Advanced Patch Management advice required

From: Emdee (mikeDONTSPAM@webheat.co.uk)
Date: 02/14/03


From: "Emdee" <mikeDONTSPAM@webheat.co.uk>
Date: Fri, 14 Feb 2003 13:22:10 -0000


Has anyone got any ideas on what I could do to meet these criterion:

- I need a way to create a list of patches required for 7 servers (Win2K)
within a domain.

- To be able to track which patches are required PER SERVER

-To be able to indicate which:
 *which patches have been applied
 *which patches are NOT to be applied
 *which are still to be reviewed
 *which patches have been reviewed and ARE to be applied

- To be able to log notes against any patchs per server, i.e Reason why the
patch is not applied to this server.

======================================
I've been playing around with the idea of using hfnetchk to produce reports
per machine in TAB seperated format and then importing these into a Access
(or other) database and producing some appropiately linked tables and
queries to get the result I want.

My DB skills are not as sharp as I'd like so this is likely to be time
consuming so I'd like to get some feedback on this and other possible
solutions.

Thanks
Mike



Relevant Pages

  • Re: IIS Hack : Anyone explain cause...
    ... it looks like you cleaned up the server -- if you care about security, ... Microsoft tries and mostly succeeds to release patches PRIOR to ... weeks/months/years prior to exploitation. ... > protected rant as we all know that IIS and indeed lots of software has ...
    (microsoft.public.inetserver.iis)
  • Re: Is MSIE dead as a browser - if Microsoft does not patch it then it is as far as I am concerned!
    ... M$ issuing patches "PDQ" is ... >> files served by the web server. ... this vulnerability ... the installed patch ...
    (microsoft.public.security.virus)
  • Re: Open Ports....How to block them all....?
    ... > I keep it up to date with SP's and Patches but find that the server keeps ... Frequently this happens through an IIS ... Ways to secure your system are detailed at: ...
    (microsoft.public.inetserver.iis.security)
  • Re: Open Ports....How to block them all....?
    ... >> What can be done to secure this server so that this doesn't keep> happening? ... Frequently this happens through an IIS> vulnerability. ... Installing Serv-U software typically involves a> person having the ability to remotely run commands and install files on your> system, ... > Remember that security is not just patches but also proper configuration and> third party hardening tools. ...
    (microsoft.public.inetserver.iis.security)
  • Re: Oh, heres an interesting paper.....
    ... monitoring and maintaining all the patches and settings and ... applications to Web server software from other vendors, ... Microsoft's Windows Update site, windowsupdate.microsoft.com, was defaced ... The Code Red worm, which began its trail of destruction earlier this ...
    (comp.security.firewalls)