SEND US YOUR TIPS AND QUESTIONS.
For answers to more of your Windows 2000 and Windows NT questions, visit our online discussion forums at http://www.win2000mag.com/support.
The Love Bug virus, which propagates by sending email with VBScript attachments to all the addresses in your Microsoft Outlook address book, infected my company. Unfortunately, our antivirus software didn't have a signature file that could detect the virus. I'm concerned that a new virus using the same methodology might inflict similar damage. Do other methods exist for dealing with message attachments?
Many antivirus products can't detect a new virus unless the developer has provided a virus signature update. Additionally, the new breed of script-attachment viruses are especially dangerous because they're destructive and easily mutated. Within a few days of its initial appearance, Love Bug had three new variants—Mother's Day, Joke, and Virus Alert. By the time you read this column, dozens more variations will probably be circulating.
Because anyone can easily read and edit the virus code, and because legions of capable Visual Basic (VB) programmers inhabit the world, network administrators must control how email attachments reach users. You can configure security settings on the client, the server, or both.
On the client side, Microsoft and other email software vendors have issued software updates to improve the security surrounding email attachments. For example, Microsoft has provided updates for Outlook 2000—both in standalone form and bundled with Office 2000 Service Pack 1 (SP1)—that enforce new attachment-handling behavior. These new options take the form of clearer and more explicit dialog-box warnings to users when they attempt to open attachments, and modified attachment-handling behavior, such as forcing users to save attachments to disk rather than letting them open the attachments directly from an email message. Another update prevents worm viruses such as the Love Bug virus from utilizing the Outlook Address Book to propagate the virus to other users. You can find these patches—and information about how to use them—at http://www.microsoft.com/outlook/.
However, relying solely on users or their email clients to properly handle attachments isn't adequate for most companies. Some antivirus vendors simply treat all .vbs files as viruses. However, this strategy also has drawbacks. For example, some backup programs will fail while attempting to back up legitimate .vbs files, such as those that Windows 2000 includes. Although antivirus software is certainly a "must have," I strongly recommend that you also use server-side filtration software to control email attachments. Programs such as Content Technologies' MAILsweeper (formerly MIMEsweeper) and GFI's Mail Essentials for Exchange/SMTP let you create policy-based security for your mail server. For example, you can define a policy that instructs the server how to handle particular types of attachments, such as the VBScript files that Love Bug uses. MAILsweeper's policy-oriented technology also lets you monitor other aspects of your email system, such as employee confidentiality breaches, offensive messages, unsolicited commerical email (UCE), and compliance with other email policies in your organization. For a list of content-control tools, see http://www.slipstick.com/addins/content_control.htm.
I'm planning a Windows 2000 upgrade. However, I suspect that I might experience compatibility problems with my existing system because of the age of some of my hardware and software. How can I identify potential Win2K upgrade problems?
To determine whether your system is ready for a Win2K upgrade, visit the Upgrading to Windows 2000 page of Microsoft's Web site (http://www.microsoft.com/windows2000/upgrade/default.asp). This page provides several resources for would-be upgraders, including the following:
- General system-hardware requirements
- The Windows 2000 Hardware Compatibility List (HCL)
- A searchable database that lists Win2K-compatible software
- Win2K-compliant driver updates for various hardware devices and links to the manufacturers' Web sites
- Win2K BIOS compatibility information and BIOS updates
- Technical documentation that describes steps you'll need to take when you upgrade from various OSs to Win2K
If you already have the Win2K software, you can run Setup in a special mode that doesn't actually install the product but instead inspects your system configuration and attempts to identify any potential incompatibilities between your system and Win2K. (This check also automatically occurs during the usual Win2K installation process.) To run Setup in this mode, launch the winnt32 Setup program, which resides in the CD-ROM's \i386 folder, with the /checkupgradeonly switch (e.g., D:\i386\winnt32 /checkupgradeonly). Running this program launches the Windows 2000 Readiness Analyzer, which Figure 1 shows. This utility analyzes the system and reports any incompatible components. You can obtain additional information about each conflicting component and save the compatibility report to disk.
If you don't already have the Win2K software, you can download the Windows 2000 Readiness Analyzer utility as a standalone component. Go to the Check Hardware and Software Compatibility page of Microsoft's Web site at http://www.microsoft.com/windows2000/upgrade/compat/default.asp.