lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <3E71BE64C6ECD8449CD5A236F700FA968199B1@odcexch.wei.owhc.net>
From: mbassett at omaha.com (Bassett, Mark)
Subject: Automating patch deployment

The client that has to be running is the windows auto update client.  It
doesn't require admin privileges unless you want it to.  You can
configure SUS in a lot of different ways.  
Unfortunately it won't run on NT4 :(

<snip from
http://www.microsoft.com/windows2000/windowsupdate/sus/susfaq.asp >

Q.  What clients does SUS support? 
   
A.  Your client computers must be running Windows 2000 Professional with
Service Pack 2 (SP2) or later, Windows XP Professional, or Windows 2000
Server with SP2 or later in order to run Automatic Updates. Note:
Windows NT 4.0 is not supported.
</snip>

-----Original Message-----
From: George Peek [mailto:GKPeek@...stateTicketing.com] 
Sent: Sunday, August 17, 2003 5:04 PM
To: Bassett, Mark
Subject: RE: [Full-Disclosure] Automating patch deployment

Cool, thanks..

Requires the client to be running? Most of our clients use NT, deploy
.msi
using logins script, does it require admin prv?


-----Original Message-----
From: Bassett, Mark [mailto:mbassett@...ha.com]
Sent: Wednesday, August 06, 2003 7:21 AM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] Automating patch deployment


The good thing about SUS is that you can set it up to not push out the
packages until you approve them.  The SUS box downloads all the critical
updates and then they sit in queue until you tell them it's ok to push
them out.  I think that's the best way to handle the situation.  Sure it
creates a little admin work, but I think the advantage is clear.  

-----Original Message-----
From: gregh [mailto:chows@...mail.com.au] 
Sent: Wednesday, August 06, 2003 8:04 AM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Automating patch deployment


> ----- Original Message ----- 
> From: Johnson, Mark 
> To: George Peek ; full-disclosure@...ts.netsys.com 
> Sent: Wednesday, August 06, 2003 7:12 AM
> Subject: RE: [Full-Disclosure] Automating patch deployment


> Look at Microsoft Article 328010 for information on setting up Windows
> 2000, XP and 2003 to automatically update Microsoft's patches.  I know
> this isn't the full solution, but maybe a start.


Just my 2 cents again - I distinctly remember March 28 2002 XP and 2000
update stuffing many systems around the world. I also remember the
811493 patch slowdown and eventual reissue by MS.

Automation of update patches? Not on your Nellie! I would have a machine
download patches and try installs on it before I felt comfortable about
passing them on to others.


*LOOK MA! NO HTML!*

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


************************************************************
Omaha World-Herald Company computer systems are for business use only.
This e-mail was scanned by MailSweeper
************************************************************

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ