Security Basics mailing list archives
Re: AW: SUS Help
From: Jane Han <janehan22 () yahoo com>
Date: Wed, 17 Sep 2003 07:20:35 -0700 (PDT)
Hi, all If you set to automatic download and install at 3:00AM option through group policy, what happen to workstations that are shut down at 3:00AM? In my company, most people shut down their workstations. How will these workstations get all updated patches from SUS server? Thanks, Jane
-----Original Message----- From: Tim Warren [mailto:tim.warren () computerjobs com] Sent: Friday, September 12, 2003 8:18 AM To: 'Markus Rossi'; security-basics () securityfocus com Subject: RE: AW: SUS Help The Sus App works extremely well, we have been using it with no I'll effects for almost a year. It was really meant for large workstation installs and we also use it for our testing servers, but not the web farm. SUS has a patch approval process by which the patch is downloaded and waits for your approval. SUS by no means mitigates your responsibility to stay on top of patches and test them, it only helps roll them out. It also comes with a multi-tier testing and approval design you can implement if you so choose. It's very flexible, has caused no errors and is free unlike RedHats version, for which I subscribe because they have to earn revenue anyway they can and I don't want them going out of business or being bought by IBM. But, don't use it or any other patching program on a production server, not that it won't work, unless you're a gambler. Tim W -----Original Message----- From: Markus Rossi [mailto:securityfocus () familyrossi com] Sent: Thursday, September 11, 2003 3:44 PM To: security-basics () securityfocus com Subject: Re: AW: SUS Help Chris, AFAIK HFNetChk should work with NT4 domains as well as AD. I've yet to deploy it but it looks extremely promising. See www.shavlik.com Markus Meidinger Chris wrote:Hi guys, i'm dealing with exactly the same problem, and ican promise you thereis *no* affordable option to automagically patch NTboxes without scripting ityourself. Which is what i will spend the next weekdoing.....Cheers, Chris -----Ursprüngliche Nachricht----- Von: Roger A. Grimes [mailto:rogerg () cox net] Gesendet: Donnerstag, 11. September 2003 03:40 An: Gooch, Linnie;security-basics () securityfocus comBetreff: RE: SUS Help It doesn't work in NT environments. SUS must beinstalled on a W2K orServer 2003 server, and the client must run theAutomatic Updatesservice (which doesn't run on NT). There are few options available when patching an NTenvironment. EvenWin98 has more patch mgmt options. Roger*************************************************************************** *Roger A. Grimes, Computer Security Consultant *CPA, MCSE (NT/2000), CNE (3/4), A+ *email: rogerg () cox net *cell: 757-615-3355 *Author of Malicious Mobile Code: Virus Protectionfor Windows by O'Reilly*http://www.oreilly.com/catalog/malmobcode/ *Author of Apress's upcoming Honeypots for Windows***************************************************************************-----Original Message----- From: Gooch, Linnie [mailto:Linnie () wescom org] Sent: Tuesday, September 09, 2003 8:28 PM To: security-basics () securityfocus com Subject: SUS Help I've been reading everyone's input on SUS and I'mtrying to evaluate itat my company. I want to know if anyone hasdeployed it with an NT4environment? We aren't moving to AD for another 3months, but with theblaster worm and other such vulnerabilities, I wantto get it up andrunning right away. Here is what I'm looking for. I'm reading the documentation for SUS, and it talksabout setting theregistry on client machines, which is no problem,but the documentationis so unclear about what exactly I need to add tothe registry. I waswondering if anyone knew exactly what registry keysneeded to be addedor changed so I could test it right away. Thanks guys. This list rocks! Linnie Gooch, MCSE Manager of Systems and Technology Wescom Credit Union (888) 493 7266 x 8801**********************************************************************This email and any files transmitted with it areconfidential andintended solely for the use of the individual orentity to whom theyare addressed. If you have received this email inerror, please deleteit immediately and advise the sender. WESCOM CREDITUNION (626)535-1000**********************************************************************--------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & PortScans- Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability AssessmentToolkithttp://www.captusnetworks.com/ads/42.htm--------------------------------------------------------------------------- ---------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & PortScans- Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability AssessmentToolkithttp://www.captusnetworks.com/ads/42.htm--------------------------------------------------------------------------- ---------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & PortScans- Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability AssessmentToolkithttp://www.captusnetworks.com/ads/42.htm--------------------------------------------------------------------------- -
=== message truncated === __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com --------------------------------------------------------------------------- Captus Networks Are you prepared for the next Sobig & Blaster? - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans - Precisely Define and Implement Network Security - Automatically Control P2P, IM and Spam Traffic FIND OUT NOW - FREE Vulnerability Assessment Toolkit http://www.captusnetworks.com/ads/42.htm ----------------------------------------------------------------------------
Current thread:
- AW: SUS Help Meidinger Chris (Sep 11)
- Re: AW: SUS Help Markus Rossi (Sep 11)
- RE: AW: SUS Help Spencer D'oro (Sep 12)
- Re: AW: SUS Help lennons (Sep 11)
- Re: AW: SUS Help Markus Rossi (Sep 11)
- Re: AW: SUS Help Tim Syratt (Sep 11)
- <Possible follow-ups>
- RE: AW: SUS Help Tim Warren (Sep 12)
- RE: AW: SUS Help Steven A. Fletcher (Sep 16)
- Re: AW: SUS Help Jane Han (Sep 17)
- Re: AW: SUS Help Carlton Foster (Sep 17)
- Re: {Spam?} Re: AW: SUS Help T. Shawn Knisely (Sep 17)
- RE: AW: SUS Help Jane Han (Sep 24)
- Re: AW: SUS Help Markus Rossi (Sep 11)