A third underwater fiber-optic cable was cut today in the Persian Gulf, off the coast of Dubai, United Arab Emirates, according to its owner Flag Telecom, compounding Internet problems in the Middle East and India, the BBC reported today.

The third cable, known as the Falcon cable, comes after breaks in two cables off the Mediterranean seacoast on Wednesday.

Those breaks required carriers to reroute Internet traffic from the U.S. to India and other nations in the Middle East the other way around the world, across the Pacific Ocean, leading to some Internet delays.

The cause of the first two breaks is believed to be a result of a ship's anchor that dragged and snapped the cables, and a similar cause might be involved in the third incident. Flag Telecom will start repairs next week on one of the first two cables linking Egypt and Italy, the company said today. A repair ship is expected to reach the site of the damage, 8.3 kilometers (about five miles) from Alexandria, Egypt, on Tuesday. The repair will take a week to complete.

The breaks on Wednesday were to the Flag Telecom Europe-Asia cable, owned by India's Reliance Communications Ltd., and on the South East Asia-Middle East-West Europe 4 (SEA-ME-WE 4) cable, owned by a consortium that includes Verizon Communications Inc. in New York. The cable damage disrupted the Internet and other communications to the Middle East and India.

Flag said the Europe-Asia cable was cut at 8 a.m. GMT on Wednesday. The company also said it was able to restore circuits to some customers and was switching to alternative routes for others.

The US Congress Judiciary Committee will hold a hearing next week to scrutinize Microsoft's multi-billion-dollar bid to acquire Yahoo in order to take on Internet goliath Google. Leading members of the committee scheduled a February 8 hearing after Microsoft's announced it is courting California-based Yahoo with a 44.6-billion-dollar offer.

"Microsoft's bid to acquire Yahoo is certainly one of the largest technology mergers we've seen and presents important issues regarding the competitive landscape of the Internet," Congressmen John Conyers and Lamar Smith said in a written statement.

"The Committee will hear from experts who will weigh in on whether this proposed consolidation works to further or undermine the fundamental principles of a competitive Internet." Yahoo has yet to say whether it will accept the offer, but analysts believe it is too good a deal for the struggling Internet veteran to refuse and that US regulators are unlikely to find grounds to stop it.

Sun Microsystems purchase of MySQL for $1 billion is not only the largest open-source deal yet, it's almost bigger than all previous open-source deals combined, including RedHat's $326 million buy of JBoss, Citrix's $500 million purchase of XenSource and Yahoo's $350 million acquisition of Zimbra.

But the deal raises a number of questions for Sun. Was that $1 billion well spent? What will Sun do with its new database? And will the purchase improve its standing in the enterprise? More important than the $1 billion price tag, however, is whether Sun can execute its strategy of taking a database that's popular in certain circles and successfully move it into the enterprise accounts, where they are a well-respected vendor.

Whatever technical issues Sun may face in integrating MySQL into its current stack pale in comparison with the marketing challenge.In the scheme of things, the most important IT issue for large businesses is reliability. For databases, companies need to know product is solid, can scale and won't go down if they make severe demands on it.

Barracuda Networks, a maker of e-mail and Web security hardware, has sent out a distress call to the open source community to save it from patent litigation at the hands of Trend Micro, a competing security company. On Tuesday it asked for help from anyone who can provide information that can invalidate Trend Micro's patent on gateway antivirus scanning.

Barracuda Networks has framed the dispute as an attack not only on itself but on the open source community and the free Clam AntiVirus software by "commercial patent holders attempting to unjustly hinder the free and open source community," as Dean Drako, president and CEO of Barracuda Networks, put it in a statement issued on Tuesday.

Trend Micro spokesperson Mike Sweeny said the litigation isn't an attack on the open source community. "This case is really about two companies, Barracuda Networks and Panda Security, that are selling products in the U.S. that we feel infringe on our time-tested patent," he said. Drako disagrees with this assessment. "If you read the legal documents from Trend Micro, all of the infringement claims they make are about Clam AV," he said in a phone interview. "They may be legally suing us but ... it's pretty clearly an attack on Clam AV."

It may also be an attack on the disruptive price points of products based on open source software. Drako pointed to a recent article that he said found Barracuda's hardware to be a tenth the cost of competing boxes. Trend Micro in early 2006. Sweeny from Trend Micro confirmed that both Symantec and McAfee have licensed the patent as well.

Following demands from Trend Micro in 2006 to pay a royalty that Drako characterized as onerous, Barracuda Networks sued Trend Micro in March 2007 seeking a declaratory judgment that it was not infringing upon the '600 patent. Toward the end of 2007, Trend Micro countered by filing a claim with the International Trade Commission (ITC) seeking to block the importation and inclusion of Clam AntiVirus software in Barracuda's security appliances.

"Trend Micro is seeking an interpretation of its '600 patent such that would give it exclusive control of gateway antivirus scanning," Barracuda states on a Web page it has posted about the case. "Scanning for viruses at the gateway is an obvious and common technique that is utilized by most businesses worldwide. Such an interpretation would mean that anyone, including the owners of the more than one million active ClamAV installations, could potentially be sued by Trend Micro."

"They're accusing us of importing open source software," said Drako. "How can you accuse someone of importing open source software? It's written everywhere." Nonetheless, Trend Micro appears to be doing just that it. If it prevails, Drako predicts trouble for companies that rely on open source software. "If Trend Micro is successful in claiming that we import Clam AV, and therefore that the ITC is the appropriate court, I could go claim that Linux is imported by IBM ... I could start suing them in the ITC. It could reinvent how patent litigation is done for open source software. It's a pretty bold move."

On Friday, I had a brief phone interview with Kevin Johnson, president of the Microsoft division that includes Windows and Windows Live, shortly after the software giant announced its $44.6 billion bid for Yahoo. I tried to get more details on the how Microsoft plans to bridge the cultural gap between the two companies, which brands it is tied to and what it will do if Yahoo says no. Sorry, I don't have more concrete answers, but I've posted a pretty complete transcript so you can read for yourself. More

Internet access in India improved Friday as international service providers shifted their Internet traffic to cables under the Pacific Ocean to bypass two undersea cables damaged earlier this week.

The two cables deep under the Mediterranean Sea snapped on Wednesday 1.30.2008, disrupting service since then across a swath of Asia and the Middle East.

India took one of the biggest hits, and the damage from its slowdowns and outages rippled to some U.S. and European companies that rely on its lucrative outsourcing industry to handle customer service calls and other operations.

Bandwidth providers in India said they were working to restore service to about 80 percent of its usual speed Friday.

In Egypt, Internet access remained sporadic or nonexistent Friday, the first day of the official Muslim weekend in the Middle East when all government offices and most businesses are closed. Egyptian Minister of Communications and Information Technology Tarek Kamil said service would be up to about 80 percent of its usual capacity within 48 hours.

The pair of cables — which lie on the sea floor near each other and at some points are no thicker than the average human thumb — caused problems across an area thousands of miles wide. India, Bangladesh, Pakistan, Egypt, Qatar, Saudi Arabia, the United Arab Emirates, Kuwait and Bahrain all reported trouble.

We were somewhat confused with smartermail forum on the topic of ClamAV updating in SmarterMail. Here are my observations. This solution is only based on my personal observation, which cured 4 different smartmail servers with the problem of not showing the ClamAv updates correctly. One could see they were being downloaded to the server.

They are located in the default install path: C:\Program Files\SmarterTools\SmarterMail\Service\Clam\share\clamav the date in the admin interface was the same date as the file 'daily.cvd'. I renamed the file to daily.cvd.bak and restarted smartermail service and a new file was created and the interface reflected the new date.

Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. CIA analyst said. Speaking at a conference of security professionals on Wednesday Jan 16 2008, CIA analyst Tom Donahue disclosed the recently declassified attacks while offering few specifics on what actually went wrong.

Criminals have launched online attacks that disrupted power equipment in several regions outside of the U.S., he said, without identifying the countries affected. The goal of the attacks was extortion, he said.

"We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands," he said in a statement posted to the Web on Friday by the conference's organizers, the SANS Institute. "In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet."

One conference attendee said the disclosure came as news to many of the government and industry security professionals in attendance. "It appeared that there were a lot of people who didn't know this already," said the attendee, who asked not to be identified because he is not authorized to speak with the press.

He confirmed SANS' report of the talk. "There were apparently a couple of incidents where extortionists cut off power to several cities using some sort of attack on the power grid, and it does not appear to be a physical attack," he said.

Hacking the power grid made front-page headlines in September when CNN aired a video showing an Idaho National Laboratory demonstration of a software attack on the computer system used to control a power generator. In the demonstration, the smoking generator was rendered inoperable. The U.S. is taking steps to lock down the computers that manage its power systems, however.

On Thursday, the Federal Energy Regulatory Commission (FERC) approved new mandatory standards designed to improve cybersecurity.

Part 2 Spam E-Mail Fitering:

At this point to show the magnitude of spam we are eliminating. The screen shot is at the last step in the MTA, it is a fair sampling of how much is being eliminated even at this last step in the process after going through three levels above this. So while the numbers indicate a fair amount of spam before delivery to the mail domain. The screen shot is only one of our end point mail servers and is only a 46 hour sampling.

What is becoming hard to comprehend is the vast number of viruses. We have three different companies anti-virus scanners ahead of the end point mail server and you can see that the number still being eliminated at this the fourth level.  We have found that no single bit of anti-virus software on its own is acceptable. We use Avast, Symantec, Nod32, and Clam-D and find similar numbers at each level of the process. For the experts these scanners are not on the same machines in the MTA hub they are all passing through separate layers of the mail processing. 

At the bottom of the graph you can see how well grey-listing works with 956,710 senders being blocked in a 46 hour period. While 40,710 valid senders were approved.

At this layer we are very confident that spam high is garbage and is directed to the bit bucket. Spam Medium is simply stamped in the subject so the end user is assured not to lose anything even remotely questionable. The domain admin can change our default settings and chose to leave this in a junk folder on the server if they want another layer of filtering.

However our MTA MX hub already allow quarantine for 14 days for questionable emails so this layer is really the last or shake out layer before mail delivery. We are using the best technologies on available to protect our enterprise clients email and offer the best possible service level available at any cost. Yet we include this with every account hosted with us. If you are looking for $3.95 month hosting you will not find it. However, if you want serious enterprise level mail filtering you will certainly find we are committed to preventing spam from reaching your in-box. 

The war on spam wears on and a question from one of our users sparked this blog post. "What makes your spam filtering so dam great"?

Many hosts install spam assassin perhaps a bit of clam-av virus filtering and call it done. Maybe they enable grey-listing and then brag about the service level.

Now comes, the end user who understands almost nothing about any of this. They accept the market hype and take it as the gospel. They want to know nothing, they just do not want the spam filling up their in boxes. They feel this is something which should just happen. Which is why many hosts & ISP's just install spam assassin and say you have e-mail filtering. 

Yet other hosts & ISP's have this idea that just buying a Barracuda Firewall is the answer. After all someone told them Barracuda makes the best mail filtering device available. So booyah they are an instant expert. The success of the Barracuda firewall product, and the continual increase in spam are probably the reasons for an increase in email backscatter. Sadly, too many Barracuda Spam Firewall customers still enable auto-replies for spams that get blocked. This is not necessarily the fault of Barracuda firewall, but more of the administrators do not understand the impact of their actions. 

Most people send a limited number of messages to people who they have a relationship with. Spammers however send millions of messages to people who they have no relationship with. A real email message will keep retrying if the server isn't ready and will generally play by they rules. Spammers will try to circumvent the rules to try to deliver as many messages to as many people as possible. They try the back door before they try the front door and if the back door rejects them they move on. This is why grey-listing is important and blocks much of this behavior since most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later.

While grey-listing is important, it like spam assassin can only answer part of the mail filtering scheme. Understand that the war on spam is waged against people who make their living off making it to your in-box. This typically makes no standard canned code or device on its own merit enough to prevent the well armed spammer from be successful.

To make matters worse many desktops around the world are nothing more than the instruments of spammers with mal-ware being inserted turning their machines into zombies, Sophos estimates half a million zombie PCs are operating worldwide. Given this conservative estimate of the volume of these zombie machines, it only seems logical that a desktop user cannot continue to assume that these things are all on the administrators who handle their mail.

The point of the article is why our mail filtering is better than other providers. Our intent is to offer a truly flexible efficient package, which supports features like MailScanner Spam Assassin, Razor, DCC, Pyzor, Grey-listing and Dynamic Bayesian indexing from our pool. We believe that putting as many features as possible directly in the hands of the domain email administrator is the right approach to take and we stand by that.

While we are focused on the windows platform for our mail servers due to the fact that SmarterMail is one of the best email server packages available. We also understand that Linux servers are currently better suited to the tools available for mail filtering. We work day and night to provide the best mix, while capitalizing on the strengths of each and ignoring any weakness each platform might have. Our email filtering is performed by collection of clustered servers with a single purpose, filtering the unwanted email while still allowing the valid email to quickly transit the MTA.

Email and Alias Forwarding!

Why is it being blocked to AOL and ComCast Accounts?

The Problem defined below is the same for Comcast and AOL!

1. You setup an auto forwarder from your domain to your AOL email account (you@yourdomain.com -> you@aol.com).
2. Your customers send emails to you@yourdomain.com and the emails gets forwarded to you@aol.com
3. One day you receive some spam at you@yourdomain.com, which was auto forwarded directly to you@aol.com.
4. You open your you@aol.com mail box and see the spam, so click to Mark it as SPAM and add it to your AOL spam filter .
5. AOL's spam filter does not register the originator of the email as the spammer - instead, it registers the last place the email came from as the spammer. And in this case and the last place the email came from is our email server which hosts you@yourdomain.com.
6. AOL will then blacklist the entire mail server, so that no one can send email to any AOL email accounts.

You need to login to your email admin and go through your email accounts and take off any forwarding that forwards email to AOL or Comcast account. Also check to make sure your email Alias is not forwarding to AOL or ComCast email account.

It is stated to be an inconvenience by many users. The fact that this means you only need to add another account in your mail client (i.e.) Outlook, Outlook Express, or whatever client you use. If your mail client does not support checking multiple accounts you should have quit using it long ago.

Our blocking is necessary in order to protect all of our valuable customers from being blacklisted by AOL by the action of one or two users who think that blocking spam using Comcast or AOL filtering is the right approach. Though the concept is unproductive by using that mark as spam button, they are only shooting off their own foot, and any legitimate mail that server may be sending.

AOL & ComCast certainly does nothing to investigate the source of the spam and would rather shut down a server than take a minute to check it out. It's unfortunate but is in everyone's best interests.

Greylisting is a new weapon to use against spam in this great war being waged upon it. With this new shielding method, by which you may block out huge amounts of spam, you are sure to please your email clients!

In name, as well as operation, greylisting is related to whitelisting and blacklisting. What happen is that each time a given mailbox receives an email from an unknown contact (ip), that mail is rejected with a "try again later"-message (This happens at the SMTP layer and is transparent to the end user). This, in the short run, means that all mail gets delayed at least until the sender tries again - but this is where spam loses out! Most spam is not sent out using RFC compliant MTAs; the spamming software will not try again later. {More}

Evan Harris
Greylisting FAQ (Texas A&M University)
Greycasting: a distributed heavy duty greylisting implementation
The Next Step in the Spam Control War: Greylisting

The term "backscatter" is also used to describe a side-effect of email spam, viruses and worms. In this context, an alternate, more distinguishing term ("outscatter") is also used, since the traffic isn't directed to the original destination, but to a third party instead. Since a 2002 Klez variant, a large proportion of malignant email is sent with a forged sender address, but some mail servers do not take this into account. They generate bounce messages for spam or viruses - which of course go to an innocent party.

Since these messages were not solicited by the recipients, are substantially similar to each other, and are delivered in bulk quantities, they themselves can qualify as unsolicited bulk email or spam. As such, systems that generate e-mail backscatter can end up being listed on various DNSBLs and be in violation of ISPs Terms-of-Service for being abusive.

Due to controversial aspects of its design, the stock (unpatched) qmail mailserver is more likely than most to produce such bounces. For instance, qmail's "wildcard" delivery mechanism and security design prevents it from rejecting messages during SMTP transactions. When email addressed to nonexistent recipients can't be rejected at the SMTP connection, the only alternative is to auto-reply to the sender address, which causes email backscatter if the sender address is valid and forged.

• Postfix - backscatter page
• SpamLinks - Backscatter
• RFC 3834: Recommendations for Automatic Responses to Electronic Mail.
• Moronic Mail Autoresponders (A FAQ From Hell)
• Why are auto responders bad?
• A DNSBL of Backscatter sources.
• Dontbouncespam.org Why you shouldn't bounce spam

SWsoft announced it has acquired WebHost Automation Ltd., maker of the Helm control panel and billing software for Windows with nearly 1.5 million end users worldwide. WebHost Automation is based in Bristol, U.K.

The acquisition adds more Windows platform expertise to SWsoft, a Microsoft Gold Certified Partner, and strengthens its position as a provider of Windows-based automation software solutions.

"By integrating Helm into the SWsoft family of automation and virtualization solutions and partners through our Open Fusion initiative, Helm customers will be able to take advantage of a wider array of solutions and new business opportunities such as software as a service (SaaS)," said Serguei Beloussov, CEO of SWsoft.

For SWsoft, the acquisition adds a significant worldwide customer base, including strong positions in the U.K. and South America. It also extends the reach of independent software vendors (ISVs) who package their software using the Application Packaging Standard (APS) to more end users who can take advantage of their software solutions. Helm customers benefit from an increased range of automation solutions from SWsoft.  Full Article

The IE team has been very hard at work on IE 8 for the past several months and they hit a huge milestone last Friday evening. The IE dev team checked in a bunch of code that included several new features implemented in the core rendering engine that enable IE to pass the ACID 2 test! This is great news for web developers: IE 8 is going to be our most standards compliant browser to date. Passing ACID 2 is really a combined side effect of all the new features that have been developed for IE 8.

In this interview, I sit down with IE GM Dean Hachamovitch and Architect Chris Wilson to discuss this milestone and dig into compliance in general, lessons learned from IE 7 and discuss the IE team's ultimate goal of de facto interoperability. Of course, no Channel 9 interview is complete without meeting some of the devs who actually write technology so we take a walk from Dean's office to super developer Alex Mogilevsky's office to discuss what's been done to provide IE with the core rendering features that enable IE 8 to pass the ACID 2 test. We also chat with CSS guru Markus Mielke who was instrumental in identifying and planning the feature set required to pass ACID 2. Learn More at channel9

Microsoft Corp. posted a tool to its download site today that will block automatic installations of several upcoming service packs, including Vista Service Pack 1 and Windows XP SP3.

The download includes three versions of the tool -- an executable, a script and a group policy template -- that prevents the service packs from reaching PCs via Windows Update, Microsoft's default update service.

The tool blocks Windows Vista SP1, Windows XP SP3 and Windows Server 2003 SP2 for varying lengths of time. Vista SP1 and XP SP3 can be blocked for as long as 12 months after the service packs are released in final form, while the Server 2003 SP2 blocker bars the download only through March 2008.

The Windows Service Pack Blocker Tool Kit can be downloaded from the Microsoft Web site.

By an overwhelming margin -- 409 to 2 -- the U.S. House of Representatives passed new legislation on Thursday aimed at making the Internet safer for children. The Securing Adolescents From Exploitation-Online (SAFE) Act was sponsored by Texas Democrat Nick Lampson, one of the founding members of the House Missing and Exploited Children's Caucus.

Among other things, the legislation imposes significant fines on Internet service providers (ISPs) that fail to report evidence of child exploitation to the National Center for Missing and Exploited Children. According to a press release from Rep. Lampson's office, ISPs would be fined $150,000 per incident per day for first offenses, and $300,000 per incident per day for second and succeeding offenses.

"We are not trying to make these (Internet providers) spies on what they put out there," Lampson said in the statement, "but there are plenty of ways information can be gleaned from what you see on the Internet and if that is illegal, we want it reported to law enforcement."

The requirements of the legislation, if it takes effect, could impose significant regulatory burdens on affected sites. In addition to reporting possible violations to NCMEC, ISPs and covered sites would be required to preserve the images themselves (normally itself a violation of federal law), as well as preserving information about when the images were accessed and any available information about the individual who downloaded them.

As it is currently drafted, the legislation applies not merely to photographs of minors engaged in sexual activity (which is clearly child pornography), but also more subjective material, including photographs of minors in provocative poses and sexually explicit cartoon drawings depicting minors. Many question whether ISPs should be put in the uncomfortable position of determining whether borderline material should be reported, much of which may not even be criminal.

Some developers write SQL amazingly fast. Do you want to know their secret? It's SQL Prompt. This is a must-have tool for all T-SQL developers.

SQL Prompt automates the retrieval of database object names, syntax and snippets as you write, intelligently offering only appropriate code choices. In addition to displaying the object creation-SQL script, SQL Prompt is highly customizable so you can make it perform exactly the way you want.

Using SQL Prompt will improve your productivity and dramatically reduce your time at the keyboard. See the animation below displaying a typical scripting event and how much effort and time SQL Prompt can save you.  Download and Learn More!

Microsoft said Monday that a flaw in the way its Windows operating system looks up other computers on the Internet has resurfaced and could expose some customers to online attacks. Security Advisory

The flaw primarily affects corporate users outside of the U.S. It could theoretically be exploited by attackers to silently redirect a victim to a malicious Web site.

Microsoft originally patched this flaw in 1999, but it was rediscovered recently in later versions of Windows and was then publicized at a recent hacker conference in New Zealand. "This is a variation of that previously reported vulnerability that manifests when certain client side settings are made," said Mike Reavey, a group manager at Microsoft's Security Response Center.

The bug has to do with the way Windows systems look for DNS (Directory Name Service) information under certain configurations.

Any version of Windows could theoretically be affected by the flaw, but Microsoft issued an advisory Monday explaining which Windows configurations are at risk and offering some possible workarounds for customers. The company said it is working to release a security patch for the problem.

• Customers who do not have a primary DNS suffix configured on their system are not affected by this vulnerability. In most cases, home users that are not members of a domain have no primary DNS suffix configured. Connection-specific DNS suffixes may be provided by some Internet Service Providers (ISPs), and these configurations are not affected by this vulnerability.
 
• Customers whose DNS domain name is registered as a second-level domain (SLD) below a top-level domain (TLD) are not affected by this vulnerability. Customers whose DNS suffixes reflect this registration would not be affected by this vulnerability. An example of a customer who is not affected is contoso.com or fabrikam.gov, where “contoso” and “fabrikam” are customer registered SLDs under their respective “.com” and “.gov” TLDs.
 
• Customers who have specified a proxy server via DHCP server settings or DNS are not affected by this vulnerability.
 
• Customers who have a trusted WPAD server in their organization are not affected by this vulnerability. (See the Workaround section for specific steps in creating a WPAD.DAT file on a WPAD server.)
 
• Customers who have manually specified a proxy server in Internet Explorer are not at risk from this vulnerability when using Internet Explorer.
 
• Customers who have disabled 'Automatically Detect Settings' in Internet Explorer are not at risk from this vulnerability when using Internet Explorer.
 

Using 'Normal' or active mode FTP, a client begins a session by sending a request to communicate through TCP port 21, the port that is conventionally assigned for this use at the FTP server. This communication is known as the Control Channel connection.

Using "normal" FTP communication, the client requestor also includes in the same PORT command packet on the Control Channel a second port number that is to be used when data is to be exchanged; the port-to-port exchange for data is known as the Data Channel. The FTP server then initiates the exchange from its own port 20 to whatever port was designated by the client. However, because the server-initiated communication is no longer controlled by the client and can't be correlated by a firewall to the initial request, the potential exists for uninvited data to arrive from anywhere posing as a normal FTP transfer.

Using passive FTP, a PASV command is sent instead of a PORT command. Instead of specifying a port that the server can send to, the PASV command asks the server to specify a port it wishes to use for the Data Channel connection. The server replies on the Control Channel with the port number which the client then uses to initiate an exchange on the Data Channel. The server will thus always be responding to client-initiated requests on the Data Channel and the firewall can coorelate these.

Defined:

Active FTP :
     command : client >1023 -> server 21
     data    : client >1023 <- server 20

Passive FTP :
     command : client >1023 -> server 21
     data    : client >1023 -> server >1023

One of several new features in Windows Live Messenger 9.0 will have a new security feature to report users who send unsolicited messages, known as SPIM (spam over IM).

After compiling a list of IM contacts, hackers try to trick users into clicking links. Those links can often launch an unwanted installation of spyware or other malware via a browser vulnerability or other security hole.

Liveside published other new details of Messenger 9.0 on Wednesday but then deleted the post on Thursday. It wasn't entirely clear why the site decided to delete the post, but it could be retrieved via Google's cache.

We received many questions about SQL 2005 Express though number 1 is always DTSwizard is gone! Well no not really it is harder to understand than in SQL 2000 as the gui is simply not as straight forward.

If you look at your files this path C:\Program Files\Microsoft SQL Server\90\DTS should be present.

If you do not have this path you may need SQLServer2005_DTS.msi If you try this as I did it appeared to do nothing at all. I checked to make sure that I had IIS running on the desktop and installed that. Still no luck, so some searching offered another link which did the trick. SQLEXPR_TOOLKIT.EXE After you install this then run the DTS.MSI again. Just go to C:\Program Files\Microsoft SQL Server\90\DTS\Binn\DTSWizard.exe

You should then see a very friendly wizard that really is not that different from SQL 2000.

Advanced Micro Devices will launch an unlocked "Black" edition of its Phenom processor later this quarter, and the company disclosed the approximate pricing of Phenom chips the company will launch in the first quarter of 2008.

In an email, an AMD representative confirmed that the 2.6-GHz AMD Phenom 9900 will be launched in the first quarter 2008 at under $350 in 1,000-unit lots. A 2.4-GHz 9700, which has already begun appearing on e-tailer sites for preorders, will be priced below $300, in the same quantity.

AMD did not disclose the price of the 2.3-GHz "Black" Phenom that it plans to release this quarter.

AMD has struggled to regain its performance lead against Intel that it enjoyed during the heyday of the Athlon X2. The discrepancy between price, performance, and the revenue needed to fund future generations of products have left some to speculate if the company is doomed.

Topping the P35 Express won't be easy, but Intel has a few tricks up its sleeve with the X38. Chief among them is next-gen PCI Express 2.0 connectivity—a first for desktop chipsets—with enough lanes for dual-x16 CrossFire configurations. As is customary for its high-end chipsets, Intel has also rolled out memory controller optimizations that promise faster performance and support for higher DDR3 memory speeds.

To find out whether these perks are enough to elevate the X38 Express over its blue-collar P35 sibling, we've run the first X38 boards from Asus and Gigabyte through a relentless series of memory controller, application, and peripheral performance tests. Read on to see how the X38 fares and what you can expect from the first wave of motherboards based on this new chipset. Full Article Here

The Maximus Extreme also adopts the Intel X38/ICH9R chipset and supports cutting-edge DDR3 dual channel memory and CrossFire Technology - making it the Overclocker and Gamer´s first and best choice.

- Intel® Quad-core CPU Ready
- Intel® Core™2 Extreme / Core™2 Duo Ready
- Intel® X38/ICH9R
- Dual-channel DDR3 1800(O.C.)/1600(O.C.)/1333/1066
- Fusion Block System
- Crosslinx
- Extreme Tweaker
- SupremeFX II
- LCD Poster
- CPU Level Up

LGA 775
45 nm CPU ready
Intel® X38 Express
FSB 1600
Dual DDR2 1066/800
PCI-E X16
SATA 3G RAID
PCI-E GbE
IEEE1394
7.1 CH HD Audio
SilentOTES™
µGuru™ Tech
RoHS Compliancy

Solid State Capacitors - For Best Stability
New Generation Digital PWM - Cool and statble
Onboard On/Off & Reset Buttons
External CCMOS Button
Extendor Silent Dual Pipe Cooling
2 x eSATA - Fast & fiexible
PCI-E 2.0 with CrossFire

 
     Intel® X38 + ICH9R Chipset
Supports Intel® Core 2™ multi-core and upcoming 45nm processors
Support for 1600 MHz FSB.
Dual DDR3 1600 memory with Intel® XMP , featuring faster speeds and performance tuning.
High quality CPU power module with Ferrite Core Chokes, Lower RDS (on) MOSFETs and Lower ESR Solid Capacitors.
Re-engineered Thermal Design featuring All Copper Silent-Pipe and Crazy Cool.
Japanese manufactured SMD All Solid Capacitor motherboard design.
Supports CrossFire™ with Dual PCI-E 2.0 x16 graphics for extreme gaming performance.
Features SATA 3Gb/s with Quad eSATA 2 interface .
ALC889A with DTS Connect enables high quality Full Rate Lossless Audio and support for both Blu-ray and HD DVD.
Quad BIOS for an extended level of protection.
Quad-Triple Phase Power Design for ultimate system stability.
Dual Gigabit Ethernet LAN with Teaming functionality.
Certified for Microsoft VISTA™ systems.

The notorious Russian Business Network has suddenly picked up from its St. Petersburg digs and diversified, spreading its unwholesome activity to new chunks of IP addresses, with RBN-like activity almost immediately appearing on newly registered blocks of Chinese and Taiwanese IP addresses, according to security company Trend Micro.

The Internet presence for the RBN—a Russian ISP that's infamous for hosting shady and criminal businesses—blinked off at about 7 p.m. PST on Nov. 6, security researchers at Trend Micro reported the following day. The RBN's IP addresses can no longer be reached, since the routing for them no longer exists as of Nov. 8. In a posting, Trend Micro's Feike Hacquebord conjectured that the RBN's upstream providers may have yanked Internet connectivity services temporarily or even permanently.

Trend Micro has noticed RBN-like activity on blocks of IP addresses that were registered in China and other locations shortly before the RBN closed down the routes to its St. Petersburg addresses.

Full Article

Microsoft's emphasis on improvements to security features in Windows Vista may have undermined business adoption of the OS, as many business and enterprise customers are still holding off on upgrading to the OS nearly a year after its release to them.

Microsoft spent a good deal of time and money to ensure Vista's security after Windows XP and applications running on it proved susceptible to devastating worms like Blaster, Slammer and MyDoom. Though Microsoft released Windows XP Service Pack 2 to remedy some vulnerabilities, the company decided that security would be a top priority for the next major Windows release, said George Stathakopoulos, general manager of Microsoft's Response and Product Centers.

Microsoft made a crucial mistake in pushing and marketing something that many feel should be an inherent part of an operating system. Seems to be telling customers a feature of the OS was not right in a previous version and promoting that it's been improved in the new one. Full article

Breach Security, Inc., a leader in web application firewalls, announced today that the Breach Security WebDefend(TM) web application firewall has earned certification by ICSA Labs, an independent division of Verizon. WebDefend is one of the first web application firewall products to achieve this distinction.

On the open source end of the scale we have a project named ModSecurity. According to the Mod Security website (http://www.modsecurity.org), ModSecurity is an open source intrusion detection and prevention engine for web applications. Operating as an Apache Web server module, the purpose of ModSecurity is to increase web application security, protecting web applications from known and unknown attacks.

The current version of ModSecurity is 1.7.6 with the 1.8 release slated for April 2004. You can grab the latest copy from http://www.modsecurity.org/download/index.html.  Ivan Ristic: is also involved with the Open Web Application Security Project and the Web Application Security Consortium. These are two organizations with similar goals - to increase awareness of web application security issues - but different ideas how to get there.