newsletter@quarkit.com.au | www.quarkit.com.au | issue 4 | January 2005

Welcome Welcome to our January, 2005 Quark IT Newsletter, and welcome to 2005! We trust you had a relaxing holiday break and are ready and rearing to go this year. Or maybe you are still slowly recovering? :) This month we'll discuss data backups and how critical they can be to the viability of your business, spyware - what it is and how to help protect against it and we'll also continue our "SBS 2003 Features" series of articles with an outline of what benefits the Windows Server 2003 component can bring to your business. If you'd like more information about anything covered in this newsletter, please contact Quark IT.

In This Issue... Update Zone The latest update for Windows, Microsoft Office and other important software. The Latest Virus And Worm Information This month's winner is the Sober.I worm. We think its a kind of inappropriate name for this time of year! Data Backups An in depth look at what your data is worth, and how much a backup procedure can save you. Spyware Spyware and adware are becoming as annoying and harmful as viruses, worms and other malicious software. Small Business Server 2003 Features: Windows 2003 Server The base on which Windows Small Business Server 2003 is built. Next Month We continue our Microsoft Windows Small Business Server 2003 Series by looking at Exchange Server and we'll also have a look at the benefits of maintenance. Special Offers Special offers for Quark IT clients. (This link redirects to the Quark IT website.) Signing Off Final words.

Update Zone Important Service Pack Information Microsoft Desktop Operating Systems Microsoft Windows XP Professional (and Home) Latest Service Pack 2 Critical Microsoft Windows 2000 Professional Latest Service Pack 4 Critical Microsoft Windows NT 4.0 Workstation Latest Service Pack 6 Critical Microsoft Desktop Applications Microsoft Office 2003 Latest Service Pack 1 Critical Microsoft Office 2002 (Office XP) Latest Service Pack 3 Critical Microsoft Office 2000 Latest Service Pack 3 Critical Microsoft Server Operating Systems Microsoft Windows Small Business Server 2003 Latest Service Pack None   Microsoft Windows Server 2003 Latest Service Pack None   Microsoft Windows 2000 Small Business Server Latest Service Pack 1a Critical Microsoft Windows 2000 Server Latest Service Pack 4 Critical source: http://www.microsoft.com/security/ m0n0wall Updates Current Version:            1.11 (20041111) source: http://m0n0.ch/wall/ NOD32 Updates NOD32 Base:            2.12.3 NOD32 Internet Support:            2.12.3 NOD32 Standard:            2.12.3 Virus Signature Database:            1.959 (20041227)    (or later) source: http://www.nod32.com/ The Latest Microsoft Security Bulletins Internet Explorer A critical update for Microsoft Internet Explorer was released in Microsoft Security Bulletin MS04-040. It is recommended that all computers running affected versions of Microsoft Internet Explorer install this update immediately. This update is available via the Windows Update service. Additional Updates As well as the Internet Explorer critical update, there have been five other important updates for various components of Windows operating systems. It is strongly recommended that all computers running affected versions of these applications install the Important Updates to ensure they are adequately secured. Service Pack Versions Instead of cluttering this monthly newsletter up with pages of mind numbing update information, we've placed all of this Update information on our website. If you click here you can see the latest Service Pack level for many Microsoft products. There are often patches that are available and need to be installed after these latest Service Packs have been applied. Please contact Quark IT to discuss update strategies for your business.

The Latest Virus And Worm Information Sober.I The Sober.I worm isn't something that steals your Christmas plonk, its a mass mailing worm that comes with its own smtp (email) server. Sober.I spreads by sending itself as an attachment to an email that is sent from the infected computer to addresses harvested from that machine. These email addressed are harvested from many files including address books, PowerPoint files, documents, spreadsheets and email files. While it doesn't actually do more damage than increase the amount of email you are sending (and likely receiving), it does unnecessarily cause an increase in Internet traffic, and could cause your ISP to become annoyed with you and temporarily disable your account. Top 5 Threats (last 31 days to 30 Dec, 2004) Virus   Count 1. Win32/Sober.I worm 5 636 974 2. Win32/Netsky.Q worm 1 637 298 3. Win32/Zafi.B worm 935 684 4. Win32/Bagle.AB worm 587 493 5. Win32/Netsky.Z worm 551 501 source: http://www.virus-radar.com

Data Backups Does Your Data Even Exist? One of our favourite quotes is "Digital data doesn't exist until it can be found in two distinct locations at once", which is a quote from the late 1980s by a guy called Hilton Travis. Some of you may have heard of him. This is as true today as it was almost 20 years ago. If you have some data in only one location and don't have it archived anywhere, how can you prove it ever existed if it becomes accidentally deleted? And yes, three places is better than two. The need for data backups will never be greater than when you realise that you didn't make any. Or you didn't check those that you made to ensure that you could reliably restore data from one recently. And this can be a trying time for your business. There's a strong possibility that your business will not survive a disaster where all of your data gets destroyed - who are your clients, your suppliers, and who still owes you money? Disaster Recovery We've probably all heard this term at least once. Its what happens when things go wrong, and the result is (hopefully) that all your data is recovered. Disaster recovery can really only have a chance of being successful if there was a decent Disaster Recovery Plan in place before the disaster occurred. Disaster Recovery Planning (also known as Business Continuity Planning, for obvious reasons) is covered under an Australian Standard. How Valuable Is Your Data? In some businesses, almost the entire business value is in your data. In others, although there is a lot of value in stock and equipment, the data on your computer systems is still of an extremely high value - high enough that loss of this data could do serious damage to your business. Has your investment in a data backup solution taken this into consideration? Tape Drives The most common form of data backup is still to a tape drive. There are a number of reliable tape formats of varying capacity available today, such as AIT, DAT, DLT, Super DLT and LTO 2. The amount of data you need to archive and the time you have available to archive this data will determine the type of tape drive that suits your needs. Backup Methods Tape Drive Up to 600 GB per tape Hard Drive Up to 400 GB per drive DVD-RAM Up to 4.7 GB per side USB Key Up to 1 GB per device CD Drive Up to 700 MB per disc Crossed Fingers Let's hope we never have a failure Removable Hard Drives An alternative method of backup where huge quantities of data are involved is a removable hard disk drive. The most common interfaces are USB 2 and Firewire, although Serial ATA (SATA) and hard drive caddies are also available. Also there is a temptation to use this drive as spare space for data storage which completely invalidates this drive as a "backup" drive in those cases. However, the most important thing that needs to be considered where removable hard drives are concerned is that hard drives are a very sensitive technology - a minor bump while operating can reduce the hard drive platter to a mess of screaming, grinding metal. Recordable CD And DVD Drives If the amount of data you need to archive is less than 700 MB, then a recordable CD-ROM may well be suitable - it also allows your data to be recovered on almost any computer available today. If you have slightly more data - up to 4.7 GB - then a DVD-RAM drive is quite a valid solution. DVD-RAM drives are suitable for use in any Windows XP and Windows Server 2003 computer and are recognized as a removable hard drive. That makes them rather easy to backup to. DVD-RAM drives are less common than DVD-ROM drives, but they are easy enough to locate when you need one - even new ones cost less than $150. USB Keys If your data backup needs are modest, then maybe a USB Key will suit. These come in sizes from 128 MB up to at least 1 GB and are compatible with any Windows XP and Windows Server 2003 machine, and most Windows 98 and Windows 2000 machines if you load the appropriate driver. They aren't as sensitive as hard drives, but a good drop to the floor may well destroy the data on a USB Key. Offsite Storage Whatever you do use for your data backup device, make sure that you have enough of your older archived data to recover anything you may need. Also, make sure you store a recent, valid backup offsite somewhere safe - maybe at home, maybe in another office, or maybe at a special offsite storage facility. Whatever you do, as this is your sensitive business data, you will need to make sure that this location is safe and secure - you don't really want your competitors going there to steal your data. That would defeat the purpose somewhat. Business Continuity Planning Quark IT can perform a Business Impact Analysis to identify crucial systems and the effect an outage would have, develop contingency plans to cover these issues, help in "live action" simulations of disasters (although, we don't control the rain just yet), maintenance and upgrading of your Business Continuity Plans and in the event of a disaster, we can help you execute these plans. Feel free to contact Quark IT to discuss backup and Business Continuity options to suit your needs. For more information: http://www.quarkit.com.au/content/view/38/52/

Spyware What Is It? Have you ever had the feeling that someone is looking over your shoulder when you are working, browsing the Internet or reading your email? Well, that's a distinct possibility, however they weren't exactly over your shoulder, more like sneaking around inside your computer. Spyware (also known as adware) is a relatively new class of malicious software that observes your work, browsing, email reading and other habits, and reports these back to some third party who collects this information and can then use it to target advertising at you. So, not only are your Internet sessions inundated with pop up windows with advertising junk in them, you are inundated with pop ups that are targeted at you using the data collected by these spyware companies. And you think that's bad? Have you ever used a computer where some inappropriate or offensive website has kept popping up? Has the person who's computer this is assured you that they didn't go there or ask for this pop up, yet cannot seem to get rid of it? Well, say hello to another lovely feature of many spyware/adware infestations - they change your web browser's home page and won't let you revert to your preferred home page. They can also pop up pages at scheduled times or intervals, so even when you are not browsing the Internet, you are still accosted by annoying pop ups. How Did I Get This? Some spyware is installed when you inadvertently click on a cleverly worded banner advert or pop up such as "Your computer is infected with spyware. Click here to remove this", or "Punch the monkey to win $1000. Click close to exit". The close button or any other action on your part actually installs the junk that they are peddling. If you are the kind of person who believes random pop up messages, then I've got this genuine piece of the Berlin Wall to sell, as well as an Earth-facing block of land on the Moon.  ;-) Other times, the spyware is installed without your knowledge at all. Alexa components used to be installed by default with Microsoft Internet Explorer, and some versions of the Logitech Mouse drivers even include the spyware application "Backweb". Spyware Simplified... Did you ask for it? Did you say "Yes" when asked to install something from some web page or pop-up? Do you want it to report your browsing or other habits to someone else? Does your business like having its data and computer usage habits transmitted to external parties? If you answered "No" to the above questions, then it is spyware and needs to be removed! How Do I Get Rid Of It? This is not an easy question to answer. Unlike a virus infection, where "NOD32" would be the unequivocal answer, there is just no "one size fits all" answer to the question of spyware removal. There are a number of applications around that can remove a certain amount of spyware/adware including Adaware, Spybot Search & Destroy, Spyware Sweeper, CWShredder, SpySubtract and Xoftspy. We have not come across a single application that can remove or even detect all of the common spyware applications. Generally, using 2 or more of these spyware removal applications will suffice. Depending on your needs (commercial use or personal use) the applications we recommend will change. This is due to the licensing and pricing of the applications more so than their performance. Sunbelt Software's CounterSpy and Webroot's Spyware Sweeper are two of the most usable spyware removal tools in a business network as they can be centrally monitored, like NOD32, and you can therefore see which machines have been getting infected, and which update version is installed on each and every machine in your business. Of course, we can monitor and update this remotely as part of a maintenance contract. How Do I Keep It Off My System? A number of these spyware removal programs will "immunize" your system - they have a database of all spyware applications they can detect and they "fiddle" with your web browser, telling it what can and cannot be installed. This is a good way to increase your protection, but - of course - it isn't infallible. Regular updates are also essential for spyware removal applications, just as they are for your firewall, antivirus application, Microsoft Office and the Windows Operating System. For more information: http://www.quarkit.com.au/content/view/36/50 Other Sources of Spyware Information Security at home: Fight spyware (Microsoft): http://www.microsoft.com/athome/security/spyware/default.mspx Spyware Guide Database: http://www.spywareguide.com/ Doubleclick Ad Cookie Opt Out: http://www.doubleclick.com/us/about_doubleclick/privacy/ doxdesk Spyware (Parasite) Information: http://www.doxdesk.com/parasite/ Adware, Spyware and Advertizing Trojans: http://www.cexx.org/adware.htm

Small Business Server 2003 Features: Windows 2003 Server Microsoft’s Windows Small Business Server 2003 is built upon the solid base of Microsoft Windows Server 2003, so the basic features of Windows Server 2003 serve as the basic features of Windows Small Business Server 2003, and these have been optimized for the SBS target market of up to 75 computers. Windows Server 2003 Standard Edition Windows Server 2003 Standard Edition was designed with two main features in mind, reliability and security. Now you can get the same "Enterprise Class Reliability" in your office that only a few years ago was reserved for large multinationals. Utilising Microsoft's "Secure Connected Infrastructure" means a level of control over security that was simply unattainable with previous Windows Server versions. Some of the new security features in Windows Server 2003 are: Secure by Default - all services that aren't needed for minimal operation are turned off and all users get minimal rights by default, this way potentially dangerous things need to be turned on rather than turned off hence minimizing the attack surface Access Control Lists - ACL improvements make assigning permissions to users, files and folders easier than ever New audit features - allow you to know exactly what is going on New Encryption engine - brings Windows into the new millennium, encryption can be file level based, LAN based (IPsec), WAN based (VPN) and even a Terminal Server session can be secured using one of the supported algorithms which include: SHA-1, DES, 3DES SSL improvements - increase of over 35 percent in performance using the secure sockets layer (SSL) Microsoft also worked on the performance of Windows Server 2003, achieving an incredible leap of up to 140 percent better file-system performance as well as significantly faster performance for Active Directory, XML Web services, Terminal Services, and networking. This was achieved by re-designing and optimizing most components of the operating system to support the latest technological advances, which all help to supercharge the performance of your server. Some of these advances include: multi CPU support Intel Hyper-Threading technology support for Non-Uniform Memory Access (NUMA) multi-path input/output (I/O) SBS Demystified... Optimized for up to 75 users Includes Microsoft Exchange Server Simplified management Low cost of ownership Easy to understand licensing requirements Built in intranet software brings the paperless office closer Windows Small Business Server 2003 Some key benefits of purchasing Small Business Server 2003 instead of purchasing the entire Microsoft server products separately are: Integration and simplified management of all the components within SBS2003 The cost of SBS2003 is significantly below that of buying all of its components separately Simplified licensing, one CAL across the entire product Total Cost of Ownership (TCO) is significantly reduced This is achieved through the use of the improved management tools that Microsoft has included with Windows Server 2003. Some of these include: Centralized user and resource management through the Active Directory architecture Group Policy deployment and enforcement of security settings across the entire organisation Shadow Copy Restore feature, this enables end users to retrieve previous versions of files instantly, without requiring assistance from a support professional. SBS specific management tools: Server Management Console brings together all the management tasks in one wizard driven interface. It combines a "To Do List" along with the management console of all the individual components such as Exchange. Other highlights include the greatly enhanced "Add User Wizard" and the "Connect Computer Wizard". All of these help greatly in reducing the time needed to perform administration and maintenance tasks, which ultimately reduce the overall running costs of a Windows Small Business Server 2003 based server compared to that of a Windows Server 2003 with individual components based solution. Monitoring and Reporting in Windows Small Business Server 2003 has also received a much needed over haul. This can now be set up to monitor anything from memory to Exchange usage. These reports can be viewed from the intranet (provided you have been granted the rights to do so), along with the option to send alert e-mails if certain conditions are met. Monitoring and Reporting will also provide weekly report of the entire systems health (this is a great tool in spotting potential problems and performance bottlenecks). With a well designed backup strategy, these features will give you peace of mind that your data is secure and always available, this in turn will empower your employees to do more and will help your business work smarter instead of harder. Other Sources of Information Microsoft Server Site http://www.microsoft.com/windowsserver2003/sbs/default.mspx Microsoft Small Biz Community Site http://www.mssmallbiz.com/ Brisbane Small Business Server Users Group http://www.smallbusinessserver.com.au/

Next Month Microsoft Security Forum On February 24, 2005 Microsoft is holding another Security Summit in Brisbane. These forums are not restricted to Microsoft Partners, but are open to anyone running Microsoft software in their business and who wants to learn more about Microsoft's security initiatives. This is a full day seminar starting at 8:00 AM and continuing through until 5:30 PM. Maintenance and SBS 2003: Exchange As we all know, prevention is much better than a cure. One way to prevent issues that may cause you loss of time, income and data is to ensure that you have a regular maintenance schedule in place for your computer and other equipment. We also continue our SBS 2003 series with a look at Microsoft Exchange Server 2003 and the value that its groupware functionality can provide.

Signing off Please be aware that as of 1 January, 2005 there will be no support for Windows NT 4.0 Server, SBS 4.0 nor SBS 4.5 available from Microsoft unless it is specifically a security-related issue. Due to the age of these products (NT 4.0 Server was released in 1996) we strongly recommend that anyone still running them consider upgrading to a more current operating system. Now that's out of the way, we can honestly say that we see the future of Microsoft Small Business Server as being a bright one. There's definitely increasing support for Linux, but unfortunately there are still a number of issues that the Linux distributions need to overcome before they can gain a serious hold on the desktop marketplace. As for servers, well quite often there's a place for Linux and BSD alongside Windows - we always look for the best tools for the job and are not tied to any operating system or manufacturer. You are receiving this newsletter because you have an existing relationship with Quark IT. If you no longer wish to receive the Quark IT newsletter, please click here. Please email us if there is anything you'd like to see us cover in future newsletters. The information contained in this Newsletter is © Quark IT, 2004 - 2005. The names of actual companies and products mentioned herein may be the Trademarks of their respective owners.