Alexander’s Blog

By default, Terminal Services (and Remote Desktop) uses TCP port 3389. If you use Remote Desktop or Terminal Services to connect to your Windows computer, you might want to consider modifying the default port for security reasons. The default port can be changed by hacking the registry. Here’s the procedure.

- Open the registry editor (regedit.exe) and go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp.

- Double-click PortNumber in the right-hand pane.

- Click on Decimal and change the Value data to a different port number that is not in use.

- Close the registry editor and reboot your computer.

This technique applies to Win2000/2003/XP. To connect to the remote computer enter the port number at the end of the domain name or IP address. For example, to connect to a domain called MSN.COM that has an IP address of 207.68.172.246 and is configured to use port number 5678, you can use either of the following in the Remote Desktop Connection:
MSN.COM:5678
207.68.172.246:5678

To determine which port number to use, click here for a list of TCP/IP port numbers. Port numbers 0 through 1023 are called well-known ports, while port numbers 1024 through 49151 are registered ports. You should pick one of the port numbers between 49152 and 65535 because these are dynamic or private ports, such as port 54321.

Microsoft has released Windows Server Update Services (WSUS), formerly known as Software Update Service (SUS) & then later changed to Windows Update Services (WUS). For now its called Windows Server Update Services. WSUS enables administrators to quickly and reliably deploy critical updates to their Windows 2000-based servers as well as desktop computers running Windows 2000 Professional or Windows XP Professional.

In addition to WSUS, Microsoft also offers Microsoft Update and Systems Management Server (SMS) 2003. Microsoft Update is free and is geared towards home users. WSUS requires a Windows Server Client Access License (CAL) and is meant for small to medium-sized businesses. SMS 2003 requires Windows Server CAL, SMS CAL, SMS Server CAL, and SQL Server CAL and its meant for medium to large organizations.

All three tiers support the following clients:

- Windows Server 2003
- Windows XP Professional
- Windows 2000
- Office 2003
- Office XP
- Exchange Server 2003
- SQL Server 2000
- MSDE
- Additional Microsoft products over time

There are several differences between the thre tiers. Click here to compare the three tiers. For WSUS FAQs, click here.

Microsoft has announced its first brand-new certification in years, one aimed at high-level IT pros with significant experience in architecting solutions that involve Microsoft (and non-Microsoft) products. At 101communications’ TechMentor conference in Orlando, Al Valvano, Lead Product Manager with Microsoft Learning, unveiled the Microsoft Certified Architect Program (MCAP), a board-level certification on a scale the company has never attempted before.

Some highlights from Valvano’s keynote:

1. The MCAP will consist of prerequisite training and experience, and the skills domain that candidates will face throughout the process will be broad, including such objectives as project management, decisionmaking and oral and verbal communication. Valvano said it’s too early to give any definition to those requirements, and wouldn’t say whether any of the current exams or training in the MCP program would be applicable to the MCAP.

2. Candidates will be assigned a mentor to help foster success through the program’s rigorous certification process. Valvano said that mentors will come from Microsoft as well as externally chosen sources.

3. Candidates, with the help of the mentor, would apply for entrance registration into the architecture candidate process, which consists of a written submission and board examinations. Valvano said that details on what the written submission process and who would be on the peer-review board were still in development. Valvano compared the process to attaining a Ph.D, where a candidate has to defend a thesis.

4. Valvano stressed that only about a quarter of the emphasis of a candidate’s knowledge will be on Microsoft-related architecture technologies; the rest will relate to general architecture principles and best practices that aren’t Microsoft specific. A candidate for the MCAP will have to have a broad-based knowledge that extends well beyond the narrow bounds of Windows.

5. Finally, Valvano estimated that completion of the program could take from six to 12 months and would not come cheap. Valvano says that the program is designed to pay for itself; nonetheless, he says that “it will take a substantial commitment in time and money” for both the candidate and the board to come together for all the meetings and tests for completing each step.

More info…

The most popular antispyware products are Ad-Aware, Spybot Search and Destroy, and SpySweeper, all of which have free versions (Spybot S&D is donation ware). The free versions will do both scan and clean most spyware, adware and malware, and do a pretty good job. Unfortunately much of their popularity is by word of mouth and a few magazine reviews. However, there is a class of antispyware. Rogue or Suspect antispyware, that advertises through the very pop-ups that they are claiming to remove, and often badger a user with high pressure tactics until they finally agree to accept the download.

One of the hallmarks of these products is that they are free to download and scan, but if you want to clean your system, you must purchase a license. Some of these will produce false positives, claiming spyware infections to further convince the user to purchase the product. The most insidious of the lot, recently called “extortion ware” by some sites, will also use malicious installations, blocking removal and in some cases cause connectivity problems, requiring the user to buy the product to get the uninstaller. In addition, a few of these rogue products will actually be spyware themselves, recording data and reporting back to their vendors sites.

The Web site SpywareWarrior.com, lists over 90 applications that have been tested or are suspected to be “products are of unknown, questionable, or dubious value as anti-spyware protection.” While not all the products listed on Spyware warrior’s site may be bad, you will probably want to steer clear. Another site worth checking out is the Spyware Guide which offers information and tips on spyware problems.

One of the advantages of being an MCT is that a lot of vendors are anxious to give you their products for free for demonstration purposes and personal use. The idea is that if you like their product they can get a lot of free publicity. In the past I’ve tested GFI’s MailEssentials. Recently I evaluated two anti-spam software packages for Exchange 2003:

1. Red Earth’s Policy Patrol Enterprise
2. Vamsoft’s Open Relay Filter (ORF) Enterprise Edition

I evaluated these products based on their functionality, ease of use, and features…..not based on their pricing. Here are some pros and cons for both the products.

Policy Patrol Enterprise
I found Policy Patrol Enterprise to be fairly easy to configure and I was also impressed by its ability to filter spam. You can also install the software on a Windows XP computer and manage the server remotely. I didn’t like the way it sorts the lists (blacklists and whitelists). Although it lets you sort the list temporarily, it doesn’t let you change the default. One workaround is to export the list, sort it out and then import it back……too much hassle. One annoying thing about this product is that you need to make a connection to the server every time you start the Policy Patrol Administration console, even if you open the console on the Exchange server. This takes some time. I liked the ability to look at the past history that shows all the messages that have been filtered. The ability to filter out Words/phrases and attachments is great but they filtering wasn’t always perfect. You could use the Bayesian filtering for detecting spam and it helps. The product comes with lots of sample filters, which is nice, but the monitoring of messages is rather cumbersome. You have to go to at least 6 different folders to properly monitor the messages. The good thing is that you have the ability to look at individual messages and decide whether to forward, move to another folder or to delete. The worst part of this package was that it doesn’t have an easier method to reject messages at the server from spammers that are on your blacklist. You can reject messages on the Real-time Blacklists but the messages on your own blacklist must go through your e-mail server before you take an action on them. Obviously, this wastes bandwidth and causes administrative overhead.

Open Relay Filter (ORF) Enterprise Edition
The Open Relay Filter (ORF) Enterprise Edition from Vamsoft was also very easy to install and configure. The help file walks you through the installation and setup. The product is simple to configure but doesn’t do quite the job that Policy Patrol Enterprise does in filtering spam. The big advantage is that this product will let you reject messages on your own blacklist, in addition to rejecting messages from Real-time Blacklists. The lists are easy to sort and easy to import/export in XML format. One of the coolest features of this product is the real-time statistics about its activity, as shown below in the screen shot.

Conclusion
Overall, I liked the Open Relay Filter (ORF) Enterprise Edition better. I should also point out that the folks at Policy Patrol Enterprise will only give a restricted version of their product for free that only allows a few accounts to be tested. The Open Relay Filter (ORF) Enterprise Edition gives out a complete product with no restrictions. I found the Open Relay Filter (ORF) Enterprise Edition to be a better overall anti-spam solution for Exchange 2003, compared to GFI’s MailEssentials and Red Earth’s Policy Patrol Enterprise. The fact that they offer a fully functional product to MVPs was a bonus but it did not have any affect on my recommendation. I should point out that even if you are using one of these anti-spam products, I encourage you to use the free Exchange Intelligent Message Filter.