SoCal IT Pro Association Newsletter                           Volume 3  Number 3
Southern California Information Technology Professional Association        March 1, 2005

Welcome Members, Visitors and Friends!
In search of the frumious Bandersnatch... March's topic is Malware, the brainchildren of perfidious purveyors of pestilential, pusillanimous, programmatic code. Onward, valient Admins! Take up the Vorpal Sword and sally forth to defend the NetRealm! Let us call forth the magicians of Trend Micro to guide us and cast their spells against the vermicious onslaught of spyware, adware, trojan horses, etc., etc., etc...
Inside this Issue:
And speaking of malicious code...Have a Bagle?
Supercomputing with Windows?
Meeting Announcement: Trend Micro presents: Malware
Previous Meeting: Stonefly Networks and i-smartCONNECT
Final Notes…
Email the Editor

And Now, The News...

And speaking of malicious code...Have a Bagle?

On March 1, 2005, Dan Ilett, of ZDNet (UK), reported the latest attack of the Bagle virus, the previous day. This version, BagleDl-L, is a Trojan horse that shuts off your system's antivirus software or firewall, leaving your system open to attack, even from older viruses.

Ilett says, "For this Trojan to work, a certain amount of naivete is required on the part of victims because the e-mails contain a ZIP-file attachment that must be opened to display the programs "doc_01.exe" or "prs_03.exe," which must be run manually to infect a computer."

Fortunately, this little nasty is not self-propagating (yet). Just be watchful, and keep your AV programs up-to-date.

Top

Supercomputing with Windows?

Microsoft is entering the SuperComputing Market! You didn't know there was a SuperComputing Market? Well people have been using cluster of linux boxes to emmulate super computers for several years. Microsoft has used this technique, but with Windows nodes, to analyze its stock porfolios. This fall, the company expects to release its own Windows Server 2003 Compute Cluster Edition, report Stephen Shankland, and Ina Fried, of CNET News.com. Pricing is not yet available, but it's said the cost per cluster-node will be at a substantial discount. The package will include development software, but for C#, rather than C, which runs more slowly. So don't expect this thing to be as fast as a Cray. "Often" Software Architect Marvin Theimer said, "it's more important to have a program as soon as possible than to have it running at peak performance." Still, we can hope...

Top

Meeting Announcement: Thursday, March 10, 2005: Trend Micro presents: Malware

Ever since the development of the Internet, we have had to deal with Malicious Software, now abbreviated as "Malware." From viruses and adware to spyware, we are constantly on the alert for malicious snippets of code that reformat drives, delete files, modify settings, overtly take over the user's computer, covertly use the victim's system to email out spam, advertise inappropriate material in inappropriate environs, and steal the victims' work, passwords, bank account numbers, and identities. There is probably no one on the planet who hasn't in some way been affected by one or another type of malware. Each day, companies lose millions of dollars from malware attacks. We can only hope that Trend Micro can shed some light on newer, more effective, and less expensive methods to safeguard our systems and email from this ever-present, and growing menace.

This month's MCT Corner will be presented by QuickStart's lead .NET MCT and Evangelist, Bob Willsey. Bob will discuss .NET remoting.

Now, here's something new:

VALUABLE NEWSLETTER COUPON

FOR SoCal IT Pro Association MEMBERS ONLY

PRESENT THIS COUPON WHEN YOU SIGN IN AT THE ADMISSIONS TABLE TO RECEIVE

1 FREE EXTRA RAFFLE TICKET

A SECOND CHANCE TO WIN A FABULOUS DOOR PRIZE!!!
That's right!, cut out the above coupon, and present it at the admission table, and receive your extra, FREE Raffle Ticket! As always please RSVP on the http://www.SoCalITPro.org website (it helps us to know how much PIZZA to order). The link is on the lower left hand side of the home page.

Top

At the Previous Meeting...

Once again, QuickStart's Clive Herman provided a lively MCT Corner presentation, this time providing an overview of Microsoft's Internet Security Accelerator (ISA) Server, 2004. ISA Server can accelerate your Internet Servers because it provides advanced protection in the form of a unified firewall and VPN Server, with advanced caching, multi-layer packet inspection, application layer filtering, with an especial view toward security for Exchange. As for improvements over previous incarnations of ISA, the new version provides command prompts and scripting for EVERYTHING! Policies can be assigned on a network basis. It provides routed and Network Address Translation (NAT) relationships, a VPN with quarantive integration, stateful inspection of the VPN (utilizing a script file), a Delegated Permissions Wizard for firewall admin roles, and advanced application filtering.

One of the changes that confused me, is that ISA now views everyting as a "network", rather than segregating the "inside" of the network from things that are "outside." I do not comprehend how this could be an advantage, in terms of security. One member asked the question, "In a large environment, who looks after ISA?" This is an important question, as it determines how much administrative overhead is involved in using ISA compared to other market-ready products. The answer, given after making an additional statement that, "Any security device is as good as the person who sets it up," was that it would have to be someone who is experienced in patch management. Oh-Oh...does that mean the person stuck with this duty will be applying monthly, weekly or daily patches to ISA?

For those who wish to try ISA Server 2004, it is included in the Windows Server 2003, Advanced, Small Business Server Edition.

Next, Chris Cornell (ccornell@stonefly.com) of Stonefly Networks, Inc. presented a discussion of Storage Management and Business, revealing their latest product line, the i3000 Storage Concentrator, an iSCSI router and bridge. To accompany the concentrator, they also provide disk storage arrays of from 1.4 to 4.8 TB. The whole is governed by CommVault's Galaxy, said to be the best disk-to-disk backup software on the market.

It was said that Galaxy could perform a 0-Window Backup, in which a script makes a mirror copy to disk, breaks the mirror, then makes a backup of the mirror. The backup of the second mirror is created offline, which avoids any downtime. Slick, huh? They also claim the simplicity of 1-Touch Recovery, using synthetic fulls (full backups are created instead of incrementals). Finally, they say that it takes less than one hour to install a SAN and have it up and running. All this at affordable prices, starting at $35,990. For more information, goto http://www.stonefly.com.

And last, but not least, Kurtis W. Kreh of i-smartCONNECT (http://www.i-smartCONNECT.com) presented “Smart Solutions for Strong Security”. Kurtis told us that security attacks are on the rise. Vulnerabilities exist internally with remote users and end-user desktops, as well as the fact that external attacks are becoming more sophisticated. Prevention is the bedrock of security. Security begins and ends with people & policy structure.

Kurtis introduced us to the i-smartCONNECT VPN Appliance, with which you may access your company PCs and Servers from anywhere. The VPN Appliance offers:
  • Clientless: No client software to install or maintain
  • Access: To email, files or applications from any web browser
  • Simple: To install, maintain and use – as easy as browsing the web
  • Anywhere: Access from any PC with any web browser
  • Secure: 128-bit SSL encryption, two-factor authentication and access control
Usually, this is designed to work with and RSA SecurID Token, which is a keyfob. The really impressive thing about i-smartCONNECT's system is that it now sends its secure 128-bit encrypted, 2-factor access control code TO YOUR CELL PHONE! Any cell phone capable of receiving a text message will work (and that's just about all of them!)! Imagine logging in to your corporate servers and authenticating with just a cell phone call! Cool, right? People carry their cell phones everywhere, and usually are fairly competent in protecting them...making sure no unauthorized person has their phone, right?

Now, wouldn't you rather use the i-smartCONNECT VPN Appliance? Kurtis demonstrated the thing. It works! So, do you know who's accessing your network, right now?

Top

Final Notes…

>Suggestions: An organization is always more efficient when its members pitch in. We want suggestions for products, vendors, or technical presenters YOU would like to see at our meetings. If you have ideas for things you think we should be doing, let us know! After each meeting, Suggestion/Evaluation forms will be available. Alternatively, you may email suggestions to Brad Fischl, brad.fischl@quickstart.com, or to the Editor (see below).

>Submissions: If you any ideas for an article that you might like to write for this Newsletter, or about any third-party software that you would like to share with our members, please submit your article to the Editor, contact information below. Please use the Rich Text Format (.rtf file) for your article, and in the subject line of your email, put the word, Newsletter, so I don't accidently delete your email. (I tend to delete emails from people I don't know unless the subject line clearly indicates something important.)

See you at the meeting on Thursday, March 10, 2005, enjoy!

Robert Holtzman, Editor
rholtzman@socalitpro.org

Top

SoCal IT Pro/OCNTUG Newsletter                                     Volume 3 No. 3                               03/01/2005

EOF