Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: AW: SUS Help

From: Carlton Foster <c.a.foster () larc nasa gov>
Date: Wed, 17 Sep 2003 13:41:24 -0400
Set RescheduleWaitTime to however many minutes you want the machine to wait before installing the patches once it comes back on. It's a DWORD value, and I personally use 1. 


At 07:20 AM 9/17/2003 -0700, Jane Han wrote:

Hi, all

If you set to automatic download and install at 3:00AM
option through group policy, what happen to
workstations that are shut down at 3:00AM?  In my
company, most people shut down their workstations.
How will these workstations get all updated patches
from SUS server?

Thanks,


Jane


> -----Original Message-----
> From: Tim Warren
> [mailto:tim.warren () computerjobs com]
> Sent: Friday, September 12, 2003 8:18 AM
> To: 'Markus Rossi';
> security-basics () securityfocus com
> Subject: RE: AW: SUS Help
>
> The Sus App works extremely well, we have been using
> it with no I'll effects
> for almost a year.  It was really meant for large
> workstation installs and
> we also use it for our testing servers, but not the
> web farm.  SUS has a
> patch approval process by which the patch is
> downloaded and waits for your
> approval.  SUS by no means mitigates your
> responsibility to stay on top of
> patches and test them, it only helps roll them out.
> It also comes with a
> multi-tier testing and approval design you can
> implement if you so choose.
> It's very flexible, has caused no errors and is free
> unlike RedHats version,
> for which I subscribe because they have to earn
> revenue anyway they can and
> I don't want them going out of business or being
> bought by IBM.  But, don't
> use it or any other patching program on a production
> server, not that it
> won't work, unless you're a gambler.
>
> Tim W
>
> -----Original Message-----
> From: Markus Rossi
> [mailto:securityfocus () familyrossi com]
> Sent: Thursday, September 11, 2003 3:44 PM
> To: security-basics () securityfocus com
> Subject: Re: AW: SUS Help
>
>
> Chris,
>
> AFAIK HFNetChk should work with NT4 domains as well
> as AD. I've yet to
> deploy it but it looks extremely promising. See
> www.shavlik.com
>
> Markus
>
> Meidinger Chris wrote:
>
> >Hi guys,
> >
> >i'm dealing with exactly the same problem, and i
> can promise you there
> >is
> >*no* affordable option to automagically patch NT
> boxes without scripting it
> >yourself. Which is what i will spend the next week
> doing.....
> >
> >Cheers,
> >
> >Chris
> >
> >-----Ursprüngliche Nachricht-----
> >Von: Roger A. Grimes [mailto:rogerg () cox net]
> >Gesendet: Donnerstag, 11. September 2003 03:40
> >An: Gooch, Linnie;
> security-basics () securityfocus com
> >Betreff: RE: SUS Help
> >
> >
> >It doesn't work in NT environments.  SUS must be
> installed on a W2K or
> >Server 2003 server, and the client must run the
> Automatic Updates
> >service (which doesn't run on NT).
> >
> >There are few options available when patching an NT
> environment.  Even
> >Win98 has more patch mgmt options.
> >
> >Roger
> >
>
>***********************************************************************
> >****
> >*Roger A. Grimes, Computer Security Consultant
> >*CPA, MCSE (NT/2000), CNE (3/4), A+
> >*email: rogerg () cox net
> >*cell: 757-615-3355
> >*Author of Malicious Mobile Code:  Virus Protection
> for Windows by O'Reilly
> >*http://www.oreilly.com/catalog/malmobcode/
> >*Author of Apress's upcoming Honeypots for Windows
>
>***************************************************************************
> >
> >
> >-----Original Message-----
> >From: Gooch, Linnie [mailto:Linnie () wescom org]
> >Sent: Tuesday, September 09, 2003 8:28 PM
> >To: security-basics () securityfocus com
> >Subject: SUS Help
> >
> >
> >I've been reading everyone's input on SUS and I'm
> trying to evaluate it
> >at my company. I want to know if anyone has
> deployed it with an NT4
> >environment? We aren't moving to AD for another 3
> months, but with the
> >blaster worm and other such vulnerabilities, I want
> to get it up and
> >running right away.
> >
> >Here is what I'm looking for.
> >
> >I'm reading the documentation for SUS, and it talks
> about setting the
> >registry on client machines, which is no problem,
> but the documentation
> >is so unclear about what exactly I need to add to
> the registry. I was
> >wondering if anyone knew exactly what registry keys
> needed to be added
> >or changed so I could test it right away.
> >
> >Thanks guys. This list rocks!
> >
> >
> >Linnie Gooch, MCSE
> >Manager of Systems and Technology
> >Wescom Credit Union
> >(888) 493 7266 x 8801
> >
> >
> >
>
>**********************************************************************
> >This email and any files transmitted with it are
> confidential and
> >intended solely for the use of the individual or
> entity to whom they
> >are addressed. If you have received this email in
> error, please delete
> >it immediately and advise the sender. WESCOM CREDIT
> UNION (626)
> >535-1000
>
>**********************************************************************
> >
> >
>
>-----------------------------------------------------------------------
> >----
> >Captus Networks
> >Are you prepared for the next Sobig & Blaster?
> > - Instantly Stop DoS/DDoS Attacks, Worms & Port
> Scans
> > - Precisely Define and Implement Network Security
> > - Automatically Control P2P, IM and Spam Traffic
> >FIND OUT NOW -  FREE Vulnerability Assessment
> Toolkit
> >http://www.captusnetworks.com/ads/42.htm
>
>---------------------------------------------------------------------------
> -
> >
> >
>
>-----------------------------------------------------------------------
> >----
> >Captus Networks
> >Are you prepared for the next Sobig & Blaster?
> > - Instantly Stop DoS/DDoS Attacks, Worms & Port
> Scans
> > - Precisely Define and Implement Network Security
> > - Automatically Control P2P, IM and Spam Traffic
> >FIND OUT NOW -  FREE Vulnerability Assessment
> Toolkit
> >http://www.captusnetworks.com/ads/42.htm
>
>---------------------------------------------------------------------------
> -
> >
>
>-----------------------------------------------------------------------
> >----
> >Captus Networks
> >Are you prepared for the next Sobig & Blaster?
> > - Instantly Stop DoS/DDoS Attacks, Worms & Port
> Scans
> > - Precisely Define and Implement Network Security
> > - Automatically Control P2P, IM and Spam Traffic
> >FIND OUT NOW -  FREE Vulnerability Assessment
> Toolkit
> >http://www.captusnetworks.com/ads/42.htm
>
>---------------------------------------------------------------------------
> -
> >
> >
>
>
>
>
=== message truncated ===


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Precisely Define and Implement Network Security
 - Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------



---------------------------------------------------------------------------
Captus Networks
Are you prepared for the next Sobig & Blaster?
- Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
- Precisely Define and Implement Network Security
- Automatically Control P2P, IM and Spam Traffic
FIND OUT NOW -  FREE Vulnerability Assessment Toolkit
http://www.captusnetworks.com/ads/42.htm
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: