How do they even know about it if it's not serving clients? If the co-worker just installed it and never really did anything with it, then that is a different beast. I suppose the OP could search for shares named WSUSTemp, WsusContent, etc.
On Thu, Mar 25, 2010 at 6:32 PM, Jonathan Link <[email protected]> wrote: > Although, if it's rogue, and was just setup, it stands to reason that they > may not have setup a GPO to have clients update from it. > > On Thu, Mar 25, 2010 at 6:09 PM, Richard Stovall <[email protected]> wrote: >> >> Or that, but that's just waaaaaaaaaayyyyyyyy too easy. >> >> On Thu, Mar 25, 2010 at 6:01 PM, John Cook <[email protected]> wrote: >> > Can't you look in the registry under >> > HKLM\software\policies\microsoft\windows\windowsupdate\wuserver ? >> > >> > ________________________________ >> > From: Jonathan Link >> > To: NT System Admin Issues >> > Sent: Thu Mar 25 17:50:32 2010 >> > Subject: Re: Detect Rogue WSUS Server >> > >> > Or, if it's serving updates, wouldn't it be in a GPO? >> > >> > In Group Policy Object Editor, expand Computer Configuration, expand >> > Administrative Templates, expand Windows Components, and then click >> > Windows >> > Update. >> > >> > In the details pane, click Specify Intranet Microsoft update service >> > location. >> > >> > Click Enabled and type the HTTP(S) URL of the same WSUS server in the >> > Set >> > the intranet update service for detecting updates box and in the Set the >> > intranet statistics server box. For example, type http(s)://servername >> > in >> > both boxes. >> > >> > Click OK. >> > >> > >> > On Thu, Mar 25, 2010 at 5:38 PM, Steve Ens <[email protected]> wrote: >> >> >> >> There is a log file that you can find on your machine (if you are on >> >> the >> >> group policy that gets updated)... >> >> http://support.microsoft.com/kb/902093 >> >> >> >> >> >> On Thu, Mar 25, 2010 at 4:36 PM, Klint Price <[email protected]> >> >> wrote: >> >>> >> >>> A co-worker installed WSUS on a server in our environment, but never >> >>> documented where it was installed to. What are my options to detect >> >>> where >> >>> it is located if I do not have access to the LAN or FW (managed by >> >>> another >> >>> team in another office). >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >>> >> >> >> >> >> >> >> >> >> > >> > >> > >> > >> > >> > ________________________________ >> > CONFIDENTIALITY STATEMENT: The information transmitted, or contained or >> > attached to or with this Notice is intended only for the person or >> > entity to >> > which it is addressed and may contain Protected Health Information >> > (PHI), >> > confidential and/or privileged material. Any review, transmission, >> > dissemination, or other use of, and taking any action in reliance upon >> > this >> > information by persons or entities other than the intended recipient >> > without >> > the express written consent of the sender are prohibited. This >> > information >> > may be protected by the Health Insurance Portability and Accountability >> > Act >> > of 1996 (HIPAA), and other Federal and Florida laws. Improper or >> > unauthorized use or disclosure of this information could result in civil >> > and/or criminal penalties. >> > Consider the environment. Please don't print this e-mail unless you >> > really >> > need to. >> > >> > This email and any attached files are confidential and intended solely >> > for >> > the intended recipient(s). If you are not the named recipient you should >> > not >> > read, distribute, copy or alter this email. Any views or opinions >> > expressed >> > in this email are those of the author and do not represent those of the >> > company. Warning: Although precautions have been taken to make sure no >> > viruses are present in this email, the company cannot accept >> > responsibility >> > for any loss or damage that arise from the use of this email or >> > attachments. >> > >> > >> > >> > >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
