Re: automating reboot (was RE: RPC Scan Issues)

From: lists (lists_at_www.localareasecurity.com)
Date: 10/20/03

  • Next message: David Y. Ng: "group policy question"
    To: Atit.Shah@sherwin.com
    Date: Mon, 20 Oct 2003 01:54:07 -0300
    
    

    Yes it does in order to push out the patches at least. To scan it doesn't to
    at least know if it is patched or not. Where I am we have a standard password
    for the Administrator account so in most cases it was not an issue.

    -J-

    On Fri, 17 Oct 2003 11:11:31 -0400, Atit.Shah wrote
    > Does this product requires admin access to the remote users machine.....
    >
    > Thanks
    > Atit
    >
    >

    "lists" <lists@www.localareasecurity.com>
    > 10/16/2003 03:03 PM
    >
    > To: "Focus-MS" <focus-ms@securityfocus.com>
    > cc:
    > Subject: Re: automating reboot (was RE: RPC Scan Issues)
    >
    >
    > We used LanGuard Scanner (http://www.gfi.com) to push out the patches. Which
    > has a nice option of rebooting the PC once patches are installed. So users
    > get an interactive message stating they are being patched and to save work
    > etc. Then it will reboot the PC insuring they are patched. It is also handy
    > in getting a high level view of what SPs and Patches are already on the PCs.
    >
    > Not sure if someone already mentioned but it was a big help to us. Although
    > the license is I think $1K or so.
    >
    > Jascha
    > jascha@localareasecurity.com
    > ---------------------------<>
    > :: Local Area Security ::
    > Home of L.A.S. Linux
    > 200+ security tools on a 'live CD' fitting on a miniCD with full desktop.
    > Includes Nessus, Nmap, Snort, Autopsy, Ethereal, Ettercap, etc
    > http://localareasecurity.com
    > ------------------------------------<>
    >
    > On Thu, 16 Oct 2003 09:42:34 -0700, Zachary Mutrux wrote
    > > I create a reboot script using psshutdown.exe from Sysinternals.
    > > http://www.sysinternals.com/ntw2k/freeware/pstools.shtml
    > >
    > > It looks something like this:
    > >
    > > psshutdown -f -r -m "In order to apply a security patch, this
    > > computer will reboot in five minutes. --zm" -t 300 \\workstation1
    > >
    > > psshutdown -f -r -m "In order to apply a security patch, this
    > > computer will reboot in five minutes. --zm" -t 300 \\workstation2
    > >
    > > psshutdown -f -r -m "In order to apply a security patch, this
    > > computer will reboot in five minutes. --zm" -t 300 \\workstation3
    > >
    > > ...
    > >
    > > I usually create these scripts manually, following these steps:
    > >
    > > 1) Open Active Directory Users and Computers.
    > >
    > > 2) Select the hosts to be rebooted, and export to a tab-delimited
    > > text file
    > >
    > > 3) Open the text file in Excel, delete columns other than hostname
    > >
    > > 4) Paste or type in the options above for one host
    > >
    > > 5) Drag to copy the options down the column for all hosts
    > >
    > > 6) Save the file as text
    > >
    > > 7) Rename to "reboot_desktops.bat"
    > >
    > > At the same time, I create a variation of the script to abort the
    > > reboot, just in case I ever accidentally run the reboot script. It
    > > is the same as the reboot script, but uses the abort option.
    > >
    > > ...
    > > psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
    > > \\workstation1
    > > psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
    > > \\workstation2
    > > psshutdown -a -m "The reboot of this computer has been cancelled. --zm"
    > > \\workstation3
    > > ...
    > >
    > > Then I save this batch file as "abort_reboot.bat"
    > >
    > > Once I have the reboot script I save it in C:\batch and schedule it
    > > as a scheduled task to run late at night, but at a time that it will
    > > not interfere with backups or antivirus updates or other regularly scheduled
    > > maintenance. Before scheduling the reboot, I warn users to log off
    > > when they leave for the day, but to leave their computers running.
    > > That way there is less of a chance that someone will lose an unsaved
    > > document they left open on the desktop.
    > >
    > > Can anyone offer suggested improvements for this process?
    > >
    > > Zac
    > >
    > > > -----Original Message-----
    > > > From: c_brauckmiller@LEK.COM [mailto:c_brauckmiller@LEK.COM]
    > > > Sent: Wednesday, October 15, 2003 9:45 AM
    > > > To: Cosentino, Guilherme V.
    > > > Cc: 'focus-ms@securityfocus.com'
    > > > Subject: RE: RPC Scan Issues
    > > >
    > > >
    > > >
    > > >
    > > > Does anyone know of any tool that can automatically reboot every
    > > > machine in a
    > > > given IP range at a given timne?
    > > >
    > > > One could just tell the software to reboot all client PCs in the
    > > > DHCP scope.
    > > >
    > > > We ran into this exact problem when we pushed MS03-026 and
    > > > MS03-039 via login
    > > > script.
    > > >
    > > > Thanks
    > > >
    > > > Craig Brauckmiller
    > >
    > > ---------------------------------------------------------------------------
    > > FREE Whitepaper: Better Management for Network Security
    > >
    > > Looking for a better way to manage your IP security?
    > > Learn how Solsoft can help you:
    > > - Ensure robust IP security through policy-based management
    > > - Make firewall, VPN, and NAT rules interoperable across
    > > heterogeneous networks - Quickly respond to network events from a
    > > central console
    > >
    > > Download our FREE whitepaper at:
    > > http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
    > > ---------------------------------------------------------------------------
    >
    > ---------------------------------------------------------------------------
    > FREE Whitepaper: Better Management for Network Security
    >
    > Looking for a better way to manage your IP security?
    > Learn how Solsoft can help you:
    > - Ensure robust IP security through policy-based management
    > - Make firewall, VPN, and NAT rules interoperable across heterogeneous
    > networks
    > - Quickly respond to network events from a central console
    >
    > Download our FREE whitepaper at:
    > http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
    > ---------------------------------------------------------------------------
    >
    >

    ---------------------------<>
    :: Local Area Security ::
    Home of L.A.S. Linux
    150+ security tools on a 'live CD' fitting on a miniCD with full desktop.
    Includes Nessus, Nmap, Snort, Autopsy, Ethereal, etc
    ------------------------------------<>

    ---------------------------------------------------------------------------
    FREE Whitepaper: Better Management for Network Security

    Looking for a better way to manage your IP security?
    Learn how Solsoft can help you:
    - Ensure robust IP security through policy-based management
    - Make firewall, VPN, and NAT rules interoperable across heterogeneous
    networks
    - Quickly respond to network events from a central console

    Download our FREE whitepaper at:
    http://www.securityfocus.com/sponsor/Solsoft_focus-ms_031015
    ---------------------------------------------------------------------------


  • Next message: David Y. Ng: "group policy question"