RE: Windows SUS Question

["Nagy Gergely" <gergely.nagy () is-energy hu>]

Hi All,

Just a positive feedback. I run SUS in an environment more than 5000 PC's
without any AD installed. We distributed the appropriate registry entries.
We have set up 5 SUS servers regarding the regions and point the client to
the appropriate server. It works just fine. I also disabled the
windowsupdate.microsoft.com on every pc with a registry entry as well. So
they will not be able to update their PC's on their own decision. Only
approved updates will be installed.
This way it is a controlled environment and only approved updates installes.

Feel free to ask if you need any help.

Br,

Gery

-----Original Message-----
From: Alex Lomas [mailto:alex () alexlomas com] 
Sent: Friday, April 16, 2004 11:28 PM
To: 'paralleluniverse'; security-basics () securityfocus com
Subject: RE: Windows SUS Question

AU checks for Microsoft's certificate - if it doesn't match then AU deletes
the downloaded update. 

-----Original Message-----
From: paralleluniverse [mailto:paralleluniverse () ev1 net] 
Sent: 16 April 2004 03:30
To: security-basics () securityfocus com
Subject: Re: Windows SUS Question

Security of Auto Updates:

Re: Windows Update:
Are the auto-update procedures particularly susceptible to mischief?
If the Reg values for WUServer was, in fact,
"WUServer"=http://hackyourupdate.com/
"WUStatusServer"=http://hackyourupdate.com/
What if the DCOM vulnerability had been used to drop these reg keys instead
of dropping a worm.
What, do you think, are the protections within the client to determine a
clever substitute and prevent? Ditto for all Auto Updates.
Thanks,
Ron Cohen
FUNEN


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------




Ez a level virusellenorzesen esett at!

This message was checked against viruses!



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------