[prev in list] [next in list] [prev in thread] [next in thread]
List: patchmanagement
Subject: RE: Patches Management for just a few srvers
From: "Ziots, Edward" <EZiots () Lifespan ! org>
Date: 2008-11-25 9:53:43
Message-ID: CBD73348AD43344DAE3736A72831CDC903C21180 () LSCOEXCH1 ! lsmaster ! lifespan ! org
[Download RAW message or body]
I wont say WSUS isn't a good solution in certain cases, but the big
issue with WSUS is it can't patch non-microsoft software, which leaves
your organizations at an elevated level of risk from 3rd party software
flaws and there associated attacks. And from the latest posts on
bugtraq, secunia and other lists these are the flavor of the month
attacks that are being used to get malware/spyware on your systems and
cause havoc and mayhem.
Food for thought,
Z
Edward E. Ziots
Network Engineer
Lifespan Organization
Email: eziots@lifespan.org
Phone: 401-639-3505
MCSE, MCP+I, ME, CCA, Security +, Network +
-----Original Message-----
From: Brad Butler [mailto:brad.butler@bowencenter.org]
Sent: Monday, November 24, 2008 9:14 AM
To: Patch Management Mailing List
Subject: RE: Patches Management for just a few srvers
My question to you would be, if you are using any Microsoft software,
are you sure you are deploying all the patches? There are so many every
month, you would have to spend an enormously amount of time researching
just to make sure. We have been using WSUS for 2 1/2 years and for the
most part, have no problems updating our 150 desktops and 30 servers.
The only real problem that I have had, is making sure that the drive I
run WSUS from, has enough storage space. Not only does it do a good job
up keeping our machines up to date, but when we have to rebuild a
machine it does a good job of getting the machine back into compliance.
And since WSUS' only real cost is in resources it uses, I find it hard
to come up with a good reason not to deploy. If you are rock solid sure
that your current system works perfectly, then why not deploy WSUS and
use it for verification?
Brad Butler
MIS Specialist
brad.butler@bowencenter.org
The Bowen Center for Human Services
850 N Harrison St
Warsaw, IN 46580
(574) 267-7169 ext 2949
Send non-emergency help desk requests to: IThelp@bowencenter.org
-----Original Message-----
From: Vern Buis [mailto:vbuis@nlc.state.ne.us]
Sent: Thursday, November 20, 2008 1:50 PM
To: Patch Management Mailing List
Subject: RE: Patches Management for just a few srvers
The main reason we haven't moved to WSUS--yet--is that our current
system works very painlessly, and allows us to also push out third-party
patches (including non-MSI and non-CABs) and handle other administrative
tasks at the same time in a very straightforward manner.
I see quite a bit of discussion on this list of various issues with
WSUS, which just reinforces my (perhaps irrational) fear of "blackbox"
systems. We are also very small ( < 100 workstations ) and homogeneous
(all run the same OS) so my gut feeling is that WSUS might be overkill
for us. We may look into WSUS at some point, but for now there is just
no compelling need. Please correct me if any of my assumptions/fears
are not valid--I'm certainly open to persuasion.
Thanks.
Vern Buis
-----Original Message-----
From: Hank Arnold [mailto:arnoldhf@optonline.net]
Sent: Thursday, November 20, 2008 3:52 AM
To: Patch Management Mailing List
Subject: RE: Patches Managment for just a few srvers
Is there a reason why you haven't considered WSUS? It's easy to set up
and administer. And it's *FREE*.....sounds like it would sure save you a
lot of work....
Regards,
Hank Arnold
Microsoft MVP
Windows Server - Directory Services
-----Original Message-----
From: Vern Buis [mailto:vbuis@nlc.state.ne.us]
Sent: Wednesday, November 19, 2008 3:54 PM
To: Patch Management Mailing List
Subject: RE: Patches Managment for just a few srvers
We are a small organization and have been successfully using this
approach for many years: We add a scheduled task (running as an admin)
to each workstation and server upon install. The task runs a batch file
(updates.bat) on a network share at a set time each night. When we want
to install patches or other software, we simply edit updates.bat by
adding a call to the latest set of patches. To avoid re-installing a
set of patches, we have the batch file write a marker file to each
workstation upon running, and then check for existence of this marker
before running.
So, updates.bat has a series of lines like this:
if not exist c:\utility\patch0803.mrk call
\\server1\install\vista\patches\patch0803.bat
This has the added benefit of automatically catching up new workstations
as they are built.
Vern
-----Original Message-----
From: Chip M. [mailto:chipm593@gmail.com]
Sent: Wednesday, November 19, 2008 1:06 PM
To: Patch Management Mailing List
Subject: Patches Managment for just a few srvers
I am looking for a way to do patch management for 3 to 4 servers and
still I don't what to do it manually. I would love to use a free push
type system yet not too sure what to go with. I have heard GREAT things
about HF Check net Pro and used it for a few months when contracting
services to a client yet I believe it's out of my price range.
**** Note
I also would like to push patches out to desktops as well and servers
alike in different domains this would be different clients on different
networks.
What ideas do you guys have for this type of Patch Management
deployment?
---
When posting or replying to messages on this list, please send all
emails in plain text format. HTML formatted messages will not be
accepted.
PatchManagement.org is hosted by Shavlik Technologies
To unsubscribe send a blank email to
leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org
---
When posting or replying to messages on this list, please send all
emails in plain text format. HTML formatted messages will not be
accepted.
PatchManagement.org is hosted by Shavlik Technologies
To unsubscribe send a blank email to
leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org
__________ Information from ESET Smart Security, version of virus
signature database 3626 (20081119) __________
The message was checked by ESET Smart Security.
http://www.eset.com
__________ Information from ESET Smart Security, version of virus
signature database 3626 (20081119) __________
The message was checked by ESET Smart Security.
http://www.eset.com
---
When posting or replying to messages on this list, please send all
emails in plain text format. HTML formatted messages will not be
accepted.
PatchManagement.org is hosted by Shavlik Technologies
To unsubscribe send a blank email to
leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org
---
When posting or replying to messages on this list, please send all
emails in plain text format. HTML formatted messages will not be
accepted.
PatchManagement.org is hosted by Shavlik Technologies
To unsubscribe send a blank email to
leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org
---
When posting or replying to messages on this list, please send all
emails in plain text format. HTML formatted messages will not be
accepted.
PatchManagement.org is hosted by Shavlik Technologies
To unsubscribe send a blank email to
leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org
---
When posting or replying to messages on this list, please send all
emails in plain text format. HTML formatted messages will not be accepted.
PatchManagement.org is hosted by Shavlik Technologies
To unsubscribe send a blank email to leave-patchmanagement@patchmanagement.org
If you are unable to unsubscribe via this email address, please email
owner-patchmanagement@patchmanagement.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic