instant Poll question is, "Does your company plan to implement a server-based mail-authentication solution?" Go to the Security Web page and submit your vote for

- Yes, Sender Policy Framework

- Yes, DomainKeys

- Yes, Caller ID for E-Mail

- Yes, two or more of the above

- No

==== Security Toolkit ====

Virus Center

Panda Software and the Windows & .NET Magazine Network have teamed to bring you the Center for Virus Control. Visit the site often to remain informed about the latest threats to your system security.

Virus Alert: Netsky.D

A new variant of the Netsky worm, Netsky.D, is spreading rapidly. The worm spreads by sending copies of itself through its own SMTP engine. Copies of the worm target email addresses harvested by scanning disk drives (C through Z) of an infected system and network. Netsky.D tries to disable other worms, such as MyDoom.A and MyDoom.B, and deletes various registry keys.

Virus Alert: New Bagle Variants

Several new variants of the Bagle virus, including Bagle.F, Bagle.G, Bagle.H, Bagle.I, Bagle.J, and Bagle.K, have emerged. They each spread through email and can reach a computer in an attached .zip file that's password protected and thus can't be scanned by some antivirus software.

FAQ: How can I restore the contents of the Default Domain and Default Domain Controller Group Policy Objects (GPOs)?

by John Savill,

A. You shouldn't modify the Default Domain and Default Domain Controller GPOs. Instead, you should create new GPOs and link them to the relevant containers. However, if you've already modified a GPO and want to restore the default content, perform the steps outlined in this FAQ:

Featured Thread: Application Service Ports

(Two messages in this thread)

Christian writes that his company is in the process of setting up security for its new Web application. The Web application is developed in ASP.NET Framework and requests data from Microsoft SQL Server 2000, which generates the reports for the clients. His company needs to tighten security between the Web server in the demilitarized zone (DMZ) and the internal network on which the SQL Server system resides. Christian wants to know what service ports must be open for mixed-mode authentication for access between the Web server and SQL Server. Lend a hand or read the responses:

==== Event Central ====

(A complete Web and live events directory brought to you by Windows & .NET Magazine: )

New--Microsoft Security Strategies Roadshow!

We've teamed with Microsoft, Avanade, and Network Associates to bring you a full day of training to help you get your organization secure and keep it secure. You'll learn how to implement a patch-management strategy; lock down servers, workstations, and network infrastructure; and implement security policy management. Register now for this free, 20-city tour.

==== New and Improved ====

by Jason Bovberg, [email protected]

Enable Secure Remote Access

AEP Systems announced the advanced edition of AEP SureWare A-Gate AG-600, a 19" rack-mount appliance for small and midsized enterprises that offers secure remote access to company applications and resources. SureWare A-Gate AG-600's A-Gate Anywhere component lets employees and partners access email and other Web-enabled or Windows Terminal Services applications from any PC running a standard browser. The appliance's A-Gate Central component gives road warriors and remote workers full access to client/server applications from a client PC. SureWare A-Gate AG-600 permits remote access for as many as 400 online users and costs $8995. For more information, contact AEP Systems on the Web.

Policy-Based Remote-Access Security Solution

OPSWAT and Shavlik Technologies signed an OEM and comarketing agreement, and OPSWAT released OPSTOP SecurePatch, an enterprise security solution that lets you create and enforce policies guaranteeing that only well-patched hosts can gain remote access to networks. To create a policy, you define an exact list of the required patches or use an automatically updated list (from Microsoft, for example). OPSTOP SecurePatch leverages Shavlik's HFNetChk scanning engine and Shavlik's HFNetChkPro patch-management solution. For more information about the partnership and the products, contact OPSWAT at 415-543-1534. You can also reach the company on the Web.

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]


==== Sponsored Links ====


==== Contact Us ====

About the newsletter -- [email protected]

About technical questions --

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]

Primary/Secondary Sponsor: Symantec --

This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

View the Windows & .NET Magazine privacy policy at

Windows & .NET Magazine, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.