So will the latest RPC/Windows hole make people consider non windows OS?

[Nothinman]

There is no way for you to just download the patch to a ftp server on your lan or anything like that?

Sure there is, but how do you get 1000 employees to install it?

Then just systematicly go to all of them and install the package

Some of our locations are many states away, I'm not flying to NY just to patch 5 machines.

 

[booze]

i am in the process of switching to linux only now.

thanks to Windows for opening my eyes even larger 🙂

 

[Flatline]

I'm not flying to NY just to patch 5 machines.

Maybe you could check out a show while you're there 😛😉

This is the kind of thing that RedHat network is supposed to address, but it costs $$$

 

[Flatline]

And, of course, it only works if you're running RedHat

 

[Nothinman]

Maybe you could check out a show while you're there

Technically I wouldn't mind going, but work wouldn't send me for just that.

 

[Flatline]

I got shipped to Princeton last year because my boss didn't want to even check out why a server was down; they had had a power surge and it turned out all I needed to do was run chkdsk...ain't that a b!tch?

 

[drag]

Originally posted by: Nothinman

There is no way for you to just download the patch to a ftp server on your lan or anything like that?

Sure there is, but how do you get 1000 employees to install it?

Then just systematicly go to all of them and install the package

Some of our locations are many states away, I'm not flying to NY just to patch 5 machines.

So what? do you realy have nobody at all that is at least somewhat responsible for keeping those computers running? Can't you just e-mail Bob the secratery and give him a link to the microsoft update website? And say it's your job to get the patch installed on the five computers in Newyork.. Doesn't seem like that big of deal. Doesn't MS provide terminal services so you can do that remotely?

 

[Nothinman]

So what? do you realy have nobody at all that is at least somewhat responsible for keeping those computers running? Can't you just e-mail Bob the secratery and give him a link to the microsoft update website?

Maybe, I'm not sure if I'd trust Grace (the only semi-technical person up there, the rest are VPs/Salesmen) to do that though, either way it's not my call. Most of our sites that aren't based in Pittsburgh are really small (<10 people), we even have a few places that are just a single person working from home.

Doesn't MS provide terminal services so you can do that remotely?

None of the workstations or laptops have TS installed.

I got shipped to Princeton last year because my boss didn't want to even check out why a server was down; they had had a power surge and it turned out all I needed to do was run chkdsk...ain't that a b!tch?

Depends on if you like to travel or not, I guess =)

 

[drag]

Depends on if you like to travel or not, I guess =)

Also depends on how they scale the pay for travelling.

 

[Hamilton]

Originally posted by: Nothinman

This patch was out for a month and yet still banks and government agencies were still affected. This indicates the places were we would assume the highest amount of security measures would be used realy failed to even follow fundamental aspects of computer security. So they would be screwed irregardless which OS they use.

Consider how difficult it is to keep all the companie's workstations up to date. You can't let them just use WU because for a company of any size that would kill your Internet connection periodically as 500+ machines try to download patches from WU. You can probably use AD GPOs to push updates, but most places are still in the beginning to middle of their AD migration if one is happening at all. And I believe MS SUS requires AD and only works on servers currently, which makes it borderline useless. With a host of Linux boxes it would be simple to write a script to scp an RPM over and install it remotely.

Thats why you should use, Software Update Service. With that only one computer needs to contact windowsupdate and then it spreads to all workstations.

 

[Nothinman]

Thats why you should use, Software Update Service. With that only one computer needs to contact windowsupdate and then it spreads to all workstations.

I know about SUS, but I shouldn't need another server for something that should be easily scriptable. Anyway I'm not directly involved with that decision, but I know SUS is one of the things being looked at.

 

[JC]

I guess I was lucky, my HD with W2K Pro died a week or two before this Blaster bs came along....and my backup HD has Win98SE on it, so I'm back up and virus-free!

On the downside, the reason the backup HD has Win98 instead of W2K is because I didn't back it up very recently....🙁

 

[erikistired]

i keep my computer up to date and behind a firewall, so the headaches of another OS is not happening anytime in my future.

 

[Hamilton]

Originally posted by: Nothinman

Thats why you should use, Software Update Service. With that only one computer needs to contact windowsupdate and then it spreads to all workstations.

I know about SUS, but I shouldn't need another server for something that should be easily scriptable. Anyway I'm not directly involved with that decision, but I know SUS is one of the things being looked at.

Easily scriptable & cheap, that sure aint Microsoft 🙂

 

[Davegod]

>> So will the latest RPC/Windows hole make people consider non windows OS?

Nope, but it does help me appreciate the updating, firewall and AV is worth it.

 

[Nothinman]

http://arstechnica.infopop.net/OpenTopic/page?a=tpc&s=50009562&f=12009443&m=8050987085

Now I'm glad I don't use SUS =)

 

[Hamilton]

Originally posted by: Nothinman
http://arstechnica.infopop.net/OpenTopic/page?a=tpc&s=50009562&f=12009443&m=8050987085

Now I'm glad I don't use SUS =)

Well it wasnt that bad. It was down for a couple of hours. Of course that aint good but the patch has been out for weeks.
I havent had any problems updating my SUS server. So far it has worked liked it should.

 

[Nothinman]

So does that mean windowsupdate.com is back, and ready to be attacked on the next 16th, or did you have to reconfigure SUS to point to a new location?

 

[Barnaby W. Füi]

Looks like there is now a worm going around that gets in via the rpc hole, removes msblast, and patches your system for you. 🙂

(not joking, check slashdot)

 

[Flatline]

Yeah, I posted about it a while ago; one of our centers in Asia got NAILED by it early this morning (it seemed to have been there since before the patch, but I'll have to wait and see what "really" happened). The little sucker clogs the hell out of network bandwidth.