Re: automatic update on Mac OS X

[Sebastian Schneider <ses () straightliners de>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The most fitting and easiest way is to deploy Apple Remote Desktop. Though 
sort of expensive (at least in some way;-), 10 users $299, unlimited $499). 
You might have already found the key features at 
http://www.apple.com/remotedesktop/ .

The installation of packages remotely is described at 
http://www.apple.com/remotedesktop/theater/install.html

Regards,
Sebastian



On Saturday 30 August 2003 01:19, you wrote:
> Hi Sebastian,
>
> I am not that concerned about the recent security updates. I just want to
> figure out a management solution that will operate without human
> intervention in situations where it is not feasible to manually update each
> system.
>
> I have heard you can assign packages through Apple Remote Desktop. I may
> explore that. Or check out the automation of patch install via cron job.
>
> Yes, I realize that the Mac has physical security issues. Linux and Windows
> are the same way re: booting from alternate media. There is a partial
> countermeasure--you can disable booting from CD in open firmware now, and
> password protect it. Not perfect, but it is a step. I'm not concerned about
> physical security, however, as much as vulnerability to intrusion over the
> network or worms that may appear in the future.
>
> Thanks again for your thoughts on this subject--definitely helpful.
>
> Zac
>
> > -----Original Message-----
> > From: Schneider Sebastian [mailto:ses () straightliners de]
> > Sent: Friday, August 29, 2003 3:54 PM
> > To: Zachary Mutrux
> > Subject: Re: automatic update on Mac OS X
> >
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hey Zac,
> >
> > if you're just concerned about the security updates...the very
> > two published
> > are not that important for workstations. just if sendmail is used or you
> > really want that screensaver exploit fixed.
> >
> > The best thing is to apply patches by downloading them from a
> > server on your
> > network. I dont know, if the server provides remote update
> > capabilities, but
> > I guess not.
> >
> > If you're so much concerned about the overall mac os x
> > security...it's in no
> > way secure. you just have to boot up from a mac os x installation
> > cd or boot
> > in single user mode and thus obtained root access or even resetting
> > passwords.
> >
> > SES

- -- 

Sebastian Schneider
straightLiners IT Consulting & Services
Metzer Str. 12
13595 Berlin
Germany

Fon: +49-30-3510-6168
Fax: +49-30-3510-6169
www.straightliners.de
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/T/RsQ7mOWZBxbPcRAud2AKC0PBvBXCWMcH0s8/hR95wIMBK8egCg2fRy
BarzjoQmyNZUIN5TqsOUuW0=
=ySfI
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event.  Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------