Uh, I thought you said you didn't have access to the network. A portscan for port 1433 would probably have been equally as good, or perhaps better.
On Sun, Mar 28, 2010 at 09:51, Klint Price <[email protected]> wrote: > Considering the several hundred servers, I wound up doing a port scan on the > network for port 80, and then removed the known web servers. It wound up > being on one of the domain controllers for one of the many domains we manage, > and has been removed. The GPOs will reset those users who were configured > incorrectly. > > Klint > > > ________________________________________ > From: Richard Stovall [[email protected]] > Sent: Thursday, March 25, 2010 3:09 PM > To: NT System Admin Issues > Subject: Re: Detect Rogue WSUS Server > > Or that, but that's just waaaaaaaaaayyyyyyyy too easy. > > On Thu, Mar 25, 2010 at 6:01 PM, John Cook <[email protected]> wrote: >> Can't you look in the registry under >> HKLM\software\policies\microsoft\windows\windowsupdate\wuserver ? >> >> ________________________________ >> From: Jonathan Link >> To: NT System Admin Issues >> Sent: Thu Mar 25 17:50:32 2010 >> Subject: Re: Detect Rogue WSUS Server >> >> Or, if it's serving updates, wouldn't it be in a GPO? >> >> In Group Policy Object Editor, expand Computer Configuration, expand >> Administrative Templates, expand Windows Components, and then click Windows >> Update. >> >> In the details pane, click Specify Intranet Microsoft update service >> location. >> >> Click Enabled and type the HTTP(S) URL of the same WSUS server in the Set >> the intranet update service for detecting updates box and in the Set the >> intranet statistics server box. For example, type http(s)://servername in >> both boxes. >> >> Click OK. >> >> >> On Thu, Mar 25, 2010 at 5:38 PM, Steve Ens <[email protected]> wrote: >>> >>> There is a log file that you can find on your machine (if you are on the >>> group policy that gets updated)... >>> http://support.microsoft.com/kb/902093 >>> >>> >>> On Thu, Mar 25, 2010 at 4:36 PM, Klint Price <[email protected]> >>> wrote: >>>> >>>> A co-worker installed WSUS on a server in our environment, but never >>>> documented where it was installed to. What are my options to detect where >>>> it is located if I do not have access to the LAN or FW (managed by another >>>> team in another office). >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>> >>> >>> >>> >> >> >> >> >> >> ________________________________ >> CONFIDENTIALITY STATEMENT: The information transmitted, or contained or >> attached to or with this Notice is intended only for the person or entity to >> which it is addressed and may contain Protected Health Information (PHI), >> confidential and/or privileged material. Any review, transmission, >> dissemination, or other use of, and taking any action in reliance upon this >> information by persons or entities other than the intended recipient without >> the express written consent of the sender are prohibited. This information >> may be protected by the Health Insurance Portability and Accountability Act >> of 1996 (HIPAA), and other Federal and Florida laws. Improper or >> unauthorized use or disclosure of this information could result in civil >> and/or criminal penalties. >> Consider the environment. Please don't print this e-mail unless you really >> need to. >> >> This email and any attached files are confidential and intended solely for >> the intended recipient(s). If you are not the named recipient you should not >> read, distribute, copy or alter this email. Any views or opinions expressed >> in this email are those of the author and do not represent those of the >> company. Warning: Although precautions have been taken to make sure no >> viruses are present in this email, the company cannot accept responsibility >> for any loss or damage that arise from the use of this email or attachments. >> >> >> >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
