********************

Windows Web Solutions UPDATE--brought to you by Windows Web Solutions, the Windows & .NET Magazine print newsletter with tools and solutions for managing your Web site. http://www.windowswebsolutions.com ********************

~~~~ THIS ISSUE SPONSORED BY ~~~~

Windows & .NET Magazine Network Web Seminars http://www.winnetmag.com/seminars

~~~~~~~~~~~~~~~~~~~~

~~~~ SPONSOR: DON'T MISS OUR WEB SEMINARS IN MARCH! ~~~~ Windows & .NET Magazine has 3 new Web seminars to help you address your security and storage concerns. There is no fee to attend "Selling the Importance of Security: 5 Ways to Get Your Manager's Attention", "Building an Ultra Secure Extranet on a Shoe String", or "An Introduction to Windows Powered NAS," but space is limited, so register for all 3 events today! http://www.winnetmag.com/seminars

********************

February 25, 2003--In this issue:

1. COMMENTARY - Behind the Scenes of the SQL Slammer Worm Virus

2. KEEPING UP WITH IIS - Use System Scanner to Monitor Your Web Server - Results from Last Issue's Instant Poll: Web Server Type - This Issue's Instant Poll: SQL Server Slammer Worm

3. ANNOUNCEMENTS - Join the HP and Microsoft Network Storage Solutions Road Show! - MCSE Practice Exam + Study Guide Training Pack--Special Offer!

4. RESOURCES - Event Highlight: Software Development Conference and Expo - Featured Thread: Newbie ISA Server Questions

5. NEW AND IMPROVED - Remotely Access Web-Based Applications - Submit Top Product Ideas

6. CONTACT US - See this section for a list of ways to contact us.

********************

1.

COMMENTARY

* BEHIND THE SCENES OF THE SQL SLAMMER WORM VIRUS On Friday, January 24, at 9:30 P.M. Pacific time, an Internet attack began causing a dramatic increase in network traffic worldwide. Microsoft identified a worm virus called Sapphire or Slammer, which targets systems running either Microsoft SQL Server 2000 or Microsoft SQL Server Desktop Engine (MSDE). The Slammer virus is similar to a Denial of Service (DoS) attack in that it generates enough network traffic to bring the Internet to a standstill. Slammer doesn't attack SQL Server systems' data. Home users' machines typically aren't affected because their MSDEs aren't exposed to the Internet, but more than a million MSDEs are in production systems that are exposed to the Internet.

The irony of the Slammer crisis is that the vulnerability that the Slammer exploited was first corrected almost 7 months earlier by Microsoft Security Bulletin MS02-039 (Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution) and in the subsequent cumulative Microsoft Security Bulletin MS02-061 (Elevation of Privilege in SQL Server Web Tasks). In addition, these fixes were also included in SQL Server 2000 Service Pack 3 (SP3) and MSDE 2000 SP3. What does this tell us? Systems and Web administrators don't apply available security patches. Microsoft Internet Information Services (IIS) 6.0 in Windows Server 2003 will ship completely locked down with automatic patching enabled because administrators don't patch systems for reasons that include ignorance and being "too busy." The heavy traffic on the TechNet SQL Server security sites demonstrates the value of online communities in helping systems administrators respond quickly and effectively to threats.

Slammer was another black eye to the already battered Microsoft security effort. Most industry experts agree that security vulnerabilities on other platforms are high, but Microsoft still receives the brunt of attacks. Microsoft is an irresistible target for the type of person who spends his or her time trying to maliciously exploit security weaknesses and who wants bring the world's productivity to a screeching halt.

Behind the scenes at Microsoft on January 24, a response team worked to make sure its customers had the information and resources to get secure. When SQL Server and MSDE customers returned to work on Monday, January 27, they were able to receive customer support from Microsoft Product Support Services (PSS) in a short amount of time. Microsoft also swiftly assembled a development team to issue a rerelease of MS02-061 for SQL Server with automatic installation functionality. As of noon on Monday, Microsoft received about 21,000 download requests per hour for SQL Server-related patches, which included 14,000 requests per hour for SQL Server SP3 and 6800 requests per hour for the rerelease of MS02-061. Microsoft provides access to IT professional-focused public newsgroups through the TechNet site ( http://www.microsoft.com/technet ). The public newsgroups on the TechNet site immediately had helpful information about what was happening with Slammer and how to fix the problem.

I depend on Windows Update to keep my client systems secure. You can get the Windows Update software by selecting Windows Update on the Tools menu in Microsoft Internet Explorer (IE), or you can go directly to the Windows Update site at http://windowsupdate.microsoft.com . Andrew Brust, security expert and founder of Progressive Systems Consulting, said, "Patching is clearly a suboptimal solution for addressing security vulnerabilities, but it's the best way we have of protecting the current installed base of products." So why isn't SQL Server part of Windows Update? And, why isn't every Microsoft product part of Windows Update? Here's my bold prediction: The result of Slammer will be that every Microsoft product will become a part of Windows Update within the next 6 months. What are your thoughts about my prediction and the mechanics of how we might help to reduce the security vulnerabilities that continue to bite us? Email me and tell me your thoughts.

Tim Huckaby, News Editor, timhuck@interknowlogy.com

~~~~~~~~~~~~~~~~~~~~

2.

KEEPING UP WITH IIS

* USE SYSTEM SCANNER TO MONITOR YOUR WEB SERVER You can make sure your Web server stays locked down by using System Scanner 1.1, a "Microsoft Windows 2000 Server Resource Kit" utility. Click the following link to learn more about System Scanner and to learn how to install the utility. http://www.windowswebsolutions.com/articles/index.cfm?articleid=37799

* RESULTS FROM LAST ISSUE'S INSTANT POLL: WEB SERVER TYPE The voting has closed in the Windows & .NET Magazine Windows Web Solutions channel's nonscientific Instant Poll for the question, "What type of Web server does your company use?" Here are the results from the 146 responses: - 86% IIS - 10% Apache - 3% Sun ONE (formerly known as iPlanet) - 1% Other

* THIS ISSUE'S INSTANT POLL: SQL SERVER SLAMMER WORM The next Instant Poll question is, "What systems did the Slammer worm infect?" Go to the Windows & .NET Magazine Windows Web Solutions home page and submit your vote for a) My home systems with MSDE were affected, b) My production systems with MSDE were affected, c) My nonproduction SQL Servers were affected, or d) My production SQL Servers were infected. http://www.windowswebsolutions.com

3.

ANNOUNCEMENTS

(brought to you by Windows & .NET Magazine and its partners)

* JOIN THE HP AND MICROSOFT NETWORK STORAGE SOLUTIONS ROAD SHOW! Now is the time to start thinking of storage as a strategic weapon in your IT arsenal. Come to our 10-city Network Storage Solutions Road Show, and learn how existing and future storage solutions can save your company money--and make your job easier! There is no fee for this event, but space is limited. Register today! http://www.winnetmag.com/roadshows/nas

* MCSE PRACTICE EXAM + STUDY GUIDE TRAINING PACK--SPECIAL OFFER! PrepLogic has teamed up with Cramsession to offer the "best of breed" in certification preparation! Discover for yourself what Que Publishing already knows. As Que's exclusive practice question provider, PrepLogic's commitment to excellence was paramount in awarding PrepLogic a Que partnership. ExamCram2 series of books carries only PrepLogic practice exams. http://practiceexams.cramsession.com/preplogic.aspx?z=mcse2kcore&eccamid=17

4.

RESOURCES

* EVENT HIGHLIGHT: SOFTWARE DEVELOPMENT CONFERENCE AND EXPO March 24 through 28, 2003 Santa Clara, California http://www.sdexpo.com

Learn what you need to know to build better software. Track topics include C++, Java programming, Windows .NET Framework programming, XML development, security, Web services architecture, and Web services deployment. Session titles include "Building a Web Service from SOAP to Nuts," "Hands on .NET Programming with C#," "A Sensible Approach to Web Services Discovery," "C++ Programming Style," "Cryptography 101," and "I Sing the Web Electric."

For other upcoming events, check out the Windows & .NET Magazine Events Calendar. http://www.winnetmag.net/events/calendar

* FEATURED THREAD: NEWBIE ISA SERVER QUESTIONS Forum member Scottypop just installed Internet Security and Acceleration Server (ISA Server) 2000 and has some questions. To help answer this newbie's questions, click the following URL: http://www.winnetmag.com/forums/rd.cfm?cid=41&tid=54838

5.

NEW AND IMPROVED

(contributed by Sue Cooper, products@winnetmag.com)

* REMOTELY ACCESS WEB-BASED APPLICATIONS AEP Systems announced AEP SureWare A-Gate, an appliance that provides Secure Sockets Layer (SSL)-based authenticated access from an Internet browser to internal applications. The appliance eliminates the need to install remote access software on company laptops and lets partners, suppliers, and customers access Web-based applications from anywhere by using a browser. AEP SureWare A-Gate is priced at $5000 and supports 50 to 100 concurrent remote access subscribers. Contact AEP Systems at info@aepsystems.com. http://www.aepsystems.com

* SUBMIT TOP PRODUCT IDEAS Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future What's Hot column. Send your product suggestions to whatshot@winnetmag.com.

6.

CONTACT US

Here's how to reach us with your comments and questions:

* ABOUT THE COMMENTARY -- timhuck@interknowlogy.com

* ABOUT THE NEWSLETTER IN GENERAL -- cmader@winnetmag.com (please mention the newsletter name in the subject line)

* TECHNICAL QUESTIONS -- http://www.winnetmag.net/forums

* PRODUCT NEWS -- products@winnetmag.com

* QUESTIONS ABOUT YOUR WINDOWS WEB SOLUTIONS UPDATE SUBSCRIPTION? Email Customer Support -- wwsupdate@winnetmag.com

* WANT TO SPONSOR WINDOWS WEB SOLUTIONS UPDATE? emedia_opps@winnetmag.com

********************

Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters. http://www.winnetmag.com/email

|-+-+-+-+-+-+-+-+-+-|

Thank you for reading Windows Web Solutions UPDATE.

MANAGE YOUR ACCOUNT You can manage your entire Windows & .NET Magazine Network email newsletter account on our Web site. Simply log in and you can change your email address, update your profile information, and subscribe or unsubscribe to any of our email newsletters all in one place. http://www.winnetmag.com/email

Thank you! __________________________________________________________ Copyright 2003, Penton Media, Inc.

********************

Windows Web Solutions UPDATE--brought to you by Windows Web Solutions, the Windows & .NET Magazine print newsletter with tools and solutions for managing your Web site. http://www.windowswebsolutions.com ********************

~~~~ THIS ISSUE SPONSORED BY ~~~~

Windows & .NET Magazine Network Web Seminars http://www.winnetmag.com/seminars

~~~~~~~~~~~~~~~~~~~~

~~~~ SPONSOR: DON'T MISS OUR WEB SEMINARS IN MARCH! ~~~~ Windows & .NET Magazine has 3 new Web seminars to help you address your security and storage concerns. There is no fee to attend "Selling the Importance of Security: 5 Ways to Get Your Manager's Attention", "Building an Ultra Secure Extranet on a Shoe String", or "An Introduction to Windows Powered NAS," but space is limited, so register for all 3 events today! http://www.winnetmag.com/seminars

********************

February 25, 2003--In this issue:

1. COMMENTARY - Behind the Scenes of the SQL Slammer Worm Virus

2. KEEPING UP WITH IIS - Use System Scanner to Monitor Your Web Server - Results from Last Issue's Instant Poll: Web Server Type - This Issue's Instant Poll: SQL Server Slammer Worm

3. ANNOUNCEMENTS - Join the HP and Microsoft Network Storage Solutions Road Show! - MCSE Practice Exam + Study Guide Training Pack--Special Offer!

4. RESOURCES - Event Highlight: Software Development Conference and Expo - Featured Thread: Newbie ISA Server Questions

5. NEW AND IMPROVED - Remotely Access Web-Based Applications - Submit Top Product Ideas

6. CONTACT US - See this section for a list of ways to contact us.

********************

1.

COMMENTARY

* BEHIND THE SCENES OF THE SQL SLAMMER WORM VIRUS On Friday, January 24, at 9:30 P.M. Pacific time, an Internet attack began causing a dramatic increase in network traffic worldwide. Microsoft identified a worm virus called Sapphire or Slammer, which targets systems running either Microsoft SQL Server 2000 or Microsoft SQL Server Desktop Engine (MSDE). The Slammer virus is similar to a Denial of Service (DoS) attack in that it generates enough network traffic to bring the Internet to a standstill. Slammer doesn't attack SQL Server systems' data. Home users' machines typically aren't affected because their MSDEs aren't exposed to the Internet, but more than a million MSDEs are in production systems that are exposed to the Internet.

The irony of the Slammer crisis is that the vulnerability that the Slammer exploited was first corrected almost 7 months earlier by Microsoft Security Bulletin MS02-039 (Buffer Overruns in SQL Server 2000 Resolution Service Could Enable Code Execution) and in the subsequent cumulative Microsoft Security Bulletin MS02-061 (Elevation of Privilege in SQL Server Web Tasks). In addition, these fixes were also included in SQL Server 2000 Service Pack 3 (SP3) and MSDE 2000 SP3. What does this tell us? Systems and Web administrators don't apply available security patches. Microsoft Internet Information Services (IIS) 6.0 in Windows Server 2003 will ship completely locked down with automatic patching enabled because administrators don't patch systems for reasons that include ignorance and being "too busy." The heavy traffic on the TechNet SQL Server security sites demonstrates the value of online communities in helping systems administrators respond quickly and effectively to threats.

Slammer was another black eye to the already battered Microsoft security effort. Most industry experts agree that security vulnerabilities on other platforms are high, but Microsoft still receives the brunt of attacks. Microsoft is an irresistible target for the type of person who spends his or her time trying to maliciously exploit security weaknesses and who wants bring the world's productivity to a screeching halt.

Behind the scenes at Microsoft on January 24, a response team worked to make sure its customers had the information and resources to get secure. When SQL Server and MSDE customers returned to work on Monday, January 27, they were able to receive customer support from Microsoft Product Support Services (PSS) in a short amount of time. Microsoft also swiftly assembled a development team to issue a rerelease of MS02-061 for SQL Server with automatic installation functionality. As of noon on Monday, Microsoft received about 21,000 download requests per hour for SQL Server-related patches, which included 14,000 requests per hour for SQL Server SP3 and 6800 requests per hour for the rerelease of MS02-061. Microsoft provides access to IT professional-focused public newsgroups through the TechNet site ( http://www.microsoft.com/technet ). The public newsgroups on the TechNet site immediately had helpful information about what was happening with Slammer and how to fix the problem.

I depend on Windows Update to keep my client systems secure. You can get the Windows Update software by selecting Windows Update on the Tools menu in Microsoft Internet Explorer (IE), or you can go directly to the Windows Update site at http://windowsupdate.microsoft.com . Andrew Brust, security expert and founder of Progressive Systems Consulting, said, "Patching is clearly a suboptimal solution for addressing security vulnerabilities, but it's the best way we have of protecting the current installed base of products." So why isn't SQL Server part of Windows Update? And, why isn't every Microsoft product part of Windows Update? Here's my bold prediction: The result of Slammer will be that every Microsoft product will become a part of Windows Update within the next 6 months. What are your thoughts about my prediction and the mechanics of how we might help to reduce the security vulnerabilities that continue to bite us? Email me and tell me your thoughts.

Tim Huckaby, News Editor, timhuck@interknowlogy.com

~~~~~~~~~~~~~~~~~~~~

2.

KEEPING UP WITH IIS

* USE SYSTEM SCANNER TO MONITOR YOUR WEB SERVER You can make sure your Web server stays locked down by using System Scanner 1.1, a "Microsoft Windows 2000 Server Resource Kit" utility. Click the following link to learn more about System Scanner and to learn how to install the utility. http://www.windowswebsolutions.com/articles/index.cfm?articleid=37799

* RESULTS FROM LAST ISSUE'S INSTANT POLL: WEB SERVER TYPE The voting has closed in the Windows & .NET Magazine Windows Web Solutions channel's nonscientific Instant Poll for the question, "What type of Web server does your company use?" Here are the results from the 146 responses: - 86% IIS - 10% Apache - 3% Sun ONE (formerly known as iPlanet) - 1% Other

* THIS ISSUE'S INSTANT POLL: SQL SERVER SLAMMER WORM The next Instant Poll question is, "What systems did the Slammer worm infect?" Go to the Windows & .NET Magazine Windows Web Solutions home page and submit your vote for a) My home systems with MSDE were affected, b) My production systems with MSDE were affected, c) My nonproduction SQL Servers were affected, or d) My production SQL Servers were infected. http://www.windowswebsolutions.com

3.

ANNOUNCEMENTS

(brought to you by Windows & .NET Magazine and its partners)

* JOIN THE HP AND MICROSOFT NETWORK STORAGE SOLUTIONS ROAD SHOW! Now is the time to start thinking of storage as a strategic weapon in your IT arsenal. Come to our 10-city Network Storage Solutions Road Show, and learn how existing and future storage solutions can save your company money--and make your job easier! There is no fee for this event, but space is limited. Register today! http://www.winnetmag.com/roadshows/nas

* MCSE PRACTICE EXAM + STUDY GUIDE TRAINING PACK--SPECIAL OFFER! PrepLogic has teamed up with Cramsession to offer the "best of breed" in certification preparation! Discover for yourself what Que Publishing already knows. As Que's exclusive practice question provider, PrepLogic's commitment to excellence was paramount in awarding PrepLogic a Que partnership. ExamCram2 series of books carries only PrepLogic practice exams. http://practiceexams.cramsession.com/preplogic.aspx?z=mcse2kcore&eccamid=17

4.

RESOURCES

* EVENT HIGHLIGHT: SOFTWARE DEVELOPMENT CONFERENCE AND EXPO March 24 through 28, 2003 Santa Clara, California http://www.sdexpo.com

Learn what you need to know to build better software. Track topics include C++, Java programming, Windows .NET Framework programming, XML development, security, Web services architecture, and Web services deployment. Session titles include "Building a Web Service from SOAP to Nuts," "Hands on .NET Programming with C#," "A Sensible Approach to Web Services Discovery," "C++ Programming Style," "Cryptography 101," and "I Sing the Web Electric."

For other upcoming events, check out the Windows & .NET Magazine Events Calendar. http://www.winnetmag.net/events/calendar

* FEATURED THREAD: NEWBIE ISA SERVER QUESTIONS Forum member Scottypop just installed Internet Security and Acceleration Server (ISA Server) 2000 and has some questions. To help answer this newbie's questions, click the following URL: http://www.winnetmag.com/forums/rd.cfm?cid=41&tid=54838

5.

NEW AND IMPROVED

(contributed by Sue Cooper, products@winnetmag.com)

* REMOTELY ACCESS WEB-BASED APPLICATIONS AEP Systems announced AEP SureWare A-Gate, an appliance that provides Secure Sockets Layer (SSL)-based authenticated access from an Internet browser to internal applications. The appliance eliminates the need to install remote access software on company laptops and lets partners, suppliers, and customers access Web-based applications from anywhere by using a browser. AEP SureWare A-Gate is priced at $5000 and supports 50 to 100 concurrent remote access subscribers. Contact AEP Systems at info@aepsystems.com. http://www.aepsystems.com

* SUBMIT TOP PRODUCT IDEAS Have you used a product that changed your IT experience by saving you time or easing your daily burden? Do you know of a terrific product that others should know about? Tell us! We want to write about the product in a future What's Hot column. Send your product suggestions to whatshot@winnetmag.com.

6.

CONTACT US

Here's how to reach us with your comments and questions:

* ABOUT THE COMMENTARY -- timhuck@interknowlogy.com

* ABOUT THE NEWSLETTER IN GENERAL -- cmader@winnetmag.com (please mention the newsletter name in the subject line)

* TECHNICAL QUESTIONS -- http://www.winnetmag.net/forums

* PRODUCT NEWS -- products@winnetmag.com

* QUESTIONS ABOUT YOUR WINDOWS WEB SOLUTIONS UPDATE SUBSCRIPTION? Email Customer Support -- wwsupdate@winnetmag.com

* WANT TO SPONSOR WINDOWS WEB SOLUTIONS UPDATE? emedia_opps@winnetmag.com

********************

Receive the latest information about the Windows and .NET topics of your choice. Subscribe to our other FREE email newsletters. http://www.winnetmag.com/email

|-+-+-+-+-+-+-+-+-+-|

Thank you for reading Windows Web Solutions UPDATE.

MANAGE YOUR ACCOUNT You can manage your entire Windows & .NET Magazine Network email newsletter account on our Web site. Simply log in and you can change your email address, update your profile information, and subscribe or unsubscribe to any of our email newsletters all in one place. http://www.winnetmag.com/email

Thank you! __________________________________________________________ Copyright 2003, Penton Media, Inc.