Security Basics mailing list archives
RE: Windows patch mgmt.
From: "Britton, Jeff B." <JBBritton () LMUS LeggMason com>
Date: Mon, 21 Jun 2004 08:49:16 -0400
Bob, Testing is always a problem with limited resources, although there are tools such as HFNETCHECKPRO, ECORA...etc that can apply the Microsoft patches very quickly. Some tools have the technology to identify any services that have stopped running after applying the patch. With 300 desktops and 50 servers, a tool like the ones mentioned above would be fairly cheap and save an enourmous amount of time when applying patches. Give them a look. (I recommend HFNetCheckPro from Shavlik, although it ONLY supports the Windows environments.) Jeff -----Original Message----- From: bob martin [mailto:bobmartin_613 () hotmail com] Sent: Tuesday, June 15, 2004 10:41 AM To: security-basics () securityfocus com Subject: Windows patch mgmt. Hello all. Basic patching question for you. We have a small environment (approx. 300 desktops and 50 servers) and the question has come up how do we test all desktops/servers after a windows patch has been installed. Given that the networking/desktop team consists of 6 people, I'm a bit stumped on how we can do this efficiently. We use St. Benard's Update Expert to push out the patches and to verify they've been installed. Currently we push to a QA environment and let it soak for a week or two while it's being used for it's normal functions. The concern is if the server isn't being used for testing, then we may push a patch to a production server without it being "tested." Any suggestions would be very welcomed. Any more, there's so many windows patches that it's almost a full time job for one person to manage them. Thanks. Bob _________________________________________________________________ Is your PC infected? Get a FREE online computer virus scan from McAfee® Security. http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------------- IMPORTANT: The security of electronic mail sent through the Internet is not guaranteed. Legg Mason therefore recommends that you do not send confidential information to us via electronic mail, including social security numbers, account numbers, and personal identification numbers. Delivery, and timely delivery, of electronic mail is also not guaranteed. Legg Mason therefore recommends that you do not send time-sensitive or action-oriented messages to us via electronic mail, including authorization to "buy" or "sell" a security or instructions to conduct any other financial transaction. Such requests, orders or instructions will not be processed until Legg Mason can confirm your instructions or obtain appropriate written documentation where necessary. --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Windows patch mgmt. bob martin (Jun 21)
- Re: Windows patch mgmt. steve (Jun 22)
- Re: Windows patch mgmt. Joe Polk (Jun 23)
- Test Lab Help sEc nErD (Jun 24)
- Re: Windows patch mgmt. Joe Polk (Jun 23)
- Re: Windows patch mgmt. Keith Cirelli (Jun 23)
- <Possible follow-ups>
- RE: Windows patch mgmt. Britton, Jeff B. (Jun 21)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 22)
- Re: Windows patch mgmt. Murad Talukdar (Jun 23)
- Re: Windows patch mgmt. pingywon MCSE (Jun 23)
- RE: Windows patch mgmt. Paul Ryan (Jun 24)
- RE: Windows patch mgmt. Kymer, Daniel (Jun 23)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 23)
- Re: RE: Windows patch mgmt. Warren V Camp (Jun 23)
- RE: Windows patch mgmt. Depp, Dennis M. (Jun 23)
- Re: Windows patch mgmt. Ansgar -59cobalt- Wiechers (Jun 25)
- RE: Windows patch mgmt. Daszczyszak, Roman L. SPC (1AD 501 MI BN ACE IMO) (Jun 24)
(Thread continues...)
- Re: Windows patch mgmt. steve (Jun 22)