BMS Blog: SBS Consulting in the UK

Looks like this is doing the rounds again but this time targeting those running Microsoft Word. If your customers download and install the “update” they’re basically installing Troj/Kango-D.

From the Sophos website:

The greeting is personalized (Dear: <firstname> <lastname>), mentions you are subscribed to the ?Microsoft Windows Update mailing list?, and asks you to download the patch from:

?http://windowsupdate.microsoft.com/outlook/update-0-day/download.aspx?id=63852?

Once the above link is clicked, a request is not made to ?microsoft.com? but instead to one of many compromised sites hosting a Trojan, proactively detected by Sophos as Mal/Behav-112.

An interesting feature of this campaign is the target?s full name, and in most cases the organization they are associated with, is mentioned within the message. The samples we have received also lists a bogus Microsoft Windows Licence key, all in an attempt to make the message look legitimate to the recipient.

REGISTERED TO : <Firstname> <Lastname> , - <Organization>
Licence KEY : <key>

Sample Screenshot:

To be on the safe side we’ve blasted out an email to our customers making them aware of it.

Thanks to Suzanne I now have a copy of Demo Showcase 2007, and very impressive it is too.

The 2 DVD’s contain nearly 30 Microsoft products spread over 2 Virtual Server vhd’s and 1 client OS vhd. A lot of thought has gone into the presentation aspects and the provided scripts give a good starting point for you to build your customer demonstrations around.

Be warned, you will need a well specified machine to run this little lot! A minimum of 3Gb memory is required for a start, and even then it is sluggish on anything other than a top spec. system. When you fire up the server vhd’s they run a script that allows you to choose the scenario you want to showcase. It’s important to let the script run as it shuts down the unnecessary processes and services allowing it to perform much quicker.

Although there aren’t any scenario’s that directly reference SBS a lot of them are relevant to the SME space, such as “enabling your mobile workforce” and “optimise your business productivity infrastructure”.  these are both areas that many SME’s are looking at right now - and you should know how to handle them.

We’ve been using the 2 CRM scenarios to good effect and it seems to make a real difference when the customer can see the solution rather than trying to imagine it. It adds a tangible dynamic to the meeting which would otherwise be missing.

I’m guessing that a lot of SBSC partners will install the kit, play with it for a bit and then forget about it instead of taking the next step and actually making use of it! I would offer this advice: What differentiates your pitch against the competition? Probably not very much. You’ll both be pushing the same hardware, the same software and the same solution likely as not. Now put yourself in the customers position. Which pitch does he go for? Well if I was the customer, I’d go for the one who went the extra mile and showed me the solution actually working! So put your Powerpoint presentation away, dust off your laptop and install Demo Showcase 2007!

As reported on Vijay’s blog, James Harbidge has started a blog of his own. Welcome to the blogsphere James!

Posted on the Official SBS Blog are these FAQ’s you might want to read if you’re thinking of trying the BPA out:

Q: Can the BPA be run from a client?
A: No

Q: Will this tool make changes to my server?
A: No, this tool is read-only

Q: How often will the definitions get updated?
A: The current plan is every 4 months, this may change without notice

Q: How can I provide feedback on this tool?
A: Email: sbsbpabu@microsoft.com

Q: Can the SBS 2003 BPA be run on a non-SBS server?
A: No

Q: Can the BPA be run on an SBS 2000 server?
A: No

Q: I ran the BPA and it?s telling me to make a change that I think will cause problems, what should I do?
A: The BPA is an informational tool designed to provide guidance for the most common error states and misconfigurations.  Specific environments need to be evaluated on an individual basis.

Q: Does this replace the Exchange/ISA/SQL/SharePoint BPAs?
A: No, they are complimentary and not mutually exclusive

For more information on the BPA please see:
How to Use the Windows SBS 2003 BPA
Common Questions
Download BPA

I’ve been rather busy lately so haven’t been blogging much but I did have the opportunity to try out the Small Business Server 2003 Best Practices Analyzer the other day.

It’s been out for a little while now and we have amended our procedures so that it automatically gets installed on all new server builds we undertake. We are also rolling it out to our existing installed base and some of the issues it picks up on are very interesting.

 If you haven’t tried it, give it a go. The download is only 1Mb and the footprint is very small. Once you’ve got it installed it offers to check for current updates. When complete the next step is to complete a scan of the system so you can view the results.

Clicking on each of the issues presents you with more information on the problem, possible resolutions and in some cases the ability to click through to a Technet or MS KB article with more information. This really is a great tool to ensure your SBS installations are running optimally!

For completeness why not also try the Exchange Best Practices Analyser as well which works in much the same way. These tools combined with the baseline security analyser tools are a great set of utilities to have in your arsenal and should help ensure your installed base of SBS machines run as smoothly as possible.

I’ve just attended the MS CRM 4.0 readiness launch for MS partners. Although there wasn’t a lot of information relating to the SME market, there were some points worth noting; particularly if you are intending to roll out CRM 3.0 before the launch of 4.0 sometime in the next 2-3 months.

4.0 is more of an evolution rather than revolution. Some of the interesting points that came out of the day:

• The email tracking token is no longer required to track emails.
• MS CRM is the fastest growing CRM product.
• RTM date set for December 2007
• Integration with Office Communicator
• Licensing model allows for on-premise or partner hosted
• Full remote access without VPN
• New auto-correct and auto-complete functionality
• Completely integrated workflow engine

If you go ahead and roll out 3.0 now, the install process for 4.0 will detect your existing install and upgrade it without breaking. This will be a major factor for people looking at getting their hands on the new features!

For developers, full integration with Sharepoint and MOSS will mean that portals for vertical markets can be built on top of CRM to provide scaleable solutions.

Surveys by Gartner have shown that services around CRM generate 4 times the amount of revenue that the licences produce - so developing CRM can be lucrative if handled the right way.