Re: Microsoft SUS on Apache?
From: John Tracy (tracy_at_kepler.covenant.edu)
Date: 01/12/04
- Previous message: Joerg Over Dexia: "Re: Securing SSH"
- In reply to: jburzenski_at_americanhm.com: "Microsoft SUS on Apache?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 12 Jan 2004 15:41:34 -0500 To: jburzenski@americanhm.com, security-basics@securityfocus.com
Hi Jason,
I would seriously doubt that this would work well. When you use
Software Update Services, it's not identical to using
http://windowsupdate.microsoft.com. First, you don't open up
http://localsusserver in a web browser and start your updates. The SUS
server is a mirror of the patches available at Windowsupdate, but the
way that end users actually get the patches installed is different.
The best way to deliver the patches to the end users is to setup a
Group Policy which tells domain member machines to get their Windows
update from http://localsusserver. Then the clients automatically detect
(and/or download and/or install) when new updates are available. The end
user never sees the familiar website--it's handed by the Windows Update
client, which is installed automatically with SP3 in Windows 2k, and I
believe by default with Windows XP (SUS doesn't provide patches for OS's
older than Windows 2000). The Windows Update client software is the only
way that client machines can get updates from an SUS server that I'm
aware of.
If you're running a network of domain member machines that are
primary Windows 2000 and above, with a Windows domain controller, this
is wonderful software. It might be worth the cost of an additional
server license if you consider the cost savings in manhours (of course
if the software was written better to begin with, that would be an
entirely different story).
The primary audience for SUS seems to be corporate LANs that are
fairly homogeneous anyway--and would likely have a Windows server that
is already licensed sitting around, and hence the ability to throw an
extra service on it.
Hope this helps... feel free to throw any questions/thoughts/flames my way.
John Tracy
> Does anyone have any experience trying to get SUS running on an open source
> web server?
>
> I haven't looked at the license agreement for SUS but I would imagine there
> is language in there making this illegal or restricted. Anyone read it over
> recently who can comment on this?
>
> Justifying the cost for SUS (free) is easy until you realize you have to pay
> for a Microsoft Server license to run it.
---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------
- Previous message: Joerg Over Dexia: "Re: Securing SSH"
- In reply to: jburzenski_at_americanhm.com: "Microsoft SUS on Apache?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
