Re: exploit to vulnerability

From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] (sbradcpa_at_pacbell.net)
Date: 08/20/05

  • Next message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: exploit to vulnerability"
    Date: Fri, 19 Aug 2005 19:56:54 -0700
    To: Bruce Martins <BMartins@extend.COM>
    
    

    Myself and other person are my 'canaries' in my office. We get the
    first. Patches are deployed to a 'like' server at home. I then watch
    the traffic in my Communities...www.patchmanagement.org has a very
    active patch issue community and issues are reported there.

    There's also a WSUS listserve as well.

    If you cannot test.. you listen to those who can.

    Bruce Martins wrote:

    >To be honest I use my own machine to test out the patches before applying them to machines, not the best way but cuts down on time I don't have to test also use of vmware sometimes
    >Bruce Martins
    >Systems Administrator
    >EXTEND>>MEDIA
    >190 Liberty Street
    >Toronto, Ontario
    >Canada
    >M6K 3L5
    >_______________________
    >e:bmartins@extend.com
    >t: (416) 535-4222 ext. 2307
    >f: (416) 535-1201
    >http://www.extend.com
    >--------------------------
    >Sent from my BlackBerry Wireless Handheld
    >
    >
    >-----Original Message-----
    >From: Murad Talukdar <talukdar_m@subway.com>
    >To: focus-ms@securityfocus.com <focus-ms@securityfocus.com>
    >Sent: Fri Aug 19 02:11:17 2005
    >Subject: exploit to vulnerability
    >
    >With all the issues highlighting the speed that exploits are now being
    >written (eg http://www.securityfocus.com/news/11285 )
    >The window between exploit/vuln, appears on average, to be getting tighter.
    >
    >We have an SME network and I used to have a week or so to test patches
    >before rolling them out.
    >This all begs the question now, with limited resources, do I just patch and
    >not worry about testing? I definitely have fewer resources than some of the
    >companies that were hit (CNN et al) and less time to dedicate to patching.
    >
    >Should I just use auto updates/GP to patch everything regardless?
    >What do other SME admins do?
    >
    >Kind Regards
    >Murad Talukdar
    >
    >
    >
    >
    >---------------------------------------------------------------------------
    >---------------------------------------------------------------------------
    >
    >
    >
    >
    >---------------------------------------------------------------------------
    >---------------------------------------------------------------------------
    >
    >
    >
    >

    -- 
    Letting your vendors set your risk analysis these days?  
    http://www.threatcode.com
    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------
    

  • Next message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Re: exploit to vulnerability"

    Relevant Pages

    • Re: exploit to vulnerability
      ... To be honest I use my own machine to test out the patches before applying them to machines, not the best way but cuts down on time I don't have to test also use of vmware sometimes ... This all begs the question now, with limited resources, do I just patch and ... Should I just use auto updates/GP to patch everything regardless? ... Kind Regards ...
      (Focus-Microsoft)
    • RE: exploit to vulnerability
      ... IMHO you should still test the patches. ... the testing process. ... Should I just use auto updates/GP to patch everything regardless? ... Kind Regards ...
      (Focus-Microsoft)
    • exploit to vulnerability
      ... This all begs the question now, with limited resources, do I just patch and ... Should I just use auto updates/GP to patch everything regardless? ... What do other SME admins do? ... Kind Regards ...
      (Focus-Microsoft)
    • Re: kernel 9.0
      ... schreef Hendric in het volgende: ... patch with the 2.4.22 and all the ac patches, but before I need to do some ... excellent patches from SuSE. ... With kind regards, ...
      (alt.os.linux.suse)
    • Re: kernel 9.0
      ... >|patch with the 2.4.22 and all the ac patches, but before I need to do some ... >|excellent patches from SuSE. ... With kind regards, ...
      (alt.os.linux.suse)