THE OFFICIAL BLOG OF THE SBS DIVA

http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1034731

http://h18007.www1.hp.com/support/files/networking/us/locate/69_5911.html?jumpid=reg_R1002_USEN

So the Mountain Dew is fully in the system, I'm feeling really insane so I'm thinking I know I need the new HP Broadcom chipset drivers for my server here before I attempt SP2 again.  I know that in my earlier attempt, that I lost  VPN and TS to the server, but because I had r2 installed with it's MMC 3.0 the uninstall was relatively painless, other than retyping in the password into the scheduled tasks that got messed up.....

So I'm feeling cocky and go off to the HP web site to ensure I have all the parts I need for tonight's endeavor.  The folks have all left early and won't be back in until later tomorrow afternoon.

It's "a sign".

I have a maintenance window I can do this in.   

So I browse on over to the HP web site and ensure I've gone to the server to confirm the right nic cards and I go find the proper download page.

All is well.  There's the nic drivers I need:

And so I go to click on the "Download" button and there God (in the form of his messenger ISA 2004) sends me another sign:

Okayyyyy... looks like what that earlier commenter said about HP/Compaq pulling the driver was right.

Okay I take this as a sign that I shouldn't be trusting the nic drivers I have previously downloaded from HP.

Now I could use the drivers from Microsoft update, but ... well.. too often I've been burned with drivers from Microsoft and network cards are... well ... kinda important to a functioning network.

.. It's a sign... Service Pack 2 will have to wait.

So today, on a day of zero day Windows stuff, you will get emails, web sites and any manner of things taunting you to click.

It's called the tradition of "April Fools day"

April Fools' Day - Wikipedia, the free encyclopedia:
http://en.wikipedia.org/wiki/April_Fools'_Day

But I'll warn folks that this isn't a weekend for blind clicking....

http://www.microsoft.com/technet/security/advisory/935423.mspx

Looking for blogs?  Want to search blogs?  Check this out: 

Microsoft Blog Directory:
http://blog.seattlepi.nwsource.com/microsoft/archives/109605.asp?source=rss

Google Co-op - Custom Search Engine:
http://www.google.com/coop/cse?cx=000701115654268076972%3Ahqwhw3lt9-u

Google Co-op - Custom Search Engine:
http://www.google.com/coop/cse?cx=000701115654268076972%3Apdkwby_eruq

http://sbs.seandaniel.com/2007/03/interesting-in-conserving-little-power.html

Sean Daniel blogs about how you can customize that Vista power policy...and check out Oliver's wake on LAN that he's built as well.. very kewl

If you have SBS 2003 R2 (R2 mind you) and you remove SP2 the one thing you have to watch out for is the scheduled tasks getting messed up.

Scheduled tasks

If you have SBS 2003 SP1 and you remove Windows 2003 sp2 watch out for the MMC 3.0 rollback to 2.0 issue documented in the release notes:

Microsoft Management Console

http://msmvps.com/blogs/alunj/archive/2007/03/29/beating-bradley-to-the-punch.aspx

Yeah yeah Mr. Smartypants... but do you know about this one in California?

http://www.californiasciencecenter.org/Exhibits/Weingart/starwars/starwars.php

California Science Center’s newest exhibit, Star Wars: Where Science Meets Imagination, has attracted more than 85,000 Los Angeles visitors so far. Northrop Grumman is a local sponsor for this traveling exhibition.

The exhibition, features costumes and props from all six Star Wars films, more than 100 artifacts; seven videos, including a multimedia presentation featuring imagery from the Hubble space telescope; and 21 interactive exhibits, including the Star Wars Airchair Ride.

http://en.wikipedia.org/wiki/Star_Wars:_Where_Science_Meets_Imagination

Where's Peter?

I'm challenging all USA based SBSErs reading this blog....I want you to play a game of "Where's Peter?"

If you go to a TS2 seminar in the next quarter from April to June and happen to spot someone who looks like this:

If he also has a loud great laugh and answers to the name of Peter Gallagher, I want you to email me with your name, address and where exactly (the date and the city) you saw Peter in, and I'll send you a Cougar community Tshirt for finding "Where's Peter?!" at a TS2 Event.  Then go up to Peter and say "Susan said to say Hi to you!"

(This is a non Microsoft funded game by the way, I'm just doing it for fun to see how many of us spot Peter in his new job - I should probably get Chris to photoshop some beanie and scarf on that photo, huh?)

http://www.vnunet.com/vnunet/news/2186792/faulty-upgrade-swamps-yahoo

http://blog.360.yahoo.com/blog-nNIST_woRKGLBc4JxGgUEhtmZ_EL?p=3442#comments

When hosted services mess up... boy... do they mess up

Mary Jo Foley has a blog post that Alun comments on....regarding transparancy at Microsoft and she has the comment...

Will Microsoft attempt to extend any kind of blogging/transparency crackdown to its Most Valuable Professionals (MVPs), featured communities and other constituencies, claiming that it's for everyone's best? I've heard and seen things that lead me to believe these things are already starting to happen.

And as the administrator, purveyor, and domain owner of www.msmvps.com I'm here to tell Mary Jo that I've seen nothing to lead me to believe that there is any such "crackdown" afoot.  If anyone tried I would be the first to say, "Over my dead body" for one very important reason.  Microsoft doesn't own this domain, nor the server that this blog site operates out of.  They don't pay the rent here.  I make the rules for those who blog with guidance from Chad, Wayne, Nick, and Vlad.  Microsoft doesn't make the rules here with one exception.  Bloggers when they sign up here are told that they can blog on anything they want, as long as NDA information isn't posted.  If they do post NDA information, I will take it down if they don't offer to do it first.

No one has ever had a problem with that policy.  We've only had one time where I asked a blogger to remove a post because it contained NDA info copied from another site that posted the NDA information first. 

There is a line in the sand, Mary Jo and MVPs are independent and proud of it. 

The only blog censorship I have is my own.  My own ethics of what is bloggable and what is better served using other channels.

And if I'm not here to say "over my dead body", Sean O'Driscoll is right behind me saying "over his dead body" as well.  Think I'm joking?  In fact he responded to Mary Jo's blog post before I did.

The unofficial SBS hardware survey is now open for business

http://www.threatcode.com/pizza.htm

And no we're not talking about this pizza but instead the rack mounted computer variety and tower chassis.  I want to know the typical hardware that was historically recommended by you a few years back as well as the hardware you recommend now.

 And I have a couple of "religious" questions in there ... one about disk partitioning...for example, once upon a time we thought a 20 gig partition was great for a C: drive and yet when I did mine I put 35 gig as the main C: and I have about 9.5 to 10 gig left.  (Which reminds me I need to blog about some options for those who are now looking at SP2 wondering how in the world you can get it on that C:\ with what you have left)

The results of this hardware survey will be shared back with the community. 

But let's talley up the typical hardware we have out here and installed, shall we?  Get a feel for the typical setups we all do.  And given that I'm cheap, sorry I can't offer anything other than a heart felt thank you for filling out the survey.. and no not even a SBS Cougar logo'd boxer shorts or something along those lines (sorry Vlad and Chris).  How about a hug in person if you are at any of the conferences I'll be at this year... New Orleans with Jeff, Seattle with Harry and Sydney with Wayne.

(and right now I'm not going to shoot it to the yahoogroups listserves until they stop duplicating messages)

Know this woman?

What about after reading this? http://rcpmag.com/features/article.aspx?editorialsid=699

Way to go Amy!  Talk about an Tech Trendsetter, Businessperson and Alpha Mom and then some!

www.msreadiness.com/partnercast

Charles VanHeusen in the latest SMBnation mag talks about Partnercast.... and it has instructions for downloading to Zune, Windows mobile 5 or iPod. You can even burn these audio only "partnercasts" to mp3 and play them in your car. 

The RSS feed for partnercasts is here: http://partnerblogs.com/blogs/partnercasts/rss.aspx?CategoryID=1129

...and someone at the bottom of this page needs to work on his blog.. eh? :-)

And and and and yes yes yes yes you you you you are are are are getting getting getting getting four four four four copies copies copies copies of of of of yahoogroups  yahoogroups yahoogroups yahoogroups ..... for for for for some some some some reason reason reason reason...hang hang hang hang loose loose loose loose.

 Don't know why Yahoogroups is sending out so many duplicates.. will let you know when I do...

In the newsgroup today is the story of someone who trusted Microsoft update.  And when they went up there to download that service pack they got more than they bargained for.  Their Exchange wouldn't reboot.  Now in fairness I'm not 100% convinced that SP2 did all that as it sounds like, due to the magnitude of the issue, but it points out that once trust is broken in applying patches and service packs, that trust is broken forever.

"This big lesson destroys my trust on Microsoft totally."

Ouch.  And that's not easily won back either. 

The other day I got asked the following in a survey and was asked to rank them from 1 to 9

• Provides appropriate guidance to address my customers' ongoing security needs

• Provides me with the tools and knowledge to stay in control over the privacy of my information

• Is committed to making secure products

• Responds to security issues in a timely manner

• Provides products that are secure from vulnerabilities

• Provides security updates that are easy to implement

And for all of them except the last one I ranked them average to high.  Because I strongly beleive that one can deploy a product securely and Microsoft is making the tools available.  And while I know that Security update are not Service Packs and the experience of one should not taint the other, I ranked them down on that last one to ensure the feedback got sent.

That while I can say that security patches lately have not hurt me, I cannot say the same for Service packs.  Give me a nice juicy security patch over a service pack in SBSland any ol' day.  And yet we've gotten so use to the updating process that we've blinded ourselves down here to the fact that this is a change management BIG TIME and should be treated with appropriate risk and evaluation. 

Is there truly anything in Service pack 2 at this time for the Small Business marketplace that we really NEED on our boxes?

http://www.microsoft.com/technet/windowsserver/sp2/top-reasons.mspx

Number 2 and number 10 are about the only reasons why a SBSers would need this service pack.  In my case the application of SP2 sure didn't improve networking performance and I'll be applying that HP nic driver here. (and yes the link is still live for me btw)

But bottom line.. when there's a Service pack .... you DON'T have to apply it the first week or even the first month it's on Microsoft update.  Untick the box and wait for later.  And that's perfectly okay.. even for a patchaholic like me.

For all of those who attended yesterday's CITP talk on Small Business Server "Business in a box" webcast I had this nice lovely answer post written up to expand on the questions given... but either it got lost in the blogosphere or I forgot to press publish as I don't think it got published.

I'll write it up tomorrow..there were some good Q&A about comparisons to Linux and Logmein.com

Stay tuned...

Hi Susan,

I wondered if you could offer any advice. I can see from the security events on my SBS2003 server that someone is attempting to get into my server remotely. They are trying multiple usernames and passwords. The most common username they are trying is "DC", although many others have been attempted. I get up to 200 attempts a day. I feel a bit like a sitting duck, just sitting here waiting for them to guess the correct username/password combimation. I have made sure that I am fully up to date on all Microsoft patches and that only the bare minimum of TCP ports are open. Is there anything you would recommend I should do?. The passwords are all very complex, so hopefully they will not guess correctly. It's just a bit un-nerving having someone trying to do this to my beloved SBS server.

Many thanks

Hi.. I'm going to guess that these attacks are coming in via port 25.  And that's one of the things that the use of a hosted mail in front of SBS prevents.  Because I only allow port 25 connections from www.exchangedefender.com, I've so far (knock on wood) don't see these port attacks.  Like the poster said, if you have good passwords, don't panic and don't fear ...but truly if you want a tad more warm fuzzy feeling, have something in front of your SBS box that you trust filtering that email.  Whether that's www.exchangedefender.com or Postini.com or another spam filtering 'thing' in front of your box.... a warm fuzzy between you and the bad guys means that I don't have those port 25 port pings.

The other warm fuzzy is RWW-guard and AuthAnvil from Scorpion Software to put two factor authentication on that connectivity.  Bang on those ports all they want but without that token in their possession.. they are not getting in.

More information is here Messaging security and Disaster recovery webcast with Hosted services. ...and some cost studies here on a Hosted messaging wiki.

http://www.uksmbgirl.co.uk/blog/archives/168

That's like... wow isn't it?

Mt. Everest.  Cold.  No bathrooms, right?

All I can say is wow and you go girl!  And tell us what life is like in the real world where food and survival is the important stuff and all that ....