Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Imaged System Patching Strategies was Re: DShield and Symantec report MSBlast in wild

From: "Stephen W. Thompson" <thompson () ISC UPENN EDU>
Date: Thu, 14 Aug 2003 10:45:36 -0400
On Thu, 14 Aug 2003, Michelle Mueller wrote:


We use a Software Update Services server which is basically an internal
Windows Update Server.  You need to be using Group Policies to use SUS.
It's worked great for us.  When the notice came out about the RPC
vulnerability, I pushed the critical update out to all campus computers
using this server.  We were protected by the afternoon of that day.


Michelle and others --

I'm no Win sysadmin myself, so an illiterate question about this.  I
mentioned hearing good things about SUS, and a support person dismissed
it, saying that it would only work if the user had Admin privileges,
which wasn't their policy.  So at a bird's eye view, what are the
privilege requirements, do machines need to be kept on 24x7, does it
run on a schedule or at domain authentication time, and so forth?

Thanks!

En paz,
Steve, security analyst
--
Stephen W. Thompson, UPenn, ISC Information Security, 215-898-1236, WWW has PGP
thompson () isc upenn edu    URL=http://pobox.upenn.edu/~thompson/index.html
  For security matters, use security () isc upenn edu, read by InfoSec staff
  The only safe choice: Write e-mail as if it's public.  Cuz it could be.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: