OCNTUG Newsletter 09-01-03

OCNTUG Newsletter Volume 1 Number 3 September 1, 2003

Good Evening Members, Visitors and Friends!

A heartfelt welcome to all new members. If you haven't been to a meeting recently, just look at previous newsletters and you'll see we have had some fascinating presentations over the last few months. Last month, for example, we learned a great deal about sharing (which I found particularly useful, as my kindergarten teacher seems to have been somewhat remiss on the subject). In July, both CommVault and PowerQuest presented some awesome backup solutions. In June, Stonefly Networks demonstrated their incredible IP SAN, and in May, Dexterra demonstrated their fabulous mobile enterprise solution, revealing the superior capabilities of Microsoft's .NET platform. You really don't want to miss these meetings!

Inside this Issue:
QuickStart offers Windows Server 2003 Training to OCNTUG members
Nogginfest
Virus Attacks
Meeting Announcement: September 11, 2003
At the Previous Meeting...
Random Access Department: More on virus issues
3rd Party Tools Department: 2xExplorer
Employment Opportunities
Final Notes…
Email the Editor

And Now, The News...

QuickStart Intelligence Offers Windows Server 2003 Training Seminars for OCNTUG Members
Article by Brad Fischl
Attention OCNTUG members! After our Citrix and SharePoint Portal Server presentations last week I was asked if the group would be able to get this training at a discount. QuickStart is allowing all OCNTUG members special rates for training on these two courses:

Course CTX200A - Accelerated Citrix MetaFrame XP for Windows Administration and Advance Management - 5 days http://www.quickstart.com/html/myqs/my_training/enrollment/coursedescription.asp?productnumber=CTX200A
Retail - $2,850 OCNTUG member price - $1,995
Available dates - Sept 15-19 in LA (near LAX) or Nov 17-21 in Brea.

Course 2095A - Implementing Microsoft SharePoint Portal Server 2001 - 3 days http://www.quickstart.com/html/myqs/my_training/enrollment/coursedescription.asp?productnumber=2095A
Retail - $1,275 OCNTUG member price - $892
Available dates - Oct 29-31 in Aliso Viejo (same location as the OCNTUG meeting).

If you have any questions or would like to enroll please contact me directly.

QuickStart Intelligence
"Microsoft CTEC Partner of the Year"
www.quickstart.com
Brad Fischl, Account Manager
949-330-6839 - direct
949-330-6829 - fax
714-318-2664 - cell
brad.fischl@quickstart.com Top

OCNTUG Board Plans Nogginfest 2.0

The Board has been working diligently to plan for our December 11th meeting, Nogginfest 2.0, at which we will have many, many manufacturers displaying their wares. Watch this space for more info… Top

Wretched Worm Wreaks Havoc on the World Wide Web!

Those pernicious purveyors of profligate programmatic pestilence are at it again! The Sobig Worm earned its name in August, infesting more than 200,000 systems! And there are plenty more of those vicious vermiform viruses lurking on the Web. Check out the Random Access Department below. Top

Meeting Announcement: September 11, 2003

Our September meeting promises to be quite exciting! We will have a presentation from Microsoft on their new release - Office 2003!!! Everyone will want to be there! Here's the Official Announcement direct from the horse's mouth:

Microsoft Office System Sneak Preview

The new Microsoft Office System is coming, and Microsoft is offering special previews for IT professionals. This firsthand look will provide an opportunity to see new Microsoft Office technologies that are keeping corporate data safer, reducing downtime, and increasing productivity. Microsoft has developed a series of interactive pre-launch events and activities that highlight Microsoft Office System deployment tips and tricks, new security features, integration with Microsoft server technologies, and much more. To sign up for one of the many interactive demos, webcasts, workshops or special events planned nationwide, visit the events registration page. http://www.officesystem2003events.com/

We will also have a presentation from Vidius who will demonstrate a "revolutionary" new tool for Information Security. Kevin Moylan of Vidius has provided the following release:

Vidius is the worldwide leader in Information Distribution Management. Through its PortAuthority™ Server, Vidius gives organizations the ability to control how their most valuable information is distributed, empowering IT-executives to meet corporate, business and regulatory compliance requirements. In their presentation, Vidius will demonstrate how its remarkable new technology can prevent information from being shared-- whether maliciously or accidentally -- with unauthorized persons via e-mail and the Web. PortAuthority works by running a series of proprietary algorithms against documents and extracting a mathematical representation of how the data is constructed (e.g. fingerprinting). The fingerprint is stored on the PortAuthority Server which can identify the original, protected data (in whole or in part) and enforce internal distribution policies by blocking the distribution of the data to any unauthorized recipients. During the seminar, Vidius will provide attendees with free security evaluation software and will be announcing an exciting vacation prize package to all OCNTUG attendees. Please be sure to join us! Top

At the Previous Meeting...

Our August 14th meeting was kicked off with a brief thanks and a kind offer of help from Roger Shambaugh, Account Executive, Corporate Sales, (rogersha@microsoft.com), of Microsoft, who also provided several very nice items for our raffle. (But if you hope to win a licensed copy of Office Pro 2003, remember, you have to be present to win!)

Next Omar Yakar of Agile360 (www.agile360.com) presented a fascinating discussion of how Citrix Metaframe XP distributes and manages desktop applications on top of Windows Terminal Server, without a VPN. If memory serves (and there will be errors, but forget about that for the moment), the thin client after authentication sets up an SSL channel through its browser, directly to the server side agent, which manages the state of the connection. The agent sends commands that the client uses to build the screen image, draw windows, and so on, and only sends tiny bitmaps of the icons for applications, rather than sending a single, huge bitmap of an entire screen, unlike pcAnywhere, or VNC. This streamlines the data flow over the Internet, making the process of sharing applications and data much faster.

For the last presentation, Greg Sincock, Director of Software Development for VL Systems (www.vlsystems.com), provided an overview of the installation requirements, the client requirements, and a demonstration of how SharePoint Portal Server allows you to easily manage intranet web sites. We now know that Microsoft will be offering a SharePoint Services download, free to those with a licensed copy of 2003 (which many of you have), and that this, along with the new Office SharePoint Portal Server software, will permit you to install and begin using the Server.

Vidius had a table (well, the pool table is a table) where their representative distributed Evaluation copies of their PortAuthorityTM Server, which gives people a chance to try out the software before Vidius' presentation, next month (see above meeting announcement). Ergo, you might want to check out their web site before the meeting: www.vidius.com. Actually, PortAuthority Server manages high security access devices, such as fingerprint scanners, and the like. Top

Random Access Department:
Virulent viral vectors violate computer systems this summer, while villlainous vir-writers rejoice in vile vainglory!

Is it that time of year, or are the virus-writers just out in force? Maybe they're students on summer vacation with lots of free time to write code for fun? Maybe their purpose is more sinister. Whatever the reason, the e-bug invasion has reached pandemic proportions this past month. It seems that as soon as you've downloaded the latest patch from Microsoft, plus the latest anti-viral file from your favorite vendor, there are two more that need to be downloaded. While I'm sure that launching electronic missiles at our operating systems, web servers, office and email applications is much more fun than playing Wolfenstein, Doom, or whatever the latest cyber-game craze happens to be, it certainly is annoying, and costly in terms of downtime, data loss and revenue loss.

Just before our last meeting, the MSBlast.D Worm hit, and required a patch from Microsoft. The latest entrees on the menu include the Sobig Worm, the Raleka Worm, and the W32/VCK.3037 Virus. To keep abreast of these malicious miscreants, you should visit the Network Associates, Inc. web site (McAfee VirusScan): www.networkassociates.com; the Symantec site (Norton AntiVirus): www.symantec.com; FRISK Software International (F-Prot Antivirus): www.f-prot.com; or the site of your favorite AV vendor. If you become sufficiently paranoid, you'll find yourself checking one or more of these sites every day, at which time you should consider hiring a permanent security administrator, and let her/him take over the job of being paranoid.

[Psychiatric Quick Test for Paranoia. Ask yourself this question: Self, are THEY really out to get me? If the answer is 'Yes,' you're not paranoid. Buy the AntiVirus software! If the answer is 'No,' you might want to schedule a visit your psychiatrist; you may be losing your grip on reality (and buy the AV software, anyway).]

The Sobig.f worm is one of those critters that appears to come from someone you know, because after infecting someone's machine and collecting all listed addresses, it spoofs someone's email address, and sends copies of itself to everyone on the list. The subject line might say: "Your Details"; "Thank You!"; "Re: Details"; "Re: Your application"; or some such nonsense. The attachment will be either a .pif file or a screensaver .scr file. It purposes are to clog traffic on the net, and shut down both server and user systems. The important thing is to train your users never to open such an attached file. Spending a little time educating your users or clients how to avoid email viruses, NOW, could save time and money later. If you don't agree, ask the owners of the 120,000 systems infected by MSBlast in July, and the 200,000 infectected by Sobig in August.

You might have your users copy such files to a Suspect Files folder on a network share, where the security administrator can run an antiviral scan on them, provided the latest updates have been installed. If the administrator has the time, and the inclination, it might be possible to trace email headers to determine where the bugs really came from, and if practical, notify the source that their system is infected. The zealous security admin will also send a copy of the bug to their favorite AV software vendor, watch for and install new AV updates on a daily basis, watch for patches and hotfixes on a daily basis, and train every user to use the AV software he/she has installed on every system. The overzealous security admin/hacker will attempt to determine the precise origin of the bug and launch a counterattack with a virus of his own devising (Note, this person may also need to visit his psychiatrist…). The average person will use AV software, delete any email message from someone he doesn't know before opening it, make it a policy to never open attachments, and go on with business as usual. (Of course, if you're taking customer orders via email, you can't afford to delete them, so be sure your AV software scans incoming email before it reaches your desk.)

Is there a point to all of this rambling? Yes, update your anti-virus software yesterday! If you don't have any, buy it now, or stay off the net. It's a jungle out there! Top

Favorite Third Party Tools Department

Image of 2xExplorer

Wait a sec! Did I just see a directory app with a tree and two different folders in separate panes? Yes, you did! No, it isn't Norton Commander, and it isn't Midnight Commander. It's 2xExplorer Version R7 "Ninja", another exciting Freeware program.

Just look at all the cool things 2xExplorer can do! All of your drives, including network drives, appear along the left rail. Its got all the neat buttons for most of the things you'd want to do, but best of all, you don't have to open two Explorer windows, or resize them, or move them around the screen, or tile them, and accidentally tile all of your other open windows at the same time…Oh, bother! Simply open 2xExplorer, select a pane, and move up or down the tree…or double-click on the pane's title bar to move up one level, or use the pull-down menu, because the program's saved your most recent folder locations! Then drag, copy or move anything anywhere! You can synchronize panes, to see what's missing from one directory. And there's so much more…

And because 2xExplorer doesn't bother with the registry, you can copy the thing into any directory and use it wherever you please. The desktop is a good place for it. Drag its icon to the taskbar for the convenience of single-click startup (I keep NoteTab Light there, too, in case I forget and close it (see last month's issue)). If you use 2xExplorer on a regular basis, the author would simply like you to register with a blank email. That's it. No fee. Find 2xExplorer at www.hotfiles.com, or www.download.com. Top

Employment Opportunities

2 Openings at Embee Technologies:

Network Engineer/Sales Engineer and Customer Service/Help Desk Engineer

All interested parties email your resume to embeetech@embeetech.com.

Employers, please note, we will publish job opportunities in the OCNTUG Newsletter. This publication is released once per month, and can be found at www.ocntug.org. Top

Final Notes…

> Another call for articles. If you have some information that you feel would benefit our members, you could write an article for the OCNTUG Newsletter! All submissions should be in text, or rich text format (because the virus writers haven't figured out how to plant a bug in that, yet…). If you would like help writing an article, just let me know.

> One member reports (with more than a little consternation) the apparent theft of her cloth carry-bag at the end of the regular meeting last month. Of course, it is entirely possible that the bag was accidentally scooped up with someone's other belongings, however, our esteemed member would appreciate that it be returned. If anyone has a clue as to the whereabouts of the purloined bag, please contact the editor. We do hope that meeting attendees would be kind to fellow members, and respect their personal belongings, however, we also remember that sign that hung on the wall in Shakey's:
                                "If you value your hat and coat, wear 'em."

> Mmmmmm…the pizza at the last meeting was great! (But where were the walnut fudge brownies?)

Until I see you at the meeting on September 11, 2003, have a pleasant Labor Day Holiday. Enjoy!

Robert Holtzman, Editor
rholtzman@netzero.net                          Top

OCNTUG Newsletter                                      Volume 1 No. 3                                    08/29/03

End of Transmission