<<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>>
<<>>                 Support Alert                <<>>
<<>>                                              <<>>
<<>>     Where to find the best tech support      <<>>
<<>>           information on the Web             <<>>
<<>>                                              <<>>
<<>>  Online at http://www.techsupportalert.com   <<>>
<<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>>

            Issue 39 - 1st November 2000

Welcome to Support Alert, the email newsletter that
points you to the best technical support resources
on the Internet.

You may notice something different.  We've changed
our name from PC Alert, so as to more accurately
reflect the nature of our content.  Everything else
stays the same.

Support Alert is free. If you like it, why not share
the good news and email a copy to a friend or work
colleague?

Support Alert is sponsored by PC Support Advisor and
PC Network Advisor, the standard reference sources for
support professionals.

What's the secret?  What is it that thousands of
support staff in 16 countries know, that you don't.

Find out now. Take advantage of our current US$29.95
special promotional offer and try Support Advisor and
Network Advisor for yourself.

Just point your browser to http://www.itp-journals.com
and discover the secret.

               <<<>>><<<>>><<<>>>

FROM THE EDITOR

If you've been keeping an eye on Microsoft's security
site at http://www.microsoft.com/security then you'll know
that the company has issued more than 80 security patches
for Windows this year.  With each patch, Microsoft takes
the opportunity to stress that it takes security very
seriously.

But here's an interesting question.  Does the fact that
there are so many patches for Windows mean that the
product is more or less secure than products for which
fewer patches are released?  Every operating system
probably has hundreds of security holes.  So as long
as Microsoft keeps patching them, maybe Windows really
can be regarded as secure.

Of course, every operating system is open to attack
by a Trojan Horse program.  And that is just what happened
to Microsoft's main systems last week.  One of the
company's developers opened an email containing the
QAZ trojan, which promptly emailed a variety of passwords
to a hacker in Russia.  The hacker then managed to
obtain one or more Windows source code files.

Microsoft's attempts at damage limitation are
fascinating.  Yes, says the company, the hackers managed
to see source code.  But it wasn't the code for
current versions of Windows or Office, but stuff in
development "which is many years from launch".  So, let's
get this straight.  The hackers know what Microsoft
is planning for its products in years to come, and
this could be plastered all over the hacker Web sites
within days.  But Microsoft isn't worried?  Hmm.  That's
a very interesting attitude to take.
 

Robert Schifreen

PS:  Do you have a favourite site that you'd like to
see featured here?  If so, send details to me
at editor@itp-journals.com.

          <<<>>><<<>>><<<>>><<<>>><<<>>>

IN THIS ISSUE

1. TOP SUPPORT SITES
    - NT management tools
    - Comparing speech recognition suites
    - Printer buyer's guide

2. SUPPORT UTILITIES
    - LapLink Gold
    - Unlock protected Acrobat PDF files
    - Zip File Cracker

3. SERVICE RELEASES AND PATCHES
    - Oracle Security Patch
    - IIS Session ID Cookie marking
    - Another VM patch

4. OTHER USEFUL STUFF
    - Questionnaire Generator for FrontPage
    - Security for videoconferencing
    - New PDAs from Handspring

5. TECH SUPPORT RESOURCES
    - Open Source networking monitoring software
    - Windows 2000 Automated Installations

          <<<>>><<<>>><<<>>><<<>>><<<>>>

1. TOP SUPPORT SITES
====================

NT management tools
Looking for a quota management tool for NT?  Quota Sentinel
will allow you to limit the size of network objects on a
per-user basis, and also set storage limits for users.
More details at http://www.nttools.co.uk.

On the same site you'll find details of Security Explorer,
a utility to search for and modify Windows NT/2000 security
settings on NTFS drives.  The tool provides a quick way
to grant, revoke and clone security settings.

Comparing speech recognition suites
We're not a big fan of speech recognition software, here
in the Support Alert offices, as we reckon it's nowhere
near good enough to use in a commercial environment.
If you want to find out for yourself, check out
a useful survey which put the leading packages on test.
See http://one.digital.cnet.com/cgi-bin1/flo?y=eBAM0BpW80Qu0ckow

Printer buyer's guide
CNET, one of the most useful resource sites on the Web,
has a new hardware guide aimed at those looking to
buy printers.  Still trying to decide whether an inkjet
is a better buy than a laser?  Check out the site at
http://computers.cnet.com/hardware/0-1063-8-2939200-1.html
 

2. SUPPORT UTILITIES
====================

LapLink Gold
LapLink must be one of the most useful tools for a support
person.  It allows you to transfer files between machines and
to synchronise directories, and it works over a serial or
parallel cable, the Internet or a LAN.  The latest version,
LapLink Gold, also works over USB and is supplied with a
proprietary cable that enables this function. You can get
more information at http://www.laplink.com.

Unlock protected Acrobat PDF files
It had to happen.  The encryption used by Adobe to allow
PDF files to be locked against printing, text extraction
etc has been cracked.  Companies which distribute information
in the form of locked PDF files are now at risk.  Read more
about a product that can remove PDF file protection at
http://www.computerstream.co.uk/plugin/pprot.htm.

Zip File Cracker
You've been examining a user's PC and have found
a suspicious file.  But it's a password-protected
PKZIP archive and you don't know the password.  Is there
any way to crack the file without letting the owner
of the file know that you're onto him?  Yes.  Check
out the FZC Fast Zip Cracker, which is downloadable
from http://www.netgate.com.uy/~fpapa/.

3. SERVICE RELEASES AND PATCHES
===============================

Oracle Security Patch
Security company ISS has discovered a problem with the
listener program in Oracle Enterprise Server, which could
allow a hacker to access the Oracle database on an
affected machine.  The problem exists in the Oracle
listener program versions 7.3.4, 8.0.6 and 8.1.6 on
all platforms.  Oracle has a patch, which is at
http://otn.oracle.com/deploy/security/alerts.htm.

IIS Session ID Cookie marking
Microsoft has released a patch for IIS, its Web server
product, which fixes a bug whereby a hacker could take
over the session of another user.  The problem stems from the
way that IIS creates Session ID Cookies, which are not
created in the recommended secure fashion.  A fix is at
http://www.microsoft.com/technet/security/bulletin/fq00-080.asp.

Another VM patch
Microsoft has revised its patch for a problem that was
reported earlier this year in the Java VM which ships
with Windows and with Internet Explorer. The bug could allow
someone to write a Web page which could read any file on the
PC of the person viewing the page.  Java should not be able to
permit this, as it operates on a "sandbox" policy to
prevent applets accessing data and files from outside of
their own environment.  You can download a fix from
http://www.microsoft.com/technet/security/bulletin/fq00-081.asp.

4. OTHER USEFUL STUFF
=====================

Questionnaire Generator for FrontPage
If you need to generate survey forms or questionnaires
for your Web site or intranet, Microsoft has an add-on
for FrontPage that will help you do it automatically.
You can get the file from the Microsoft Web site at
http://www.microsoft.com/education/planning/online/Score.asp.

Security for videoconferencing
Biodata Information Technology has developed a range
of encryption products designed to protect the contents
of a videoconference from being viewed by hackers.
More information is at http://www.biodata.com.

New PDAs from Handspring
Handspring, the company behind the Visor PDA, has launched
2 new handhelds.  You can read a review of the new machines at
http://one.digital.cnet.com/cgi-bin1/flo?y=eBAM0BpW80Qu0cfC8.

5.  TECH SUPPORT RESOURCES
==========================

Open Source networking monitoring software
November's issue of PC Network Advisor has just been
published.  Among the articles is a roundup of network
monitoring packages which are available free of charge
from the Internet.  You can read the complete article
online at http://www.pcnetworkadvisor.com.

Windows 2000 Automated Installations
In the latest issue of PC Support Advisor, which has just
been published, there's an article on how to do automated
Windows 2000 rollouts.  You can read the full article
online at http://www.pcsupportadvisor.com.
 

<<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>><<<>>>

                  ABOUT SUPPORT ALERT

Support Alert is produced by International Technology
Publishing, the publishers of PC Support Advisor and
PC Network Advisor, the standard resource publications
for tech support professionals.

To subscribe to Support Alert, visit our web site at
http://www.techsupportalert.com and follow the
subscription instructions.  At the site, you'll also
find a searchable set of back issues plus Support
Alert's amazing catalogue of the best tech support
sites on the web.

If you really like Support Alert why not email a copy
to a friend or colleague. Better still, you can
subscribe them directly.  He or she will then receive
an email request for confirmation.

To do this, send a blank email to

supportalert-subscribe-aaaa@itp-journals.com

where aaaa is your friend or colleague's email address.
Note that you must replace the @ sign in your friend or
colleague's email address with an = sign.

E.G. To subscribe jsmith@aol.com send a blank email to:
supportalert-subscribe-jsmith=aol.com@itp-journals.com

To unsubscribe from Support Alert, send a blank email to
supportalert-unsubscribe@itp-journals.com
.

(c) Copyright International Technology Publishing 2000