Re: automating reboot (was RE: RPC Scan Issues)
From: lists (lists_at_www.localareasecurity.com)
Date: 10/16/03
- Previous message: Marc Fossi: "Article Announcement: The Flaw of Security Through Diversification"
- In reply to: Zachary Mutrux: "automating reboot (was RE: RPC Scan Issues)"
- Next in thread: Sean Warnock: "RE: automating reboot (was RE: RPC Scan Issues)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Focus-MS" <focus-ms@securityfocus.com> Date: Thu, 16 Oct 2003 15:03:08 -0300
We used LanGuard Scanner (http://www.gfi.com) to push out the patches. Which
has a nice option of rebooting the PC once patches are installed. So users
get an interactive message stating they are being patched and to save work
etc. Then it will reboot the PC insuring they are patched. It is also handy
in getting a high level view of what SPs and Patches are already on the PCs.
Not sure if someone already mentioned but it was a big help to us. Although
the license is I think $1K or so.
Jascha
jascha@localareasecurity.com
---------------------------<>
:: Local Area Security ::
Home of L.A.S. Linux
200+ security tools on a 'live CD' fitting on a miniCD with full desktop.
Includes Nessus, Nmap, Snort, Autopsy, Ethereal, Ettercap, etc
http://localareasecurity.com
------------------------------------<>
On Thu, 16 Oct 2003 09:42:34 -0700, Zachary Mutrux wrote
> I create a reboot script using psshutdown.exe from Sysinternals.
> http://www.sysinternals.com/ntw2k/freeware/pstools.shtml
>
> It looks something like this:
>
> psshutdown -f -r -m "In order to apply a security patch, this
> computer will reboot in five minutes. --zm" -t 300 \\workstation1
>
> psshutdown -f -r -m "In order to apply a security patch, this
> computer will reboot in five minutes. --zm" -t 300 \\workstation2
>
> psshutdown -f -r -m "In order to apply a security patch, this
> computer will reboot in five minutes. --zm" -t 300 \\workstation3
>
> ...
>
> I usually create these scripts manually, following these steps:
>
> 1) Open Active Directory Users and Computers.
>
> 2) Select the hosts to be rebooted, and export to a tab-delimited
> text file
>
> 3) Open the text file in Excel, delete columns other than hostname
>
> 4) Paste or type in the options above for one host
>
> 5) Drag to copy the options down the column for all hosts
>
> 6) Save the file as text
>
> 7) Rename to "reboot_desktops.bat"
>
> At the same time, I create a variation of the script to abort the
> reboot, just in case I ever accidentally run the reboot script. It
> is the same as the reboot script, but uses the abort option.
>
> ...
> psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
> \\workstation1
> psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
> \\workstation2
> psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
> \\workstation3
> ...
>
> Then I save this batch file as "abort_reboot.bat"
>
> Once I have the reboot script I save it in C:\batch and schedule it
> as a scheduled task to run late at night, but at a time that it will
> not interfere with backups or antivirus updates or other regularly scheduled
> maintenance. Before scheduling the reboot, I warn users to log off
> when they leave for the day, but to leave their computers running.
> That way there is less of a chance that someone will lose an unsaved
> document they left open on the desktop.
>
> Can anyone offer suggested improvements for this process?
>
> Zac
>
> > -----Original Message-----
> > From: c_brauckmiller@LEK.COM [mailto:c_brauckmiller@LEK.COM]
> > Sent: Wednesday, October 15, 2003 9:45 AM
> > To: Cosentino, Guilherme V.
> > Cc: 'focus-ms@securityfocus.com'
> > Subject: RE: RPC Scan Issues
> >
> >
> >
> >
> > Does anyone know of any tool that can automatically reboot every
> > machine in a
> > given IP range at a given timne?
> >
> > One could just tell the software to reboot all client PCs in the
> > DHCP scope.
> >
> > We ran into this exact problem when we pushed MS03-026 and
> > MS03-039 via login
> > script.
> >
> > Thanks
> >
> > Craig Brauckmiller
>
> ---------------------------------------------------------------------------
> FREE Whitepaper: Better Management for Network Security
>
> Looking for a better way to manage your IP security?
> Learn how Solsoft can help you:
> - Ensure robust IP security through policy-based management
> - Make firewall, VPN, and NAT rules interoperable across
> heterogeneous networks - Quickly respond to network events from a
> central console
>
> Download our FREE whitepaper at:
> http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
> ---------------------------------------------------------------------------
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
---------------------------------------------------------------------------
- Previous message: Marc Fossi: "Article Announcement: The Flaw of Security Through Diversification"
- In reply to: Zachary Mutrux: "automating reboot (was RE: RPC Scan Issues)"
- Next in thread: Sean Warnock: "RE: automating reboot (was RE: RPC Scan Issues)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
