Recent Outages Point to a Sketchy Internet Services Future

Recent Outages Point to a Sketchy Internet Services Future
Recent Outages Point to a Sketchy Internet Services Future

Forwarded with permission from: Security UPDATE 


Server Consolidation Essentials 

SQL Server Optimization & Data Protection w/ Intelligent ISCSI SANs 

BladeSystem as a Horizontal Technology: WP 

=== CONTENTS ==================================================
IN FOCUS: Recent Outages Point to a Sketchy Internet Services Future

   - Teen's Hardware Crack Liberates iPhone
   - Hackers Team to Donate Technology to Charities
   - 8 More Absolutely Cool, Totally Free Utilities
   - Recent Security Vulnerabilities

   - Security Matters Blog: When Is a "Rootkit" Not a Rootkit?
   - FAQ: Installing Kernel-Mode Printer Drivers
   - From the Forum: Tools to Audit Web Site Access Histories
   - Share Your Security Tips

   - Give Data Owners Control over Data Access
   - Product Evaluations from the Real World




=== SPONSOR: Microsoft ========================================
Server Consolidation Essentials
   Discover the benefits of server consolidation using virtualization 
technologies! Chapter 1 of this free eBook is available now, with 
details about how server consolidation can help you do more with less. 

=== IN FOCUS: Recent Outages Point to a Sketchy Internet Services 
Future =========================================================   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

An interesting series of events took place over the past several weeks 
that should be noted because of the events' similarities, relative 
closeness in time to each other, and implications for the future. 

The least important of the events happened in early August. Google 
somehow mistakenly identified one of its own blogs as spam and deleted 
it. The blog was related to Google's custom search engine technology, 
and although deleting the blog didn't have a huge impact on customers, 
it did come as a surprise that a major technology company--one that 
considers itself to be on the extreme cutting edge--managed to make 
such a mistake. Obviously, some of Google's technology is flawed and 
fortunately it wasn't a heavily relied upon aspect of the company's 
technology that suffered in this incident. 

At roughly the same time, Cisco Systems made its entire Web site 
unavailable through hardware failure. According to the company's blog, 
"The issue occurred during preventative maintenance of one of our data 
centers when a human error caused an electrical overload on the 
systems. This caused and other applications to go down. 
Because of the severity of the overload, the redundancy measures in 
some of the applications and power systems were impacted as well, 
though the system did shut down as designed to protect the people and 
the equipment. As a result, no data were lost and no one was injured. 
Cisco has plans already in process to add additional redundancies to 
increase the resilience of these systems." 

Cisco's site failure was indeed a serious problem. Imagine the 
worldwide impact if that outage had occurred while customers were 
trying to download a recently released security patch for a 
vulnerability that was being actively exploited. 

Next on the list is Skype, which managed to take down its entire 
worldwide peer-to-peer network last month. Because of flaws in its 
"supernode" software design, the company essentially created a 
situation in which a Denial of Service (DoS) attack became possible 
simply because many people were rebooting their computers at about the 
same time. As a result, Skype's VoIP network--which the company would 
surely like the majority of us to depend on for day-to-day voice 
communication--became useless for three days. 

Yet another outage occurred when an Internet backbone cable was cut. 
The cut cable took down major portions of networks operated by Level 3, 
Cogent, and TeliaSonera, all of which provide Internet connectivity to 
many endpoints. When the cut cable was discovered, repair crews 
inadvertently repaired the damaged cable with another damaged cable and 
didn't discover the damage to the second cable until after the repair 
didn't work. As a result, the outage lasted far longer than it should 
have. Meanwhile, Internet connectivity for many entities was 
nonexistent. This particular incident wasn't any one company's fault; 
however it's noteworthy as yet another outage with considerable impact. 

If those events weren't strangely coincidental enough already, there's 
more. Microsoft recently made mistakes that rendered a large number of 
people's Windows systems nearly useless. According to Microsoft (at the 
URL below), "preproduction code was accidentally sent to production 
servers" and the code just happened to handle the company's Windows 
Genuine Advantage (WGA) technology. The overall effect was that for a 
short period of time, the affected Windows systems could not be 
activated, and for a long period of time (nearly 20 hours), Windows 
systems could not be validated. 

Think of the implications of these incidents, and ask yourself, "How 
secure is my enterprise if it relies increasingly on software as a 
service?" For John Dvorak's take on this issue, see "Don't Trust the 
Servers" at the following URL. 

=== SPONSOR: EqualLogic =======================================
SQL Server Optimization & Data Protection w/ Intelligent ISCSI SANS
   More and more companies are deploying storage area networks or SANs 
as storage needs continue to proliferate. SANs offer many unique 
capabilities that improve data protection, storage performance and 
scaling, and reduction in storage management time. This web seminar 
reviews best practices in deploying SQL Server in an intelligent iSCSI 
SAN, and shows how this provides dramatic improvements in deploying, 
optimizing, backing up, and recovering SQL. 

=== SECURITY NEWS AND FEATURES ================================
Teen's Hardware Crack Liberates iPhone
   In what will most likely go down in history as one of the most 
sensational hardware cracks ever, a teen finally broke the iPhone's 
AT&T lock. The phone can now be made to work with other cell phone 

Hackers Team to Donate Technology to Charities
   A new project,, was recently launched to help 
provide technology equipment and services to charitable organizations. 

8 More Absolutely Cool, Totally Free Utilities
   We've combed the Web for a brand-new collection of fantastic, free 
tools that will make your job easier. Download these lifesavers, add 
them to your USB toolkit, and be a happy administrator! 

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at 

=== SPONSOR: HP ===============================================
BladeSystem as a Horizontal Technology: WP
   In this brief, IDC describes the importance of manageability in the 
selection of a blade platform and examines the needs of the market with 
respect to managing large volumes of homogeneous Linux platforms. Learn 
the three tenets in the design of HP's Control Suite. Explore automated 

=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: When Is a "Rootkit" Not a Rootkit?
by Mark Joseph Edwards, 
   I think every security administrator will agree that a rootkit is 
actually a program that grants an unauthorized user access to a
system--typically administrator- or root-level access. A directory or 
file hidden on a system does not constitute a rootkit. 

FAQ: Installing Kernel-Mode Printer Drivers
by John Savill, 

Q: How do I allow the installation of kernel-mode printer drivers?

Find the answer at 

FROM THE FORUM: Tools to Audit Web Site Access Histories
   A forum participant hosts a Web site on Microsoft IIS that requires 
people to log on to access confidential information. She's looking for 
a third-party tool to monitor access attempts on the server and a tool 
to monitor bandwidth utilization and traffic patterns. Offer 
suggestions at 

   Share your security-related tips, comments, or problems and 
solutions in Security Pro VIP's Reader to Reader column. Email your 
contributions to If we print your submission, 
you'll get $100. We edit submissions for style, grammar, and length.

=== PRODUCTS ================================================== by Renee Munshi, 

Give Data Owners Control over Data Access
   Varonis Systems announced DataPrivilege 2.5, which lets data owners 
rather than IT address user access requests. The new version offers 
enhancements in permissions handling, group membership requests, 
entitlement handling, and reporting. Data users can submit requests to 
access folders or files, and data owners can grant them by assigning 
users to a group with permission to the resources or by explicitly 
giving the users access. Users can ask to be added to specific Active 
Directory (AD) user groups. A data owner can define rules (e.g., 
stating that all users who request access to a particular folder will 
be given read-only permission for a week). DataPrivilege 2.5 pricing is 
based on the number of users, with licenses starting at $12,800 for 1 
to 500 users. For more information, go to 

   Share your product experience with your peers. Have you discovered a 
great product that saves you time and money? Do you use something you 
wouldn't wish on anyone? Tell the world! If we publish your opinion, 
we'll send you a Best Buy gift card! Send information about a product 
you use and whether it helps or hinders you to 

=== RESOURCES AND EVENTS ======================================   For more security-related resources, visit 

As file and print servers continue to proliferate, IT is turning to 
Windows file server and storage consolidation to control management 
costs. Explore how to save money by leveraging existing hardware, how 
to implement a scalable NAS cluster based on a shared data framework, 
and how to get the most out of your existing network infrastructure and 
management processes by using a shared date architecture. 

Get the facts about Microsoft Unified Communications, including 
Exchange Server 2007 and Office Communications Server 2007, at this 
free virtual event on September 19. Independent Exchange experts will 
present practical, real-world information about deploying, managing, 
and securing Exchange Server 2007 and Office Communications Server 

File fragmentation is a serious problem. As a disk becomes fragmented, 
the workload on the OS and hardware increases, making it more difficult 
for applications to read and write data. File corruption becomes a 
distinct possibility, the computer's performance degrades, and its 
reliability is endangered. This white paper looks at the effect of disk 
defragmentation on your users. 

=== FEATURED WHITE PAPER ======================================
KVM over IP in Distributed IT Environments
   Keyboard/video/mouse (KVM) switches are a valuable management tool, 
but they have weaknesses in distributed environments. This white paper 
presents the complexities of managing the distributed data center and 
highlights the advantages of using a KVM-over-IP solution for flexible, 
scalable, affordable CAT5-based remote access. 

=== ANNOUNCEMENTS =============================================
Windows IT Pro: Buy 1, Get 1 
   With Windows IT Pro's real-life solutions, news, tips, and tricks, 
AND with access to over 10,000 articles online, subscribing is like 
hiring your very own team of Windows consultants. Subscribe now, and 
get 2 years for the price of 1! 

Save 50% Off Scripting Pro VIP 
   Scripting Pro VIP is the IT administrator's source for scripting 
information, tools, and downloadable code. Subscribers also get access 
to our editors to help answer technical questions, as well as a host of 
other unique benefits. Order now at an exclusive charter rate and save 

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and Security Pro VIP (second URL 

Subscribe to Security UPDATE at 

Be sure to add 
to your antispam software's list of allowed senders.

To contact us: 
About Security UPDATE content -- 
About technical questions -- 
About your product news -- 
About your subscription -- 
About sponsoring Security UPDATE -- 

View the Windows IT Pro privacy policy at 

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.

Attend HITBSecConf2007 - Malaysia 
Taking place September 3-6 2007 featuring seven tracks of technical 
training and a dual-track security conference with keynote speakers 
Lance Spitzner and Mikko Hypponen!  -  Book your seats today! 

Site design & layout copyright © 1986-2015 CodeGods