Security Basics mailing list archives
Re: Windows SUS
From: Dave Schaefer <dpschaef () oaklandcc edu>
Date: 8 May 2004 03:11:44 -0000
In-Reply-To: <20040430211855.35154.qmail () web12823 mail yahoo com> Is there any chance I can get a copy of this code? I work for an educational instatution that doesn't want their computers rebooting while students are working on them. Please let me know. Thanks. -Dave
In-Reply-To: <A02305CA08B0D143A752591768A7858A1B6554@prserver.prproducts.local> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Once SUS is properly configured (and approval has been granted to various necessary patches), the GPO is the only thing that must be configured to point the workstations to the proper local SUS server. The only factor we had to worry about in my organization is the reboot issue: 1) If certain patches required rebooting, users get 5 minutes before it automatically reboots their computers. This would be okay if users weren't in any critical applications and happened to walk away from their computers during the reboot process 2) If a user never reboots his/her computer (e.g., just leaves it logged on and "locked" overnight), the machine never refreshes and hence, is not deemed prepared for the next set of updates that come down from the SUS server We alleviated this problem by configuring SUS so workstations do not automatically reboot after patches are applied, using the SHUTDOWN.EXE command from the Windows Server Resource Kit, and writing a batch file that automatically reboots any computer that happened to be left in "locked" mode overnight. This seems to keep users from becoming agitated from any disruptions... - Lee
--------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- RE: Windows SUS, (continued)
- RE: Windows SUS Philip Wagenaar (May 03)
- RE: Windows SUS Lee Seidman (May 03)
- RE: Windows SUS Raoul Armfield (May 03)
- RE: Windows SUS Alvin Packard (May 03)
- RE: Windows SUS Hagen, Eric (May 04)
- RE: Windows SUS Derek Schaible (May 04)
- RE: Windows SUS hartmann (May 06)
- Re: Windows SUS Ansgar -59cobalt- Wiechers (May 10)
- Windows SUS Sistemas Aurensis-Sys Sec (May 07)
- RE: Windows SUS Sullivan, Glenn (May 07)
- Re: Windows SUS Dave Schaefer (May 07)
- Policy tools n30 (May 10)
- Re: Policy tools Brad Arlt (May 10)
- Policy tools n30 (May 10)
- Windows SUS Guillome Main (May 07)
- Re: Windows SUS Paul Kurczaba (May 10)
- RE: Windows SUS Philip Wagenaar (May 10)
- Re: Windows SUS Lee Seidman (May 10)
- RE: Windows SUS Raoul Armfield (May 10)
- RE: Windows SUS Lee Seidman (May 10)
- Windows 2kserver with XP clients - Policies Ivan Carlos (May 12)
- RE: Windows 2kserver with XP clients - Policies Philip Wagenaar (May 13)
- Windows 2kserver with XP clients - Policies Ivan Carlos (May 12)
(Thread continues...)