Security Basics mailing list archives
RE: AW: SUS Help
From: Jane Han <janehan22 () yahoo com>
Date: Wed, 24 Sep 2003 13:43:32 -0700 (PDT)
Hi, all Does anybody use SUS to deploy patches to Active/active clustered exchange servers? Any concern? Since I usually install patch on one node while failovering this node's virtual server resources to another node. Thanks, Jane --- "Yoo, Gene" <Gene.Yoo () calbar ca gov> wrote:
Hey Jane, Since the SUS doesn't control your workstation environment, you would just get a log saying that it didn't complete or something like that. For managing 2000/XP, I would recommend using GPO. We primarily use SUS for our server farm for logging, etc... Gene Yoo System Operations Manager -----Original Message----- From: Jane Han [mailto:janehan22 () yahoo com] Sent: Wednesday, September 17, 2003 7:21 AM To: tim.warren () computerjobs com Cc: security-basics () securityfocus com Subject: Re: AW: SUS Help Hi, all If you set to automatic download and install at 3:00AM option through group policy, what happen to workstations that are shut down at 3:00AM? In my company, most people shut down their workstations. How will these workstations get all updated patches from SUS server? Thanks, Jane-----Original Message----- From: Tim Warren [mailto:tim.warren () computerjobs com] Sent: Friday, September 12, 2003 8:18 AM To: 'Markus Rossi'; security-basics () securityfocus com Subject: RE: AW: SUS Help The Sus App works extremely well, we have beenusingit with no I'll effects for almost a year. It was really meant for large workstation installs and we also use it for our testing servers, but nottheweb farm. SUS has a patch approval process by which the patch is downloaded and waits for your approval. SUS by no means mitigates your responsibility to stay on top of patches and test them, it only helps roll themout.It also comes with a multi-tier testing and approval design you can implement if you so choose. It's very flexible, has caused no errors and isfreeunlike RedHats version, for which I subscribe because they have to earn revenue anyway they can and I don't want them going out of business or being bought by IBM. But, don't use it or any other patching program on aproductionserver, not that it won't work, unless you're a gambler. Tim W -----Original Message----- From: Markus Rossi [mailto:securityfocus () familyrossi com] Sent: Thursday, September 11, 2003 3:44 PM To: security-basics () securityfocus com Subject: Re: AW: SUS Help Chris, AFAIK HFNetChk should work with NT4 domains aswellas AD. I've yet to deploy it but it looks extremely promising. See www.shavlik.com Markus Meidinger Chris wrote:Hi guys, i'm dealing with exactly the same problem, and ican promise you thereis *no* affordable option to automagically patch NTboxes without scripting ityourself. Which is what i will spend the nextweekdoing.....Cheers, Chris -----Ursprüngliche Nachricht----- Von: Roger A. Grimes [mailto:rogerg () cox net] Gesendet: Donnerstag, 11. September 2003 03:40 An: Gooch, Linnie;security-basics () securityfocus comBetreff: RE: SUS Help It doesn't work in NT environments. SUS must beinstalled on a W2K orServer 2003 server, and the client must run theAutomatic Updatesservice (which doesn't run on NT). There are few options available when patching anNTenvironment. EvenWin98 has more patch mgmt options. Roger*************************************************************************** *Roger A. Grimes, Computer Security Consultant *CPA, MCSE (NT/2000), CNE (3/4), A+ *email: rogerg () cox net *cell: 757-615-3355 *Author of Malicious Mobile Code: VirusProtectionfor Windows by O'Reilly*http://www.oreilly.com/catalog/malmobcode/ *Author of Apress's upcoming Honeypots forWindows***************************************************************************-----Original Message----- From: Gooch, Linnie [mailto:Linnie () wescom org] Sent: Tuesday, September 09, 2003 8:28 PM To: security-basics () securityfocus com Subject: SUS Help I've been reading everyone's input on SUS and I'mtrying to evaluate itat my company. I want to know if anyone hasdeployed it with an NT4environment? We aren't moving to AD for another 3months, but with theblaster worm and other such vulnerabilities, Iwantto get it up andrunning right away. Here is what I'm looking for. I'm reading the documentation for SUS, and ittalksabout setting theregistry on client machines, which is no problem,but the documentationis so unclear about what exactly I need to add tothe registry. I waswondering if anyone knew exactly what registrykeysneeded to be addedor changed so I could test it right away. Thanks guys. This list rocks! Linnie Gooch, MCSE Manager of Systems and Technology Wescom Credit Union (888) 493 7266 x 8801**********************************************************************This email and any files transmitted with it areconfidential andintended solely for the use of the individual orentity to whom theyare addressed. If you have received this email inerror, please deleteit immediately and advise the sender. WESCOMCREDIT
=== message truncated === __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: AW: SUS Help, (continued)
- Re: AW: SUS Help Markus Rossi (Sep 11)
- RE: AW: SUS Help Spencer D'oro (Sep 12)
- Re: AW: SUS Help lennons (Sep 11)
- Re: AW: SUS Help Markus Rossi (Sep 11)
- Re: AW: SUS Help Tim Syratt (Sep 11)
- RE: AW: SUS Help Tim Warren (Sep 12)
- RE: AW: SUS Help Steven A. Fletcher (Sep 16)
- Re: AW: SUS Help Jane Han (Sep 17)
- Re: AW: SUS Help Carlton Foster (Sep 17)
- Re: {Spam?} Re: AW: SUS Help T. Shawn Knisely (Sep 17)
- RE: AW: SUS Help Jane Han (Sep 24)
- Re: AW: SUS Help Markus Rossi (Sep 11)