North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: FBI tells the public to call their ISP for help

  • From: Jamie Bowden
  • Date: Fri Jun 15 07:33:37 2007

That AD mumbo jumbo you blow off so blithely is HOW you get clients to
use WSUS instead of whichever random IP Microsoft is pointing at today
for updates.  It requires Group Policy settings, and unless you want to
force all your customers to make their machines part of an AD domain,
which most can't join even if they were willing since they're running
consumer machines with XP Home on them, you can't force them to use your
local server.

Jamie Bowden
"It was half way to Rivendell when the drugs began to take hold"
Hunter S Tolkien "Fear and Loathing in Barad Dur"
Iain Bowen <[email protected]>

-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf Of
Jeroen Massar
Sent: Thursday, June 14, 2007 3:14 PM
To: Patrick W. Gilmore
Cc: [email protected]
Subject: Re: FBI tells the public to call their ISP for help

Patrick W. Gilmore wrote:
> That said, the majority of compromised computers do run some flavor of
> Redmond-Ware.  (One can argue about the underlying cause - market
> quality of software, virus writer's preference, whatever - but the
> still stands that most compromised computers run Windows.)  So getting
> "windows update sandbox" would be very useful.

You want to have a look at:

Microsoft Windows Server Update Services

Microsoft Windows Server Update Services (WSUS) enables information
technology administrators to deploy the latest Microsoft product updates
to computers running the Windows operating system. By using WSUS,
administrators can fully manage the distribution of updates that are
released through Microsoft Update to computers in their network.

Which is used in large organizations to deploy patches with ease.
Requires some AD mumbojumbo of course.

Really the information is out there, google knows, so can you :)