- The Windows 2000\XP\.NET Resource Index
Home | About Us | Search |

Last Updated December 10, 2003

LabMice Link of the Day Archive - July 2003
As we surf the web in our pursuit of additional content for LabMice, we occasionally stumble upon a really cool, humorous, unusual, or very useful link that we think should stand out from the hundreds we add every week. So we developed a small section on our front page to highlight these, and will archive the rest here.
This Month:

At Microsoft, it's all about Longhorn
Longhorn, the next major release of Windows, is "a bit scary," Gates has said. Scary to computer users, that is, because Longhorn products will be very different from today's Microsoft software, but it appears the software is also causing some shivers at Microsoft. Source: InfoWorld

Book Excerpt: Inside Windows Server 2003 'Deploying Windows Server 2003 domains'
This chapter covers the following scenarios: Upgrading a classic NT4 domain to Windows Server 2003;Upgrading a Windows 2000 domain to Windows Server 2003; Migrating from an NT4 or Windows 2000 domain to a Windows Server 2003 domain. Source:

Critical Windows Flaw a Potential Springboard for Damaging Worm
Microsoft is feverishly trying to get users to apply a patch it released two weeks ago for a critical RPC vulnerability that affects most supported versions of Windows before a widespread worm based on the vulnerability can break out. Source: ENT Online

Spam Battle Plans
Spam has become more than just an annoyance -- it's expected to cost U.S. corporations $10 billion this year. Here's how some companies are defending themselves against junk e-mail. Source:  ComputerWorld

Security: Key to Your Career
The intensified concern about security is undeniable, and it is no different in the IT industry. The need and demand for the security of information is as much a priority as national safety. Taking this into consideration, how can you as an IT professional align yourself to capitalize on the new opportunities available in this field? And what does being that ideal security professional require? Source:

Readers Report on Win2K SP4
Reader feedback about Win2K SP4 points out several problems with installation. Based on these comments, apparently SP4 introduces a problem with Windows 2000 Server Terminal Services, and a documented problem exists with the Multiple Universal Naming Convention Provider (MUP) component, mup.sys. Some people are also seeing incredibly long delays during system restart and logon, but we haven't determined the source of the delays. Source: Windows & .NET Magazine

Microsoft Guide to Security Patch Management
This guide provides concise information, prescriptive techniques, tools, and templates to help organizations cost-effectively maintain a secure and reliable Microsoft environment through the proactive assessment of vulnerabilities and the application of security patches and appropriate countermeasures. This guide is divided into two parts: the first providing essential security patch management information that is valuable to everyone and the second providing detailed process descriptions and techniques. Source: Microsoft Technet

From NT Domain to Server 2003 Active Directory
Finally, an NT Domain to AD upgrade without the pain. Steven J. Vaughan-Nichols discovers that with some prep work, administrators can expertly conquer an upgrade that once left scores of battered IT managers in its wake. Source:

Security and the "Booga-Booga" Factor
Noted author Mark Minasi weighs on the hype that is frequently presented in security seminars. Namely, the oft-repeated message that you can spend all the money you want, but you'll never completely secure your network. In other words, "The bad people are out there, and they're going to get you no matter what you do©booga booga!" The unspoken remainder of the message seemed to be, "unless you retain a security expert" Source: WIndows & .NET Magazine

SSL Diagnostic Utility Download for IIS
Web administrators have a new tool for troubleshooting Secure Sockets Layer (SSL) configuration problems on IIS servers. SSL Diagnostics Version 1.0 gives administrators a central place to review metabase configurations, simulate IIS SSL client\server handshakes, and even generate a self-signed certificate with a single click. The tool is designed to run on IIS 4.0, 5.0, 5.1, and 6.0 Download size is 500Kb. Source:

Honeytokens: The Other Honeypot
The purpose of this series of honeypot papers by Lance Spitzer is to cover the breadth of honeypot technologies, values and issues. This article extends the capabilities even further by discussing the concept of honeytokens. Source:

Windows XP Events and Errors Database
The Windows XP Events and Errors search page provides an easy-to-search, online reference for the error and event messages generated by Windows XP Professional. Find detailed explanations, recommended user actions, and links to additional support and resources. Source:

Deploying & Supporting Windows Server 2003
This paper shares what Microsoft©s internal Operations & Technology Group (OTG) Infrastructure Engineering group learned as a result of deploying Windows Server 2003, Enterprise Edition within Microsoft. OTG is sharing these experiences with customers so that they may use them to help successfully upgrade from Microsoft Windows 2000 to Windows Server 2003. Much of the information also applies to enterprise customers planning to upgrade to Windows Server 2003 from other Microsoft operating systems such as Microsoft Windows NT© version 4.0

Mapping Microsoft's Wireless Strategy
Microsoft is expanding its wireless offerings. Survey the options to learn how you can enable wireless access to data and provide mobile applications for the enterprise. Source: .NET Magazine

Testing Applications with AppVerifier
Application Verifier (AppVerifier) is a new tool for testing applications for compatibility with Microsoft© Windows? XP. This tool can be used to test for a wide variety of known compatibility issues while the application is running. This article details the steps for using AppVerifier as an effective addition to the application development and testing cycles. Source: TechNet

Palladium: Don't Fear the Nexus
Microsoft's Next Generation Secure Computing Base is misunderstood. The controversial proposal for delivering client security through integrated hardware and software has some privacy advocates and conspiracy theorists crying foul. But several details have emerged that demonstrate that this code won't be running secretively in the background, and in fact that it looks like a promising, user-controlled defense against privacy intrusions and security violations. Source: ENT Online

Antivirus Concerns in XP and .NET Environments
After Windows NT was released, it took virus writers five years to learn how to infect it. Windows NT 3.1 and the Win32 API were released in late 1993, but it wasn't until August 1998 that W32.Cabanas became the first NT virus by capturing coveted kernel mode access. .NET and some of Microsoft's other initiatives have not been as lucky. The purpose of this article is to discuss antivirus (AV) concerns with .NET and Microsoft Windows XP. Source:

Best Practice Guide for Securing Active Directory Installations and Day-to-Day Operations: Part I
A breach in Active Directory security can result in the loss of network resource access by legitimate clients or in the disclosure of potentially sensitive information. Such information disclosure can occur for data that is stored on network resources or from the Active Directory database itself. To avoid these situations, organizations need more extensive information and support to ensure enhanced security for their NOS environments. This guide addresses this need for organizations that have new, as well as existing, Active Directory deployments. Part I of the guide contains recommendations for protecting domain controllers from potential attacks of known origin and recommendations for establishing secure administrative policies and practices. Part II of the guide contains recommendations for detecting attacks, defending against known and unknown threats, and recovering from attacks. Source: TechNet

Avoiding Sticky Legal Traps
Before you design and deploy a honeypot, consider the possible legal issues. Even if you own a network or are responsible for its security and maintenance, you may not have the unfettered right to watch what network users are doing. Hackers have rights, too. How can you deploy honeypots without running afoul of the law? Source: InfoSecurityMag

The Newest IIS Security Rollup
"After engaging in numerous real-time cyber©sword fights against malicious intruders for weeks, I am particularly sensitive to Microsoft IIS security hotfixes these days. Although I don't yet have all the data I need to do a technically correct forensic analysis of the break-in I'm researching, it appears that intruders used a Trojan Horse to hijack the Web server for nefarious purposes. My top candidates for the hijacker activity include pushing spam files or stolen software through the Internet. The hijacking ended with a firewall that's now dead and refuses to boot." Source: Windows & .NET Magazine

Can you feel the force?
Exploiting IT systems has never been easier. Intruders are increasingly enjoying the worldwide path to mischief via the internet, aided by weaker enterprise network perimeters and many new entry points, such as wireless and virtual private networks. Security attack methodologies and technologies have changed dramatically. Threats used to be simple and low- tech with limited scope. Now, threat sophistication is rising, partly due to use of automated tools that ease the implementation of attacks. An aspiring cyberattacker no longer requires ©guru hacker? experience to wreak potent, worldwide damage. As malware becomes more sophisticated, your defenses must improve to prevent damage. Source: SCMagazine


Past Archives

This site and its contents are Copyright 1999-2003 by Microsoft, NT, BackOffice, MCSE, and Windows are registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is affiliated with The products referenced in this site are provided by parties other than makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be directed to the appropriate manufacturer or vendor.