Security Basics mailing list archives
RE: Windows SUS
From: Lee Seidman <lseidman () yahoo com>
Date: Fri, 30 Apr 2004 14:18:55 -0700 (PDT)
Once SUS is properly configured (and approval has been granted to various necessary patches), the GPO is the only thing that must be configured to point the workstations to the proper local SUS server. The only factor we had to worry about in my organization is the reboot issue: 1) If certain patches required rebooting, users get 5 minutes before it automatically reboots their computers. This would be okay if users weren't in any critical applications and happened to walk away from their computers during the reboot process 2) If a user never reboots his/her computer (e.g., just leaves it logged on and "locked" overnight), the machine never refreshes and hence, is not deemed prepared for the next set of updates that come down from the SUS server We alleviated this problem by configuring SUS so workstations do not automatically reboot after patches are applied, using the SHUTDOWN.EXE command from the Windows Server Resource Kit, and writing a batch file that automatically reboots any computer that happened to be left in "locked" mode overnight. This seems to keep users from becoming agitated from any disruptions... - Lee --- Joe DeMarco <demarcoj () comcast net> wrote:
Additional question regarding SUS. Is there anything special (i.e.. Software) that needs to be loaded onto the client or does the GPO just push the updates automatically when scheduled? Joseph DeMarco IS Specialist 800-852-6088 ext 102 www.thefirestore.com www.officerstore.com -----Original Message----- From: Josh Mills [mailto:JMills () cnbwaco com] Sent: Wednesday, April 28, 2004 7:18 PM To: Raoul Armfield; security-basics () securityfocus com Subject: RE: Windows SUS I have looked into this and as far as i know there is no way to make this work. I think they may be working on it for version 2 but i think that got pushed back *again* to late summer now. You can look in the content directory i think and it will have all the patches that it has downloaded so if you know a machine is missing a patch you can just go there and get it but otherwise it is scheduled only. -----Original Message----- From: Raoul Armfield [mailto:armfield () amnh org] Sent: Wednesday, April 28, 2004 12:49 PM To: security-basics () securityfocus com Subject: Windows SUS Hi all, We are setting up a SUS server here at our site. We have been able to get several machines to get their updates from it as opposed to directly from the microsoft site. My question is this, is there a way to set up SUS so that you can use a browser to connect to http://susserver.mydomain.com and be able to have it scan the machine and then download the needed updates, ala windowsupdate.microsoft.com? My googling has not turned up anything todate. maybe someone has developed something like this already and is willing to share? TIA Raoul
------------------------------------------------------------------------
--- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----
------------------------------------------------------------------------
--- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
------------------------------------------------------------------------
----
---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- RE: Windows SUS Josh Mills (May 03)
- <Possible follow-ups>
- RE: Windows SUS Eion Sibanda (May 03)
- RE: Windows SUS Albers Darren (May 03)
- RE: Windows SUS Philip Wagenaar (May 03)
- RE: Windows SUS Lee Seidman (May 03)
- RE: Windows SUS Raoul Armfield (May 03)
- RE: Windows SUS Alvin Packard (May 03)
- RE: Windows SUS Hagen, Eric (May 04)
- RE: Windows SUS Derek Schaible (May 04)
- RE: Windows SUS hartmann (May 06)
- Re: Windows SUS Ansgar -59cobalt- Wiechers (May 10)
- Windows SUS Sistemas Aurensis-Sys Sec (May 07)
- RE: Windows SUS Sullivan, Glenn (May 07)
- Re: Windows SUS Dave Schaefer (May 07)
- Policy tools n30 (May 10)
(Thread continues...)