Re: automatic update on Mac OS X

[Schneider Sebastian <ses () straightliners de>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Since VNC will not applay updates, and is just for remote controlling the 
client computer providing VNC services.

Sebastian

On Tuesday 02 September 2003 18:29, Dean Saxe wrote:
> Why not use VNC instead?  After all, its free.
>
> -dhs
>
> -----Original Message-----
> From: Sebastian Schneider [mailto:ses () straightliners de]
> Sent: Friday, August 29, 2003 8:49 PM
> To: Zachary Mutrux
> Cc: security-basics () securityfocus com
> Subject: Re: automatic update on Mac OS X
>
>
> The most fitting and easiest way is to deploy Apple Remote Desktop. Though
> sort of expensive (at least in some way;-), 10 users $299, unlimited $499).
> You might have already found the key features at
> http://www.apple.com/remotedesktop/ .
>
> The installation of packages remotely is described at
> http://www.apple.com/remotedesktop/theater/install.html
>
> Regards,
> Sebastian
>
> On Saturday 30 August 2003 01:19, you wrote:
> > Hi Sebastian,
> >
> > I am not that concerned about the recent security updates. I just want to
> > figure out a management solution that will operate without human
> > intervention in situations where it is not feasible to manually update
>
> each
>
> > system.
> >
> > I have heard you can assign packages through Apple Remote Desktop. I may
> > explore that. Or check out the automation of patch install via cron job.
> >
> > Yes, I realize that the Mac has physical security issues. Linux and
>
> Windows
>
> > are the same way re: booting from alternate media. There is a partial
> > countermeasure--you can disable booting from CD in open firmware now, and
> > password protect it. Not perfect, but it is a step. I'm not concerned
>
> about
>
> > physical security, however, as much as vulnerability to intrusion over
> > the network or worms that may appear in the future.
> >
> > Thanks again for your thoughts on this subject--definitely helpful.
> >
> > Zac
> >
> > > -----Original Message-----
> > > From: Schneider Sebastian [mailto:ses () straightliners de]
> > > Sent: Friday, August 29, 2003 3:54 PM
> > > To: Zachary Mutrux
> > > Subject: Re: automatic update on Mac OS X
> > >
> > >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > > Hash: SHA1
> > >
> > > Hey Zac,
> > >
> > > if you're just concerned about the security updates...the very
> > > two published
> > > are not that important for workstations. just if sendmail is used or
> > > you really want that screensaver exploit fixed.
> > >
> > > The best thing is to apply patches by downloading them from a
> > > server on your
> > > network. I dont know, if the server provides remote update
> > > capabilities, but
> > > I guess not.
> > >
> > > If you're so much concerned about the overall mac os x
> > > security...it's in no
> > > way secure. you just have to boot up from a mac os x installation
> > > cd or boot
> > > in single user mode and thus obtained root access or even resetting
> > > passwords.
> > >
> > > SES

- -- 

Sebastian Schneider
straightLiners IT Consulting & Services
Metzer Str. 12
13595 Berlin
Germany

Phone: +49-30-3510-6168
Fax: +49-30-3510-6169

Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
Informationen. Wenn Sie nicht der richtige Adressat sind oder
diese E-Mail irrtümlich erhalten haben, informieren Sie bitte
sofort den Absender und vernichten Sie diese Mail. Das unerlaubte
Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht
gestattet.

This E-Mail may contain confidential and/or privileged information.
If you are not the intended recipient (or have received this E-Mail
in error please notify the sender immediately and destroy this E-Mail.
Any unauthorized copying, disclosure or distribution of the material
in this E-Mail is strictly forbidden.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/VMmFQ7mOWZBxbPcRAnyGAKDSUV0NSpKQMhGz1+NJ0NNIsycMbgCeIz6c
+i1Hm1Sc6/Jg5qwc86iQ3Eo=
=lNrq
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training),
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier
technical IT security event.  Modeled after the famous Black Hat event in
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------