Home page logo
/

basics logo Security Basics mailing list archives

RE: Windows SUS Question
From: "Tom Milliner" <tom.milliner () verizon net>
Date: Wed, 14 Apr 2004 21:29:30 -0500


I am testing SUS now.  I think it works without the
user being included in the local administrators group
(unlike Windows Update, which requires that an administrator
do updates).

I think SUS works via GPO; everything I have read seems to
indicate that a SUS GPO can be configured for an Active
Directory container (domain, domain controllers, or an
OU which contains computers).

In my setup, I think a user in my test OU can still use
Windows Update manually.  I think there are ways that
could be stopped, but I haven't researched it fully.

The upcoming upgrade for SUS (Windows Update Service or
WUS) will improve the setup.  I am giving SUS a try-out now
because I want to have the chance to test the up-coming
WinXP SP2 before it is automatically installed via an
update service.

Sorry that I cannot be more precise...that is all I 
know at this stage of my testing. 


 
Tom Milliner, CPA, MCSE
2404 Summer Place Dr.
Irving, TX  75062
(214) 540-2741
tom.milliner () verizon net

-----Original Message-----
From: Leon [mailto:roastin () yahoo com] 
Sent: Wednesday, April 14, 2004 1:50 PM
To: security-basics () securityfocus com
Subject: Windows SUS Question

Hi everyone,

My question regarding SUS is dealing with security
permissions.  Lets say 20 servers are part of a work
group; is their still a way to use SUS under the
context of the local system account or something
similar to be able to centrally deploy patches in a
de-centralizied network environment.  I have a
workgroup that needs to have patches deployed and I
would prefer to use something like SUS which is
central as opposed to something like Hfnetcheck pro.

Thanks in advance,

Leon


        
                
__________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online by April 15th
http://taxes.yahoo.com/filing.html

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the
skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault