|
Monday, June 30
The only thing I hate more than spam is telemarketers.
Both of my phones ring off the hook between 8am and
9pm, and the majority of calls on my listed number
(which I use for business) are telemarketers. I've
tried a number of tools for stemming the flood of
calls, but more telemarketers keep popping up like
cockroaches. So, after hours of trying, I finally got
my phone numbers added to the
National Do Not Call
Registry at 2am Saturday morning. Apparently the
FTC had underestimated how much people hate getting
telemarketers, and the official numbers predicted that
about 60 million people would register. In it's first
3 hours of operation, 370,000 people registered and
the web site alone was receiving 3 million hits every
hour. It wasn't long until all this traffic
overwhelmed the servers and brought the site down for
a few hours, but while it was up over 10 million
people registered over the weekend. As with all legislation, there is
some fine print. For one, the list won't go into
affect until October 1, or for 90 days after you sign
up. The list doesn't affect charities, business you
already have an established relationship with (your
credit card companies will keep calling) and
(surprise!) political callers. It's success is also
dependent on how aggressively the FTC follows up on
complaints and pursues telemarketers. And I'm sure
it's no surprise to anyone that the telemarketers are
suing, claiming the new bill violates their right to
free speech. (Lawyers and telemarketers, there's a
mix.) I'm hopeful that the overwhelming popularity of
this bill with voters will accelerate tough anti-spam
legislation and perhaps inspire other countries to do
the same. Cheap international long distance service
and low wage labor have inspired several telemarketing
firms to set up call centers in Mexico and India, and
I'm sure this trend will rise as a way to get around
the don not call list.
Friday, June 27
I spent the better part of Thursday installing and
testing Service Pack 4 for Windows 2000. So far, I've
had no major issues and the installations went
smoothly, but be prepared to sacrifice
+300 - 400 Mb of disk space for the installation.
The sheer size of this update (+100Mb compared with
20Mb for SP3) will make network installations in large
environments difficult for some administrators, so
proceed carefully and work closely with your
infrastructure team. SP4 also has a number of
compatibility issues with 33 post SP4 hotfixes,
may cause
Internet Explorer to time out if you're running Norton
Internet Security 2001, and
overrides the 802.1x PEAP Authentication method if
you're using the Cisco client utility with the Aironet
adapter. In our experience, the bug list for most
Microsoft Service Packs grows rapidly in the six
weeks, so you may wish to wait 30-90 days after a
service pack release before installing it on
production servers. Also be aware that operating
system service packs have a nasty history of breaking
application service packs for Exchange, SQL, and other
BackOffice products. For more information on testing
and deploying service packs, check out this
article.
Thursday, June 26
Whenever a new flaw is found in Windows, it's amusing
to watch how the media likes to spin it. A few weeks
ago, the big news headlines outlined a "Flaw
in Windows Server 2003", despite the fact the bug
was really in IE 6.0 and affected Windows XP and
Windows 2000 as well. To make it even more
insignificant, the bug doesn't affect Windows Server
2003 in its default configuration as the services used
by the exploit are turned off. Nevertheless, "Flaw in
IE 6.0" doesn't generate as many clicks as "Windows
Server 2003 flaw" This brings us to
today's security bulletin, which is being sold as
a "flaw in Windows 2000 Server" by the press. While
the flaw does affect all versions of Windows 2000
Server, the bug exists in Windows Media Services,
which is turned off by default and is rarely used
unless you do multicast streaming. Microsoft does rate
the patch as important, but since none of our servers
are running media services, I may wait until Windows
2000 SP4 is released to roll out this patch (or wait
for a post SP4 rollup). So what's the harm in a little
hype? Ask Aesop. By crying wolf every time a minor
vulnerability is released, the media has trained
administrators to simply tune out all the "sky is
falling" nonsense and failure to patch systems. The best way to keep up to date on
vulnerabilities is by going directly with the source,
in this case
Microsoft's TechNet Security Page and reading the
security alerts for yourself. (We also list the last 5
security bulletins on our front page so you don't have
to dig around.) For the past
several years, Microsoft has posted a security
bulletin for one product or another about once a week.
To their credit, the bulletins are straightforward,
easy to understand, and rated by product and severity. By making a habit of
checking these bulletins on a regular basis, testing
them in a lab, and rolling out hotfixes on a regular
schedule, you can keep your environment stable and
secure without having to resort to "firefighting" when
a hacker writes a new worm that exploits a 3 month old
bug.
Wednesday, June 25
As of 1pm today, we are officially running on Windows
Server 2003 and IIS 6.0! Our new servers are
clustered, which should give us 100% uptime, better
performance, and tighter security. It also means we
can update the site in the middle of the day instead
of waiting for non peak hours in the evening or early
morning. ;-)
In the news,
Wired published their
exclusive tour of
Apple Computer's G5 which, from an engineering
standpoint, looks very cool. I was impressed with the
reporter's observation that even with the G5's nine
computer controlled cooling fans running, he
couldn't tell if the machine was on or off without
putting his ear to the case. In fact, the G5 is twice
as quiet as the G4. This is something I wish more
mainstream manufacturers paid attention to. Having a
dozen or so servers and workstations running in a
single room generates a lot of noise (as well as
heat). According to Apple, the G5 is the fastest PC
ever made. Boasting dual G5 2Ghz 64bit processors, a
1GHz front side bus, and support for 4GB of RAM, it screams. Apple
also gets to boast that it has the
first 64bit desktop platform, while Intel claims that
there's little demand for 64 bit processing on the desktop and
AMD's Athlon 64 won't be released until September. It would be
great to see Microsoft partner closely with Dell or HP
to create a dual processor workstation with similar
specifications. Smaller
form factors would be a plus as well. We've crushed
servers down to 1u, but workstations could easily be
1/2 the size they are now. In the extreme,
Mini-ITX makes
a very compact motherboard that enables creative users
to design computer cases out of almost anything -
including
toasters,
guitars,
Legos,
gas can,
beer kegs, a
clock, and even a
Mac
G4 cube. One of our lab rats bypassed the case
entirely and simply mounted a motherboard, power
supply, and hard drive onto a piece a plywood and hung
it vertically on the wall behind his entertainment
center, creating his own version of a
Media PC. (Maybe he'll send us a photo). By adding
SnapStream's
Personal Video Station software, you have an
instant PVR!
Tuesday, June 24
To everyone who may have received a JS/CISP virus
warning when visiting our site yesterday, please
accept my sincerest apologies. I don't control the
server we are hosted on, and we've been having
some security problems for the past month. Essentially
there is a known vulnerability with IIS 5 and
FrontPage that allows a hacker to place code of
their choice into the header or footer of all the
sites on a server. A patch is available and has
been applied to the server, but the patch keeps
breaking and no one (including Microsoft) can
figure out why. As of this morning, the code has
being removed, and we are moving to a Windows
2003 Server cluster this week, so the problem
should never reoccour. The JS script was checking
for unpatched versions of IE 6.x and if found
would prompt the user to download an EXE file
which contained a COREFLOOD Trojan
http://vil.nai.com/vil/content/v_100313.htm
Symantec and other antivirus have not picked up
this threat, so please use McAfee to clean and
check systems. Again, please accept my sincerest
apologies for any inconvenience this issue may
have caused you or your organization.
Monday, June 23
Welcome to summer! For techs that
live in the Northern U.S. and Canada, it's the season
to find an excuse to duck outside for a while and
enjoy the weather. For those living in hot and humid
parts of the world, it's a good time to schedule any
project that places you in the air conditioned server
room for the day. In some older buildings I've worked
in, the server room was the only space in the entire
building where the air-conditioning actually worked
and foot traffic would skyrocket on hotter days. At
one company, the housekeeping staff took advantage of
the server room as well, and often made the area their
"break room" in the dog days of summer. No one much
cared, until one hot day when the AC was really
working overtime, there was a straining and popping
noise coming from an air conditioning vent directly
above a server cluster. While waiting for facilities
maintenance to arrive, something inside the vent
ruptured and brown colored water started spilling out
all over the top of rack and the servers within it. A
quick thinking administrator immediately started
turning off the power strips, but the UPS units in the
rack still kept the servers up and running. Not
wanting to risk his life again by touching a wet
electrical appliance, administrators spent the next 10
minutes frantically trying to shut down the servers
remotely via Terminal services. Miraculously, the
servers survived but the 12 hour outage brought
business to a grinding halt, and management was
screaming for blood. It didn't take long to find the
culprit. It turns out the housekeeping night shift
staff was storing beer and soda in the vent to keep it
cold, and several of the cans froze overnight and
ruptured. After this incident, the policy regarding
access to the server room changed dramatically and
only specific IT people and a limited number of
janitorial staff members were allowed into the area.
So if you notice that your company's server room is
becoming a hangout during the summer months, you may
want to review your access policies with management.
Make sure you also enforce a no food or beverage
policy, and that access to the server room is logged
either via key card access or a sign in sheet. And if
you have server racks directly under an air
conditioning vent you may want to move them a few
feet. Just in case. ;-)
Friday, June 20
As we mentioned earlier this month, having a very
public e-mail address means we receive a ton of spam
each month. It also means we get almost all of the new
viruses in circulation as well as any new e-mail
scams. Last night we received the new Best Buy scam
e-mail that claimed someone else was trying to use my
credit card to purchase an in-dash CD player, and in
order to stop the transaction I needed to verify my
information. The e-mail link (bestbuy.com/fraud_department.html)
actually went to bestbuy-legal.addr.com/fraud.html, a
page that was a convincing duplicate of the BestBuy
site. The page asked for the usual name and address
and birthdate. The subsequent pages were a little
bolder and asked for your social security number,
mothers maiden name, place of birth, credit card
number, and even the card ID. Basically, all the
information someone would need to steal your identity
and create havoc with your financial status for the
rest of your life. This little scam was discovered on
Wednesday, but it took until this morning for BestBuy
to send out a warning e-mail to it's customers and
shut down the site. While tech savvy people are
generally immune to this sort of hoax, the general
user community is not. If you have parents, siblings,
or other relatives who might fall prey to something
like this, please take a minute to pass along the hoax
warnings. (The news link is our link of the day)
Thursday, June 19
As predicted on Monday, Microsoft
did release a
public preview of MSN Messenger 6.0 today. They've
also started a referral program that
enters you to win a free webcam if you tell your
friends about the preview as well. You get an entry
for each e-mail address you provide, and are allowed up
to 10 per day. Not a bad way to generate buzz. Webcams
are cheap, and they get people to sell out their
friends to a potential spam list. I think we'll pass.
Wednesday, June 18
One of the real frustrations of
working with any complex operating system is that they
all have a number of under-documented "features" that
are generally unknown until they happen to you. Case
in point: Microsoft introduced
a shadow copy service in Windows Server 2003, that
makes point in time copies of users files so they can
instantly recover files that were accidentally deleted
or overwritten without calling the help desk. (A
feature that UNIX has had for years) However the
shadow copy service uses a copy-on-write mechanism
that operates on a 16KB file block level, regardless
of what the file systems cluster allocation unit size
is. This creates a problem if you (or
the operating system) allocated a smaller than
16KB cluster size on your hard drives and then
defragment the volume. (The default cluster size for
drives larger than 2Gb is 4KB)
The System Shadow Copy
provider cannot differentiate between disk
defragmentation I/O and typical write I/O, and starts
to make
copies of all the files being defragmented. This in
turn can causes the Shadow Copy storage area to grow
very quickly, and if the storage area reaches its
user-defined limit, the OS starts deleting the oldest
shadow copies to make room for the new ones. (For more
information see
KB Article 312067) To verify the cluster size on
your hard drives, run chkdsk from the command
prompt, and look for the entry labeled "bytes in each
allocation unit" If it is smaller than 16384 bytes,
you'll need to backup the data on the drive and
reformat the drive using the /a switch and
specify the cluster size in bytes. For example:
format volume /fs:ntfs
/a:16384 will format the drive using NTFS in 16KB
clusters. When you're done, verify the cluster size by
running chkdsk again, and restore the drive
from your backup media.
Tuesday, June 17
On May 11, thieves broke into the
Kunsthistorisches Museum in Austria and stole a famous
gold statue
created by
16th century Italian master Benvenuto Cellini The
10 inch
high gold sculpture called Saliera (salt box) is
worth about $57 million and is often referred to as
the "Mona Lisa of sculptures". What makes this theft
notable is that the thieves simply climbed some
scaffolding,
smashed through a first floor window, and removed the
piece from an unprotected glass display case. The
break in did set off the alarm system, but it was
quickly reset by the security guard (before it was
able to call the police) who assumed it was just
another false alarm. The actual theft was discovered
four hours later by a cleaning lady, and three
security guards were suspended as a result of the
incident. So my question is, how often does this
happen on your network? Does your staff simply reset
firewall alarms, or do they actually spend a minute to
confirm the data. Do you look at your IDS logs? Are
your server's event logs bogged down with bogus
entries making it impossible to find real problems? A
test of intrusion detection systems by Network World
Fusion last year discovered that several IDS's
crashed under the weight of false alarms, and real
attack data was often buried deeply under mountains of
false alarm data. If this is happening on your
network, how will you ever know when you're really
being hacked? In the case of the museum, the alarm
system was plagued with problems, and false alarms
occurred on a regular basis. Instead of fixing the
problem, the museum chose to fix the blame. Don't make
the same mistake. Root out the source of false alarm
data, and follow up on unknown events before you
simply dismiss them. The job you save may be your own.
Monday, June 16
According to Microsoft, someone (gasp!) leaked their
internal
Beta version of MSN Messenger 6.0 onto the web. To
make matters worse, over
2
million people have downloaded the software and
are actively using it! (Oh no!!!) To put a quick end
to this potential disaster, Microsoft has
issued a press release informing as many people as
possible that the Beta is unofficially available on
the web, and has
asked websites to stop posting it. Microsoft is
also asking people not to run the software which a
leaked memo
by Blake Irving, vice
president of MSN's communications division,
describes as "fast becoming one of the most addictive
services we've ever created," and "Anyone that has
used V6 knows why it's a winning service ... I don't
think the industry will have seen such a thing since
ICQ got big years and years ago." Wow, all these leaks
sure are distressing, but I'm sure these warnings are
enough to discourage even the most ardent computer
geeks, and prevent the further spread of their Beta
software. The conspiracy theory mice in the office are
suggesting that perhaps these leaks aren't
unintentional, and are just part of Redmond's efforts to build hype and generate lots of
press before it's officially released sometime this
summer. But wait - according to
Neowin.net sources, Microsoft is releasing a
public preview of MSN Messenger 6.0 on Thursday!
Finally an official download that will end this leaked
Beta crisis and save us from its evils! (Plus it will
generate more press and headlines for Microsoft)
Also in the hype machine,
Microsoft announced that it is working on Service Pack
1 for Windows Server 2003 and should have it in Beta
by "early summer". Since Windows Server 2003 was just
released in late April, there is speculation that
either the product is buggier that Microsoft has let
on, or they're simply trying to get SP1 out as quickly as
possible since many businesses have a policy of not
migrating to a new OS until the first service pack is
out. Since Microsoft has only released a handful of
minor patches (17?) for Windows Server 2003, I'll
leave it up to you to decide what the real motive is.
Friday, June 13
Are you superstitious? Do you suffer from
paraskevidekatriaphobia, and have an irrational
fear of Friday the 13th? Or are you having a group of
friends over tonight for a Freddy Kruger film
festival? There are a lot of
theories about the origins of this superstition,
but no one really knows how this whole "Friday the
13th" mess got started. Ancient mariners believed it
was unlucky to start a voyage on a Friday. In Rome and
later England, executions were performed on Fridays.
In Greek and Roman numerology, 13 symbolizes
destruction. Nordic mythology also suggests that 13 is
an unlucky number. Even today, many tall buildings and
hospitals don't have a 13th floor. Somewhere along the
way, superstitions regarding Fridays and the number 13
were mixed, resulting in our present day jitters. But
it isn't unlucky for everyone. Up until the Middle
Ages, pagans celebrated Friday the 13th as a lucky
day. In Australia, lottery sales go through the roof
on Friday the 13th. To others, it's the
Olsen
twins 17th birthday. And to us, it's just another
day. But if you're one of the 21 million people who
called off of work today because of your paraskevidekatriaphobia, maybe you should consider
seeing a psychologist or psychiatrist to help you
overcome your fear. Unless of course you also have
iatrophobia - a fear of doctors. ;-)
Thursday, June 12
As you can imagine, we do
quite a bit of web browsing every day digging for
resources. Over the years we've tried almost every
browser on the market, but have always liked Internet
Explorer, even when IE wasn't cool (which it never
was.) Now we've discovered a new browser which has
become our hands down favorite after just a few weeks
of use.
SlimBrowser is a freeware multiple-site browser
that features a tab-page interface, built in popup
blocking (with recovery if needed), quick search,
built in commands and scripting, blacklist/whitelist
filtering, page translation, a fully automatic form
filler, and did we mention it's free? If you spend as
much time digging on the Internet as we do, you'll be
hooked on tabbed browsing within a few minutes. It's a
huge time saver if you spend a bit of time following
links across multiple sites. The real bonus for us is
that SlimBrowser is a wrapper for IE instead of having
its own standalone engine. It automatically uses your
existing Favorites menu from IE, as well as your IE
security and privacy settings so you don't have
migrate all of your preferences after installing it. Did
we mention it's free? Of course if you would rather
pay $29.95 for a tabbed browser, we also highly
recommend
NetCaptor
Wednesday, June 11
In an effort to keep down costs and
get great hardware at rock bottom prices, we've done
quite a bit of shopping on e-Bay over the years. We've
purchased
routers, switches, laptops, monitors, hard drives,
PDA's, and smaller accessories at 1/10 of their retail
cost, and to date we've had only had positive
experiences. But you never know when you're going to
get burned by
non existent, non functional or stolen
merchandise. This is especially important when buying
laptops. One way around this is to buy used computer
equipment directly from the manufacturer - on eBay.
Dell,
HP,
IBM
and others have established stores on eBay that allow
you to bid on factory refurbished equipment, sometimes
with a warranty.
We've found some really
great deals from
Dell
Financial Services eBay store which features off
lease equipment that has been inspected and
refurbished. Since Dell introduced their new "D"
series of laptops, their older (but still fast and
functional) "C" series laptops have appeared on eBay
for under $500.00. Two weeks ago we purchased a
refurbished
Dell C600 laptop for $565.00 (including
shipping and tax) that is identical to one we bought
new in January 2001 for $2300.00. Its 750Mhz P3
processor, 20GB Hard drive and 256Mb of RAM is more
than enough to run Windows XP or Windows 2000, and
having two identical platforms allows us to do
benchmark and stability tests between applications.
The laptop
arrived within a few days, and although the metal plate on
the bottom of the laptop looked beat up, the exterior
case, keyboard, and screen looked brand new. So far
it's functioned flawlessly, and we're considering
buying another one in a few weeks. If you've been
thinking about buying a laptop, but put off by the high
price tags, this is definitely the way to go. You can
expect thousands of these laptops to become available
in the next few months and prices should fall even
further during this time period. You may even start to
see some of the 1GHz processor models become available
before the end of summer. As a bonus, accessories for
Dell Latitude C series are all over eBay as well, and it's
relatively easy (and cheap) to find spare external
power supplies, CD-RW drives, DVD drives, extra
batteries, docking stations and even leather laptop
cases. Happy bidding!
Tuesday, June 10, 2003
What would you do if your hard drive failed? Do you
have tape backups of your data? Or do you back up
files onto CD-R disks? I've tried everything from ZIP
and JAZ disks to CD-RW and tape drives, but as or data
archive and storage needs grow these solutions just
don't cut it. Our laptops come with 30GB hard drives,
our workstations come with 80GB hard drives, and our
servers are filled to their 500GB capacity. Currently
we have about 100GB of hard drive space on our server
doing nothing but archiving data consisting of backup
images, log files, application source directories,
archived mail folders, and the obligatory MP3
directory. I'd love to use that space for something
else, and I'm a bit worried about what would happen if
that drive suddenly failed and all the data was lost.
Of course we could mirror the drive or setup a
RAID 5 disk array, but that would require a few
hardware upgrades and we were looking for something
simpler. So for about $210.00, we invested in a
Maxtor 3000LE 120GB external hard drive. This
portable unit plugs straight into the USB port and
doesn't require drivers for Windows XP,
which flawlessly sees the unit as an extra drive. If
you have a USB 2.0 port, the drive is capable of high
speed mode and can transfer data at 480Mbps. It's also
amazingly quiet and unobtrusive, and can easily be
stored in a locked file cabinet or safe, and even
transported in a briefcase for off site storage.
Maxtor also makes larger models with faster hard
drives (7200rpm vs. 5400rpm drive), and some models
support FireWire as well as USB.
Monday, June 9
The
BugBear.B hysteria seems to be dying down a bit,
but the virus is still spreading. Keep in mind that
BugBear.A (which spread in September 2002)
generated 320,000 infected e-mails in its first week
according to MessageLabs. BugBear.B generated 35,000
infected e-mails on in the first 24 hours of its
discovery. What makes this rapid infection rate even
more surprising is that the vulnerability it exploits
in IE 5.1 and 5.5 is over 2 years old. A free patch
has been available from Microsoft since March 2001,
and should have been applied after BugBear.A
threatened systems last fall. This might have also slowed
the progression of the
Sobig mass mailing worm (and it's variants) which
exploits the same vulnerability. Although the patch
prevents the virus from running automatically with no
user intervention, even patched systems are vulnerable
if the user clicks the e-mail attachment. The kicker
is that Sobig and BugBear can be easily neutralized
with simple content filtering and/or virus scanning on
the corporate mail servers. Simply blocking .PIF, .SCR,
and .EXE extensions on your e-mail servers will stop
these and other mass mailing worms cold. This bit of
logic was lost on Stanford University, when
BugBear.B's keyboard logging "feature" started sending
employee salary and bonus information via e-mail. This
prompted the IS staff to simply shut down all outgoing
e-mail services for 9 hours in a effort to contain the
damage and prevent further outbreaks.
Don't let this happen to
your network. If you don't already have virus scanning
and content filtering enabled on your mail servers,
get it in place as soon as possible. Start blocking
attachments that don't have a business use (.PIF, .SCR).
Update your IE 5.1 and 5.5 versions to SP2. And
educate your users to the perils of opening suspicious
attachments. If you need additional information about
virus types, classifications, prevention, and managing
an outbreak, check out
our
AntiVirus primer.
Thursday, June 4
I spoke too soon in
Monday's blog when I said only time will tell if
Microsoft Trustworthy Computing initiative will be
worth the price. Microsoft released it's first "patch"
for Windows 2003 according to the media, but the
security update is really for Internet Explorer 6 and
affects Windows 2000 and XP as well. No reason to
panic. The media is having a field day with this
because Microsoft has been selling Windows Server 2003
on its security and reliability. Remember Oracle's "Unbreakable"
campaign? It suddenly and quietly went away when a
dozen or so vulnerabilities were discovered and posted on BugTraq
in the first month. Microsoft hasn't thrown down the
gauntlet as hard as Oracle, but there are plenty of
people who would like to find a huge gaping hole in
the new OS and publicly ridicule them. In a way, this
little flaw works in Redmond's favor - the press gets
to hype the heck out of it and put the words "Windows
Server 2003 flaw" in their headlines, but in the end
it really isn't a major OS bug. Unless of course you
consider the browser as part of the OS, as Microsoft
asserted in its antitrust trials. Microsoft is still
spinning this in a positive light because the
vulnerability is less of the threat in Windows Server
2003 because it relies on services which are turned
off by default in Win2k3, but not in Win2k or XP.
Wednesday, June 3
Part of the downside to
having our e-mail address displayed on our web site is
that we receive tons of spam. Over 300 messages alone
this morning, most of which was filtered properly by
the Beta release of Outlook 2003. It still doesn't
have some the advanced blocking features of many 3rd
party spam filters, but at least I don't have to open
2 separate applications to manage my mail. One feature
I wish Outlook 2003 included was domain name blocking.
Basically I'd like anything from a Hotmail, MSN, or
AOL account to simply get dumped into the junk e-mail
folder, where I can browse through it later and sift
out the few legitimate e-mails.
The other downside is
the virus related messages that appear whenever a new
bug makes its way around the world. A number of
viruses spoof e-mail addresses as they spread,
including ours since it exists in thousands of contact
lists around the world. This result is a flood of
automated messages from corporate mail servers, as
well as the occasional flame from a user who thinks we
sent them a virus. All of which prompted our link of
the day,
Idiocy Imperils the Web, which asks "Who are these
people that keep clicking on attachments anyway?"
They're probably the same people who actually buy
products from spammers, and believe that some stranger
from a third world country wants them to help smuggle
20 million dollars out of the country. Is common sense
really that uncommon?
"The
difference between genius and stupidity is that genius
has its limits"
Monday, June 1
For the past few days we've been
busy updating the Windows Server 2003 section
including as much of the new online documentation as
possible. We've been running the .NET Betas as well as
the RTM and final releases for a while and are really impressed
with it. Thanks to VMWare, we've been able to perform a lot of
torture, compatibility, and vulnerability testing
without spending a fortune in hardware. I think Microsoft did a great job improving
on Windows 2000's strengths instead of flooding
customers with a host of new features no one wants.
The stability has been outstanding, but only time will
tell if the security implementations have been worth
Microsoft's $20 million investment in their
Trustworthy Computing campaign. It also a better
documented release than previous versions of Windows
NT. Microsoft has released the plenty of case studies,
whitepapers, how to articles, and all of the product
documentation on their web sites, and sorting through
it all has been a challenge.
After some recent
problems with our current web host
Interland
dropping the ball on security, we are looking for a
new home - preferably on Windows Server 2003 running
IIS 6.0. The current favorite at this point is
ServerBeach,
so if anyone has any feedback or experience with this
host (or if you have another recommendation) please
let us know.
|
