RE: Patch testing

• Previous message: Russell V. Toone: "RE: Patch testing"
• Maybe in reply to: Brei, Matt: "Patch testing"
• Next in thread: Dane Martin: "RE: Patch testing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: focus-ms@securityfocus.com
Date: Tue, 26 Aug 2003 13:16:37 -0400

If you don't have mirrored disk capabilities - use Norton Ghost to snap an
image of the system partition on the server before patching. Ive found that,
with compression, most images I've taken are less than 6 GB.

It's much easier to restore a Ghost image than to install an OS from scratch
and restore from tape.

--------------------------------------
Jason Merriman, Senior Site Manager
AboveNet
jmerriman@above.net
cell - 703.447.8402
tel - 571.633.5166
aim - revision
--------------------------------------
 

> -----Original Message-----
> From: Russell V. Toone [mailto:russ@eCallogy.com]
> Sent: Tuesday, August 26, 2003 11:22 AM
> To: focus-ms@securityfocus.com
> Subject: RE: Patch testing
>
>
>
> Just a thought, use mirrored disks, then before installing
> the patch(es) break the mirror and install to one of the
> disks. If all goes well, set the mirroring back up, if it
> doesn't go well, then fire up the machine from the "broken"
> mirror disk, and you'll be back where you were right before
> the patch installation.
>
>
> -----Original Message-----
> From: Kurt Seifried [mailto:bt@seifried.org]
> Sent: Monday, August 25, 2003 2:39 PM
> To: Matt Brei
> Cc: Todd Schubert; focus-ms@securityfocus.com
> Subject: Re: Patch testing
>
> > And we're supposed to do this for every patch MS releases? I would
> > have to hire 5 guys just to test patches. Not to mention
> that if one
> > of the patches does fail we have a production server(s)
> down. Backups
> > are great yes, but have you ever done a 100+ GB restore
> from an Ext.
> > SCSI LTO drive? It takes about 14 hours.
>
> Then this is one of the additional costs of running Windows
> that you will need to accept. Or else you can forego patch
> testing, cross your fingers and hope nothing breaks. People
> who complain about this strike me as a bit odd, you did know
> about these problems going into your MS purchase, didn't you?
> TCO, blah blah blah.
>
> As far as making this mess easier to deal with there are some
> potential
> lights:
>
> VMWare Workstation- pro: it's cheap, it's easy, you can test
> many configs quickly. cons: hardware issues probably will not
> come up. VMWare GSX/ESX/etc - pro: you can segment a server
> and test patches on "identical" setups, using only one
> hardware, cons: it's not cheap.
>
> Removable harddrives (if you can afford server downtime):
> simply swap the drives, go to a "test" drive, see if it blows
> up, if not go to production drive.
>
> Ultimately if you have a server so critical that it can't go
> down for more then a few minutes, and you have no
> backup/recovery plan that accounts for a hardware failure
> (they do happen) then you are screwed equally for testing and backup.
>
> And as another poster mentioned this is likely to only get
> worse, with part of IIS 6 running in kernel mode to increase
> speed (ala Tux web server on Linux, except IIS is a whole lot
> more complicated). VPN's are increasingly going to rely on
> hardware acceleration, especially on the servers, security
> updates may affect the drivers there.
>
> > Matt Brei
> > Network Administrator
>
>
>
>
> Kurt Seifried, kurt@seifried.org
> A15B BEE5 B391 B9AD B0EF
> AEB0 AD63 0B4E AD56 E574
> http://seifried.org/security/
>
>
>
>
> --------------------------------------------------------------
> -------------
> KaVaDo provides the first and only integrated Web application
> scanner and
> firewall security suite that prevent Web applications
> attacks, the most
> common form of online exploitation. Download a FREE
> whitepaper on Security Policy Automation for Web Applications.
> http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
> --------------------------------------------------------------
> -------------
>
> --------------------------------------------------------------
> -------------
> KaVaDo provides the first and only integrated Web application
> scanner and
> firewall security suite that prevent Web applications
> attacks, the most
> common form of online exploitation. Download a FREE
> whitepaper on Security Policy Automation for Web Applications.
> http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
> --------------------------------------------------------------
> -------------
>

---------------------------------------------------------------------------
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
---------------------------------------------------------------------------

• Previous message: Russell V. Toone: "RE: Patch testing"
• Maybe in reply to: Brei, Matt: "Patch testing"
• Next in thread: Dane Martin: "RE: Patch testing"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]