MS-Windows 2000 Tips

Security: How Many Vulnerabilities Per Operating System?

NTBUGTRAQ published this interesting set of statistics for 
security flaws by operating system the other day.

- Commercial Unix : 271 (AIX, IRIX, Solaris, HP-UX and BSD/OS)
- Linux           : 147 (aggregate)
- Windows NT/2000 : 146 (This is NT and IE together)
- Windows 3.1/9x  : 61
- FreeBSD, OpenBSD: 42
- MAC OS          : 6
- Novell Netware  : 5

These numbers are as recorded in the NTBUGTRAQ database.   What's 
interesting is that Unix folk will tell you that Unix is much 
more secure than Windows, yet these numbers don't seem to agree, 
so what's going on?

Well, sorry Windows folks, its true, although Unix does have more 
security gaps they are typically (a) small and (b) give very 
limited potential to a hacker, sadly Windows bugs tend to be (a) 
large and (b) grant loads of opportunity to hackers.

What's interesting to me is the very low scores for MAC and 
Novell systems.  What I can’t tell you is whether that is because 
of inherent securities or just lack of recorded security flaws, 
but either way those are interesting numbers.

C2000: Intruder Detection

THE PROBLEM

Even with a firewall, you still have to let some Internet traffic 
into your computer network - for example e-mail, web access, your 
own staff.  How do you stop the unwanted from using that firewall 
access to probe beyond and cause damage?

There are many such attacks that a firewall alone cannot prevent. 
 For example, Denial of Service attacks, such as those that 
crashed so many large web sites in the spring of 2000.   
Similarly password attacks using legitimate staff accounts cannot 
be prevented by the firewall - and if a hacker breaks a password, 
they are at liberty to try many more attacks once inside the 
system.

So while firewalls offer perimeter and access controls -internal, 
remote and even authenticated users can attempt probing, misuse 
or malicious acts. Internet access comprises 57% of attack entry, 
and a third of corporate Intranets are penetrated by outsiders 
(ICSI/FBI survey). 

A security strategy must provide countermeasures for the 
possibility of internal or external network attacks - attacks 
that attempt to exploit known vulnerabilities or circumvent 
corporate resource or application policies.


THE SOLUTION

Axent NetProwler invisibly and efficiently monitors all network 
traffic and examines every network packet for misuse.

NetProwler complements existing security countermeasures and 
gives dynamic network intrusion detection. NetProwler instantly 
identifies, logs and terminates unauthorized use, misuse and 
abuse of computer systems by internal saboteurs and external 
hackers. 

NetProwler's exclusive, patent-pending Stateful Dynamic Signature 
Inspection virtual processor not only prevents intruders from 
exploiting hundreds of known and new security flaws in real time, 
but its attack definition wizard enables network administrators 
to protect exposed corporate applications and stop even the most 
sophisticated assaults. 



FEATURES AND BENEFITS

NetProwler is the only Network IDS to combine:

* Detection of hundreds of common OS and application attacks in 
real-time 

* Network Profiling for "out-of-the-box" installation and 
automatic configuration 

* Does not affect network or application performance.

* Comprehensive attack signature customisation wizard to protect 
company-specific applications 

* On-the-fly loading of updates and new attack signatures while 
keeping defences on-line and current 

* Integration with AXENT's award-winning Intruder Alert for 
enterprise monitoring of network and host security events. 

* Employs SDSI Technology for efficient performance

C2000: Network Security Testing

THE PROBLEM

As your computer network becomes more complex it becomes harder 
to stay on top of potential security threats.   Computer networks 
are growing larger, more dynamic and more complex and so the 
security threat increases exponentially.

THE SOLUTION

Axent NetRecon helps to secure your organization's e-business by 
eliminating common security vulnerabilities before an intruder is 
given the opportunity to exploit them and attack. 

THIS MEANS...

You know what your security weaknesses are and how you can harden 
your systems against attack.

You can re-check your security system after any change - no need 
to bring in the consultants each time, or run the risk of having 
security loop-holes.

You can constantly check that changes by remote operators or 
users have not introduced security weaknesses - and plug them if 
they have.




DETAILS

Step 1: Assessing your network's vulnerabilities:

NetRecon is a network vulnerability assessment tool that 
discovers, analyses and reports holes in network security. 

NetRecon does this by conducting an external assessment of 
network security by scanning and probing systems on the network. 
NetRecon re-enacts common intrusion or attack scenarios to 
identify and report network vulnerabilities, while suggesting 
corrective actions. 

Move beyond simple serial vulnerability detection and reporting 
with risk assessment based on the holistic/whole view of your 
network. One weak link in the network may contribute to the 
highest risk vulnerabilities. NetRecon differs from other 
scanners by offering a unique, patent pending Progressive 
Scanning technology that challenges your network and systems like 
a sophisticated tiger team - executing checks in parallel and 
sharing information obtained during the scan to search for deeper 
weaknesses. In addition, it learns as it goes, adapting the 
penetration strategy based on previous results.

Step 2: Getting to the root cause:

Why is NetRecon different? Because it not only discovers and 
reports vulnerabilities, it goes far beyond that by correlating 
these vulnerabilities in order to demonstrate the root cause of 
more serious vulnerabilities. 

It is the only solution that provides root cause analysis with a 
unique path analysis feature to illustrate the exact sequence of 
steps taken to uncover vulnerability. 

Unlike other tools that simply offer explanations of symptoms of 
problems, NetRecon provides a systematic understanding of the 
causes of your vulnerabilities. 

Through NetRecon's unique path analysis, you can trace the steps 
leading up to a vulnerability or exploit, leading you to the root 
cause of the problem. With NetRecon, you don't get mounds of data 
on symptoms of the problem. You get the real cause of the 
problem. And fast. 

"NetRecon makes the job of the enterprise security managers 
easier by automating a large piece of the risk analysis process. 
Sophisticated vulnerability scanning capabilities and aggressive 
pricing leads me to believe that AXENT has hit a home run with 
NetRecon." - Steven Foote, vice president of Hurwitz Group

C2000: Firewalls: Your Internet Protection

THE PROBLEM

You want to connect to the Internet, but the bad world out there 
wants to get in!   How do you protect your own computers and 
network, get access to the Internet and make your systems secure?


THE SOLUTION

Raptor FireWall.  A firewall that only lets in (or out) what you 
want.

Raptor Firewall lets you specify by user, or protocol, or 
application, what connections to the Internet will be allowed and 
which ones denied.


THIS MEANS...

You could let email go to your email server, but not let 
outsiders take mail from your web server.

You could let your users browse out to the web, but not download 
dangerous files

You could let remote staff dial in, but only to a specific 
machine, not the whole network.

You can prevent access to anything else on your network - or for 
that matter prevent your users accessing anything outside your 
network.


DETAILS

Organizations around the world depend on the Raptor Firewall's 
award-winning architecture and functionality to secure their 
private networks. The Raptor Firewall's intuitive management 
interface and high performance, multi-threaded services, make it 
the most secure, manageable, and flexible solution for your 
enterprise Internet security needs.

The Raptor Firewall for Windows NT, Solaris, and HP provides 
complete network protection by integrating application-level 
proxies, network circuits and packet filtering into a unique 
perimeter security architecture. This data inspection technology 
ensures that the data entering and leaving your corporate network 
is validated at all levels of the protocol stack.

The Raptor Firewall is designed to provide comprehensive security 
by: 
* hiding system and address information on your intranet from the 
outside world; 

* processing all network traffic through rules that are 
consistent with your company's security requirements; 

* automatically blocking ports to protect the systems that have 
inadvertently been misconfigured; 

* enabling anti-spamming technology that prevents your firewall 
from acting as an email spamming relay while querying the 
Realtime Blackhole List of known spammers; 

* proactively monitoring and logging suspicious activity.


FEATURES AND BENEFITS

Virtual Private Network (VPN) supports connecting remote offices 
and users.

WebNOT and NewsNOT - the only firewall-integrated content 
blockers for filtering WWW and Internet Usenet groups
Cross-platform(UNIX and NT) firewall management from a single 
console

Reliance on best fit, non-order-dependent, explicit rules rather 
than filtering criteria to evaluate connection attempts

Integrated anti-spamming measures to harden the system 

Integrated anti-spoof and IP routing protection

Completely configurable Network Address Translation (NAT) for 
hiding/exposing server and client addresses

A comprehensive selection of strong user authentication 
alternatives.

OOBA lets you authenticate protocols without their own 
authentication method.

High availability, which enables system failover for maximum 
security uptime. 

Extensive built-in application-proxy support for popular 
protocols

Automatic and continuous system hardening of the firewall host to 
protect against intrusions into the firewall system 

ICSA certified

Support for multiple network cards for protecting WWW, FTP, Email 
servers that need to be directly accessed from the Internet

Support for Virtual Private Networks (VPNs) with: 
      Encryption: DES40, DES56, Triple DES
      Authentication: ISAKMP/Oakley keymanagement 
      Protocols: IPSec, and swIPesecurity protocols 

Network Options: Ethernet, FastEthernet, Token Ring, Frame Relay, 
ATM, & FDDI

C2000: Protecting your E-Mail System

THE PROBLEM

All email carries a threat, whether from an outside hacker
attempting to damage your system, or an internal user unwittingly
getting the company into trouble.


THE SOLUTION

GFI MAIL ESSENTIALS provides protection against hackers, viruses,
spam and more.

* Content of in-bound messages can be checked
* Messages from spammers ignore
* Messages can be checked for viruses

But also you can:

* Add company wide disclaimers
* Encrypt mail for privacy
* Compress mail for efficiency
* and more...

Mail Essentials seamlessly integrates with your Exchange system
to provide an instant, message security solution.


THIS MEANS...

Your email system is protected against direct attack.  

You can protect your company against legal attack.

You can improve the efficiency of your mail system.






DETAILS:

Content checking/filtering 

An important feature of Mail essentials is its ability to check
the content of in- and outbound mail. For instance, you can check
for offensive language or confidential information or files that
might be leaving the company unauthorized. You can also choose to
‘quarantine’ emails with certain content or attachments, so that
the adminstrator can view them before deciding whether they can
be sent.


Anti spam 

Spam is a known problem. Messages sent by spammers contain
useless information that cause frustration and take up valuable
time. Although some mail servers include a facility to block out
email from certain domains, current day spammers are much more
advanced than that. They frequently change their domains to avoid
this kind of blocking. Therefore, Mail essentials includes an
advanced anti spam module that is able to pick up on typical spam
practices, such as incorrect Reply To addresses, From headers
containing incorrect domains, etc. In this way, Mail essentials
stops spam from reaching your company. What’s more, you can also
stop spammers using your mail server to relay their unsolicited
mail! 


Company-wide disclaimer/footer text  

Because companies are effectively responsible for the content of
their employees’ email messages, it is extremely important to
ensure that a disclaimer is added to each outgoing email.
Furthermore, this disclaimer/footer text can be used to add a
uniform message to each email, such as an address or company
slogan, or to share the company’s public key. Although most
employees have their own personal signature, the
disclaimer/footer text ensures that the corporate message is
always communicated.


Virus checking 

Mail essentials can automatically protect your company from
viruses transmitted via email by analyzing all email attachments
and scanning them for viruses using any popular virus-scanning
product. Mail essentials can also check all outgoing mail for
viruses. 

Mail essentials supports the use of the Norton or Mcafee virus
scanners, however GFI recommends using the Norman anti-virus
engine which is integrated with Mail essentials and available via
GFI. The Norman anti-virus engine engine integration allows for
more efficient virus checking, automatic updating and centralised
configuration. The Norman anti-virus engine has received many
awards. For more information please see our pre sales FAQ.

C2000: Intruder Detection

THE PROBLEM

Firewalls and stronger authentication are part of the overall 
solution. But they do little to protect systems from expert 
hackers or "authorized" users (i.e. customers, partners or even 
disgruntled employees). 
THE SOLUTION

Intruder Detection Systems (IDS) monitor systems for patterns of 
misuse or abuse can take action before systems are misused or 
information is stolen. 

IDS watch your key network hosts much like a motion detector or 
security guard watches a building. It detects unauthorized and 
malicious activity on any host and keeps the system, applications 
and data secure from misuse and abuse. If your IDS detects a 
security threat it may raise an alarm, close connections, or even 
shut down entire systems to stop any loss.


THIS MEANS...

Your internal computer network is hardened from mis-use from both 
outside and inside the network.  

You have protection in areas where your firewall does not provide 
any security




AXENT INTRUDER ALERT

Intruder Alert comes ready to use out of the box. It has over 180 
pre-configured detection signatures and rules covering over 250 
anomalies developed for Windows NT, UNIX NetWare and NetWare 
Directory Services. With these signatures, you can immediately 
detect password-guessing attacks, administrative changes, failed 
system events and other critical security related incidents.

Key features include: 

* Ships with 180+ signatures and over 250 anomaly rules 
* Superior architecture supporting enterprise IDS management and 
monitoring 
* Efficient agent that continuously monitors server activities on 
servers. 
* Easily develop and deploy custom security monitoring policies 
* Comprehensive alarms and the ability to execute programmed 
actions 
* Real-time graphical display of host and network IDS activity

Multi-platform support: Intruder Alert provides security 
monitoring for more systems than any other intrusion detection 
product. Intruder Alert supports all commercial versions of UNIX 
(Solaris, SunOS, HPUX, AIX, Digital UNIX, IRIX, NCR and Motorola 
SRV4), NetWare (3.x, 4.x, 5.x and NDS) and Windows NT 3.51 and 
4.0.

Integrates with NetProwler: Intruder Alert and NetProwler can be 
used in concert with each other to provide the most complete and 
comprehensive intrusion detection solution available. NetProwler 
watches network activity for early warning signs of intrusion and 
Intruder Alert watches key servers and applications for misuse or 
abuse. A common alerts console collects and displays alerts from 
both systems. In addition, NetProwler alerts can trigger Intruder 
Alert rules and actions to provide an even wider range of 
response options.

C2000: Introduction to Two-Factor Authentication

THE PROBLEM

Your network is open to the Internet to let your staff access 
your computers.  How do you stop the unwanted using those same 
connections to steal or destroy your valuable data?

When a user connects to your system - how do you know they are 
who they say they are?  


THE SOLUTION

Two Factor Authentication.  This uses something you know (a 
password, User ID or PIN) and something you have (a token).  The 
token might be software embedded in the user's PC or a separate 
handheld processor (a small device like a pocket calculator or 
pager).  The token has within it the user's unique and secret 
key. 

To login, the user gives a PIN to the token.  The token generates 
a one-time password to your computer system.  

For a user to gain access to your systems, they must have 
knowledge of the user account and the token


THIS MEANS...

If someone steals a mobile notebook, they can't get into your 
system because although they might have the token, they don't 
have the User ID or PIN.

If someone finds out a user account on your machine (easy to do) 
they can't use password guessing - the token generated passwords 
are long and complex.

If a network sniffer managed to capture the password it would be 
useless because the password is one time, single use only.




AXENT DEFENDER OVERVIEW

Axent Defender prevents data theft and destruction using two 
factor authentication to make sure users of your system are who 
they say they are.

Defender extends authentication beyond static IDs and passwords, 
and uniquely authenticates users before granting them network 
access over dial-up, ISDN, on-LAN, Internet, or intranet 
connections. Defender uses standards-based challenge/response 
technology to create a one-time password that is far more secure 
than static passwords. 

Two-factor authentication further strengthens security by 
requiring something unique the user has (the token issued by the 
security administrator) and something unique the user knows (a 
PIN to enable the token). Defender's easy-to-use tokens compute a 
one-time password when challenged by the Defender Security 
Server. Without the authorized user's unique token and the PIN to 
activate the token, potential intruders cannot compute the 
one-time password. No damage can be done even if the password is 
captured. Once used, it is never again valid.

Defender offers the option of using software or hand-held tokens. 
The secure and proven software token eliminates the need for 
users to carry a separate hand-held token. The user's laptop 
computer or PC becomes a token when the Defender software token 
is activated. Software tokens are just as secure, easier to use, 
and less expensive than hand-held tokens. Leading banks and 
Fortune 500 companies have implemented the Defender software 
token because it is transparent to the user, not easily lost or 
stolen, and half the cost of hand-held tokens. Software tokens 
are ideal for users who employ a single device to log-on to the 
network, whereas hand-held tokens are best utilized by users who 
frequently log-on from many different computing locations and 
platforms. 


BENEFITS


* Token options including software, hardware and email

* Unique email distributed tokens eliminate token costs

* Proven cost-effective form of authentication

* Uses standards-based challenge/response technology 

* Software tokens cost 50% less than traditional hand-held tokens

* Easy to use and detect if lost or stolen 

* Once activated, uniquely transforms entire PC into security 
token 

* Ideal for workers using more than one computer 

* Allows centralized management of all users, servers, and audit 
information 

* Can be implemented quickly and easily 

* Applies to LAN, Internet, dial-up, ISDN and NAS connections.

* Works with leading communications servers, firewalls, and 
dialers

* Works with TACACS+ and leading Radius servers.

* Supported on Windows NT, Sun Solaris, Novell, NetWare

* Can support load balancing for two or more servers or firewalls

* Defenders Replication Server automates changes across multiple 
servers

* Support for 100,000's of users hosted on Microsoft SQL 7.0 
database

* Provides strong authentication services for other Axent 
products -- PowerVPN, 
Raptor, WebDefender and Defender logs can be examined by Intruder 
Alert

C2000: Introduction to Security

Now you can secure your network and Internet connectivity with a 
new range of products direct from Centreline 2000.  You can now 
buy Axent and GFI products from us and build an industrial 
strength security system.

Your free report "Introduction to Security" is available at:
http://www.c2000.com/papers/security.htm

If you have an ADSL or leased-line connection at your company you 
need to read this report now.

c2000: Zetafax Exchange Gateway

A common problem after first installing Zetafax is that you get 
the error "Error 1069.  The service did not start due to a logon 
failure."

This is because the Zetafax service is not using the same account 
as the Exchange service.  Use the Control Panel, Services option 
to confirm the account settings for each service and set them to 
the same settings.

Downloads: F-Prot

Downloads: Create Photo Albums with PowerPoint 2000

Microsoft are always dropping new snippets on their ever growing 
(and increasingly difficult to navigate) web-site.

This week they announced a little add-on for PowerPoint 2000 
which lets you simply create photo albums in PP.

This new add-in program lets you grab pictures from hard disk, 
camera or scanner and drop them straight into a presentation.  
But also, special designs for photo albums lets you view your 
pictures in Slide Show view or print the album as well.  And you 
can use the Save As Web feature to build an instant web site of 
your images.

If you don’t need to go to the lengths of more sophisticated 
album building then this could be for you.

We don't have this one on our web site this time, you need to go 
to Microsoft at

http://officeupdate.microsoft.com/2000/downloadDetails/album.htm

Downloads: URLegal

A neat little shareware application for webmasters.  Give it a 
starting HTML page and it will check all the links on the page 
reporting success and failure so you can tidy up any loose ends.

Great to run on thinks like link pages on a regular basis to make 
sure that your external links are still valid.

Downloads: Emergency Undelete

For that "Oops!" moment.  Emergency Undelete can recover files 
on Windows NT systems.   Basically it does what it says on the 
can. Definitely something you install and hope you never need.  

This package is for NT systems only, when the Recycled bin 
doesn't help you.  Free to use.

Downloads: SchizoSigs

Something you don't really need, but every bloke wants (this is 
not a girly thing).  Schizosigs generates a new signature block 
for your email using selected quotes from a shipped database or 
your own selection.

Completely pointless but well worth some quality futzing time!

Downloads: Password Cracker

This MS-Word password breaker can be a real life saver.  You 
only password protect the really important documents - and of 
course the only passwords you forget are the really important 
ones.

This password breaker won't guarantee to find your password but 
it will have a damn good go.  On the flip side it can show you 
just how weak password protection is...

Access: Making running totals

MICROSOFT ACCESS: HOW DO I MAKE RUNNING TOTALS

Another really irritating feature of Access is the cack-
handed way you have to set up running totals.  You can't
just set a field in your footer section and specify running
totals because it totals the wrong thing!

Instead, set a field in your detail section, set the running
total to group/over all as required.   Then add a field to
your footer section which uses its data source as the field
in the detail section.

Oh, you probably want to make the detail section field
invisible as well.

Access: Resolving #NAME# and #ERROR# problems

MICROSOFT ACCESS: FLIPPING #NAME# and #ERROR# PROBLEMS
A most infuriating Access "feature"

If you get the dreaded "#NAME#" error then there is a very
good chance that you have a field name on your form (or
report) which is the same as a column name in the data
source.

Which is very frustrating because Access does this by
default if you use the Wizards to make forms and reports.

This usually crops up when:
a) You have a column called say "Expenses"
b) A control on the form called "Expenses"
c) Another control references [Expenses]

To resolve this, find the appropriate control and rename it.

Nowadays as soon as I have created a form or report I often
go through and rename all the fields from "Name" to
"FldName" just so I don't get caught by this later.

Access: Changing field colours

Did you know as well as controlling the basic format of numbers 
and dates on reports etc you can also change the
colour of a control using the format property?  Simply append the 
colour in brackets after the format:

   #,##0.00 [red]

This would show a number formatted with a thousands comma in red. 
 You can also use this where you are using conditional 
formatting:

   +0.0 [blue];-0.0 [red];0.0

Would show positive numbers, with a plus sign, in blue and 
negative numbers, with a minus sign, in red.  Zero values are 
shown as 0.0 in the default colour (usually black).

You can use: Black, Blue, Green, Cyan, Red, Magenta, Yellow, White

Access: Formatting Yes/No fields

MICROSOFT ACCESS: Formatting Yes/No

Did you know you can make a yes/no field display as a Yes/No
(or On/Off or Male/Female) by using the Format property for
a field.  Just set the format to ;"Yes";"No"  

NOTE: That leading semi-colon is required.

Access: DATE(), TIME() and NOW()

In Access (or indeed other MS programs) you've got a choice of 
Date(), Time(), Now() to get the current date and time, but what 
exactly is the different between them.

Date() only gives the "days" part, 1st Jan 2000
Time() only gives the "hours" part, 10:24 am
Now() gives both.

So typically, for a date stamp you would just use Date().  Unless 
you needed a very specific timestamped figure, in which case use 
Now().

Access: Handling nulls in reports and programs

MICROSOFT ACCESS: HELP I'M ALWAYS GETTING NULLS
Use nz() to remove NULLS and NULL errors

Anywhere you reference a control - whether a control on a
form or value from a database record you can use the
function nx() to ensure you don't get NULL's returned.  nz
takes two parameters, the control value and a default value
if the control is null i.e. nz([field],0).  If [field] is
not null, then nz returns the value of [field].  If [field]
is null, then it returns the default value - in this case 0.

Exchange: Recovering file space from Exchange

Exchange has integral online maintenance, which defragments the 
Exchange file space but does not actually return the free space 
back to the system.  For example, if you delete 2GB from a 6GB 
Exchange store, the Exchange database will still take 6GB of 
space.

In order to recover the file space, you must stop the Exchange 
server and run EDBUTIL or ESEUTIL depending on the version.  Use 
the "/D" flag to defragment and compact the database.

Office: Quick selection of a page in Word

Sneaky little tip this one for quickly selecting a page:

   Press F5 for Go To…
   Choose Bookmark
   Type in \page

The page is selected just like that.

Office: Format Painter revisited

This is a mix of keyboard trick and new technique.

Format Painter, the paint brush on the toolbar, lets you select 
the format for text or a paragraph, and paint it over other text 
in document and have the format copied.  A single click on the 
toolbar lets you do it once, a double click holds the bush icon 
down and you can paint over several sections of text.  When you 
press Escape or do other work, format painter turns itself off.  

Now this is quite useful in itself, and works in Word, 
PowerPoint, FrontPage, Publisher, Visio, Access and Project with 
more to follow.

Now, you can also do this with the keyboard using Ctrl-Shift-C to 
copy the format and Ctrl-Shift-V to paste the format.  The neat 
thing here is that the format remains on the clipboard, so you 
can paste it over text much later on without having to repeat the 
copy part.  Basically the format is stored for the remainder of 
the session, just waiting for a quick format paste.

Office: Office: Assigning your own keyboard shortcuts.

Want a secret way of assigning your own personal shortcusts to 
particular menu or toolbar selections?

Press Control and Alt and "+" on the numerical keypad (ordinary 
"+" does not work).  Now you mouse pointer shows a four-leafed 
clover when you move it over a menu or toolbar.  Select the item 
you want and a dialog box appears to let you assign it to the 
keyboard.

In theory this is supposed to work in any Office 2000 product, in 
practice I've only been able to make it work in Word, but that's 
a start.

Outlook: Hiding recipients mail addresses

A company in the process of moving offices wanted to email all 
their customers and suppliers informing them of their change of 
address.  

Simple enough, but of course, they didn't want all their 
customers to see everybody elses email addresses.  So they wanted 
to know how could they do this, without having to laboriously 
create a new email for each customer and supplier.

Actually, the answer is much simpler than it looks, use the BCC 
(Blind Carbon Copy) option.  Everyone sees their own address and 
no other.

BCC is not normally displayed in the basic send form, but if you 
click the To button to open the address selection dialog you will 
see three panels, To, CC (everybody sees these) and BCC (the 
special one).

Outlook: How big is an Outlook mailbox?

If you want to check the size of your own outlook mailbox:
   Right click on InBox.  
   Choose Properties
   
At the bottom of the dialog, there is a button marked "Folder 
Size".  That gives you the size of InBox plus any sub-folders 
within your InBox.

You can also do an advanced find in the "Tools" menu to find 
messages that are greater than a certain size.

You can add "Size" as a viewable column in the main InBox window. 
 Can be useful when trying to find files with very large 
attachments.

Outlook: Finding a Contact Quickly in Outlook 2000

Trying to find an Outlook® contact but can't remember the 
person's last name? Or do you remember a contact's catchy e-mail 
address, but can't remember their name? Use the Find a Contact 
box on the Standard toolbar in Outlook to quickly locate the 
contact without even opening your Contacts folder.

 

On the toolbar, type the name of the contact you want to find in 
the Find a Contact box. You can enter a partial name, such as 
Judy L, a first or last name, or an e-mail alias. To quickly open 
a contact you previously searched for, click the Find a Contact 
arrow and select a name.

Outlook: Disabling mail scripting

Mail scripting is the mechanism by which attacks such as LoveBug 
work, using the inbuilt scripting options of Outlook for 
nefarious purposes.  You can disable this mechanism, with no real 
loss of functionality.

1) In Outlook select Tools, Options, Security

2) Select the drop-down labelled Zone and select Restricted Sites 
from the list.  (In Outlook Express it is a radio button, not a 
drop-down).

3) Click on the Zone Settings button, then Custom Settings.

3) Near the very bottom of the list displayed, change Scripting, 
Active Scripting to disabled.

This stops any email scripts from running.  If you think about 
it, under what circumstances do you want a script that has been 
-emailed- to you to run? 

I could imagine certain, specially prepared corporate 
environments where that might be true, but not in general use.

W2K: Disable InfoTIps in MyComputer

Windows 2000 displays "InfoTips" if you hover the mouse over 
icons and drives in the folder displays.  Normally these are 
fine, but occassionally they can get in the way.  You can simply 
disable them by:

1) Start Explorer
2) From the Tools menu select Folder Options
3) Select the View tab
4) Unselect 'Show pop-up description for folder and desktop 
items'
5) Click Apply then OK

W2K: Creating Unix-like links on Microsoft NTFS

Unix has always had a files feature called links, which are 
pointers to files which are identical to the original file 
creation.  So you could have /user/simon/myfile and 
/user/gillian/hisfile both pointing to one and the same file.  

Now this sounds like a Microsoft shortcut, but isn't.  You can't 
open shortcut files in programs for example, they don't work that 
way.  However, the W2K Server Resource Kit contains "ln.exe", (ln 
being the unix command for a link) in the POSIX sub folder.  For 
some reason, ln.exe isn't listed in the utilities list.

So you can ln \user\simon\myfile \user\gillian\hisfile.  Note the 
slashes are the Microsoft way, not the Unix way round.

W2K: Remotely rebooting Windows 2000

The easy way is to find the utility SHUTDOWN.EXE on the Resource 
Kit (true for NT and Win2k).  You can then run this from your 
command line:

   shutdown \\faraway /r /t:120 "System closing down in 2 
minutes"

Basically closing down machine "faraway", with a /r to reboot it, 
a /t:120 to give users two minutes to shut down and a warning 
message "System closing down..."



You can also do this through the Computer Management MMC snap-in. 
 

1) Start up Compuyter Management
2) Right-click the top of the tree (or select from the ACTION 
menu) "Connect to another computer.."
3) Once connected, right click the top of the tree again and 
select Properties.
4) Select the Advanced Tab
5) Down on the bottom right you've got a "Shut Down" button.

W2K: Saving your bacon when you lose that password

Losing an NT/2000 administrator password can mean you are well 
and truly stuffed.  But in such circumstances your prepared to 
try anything to recover it right?

Then try NTPASSWD.  This utility sets a new password on the 
administrator account without having the old one.

Sounds simple, but you need to know that this is a Linux program 
(!) and has to be run from a linux boot disk (use a floppy boot 
disk, or mound your NT/2000 hard disk on your Linux server).  No 
friendly graphical interface either.  But you can after maybe an 
hour or so, recover your NT administrator password and be back in 
a job again!

You can download it from the address below (not our site by the 
way).

Of course, if you've just saved your own bacon, then you are 
happy.  On the other hand, this does show that your system is not 
as secure as maybe you thought…

W2K: Custom Autoexec Batch Files in NT

A nice little utility in the NT Resource Kit is "AUTOEXNT.EXE".  
This program lets you run a customisable batch file 
"autoexnt.bat" each time you start the NT computer. 

This means you can have your own batched startup commands (maybe 
file clearup, administrative stuff, security measures, all 
sorts).  The batch is run as a service.  It does not require a 
login, and relogging into NT does not re-run the batch file - it 
is a proper once only on startup batch.

There is also an /interactive option, to let you see the results 
of the batch file.

W2K: Disabling Personalised Menus

Personalised menus (or IntelliMenus as they are also known) are 
a new feature in Windows 2000.  They show only a short summary of 
useful commands plus a few commands that you personally have used 
often.

Speaking personally, I hate them!  I like to see all my menu 
options available and hate having to search for options that I 
know are there somewhere.

If you want to turn them off the run the following:

   Click the Start button
   Select Settings and select 'TaskBar & Start Menu'
   Select the General tab
   Unselect 'Use Personalized Menus'

   Click Apply and then OK


All your menus will now appear in their full glory!


Incidentally, some programs like Word 2000 have their own option 
for this on the applications preferences dialogs as well.  So you 
could say disable it for Word, but leave it on for Excel (if you 
really wanted to!)

VB: Useful ASCII/ANSI codes in constants

When you start processing text you realise that there are some 
odd characters of special significance in the ASCII character 
set, especially Tab, Linefeed and Carriage Return.   You can set 
these values using the Chr(10) function, but VB and VBA now 
include constansts already present to use as follows:

ASCII/ANSI     Usage         VB Constant
Character 
   8           Backspace     vbBack
   9           Tab           vbTab
   10          Linefeed      vbLf
   13          CR Return     vbCr
   13/10       End of line   vbCrLf

There are more (though these are the most useful) you can find 
them listed in the Object Browser (Use F2) and select the VBA 
library, Constants class.

VB: Missing My Sleep()

Us old Unix programmers often used sleep(), that handy little 
function that just puts your program to sleep for a little while. 
 Now Visual Basic doesn't have a sleep() and most documentation 
tells you to go the long and complex way around and use timers 
and goodness knows what else.

Well, actually it is a lot easier than that, there is a Sleep() 
function buried in the WinAPI, as follows:

Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)


Sub Sleeping()
   Debug.Print "Going to sleep";
   Sleep (10000) ' wait 10 seconds
   Debug.Print "Waking up"
End Sub

Keyboard: Explorer: Quick Rename

In Windows Explorer you can press F2 to rename a file or folder.

You can also use F2 in most File Open dialogs too.  Very useful 
when you want to rename a file before you edit it.

Keyboard: Word spell checking

Want to check your document for spelling or grammar?  

   ALT + F7   finds the next error

Not only do you move the next error, the right mouse menu will 
show suggested fixes, where you can go for the autocorrect so you 
never have to fix it more than once.

Keyboard: Windows File Open and Save dialogs

Here's some useful shortcuts for moving around those File Save 
or File Open dialog boxes:

Alt-1   Previous folder
Alt-2   Up one folder level
Alt-3   Search the web
Alt-4   Delete the selected item
Alt-5   Create a new folder
Alt-6   Toggle the file views
Alt-7   Display to tools menu

Keyboard: Quickly Save all Your Word Files

So you are working on a number of Word files at one time, now 
want to save them all.  Well you can go through them one after 
another, or you could use this trick: Hold down Shift and click 
on the File Menu.  You'll see an extra option "SAVE ALL".

Goodness knows why this option is normally hidden, but there you 
go!

Keyboard: Explorer: Selecting All Files

To select all files Windows Explorer displays in a folder just 
press Ctrl + A.

Keyboard: Excel: Finding cells quickly.

These four shortcuts let you find cells that are linked to the 
cell you are editing

Ctrl-[   Find cells directly referred to by this cell
Ctrl-{   Find cells direct and indirectly referred to

Ctrl-]   Find cells that refer directly to this cell
Ctrl-}   Find cells that refer direct or indirectly

So, you've got a cell, you want to see what cells are used in 
calculating the value in the cell, then use the open brackets 
variations.

If you want to see what cells refer back to the current cell 
(that is what cells use this cell in a formula) use the closed 
brackets options.

Direct cells are only 1 step away, indirect cells may use several 
intermediate calculations before arriving at the selected cell.

Keyboard: EXCEL: Quick format check

Sometimes its hard to understand why a cell looks the way it 
does, maybe you have some strange or unexpected   formatting in 
place.  Here's a fast way to apply the default 'General' 
formatting to a selection.

   Ctrl + ~ (tilde)

Keyboard: Excel: quick copy

Instead of spending ages retyping Excel formula in cell after 
cell you can use the simple shortcut

    Ctrl-' (apostrophe)

This copies the formula from the cell above to the current cell.

Keyboard: Changing font sizes.

Changing font sizes.

  There are two sets of shortcuts for changing the font size
  of the current text selection.  The first set grow or
  shrink the sizes in the jumps listed in the pull down font
  size menu (ie 8, 9, 10, 11, 12, 14, 16 etc)

      Increase the font size	Ctrl + SHIFT + >
      Decrease the font size	Ctrl + SHIFT + <

  The alternative shortcuts change by a single point size at a 
time.

      Increase the font size by 1 point	Ctrl + ]
      Decrease the font size by 1 point	Ctrl + [

  The second set in particular is handy if you're trying to
  fit some text into a specific space.  For example,
  expanding a heading to fill the whole line without wrapping
  to a second line.  Just highlight the text then use the
  shortcuts until it's just right.

Keyboard: MS Office: Quick Finds

You can use Ctrl-F to open the Find window and get your search 
started.  Then, you can close Find window so you can see what you 
are doing.  You can move to the next found item by press Shift + 
F4.

   Ctrl-F      Find
   Shift-F4    Repeat Find

Keyboard: Linking words together

To make sure that words stay together (eg: "Mr Jones" or "Office 
2000"), press Control Shift Spacebar between words in place of 
the usual space. This means that the words will never be split 
over the beginning and end of a line but will always appear 
directly next to each other.