Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 29

Thread: Patching windows

  1. #11
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    IF you want to MAke your own PAtch CD where your able to install 2 or more MS updates Visit the MS Technet site, and have a read and check out the downloads.. there is a tool there for just that job..
    It will Take a some of your time to make the cd's.. it will be worth it.. Updates from a trusted sourve and a single install cd..

    oh the link...

    http://www.microsoft.com/technet/default.mspx?gssnb=1

    And have a look for Qchain

    Cheers

    BTW: The link you gave for autopatch.. it don't seem to work from my end of the globe..??
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  2. #12
    Senior Member
    Join Date
    Apr 2002
    Posts
    889
    One half of my IT life was spent at a Major West Coast University and I must say in the years since the inception of AO this is the first post and thread I have seen here that recommends a system wide software site...like a University runs on Windows. Get Real! This thread is not even worth a point any way...geez check the Social Engineering...if it is new to you first respones is it is already known.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  3. #13
    Junior Member
    Join Date
    Sep 2003
    Posts
    1
    Originally posted here by djscribble
    are there any virus scanners that we can operate at a domain level that will scan all the machines in the domain??
    At my workplace we use Symantec Anti-Virus Corporate Edition . This allows us to add all machines in our directory to the console for central management. There are many things you can manage using the console such as virusdefs, update schedule, lockdown settings, force virus sweeps, schedule scans, etc...

    We have been using this for several years and it has helped tremendously (especially if you have a large number of machines to administer).

    -= j@ckle =-

  4. #14
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Same goes for McAfee e-Policy Orchestrator.

    djscribble: Are all the clients Windows 2000 or XP? If so think about setting up a SUS server and configure all the clients to download their updates from SUS. That should ease your patch management alot.

    Another option you might wanna consider is blocking icmp (echo request;echo reply) on your entire network. I've noticed that blaster and a few other viruses tend to ping their victems first before trying to infect them. No echo-reply; no attempt.
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #15
    Senior Member
    Join Date
    Jun 2004
    Posts
    460
    our sus server is in the testing environment scheduled to go into production in about a week and a half, however, all the machines already have viruses... some viruses are blocking updates so we need to use the mcaffee e-policy Orchestrator... i am jsut wondering now if there is a way to setup a gateway almost like an intrusion detection system that will stop virus traffic...
    [gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo [/shadow]
    CATAPULTAM HABEO. NISI PECUNIAM OMNEM MIHI DABIS, AD CAPUT TUUM SAXUM IMMANE MITTAM

  6. #16
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by djscribble
    our sus server is in the testing environment scheduled to go into production in about a week and a half, however, all the machines already have viruses... some viruses are blocking updates so we need to use the mcaffee e-policy Orchestrator... i am jsut wondering now if there is a way to setup a gateway almost like an intrusion detection system that will stop virus traffic...
    The problem with this idea is your putting a band-aid on the symptom, your not addressing the real problem, which is infected machines. Your may want to re-think your process a bit. I would start by identifying the infected machines. Get them off your network, clean them and manually load all required patches. Update your Antivirus on those systems and then put them back on the network. This may take a little more time and effort, but in the long run I believe you will end up the a better result.

    Cheers:
    DjM

  7. #17
    Senior Member
    Join Date
    Jun 2004
    Posts
    460
    That is what we are doing with the faculty and staff machines, but because this is a university we constantly have student machines that are infested - and we are not allowed to touch their machines because of fear of a liability lawsuit (that, and many students use nothing but pirated software)

    once the faculty and staff machines are fixed, then we will be able to use the sus server to send out the updates since there are 3500+ machines (and that takes a very long time during the school year for us to get to)
    [gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo [/shadow]
    CATAPULTAM HABEO. NISI PECUNIAM OMNEM MIHI DABIS, AD CAPUT TUUM SAXUM IMMANE MITTAM

  8. #18
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867
    Originally posted here by djscribble
    - and we are not allowed to touch their machines because of fear of a liability lawsuit (that, and many students use nothing but pirated software)

    I am not sure about the law in this area (maybe someone else could add to this), but does the University not also carry some liability for allowing it's network to spread viruses. I have to assume that these infected machines are infecting other machines outside the University network. Even if there is not issues with liability, I believe you may be running into problems with your ISP if they become aware viruses are spewing from your network. Do you not have a policy in place that states a computer must meet certain requirements (e.g. current virus protection) before its allow to connect to the network? (maybe you should )

    Cheers:
    DjM

  9. #19
    Senior Member
    Join Date
    Apr 2002
    Posts
    889

    U's Account Policies

    Actually most of not all Universities have an User Account Policy that is set up when new staff and or students open an account consider it a EULA for any college I know about where it basically states that the system one is given the privlage to use can be revoked for any violation including the entire list of no spam, intrusion programs, and activity like copying of software or copyrighted stuff is not allowed or the account and or access is cut off until conditions are met of their computing department. In short the users do not have control the IT and University does. Universities also have the duty to foster a learning and free exchange of ideas and exploration. I only need to say is visit any University dot edu home page check out their Computing and Communications, IT Departemnt etc, all offer tools free for download wihin their systems to update site licensed software, virus updates, systems scans the list goes on and on. Why do these Universities offer this because In-House they have tested the patches for just about every OS there is know they are safe. My point is only this visit any University Web Site for M$ there is a link to them of MAC to their site if it is external it is to the company that they license their system for not a third party vendor because even if they are used it is at the top level and checked out and tested.
    I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg

  10. #20
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    has anyone used Configuresoft? www.Configuresoft.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •