Kevin's song of the week
news://msnews.microsoft.com/OH5UhkVj...tngp13.phx.gbl
Summers almost over.....
SMBNation [http://www.smbnation.com] is almost here
and the anchor hotel is full. Book whereever you can, bunk up whereever
you can
Well I hope you've signed up for the New Small business web site
http://www.mssmallbiz.com/default.aspx
----------------------------
Upcoming webcasts that I'm going to be watching
Events Home:
Dr. J on preventing Hacking
http://msevents.microsoft.com/cui/We...ultur e=en-US
Small Business server TCO
Events Home:
http://msevents.microsoft.com/cui/We...ultur e=en-US
Data protection on the Road
Events Home:
http://msevents.microsoft.com/cui/We...ultur e=en-US
OOOH Steve Riley on SP2 on THIS Thursday
http://msevents.microsoft.com/cui/We...ultur e=en-US
-------------------------------------------
TechNet Webcast: Understanding Group Policy on Windows Server 2003 -
Level 200
Friday, September 3, 2004 - 11:30 AM - 1:00 PM Pacific Time
Keith Combs, TechNet Presenter, Microsoft Corporation
This webcast will provide an understanding of how Group Policy in
Windows Server™ 2003 has changed since the Windows® 2000 implementation.
See the features of the new Group Policy Management Console (GPMC),
including its use for Group Policy modeling. Beginning with a quick
review of Group Policy, we will explore key concepts such as Software
Restriction Policies, Windows XP-only policies, Windows Server 2003
enhancements and essential best practices.
http://msevents.microsoft.com/CUI/Ev...&Culture=en-US
----------------------------------------
TechNet Webcast: Inactive Directory? Not When You Use Scripts to Help
Manage AD - Level 200
Friday, September 30, 2004 - 9:30 AM - 11:00 AM Pacific Time
Microsoft Scripting Guys, Microsoft Corporation
Active Directory® has been a boon to system administrators, enabling
them to combine scores of small Windows NT® 4.0 domains into a single,
unified directory service. This makes resources more accessible for
users, but can be intimidating to administrators paralyzed at the
thought of all the new management tasks facing them. But don’t despair:
there is an easier way. In this webcast the Microsoft Scripting Guys
will introduce the fundamentals of writing ADSI scripts to automate the
management of users, groups, OUs, and everything else found in Active
Directory. As a special bonus, the webcast will give you a sneak peek at
the basic concepts behind using scripts to secure and delegate control
of AD and AD objects.
http://msevents.microsoft.com/CUI/Ev...&Culture=en-US
-------------------------------
Remember as you roll out XP sp2 you need
Download details: Update for Windows Small Business Server 2003: KB 872769:
http://www.microsoft.com/downloads/d...displaylang=en
[which comes down on Windows Update]
AND THIS
842933 - "The following entry in the [strings] section is too long and
has been truncated" error message when you try to modify or to view GPOs
in Windows Server 2003, Windows XP Professional, or Windows 2000:
http://support.microsoft.com/?kbid=842933
And read this document
http://go.microsoft.com/fwlink/?linkid=33331
---------------------------------
842694 - "You must be a member of the Domain Admins, Schema Admins, and
Enterprise Admins" error when you run the Windows Small Business Server
2003 Setup program:
http://support.microsoft.com/?kbid=842694
884675 - "Copy Error: Setup cannot copy the file Atapi.sys" error
message when you try to install Windows XP Service Pack 2:
http://support.microsoft.com/?kbid=884675
883667 - OEM Windows XP Setup program may stop responding during video
driver installation:
http://support.microsoft.com/?kbid=883667
878475 - A physical hard disk drive on your computer may appear as a
removable drive when you run the Wireless Network Setup Wizard in
Windows XP Service Pack 2:
http://support.microsoft.com/?kbid=878475
883614 - You receive a "Windows Update has encountered an error and
cannot display the requested page" error message when you try to install
an update:
http://support.microsoft.com/?kbid=883614
884020 - Programs that connect to IP addresses that are in the loopback
address range may not work as you expect in Windows XP Service Pack 2:
http://support.microsoft.com/?kbid=884020
883260 - Description of how the Attachment Manager works in Windows XP
Service Pack 2:
http://support.microsoft.com/?kbid=883260
838191 - List of Remote Procedure Call (RPC) fixes in Windows XP Service
Pack 2:
http://support.microsoft.com/?kbid=838191
-----------------------------
Probably the biggest news this week was Jim Allchin front and center on
Longhorn and how WinFS is being cut down
Jim Allchin - The Longhorn Update
http://channel9.msdn.com/ShowPost.aspx?PostID=19798
Microsoft Monitor Joe Wilcox has a excellent post on the topic as well
Microsoft Monitor: Longhorn readies for the Corral:
http://www.microsoftmonitor.com/archives/003652.html
---------------------------
In other news this week
----------------------------
- - - - - - - - - -
Hackers target French ISP's site
A hacker compromised the corporate Web site
of France Telecom SA's Internet service provider
subsidiary, Wanadoo, on Monday, causing the site
to try to install a malicious software program on
visitors' computers, the company said yesterday.
The site, www.wanadoo.com, had been altered to
use two common software exploits that redirect
visitors' Web browsers from Wanadoo.com to Web
sites that attempted to download a Trojan horse
program onto their computers.
http://computerworld.com/securitytop...,95492,00.html
- - - - - - - - - -
Civil servants sacked over Net porn
More than 200 civil servants in the Department
of Work and Pensions (DWP) have been disciplined
for surfing the Web for porn during office hours.
In the last eight months the staff accessed over
two million pornographic images, including 18,000
involving child abuse. The Sun newspaper reports
that some of the sites touted images purported
to be of kids as young as 13. So far, 16 workers
have been sacked as a result of the sting operation,
which began in December last year. One worker has
been convicted on 32 counts of possessing child
pornography, and two others are under investigation.
http://www.theregister.co.uk/2004/08..._servant_porn/
- - - - - - - - - -
Chinese finger 'exam cheat' virus
In brief A computer virus specifically designed
to steal files with names such as "exam" or "test
questions" has reportedly been discovered by a
Chinese Internet security firm. The "exam theft"
virus is capable of infecting Microsoft Word and
Excel files and uploading targeted documents onto
the Net, the Shanghai Daily News reports.
http://www.theregister.co.uk/2004/08/26/exam_virus/
- - - - - - - - - -
First AMD 64-bit virus debuts
Anti-virus researchers have discovered of the
first virus capable of infecting 64-bit AMD systems.
The Shruggle virus is only capable of infecting AMD64
Windows Portable Executable (PE) files on the same
machine. The virus will not run natively on 32-bit
Windows platforms. Even on 64-bit AMD boxes, Shruggle
is incapable of spreading by itself from machine to
machine. The virus is noteworthy only in demonstrating
that malicious code is capable of infecting 64-bit AMD
systems even before the widespread availability of
systems next year.
http://www.theregister.co.uk/2004/08...us64bit_redux/
- - - - - - - - - -
Viruses as tools of data theft
Every virus-writer with high self esteem often
tampers with stealing personal data. The perpetrator
infects the computer with a virus installing a trojan,
a program sending data to the owner. If you store data
on your accounts on the computer, the criminal can
withdraw money from your bank accounts and use your
credit cards in your name.
http://www.crime-research.org/news/26.08.2004/590/
- - - - - - - - - -
Secret Service and CERT analyze insider threats
It doesn’t take a techie to abuse an IT system
from the inside, and inside attackers do not fit
any common profile. Those are among the findings
of the Secret Service and the CERT Coordination
Center in a study of insider attacks against
financial organizations. Damage to the victimized
institutions ranged from a few hundred dollars
to hundreds of millions of dollars. The report,
Illicit Cyber Activity in the Banking and Finance
Sector, is the first in a series of Insider Threat
Studies in critical infrastructure sectors.
http://www.gcn.com/vol1_no1/daily-updates/27074-1.html
'Electronic Jihad' fails to materialise
http://www.theregister.co.uk/2004/08/26/cyberfud/
- - - - - - - - - -
Cisco reports access control server flaws
Cisco on Wednesday posted an advisory warning
about four vulnerabilities in its Secure Access
Control Server (ACS). The first flaw causes the
Web interface of the ACS to stop answering
requests when it's flooded with TCP connections.
The second error crashes systems using Cisco's
remote access authentication protocol,
http://zdnet.com.com/2110-1105_2-5325170.html
http://computerworld.com/securitytop...,95514,00.html
- - - - - - - - - -
SP2: To install or not to install
After a series of delays, Microsoft has unveiled
its security-minded update to Windows XP, known
as Service Pack 2. But for some in the business
world, the response is "not so fast," as the software
giant moves to iron out some kinks. Various holes,
flaws and compatibility concerns are topping the
list of reasons not to put SP2 installation on the
to-do list--at least not yet.
http://news.com.com/Editors%27+Picks...3-5322562.html
- - - - - - - - - -
Will New Security Fears Drag E-Commerce Down?
Most identity-theft crimes occur when employees
steal records from employers, not when consumers
type credit-card numbers on a secure Web site.
That is why this type of crime is just as likely
to affect victims who never shop online as those
who do. It sounds like an update of an old Aborigine
tale. In the original, a person's soul is stolen
by the flash of a camera; in the adaptation, one's
identity is captured by a flicker of computer wizardry.
http://crm-daily.newsfactor.com/stor...story_id=26573
- - - - - - - - - -
Security worries back to 2001 levels
The severity and number of exploits and vulnerabilities
in computer systems are causing greater concern for IT
directors. In the wake of a report by outsourcing company
Synstar, concerns over security are back to 2001 levels
with nearly 90% of respondents more concerned about flaws
and attacks than other IT issues. Fran Howarth, practice
leader of security at Bloor Research said there were many
reasons behind the finding, most prominent of those were
the ever-increasing number and complexity of exploits and
flaws being unearthed.
http://www.scmagazine.com/news/index...ewsType=Latest
- - - - - - - - - -
A checklist for buying a security event management system
To better protect themselves against the
proliferation and wide range of network security
threats, organizations are building more complex,
device-laden security networks. Today's network
attacks are becoming more sophisticated, and it's
increasingly difficult to distinguish actual attacks
from normal traffic. Best practices dictate that
event logs should be periodically reviewed in-depth,
looking for anomalous events indicative of an attack
or compromise, rather than waiting for it to become
apparent in a catastrophic system failure.
http://computerworld.com/softwaretop...,95465,00.html
------------------
Various sources including www.newsbits.net used to put together this
news of the week
--
http://www.sbslinks.com/really.htm
