Re: WU and security?
From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 09/22/04
- Next message: The Poster: "Web Server - User Access and Priviledges."
- Previous message: scott: "WU and security?"
- In reply to: scott: "WU and security?"
- Next in thread: Scott: "Re: WU and security?"
- Reply: Scott: "Re: WU and security?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Sep 2004 16:11:16 +0200
Hi Scott,
Servers use httpS. This means that client will check if server has Microsoft
certificate and if this certificate is valid (e.g. issued by trusted source,
has not been revoked and has not expired...).
*******************************************************
TCP 10.8.64.79:3190 207.46.157.93:80 ESTABLISHED
TCP 10.8.64.79:3192 207.46.157.93:443 ESTABLISHED
*******************************************************
Next thing, all patches and service packs are digitally signed by Microsoft.
If I was to take a patch and modify one bit in it, digital certificate would
be invalid and patch would fail to install...
http://freeweb.siol.net/mpihler/signok.jpg
I hope this helps,
Mike
"scott" <scott@ehrlichtronics.com> wrote in message
news:490701c4a0ab$04a4d6a0$a301280a@phx.gbl...
> What technology is behind the WU client/server model, and
> what is to prevent a rogue WU server from sending
> malicious updates to client machines or local department
> WU servers?
>
> Thanks.
>
> Scott
- Next message: The Poster: "Web Server - User Access and Priviledges."
- Previous message: scott: "WU and security?"
- In reply to: scott: "WU and security?"
- Next in thread: Scott: "Re: WU and security?"
- Reply: Scott: "Re: WU and security?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
