RE: Patch Management - again

-Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Subject: Re: Patch Management - again > And even Win32 (NT/9x) didn't have anything approaching a common installer > system until 2000 or so, and side-by-side DLL installs didn't show up > until...

RE: Patch Management - again

ead use .. a -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: 15 June 2010 17:15 To: NT System Admin Issues Subject: Re: Patch Management - again It isn't. The WSUS engine is more than capable of distributing and automatically installing third-party updates -

Re: Patch Management - again

On Tue, Jun 15, 2010 at 7:33 PM, Steven Peck wrote: > So as I have said.  Pretty much every issue has not been patch > related.  But having called MS we had help identifying the actual > cause of the issue. That doesn't make Windows better at package management; it just means if you pay for Mic

Re: Patch Management - again

... On Tue, Jun 15, 2010 at 4:16 PM, Ben Scott wrote: > On Tue, Jun 15, 2010 at 6:56 PM, Steven Peck wrote: >> Debian had the Drupal CMS in their distributions for >> years and despite many attempts we could not get that thing out of >> their despite it being old/unsecure/not-desired all because

Re: Patch Management - again

On Tue, Jun 15, 2010 at 6:56 PM, Steven Peck wrote: > Debian had the Drupal CMS in their distributions for > years and despite many attempts we could not get that thing out of > their despite it being old/unsecure/not-desired all because some guy > refused to remove it from the repo. > > At least

Re: Patch Management - again

Yes but with the Linux tree updates identifying the actual issue and who has the authority to change / update / do it right can be challenging. Debian had the Drupal CMS in their distributions for years and despite many attempts we could not get that thing out of their despite it being old/unsecur

Re: Patch Management - again

On Tue, Jun 15, 2010 at 6:40 PM, Andrew S. Baker wrote: >>>shaky foundation? > > The DOS, Win16 underpinnings... And even Win32 (NT/9x) didn't have anything approaching a common installer system until 2000 or so, and side-by-side DLL installs didn't show up until... what, Win XP? XP SP2? .N

Re: Patch Management - again

*>>shaky foundation?* The DOS, Win16 underpinnings... Installed base is great when everything has been well laid out. Not so great, when you're bound to earlier suboptimal decisions... -ASB: http://XeeSM.com/AndrewBaker On Tue, Jun 15, 2010 at 5:47 PM, Joseph Heaton wrote: > shaky foundatio

Re: Patch Management - again

On Tue, Jun 15, 2010 at 5:48 PM, Steven Peck wrote: > You are essentially relying on 'some' > to be doing something 'right' or at least agreed on and that their > choices will not nuke your existing configuration. Well, unless you write all software you use yourself, you're always relying on s

Re: Patch Management - again

Unlike say, some random software company that says their service pack, hotfix or other update won't trash your machine. MSFT/Adobe/others come to mind... On Tue, Jun 15, 2010 at 14:48, Steven Peck wrote: > Nor do they do the applications on a given distribution 'right' all > the time.  You are e

Re: Patch Management - again

On Tue, Jun 15, 2010 at 5:42 PM, Andrew S. Baker wrote: >> In contrast, all the current Linux distributions were designed >> "right" the [first] time, with strong package management from day one. > > I don't know that I would say that Linux *always* had package management > going well -- certainl

Re: Patch Management - again

Nor do they do the applications on a given distribution 'right' all the time. You are essentially relying on 'some' to be doing something 'right' or at least agreed on and that their choices will not nuke your existing configuration. Steven Peck On Tue, Jun 15, 2010 at 2:42 PM, Andrew S. Baker

Re: Patch Management - again

shaky foundation? >>> "Andrew S. Baker" 6/15/2010 2:42 PM >>> I don't know that I would say that Linux *always* had package management going well -- certainly not all distros. There was a time when Debian was highly regarded *because* of its excellent package management system. Redhat was next,

Re: Patch Management - again

I don't know that I would say that Linux *always* had package management going well -- certainly not all distros. There was a time when Debian was highly regarded *because* of its excellent package management system. Redhat was next, and then RPM became a major standard because of their popularit

Re: Patch Management - again

On Tue, Jun 15, 2010 at 1:28 PM, David Lum wrote: > +1 for Johnny Dangerously "Do you know your last name is an adverb?" > +1 for Shavlik Yah, I haven't used Shavlik NetChk much, but what I did try was impressive. I tried the free NetChk Limited package, and it found an issue that WSUS/WU d

Re: Patch Management - again

On Tue, Jun 15, 2010 at 12:15 PM, Phil Brutsche wrote: >> And why is a solution like this missing from MS operating systems?? > > It isn't. Comparing MSI/WSUS to RPM/YUM (or dpkg/APT or...) is really missing a lot. MSI is a beast to develop for, it's a compatibility nightmare across releases,

RE: Patch Management - again

day, June 14, 2010 9:49 AM To: NT System Admin Issues Subject: RE: Patch Management - again Except that doesn't upgrade the kernel or any other OS libraries. It's not full patch management. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com<mailto:kurt.b...@gm

Re: Patch Management - again

It isn't. The WSUS engine is more than capable of distributing and automatically installing third-party updates - it's what's used in products like System Center Essentials for the task - and MS created System Center Updates Publisher (aka SCUP) so that admins can add the updates. Third parties w

RE: Patch Management - again

Speaking of Secunia...webinar on now... http://secunia.com/vulnerability_scanning/corporate/webinars/ -Original Message- From: Alan Davies [mailto:adav...@cls-services.com] Sent: Tuesday, June 15, 2010 12:07 PM To: NT System Admin Issues Subject: RE: Patch Management - again And why

RE: Patch Management - again

t, deploying it, testing with it and integrating it into your change control procedures ... -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: 11 June 2010 23:51 To: NT System Admin Issues Subject: RE: Patch Management - again Thanks very much for this. It's

Re: Patch Management - again

[mailto:kurt.b...@gmail.com] > Sent: Saturday, June 12, 2010 8:58 PM > To: NT System Admin Issues > Subject: Re: Patch Management - again > > 'portupgrade -a' > > FreeBSD is ridiculously easy to maintain. > > And, for monitoring programs installed from ports, the

Re: Patch Management - again

On Mon, Jun 14, 2010 at 10:10 AM, Jeff Cain wrote: > For what it's worth, I would not ever automate a kernel upgrade. Really, everything on a computer is "automated". It's just a question of how much human supervision you give it. It's not like if I type "yum update kernel\*" or "rpm --inst

Re: Patch Management - again

ul Sunbelt Software Links: > > Knowledge Base > Open a New Support Ticket > Sunbelt Software Product Support Communities > > > -Original Message- > From: Jason Gauthier [mailto:jgauth...@lastar.com] > Sent: Monday, June 14, 2010 9:49 AM > To: NT System Admin Issu

RE: Patch Management - again

in Issues Subject: RE: Patch Management - again Except that doesn't upgrade the kernel or any other OS libraries. It's not full patch management. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Saturday, June 12, 2010 8:58 PM To: NT System Admin Issues Subjec

RE: Patch Management - again

Except that doesn't upgrade the kernel or any other OS libraries. It's not full patch management. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Saturday, June 12, 2010 8:58 PM To: NT System Admin Issues Subject: Re: Patch Management - again '

Re: Patch Management - again

-Windows patching? > > Alex > > > -Original Message- > From: Ben Scott [mailto:mailvor...@gmail.com] > Sent: Thursday, June 10, 2010 11:30 AM > To: NT System Admin Issues > Subject: Re: Patch Management - again > > On Thu, Jun 10, 2010 at 11:17 AM, Joseph Heaton wrote

Re: Patch Management - again

On Fri, Jun 11, 2010 at 6:36 PM, Joseph L. Casale wrote: >>       rpm --freshen /pub/mirror/centos/5/updates/i386/RPMS/* > > That do depsolving if a package updates requires another packed to be > updated as well? It will properly order installation so that dependencies are updated first. Howe

RE: Patch Management - again

Thanks very much for this. It's exactly the kind of info I was looking for. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, June 11, 2010 5:26 PM To: NT System Admin Issues Subject: Re: Patch Management - again On Fri, Jun 11, 2010 at 5:37 PM, Cra

RE: Patch Management - again

> To tell a computer to update against that: > > rpm --freshen /pub/mirror/centos/5/updates/i386/RPMS/* That do depsolving if a package updates requires another packed to be updated as well? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~

Re: Patch Management - again

On Fri, Jun 11, 2010 at 5:37 PM, Crawford, Scott wrote: >> Our only non-Windows computers are running Linux, and Linux makes >> patch management ridiculously easy. > > I'm sure there's countless places I could find this information, but > could you elaborate on that statement a bit? Well, this

RE: Patch Management - again

I'm sure there's countless places I could find this information, but could you elaborate on that statement a bit? -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, June 11, 2010 4:30 PM To: NT System Admin Issues Subject: Re: Patch Management - aga

Re: Patch Management - again

On Fri, Jun 11, 2010 at 3:59 PM, Alex Eckelberry wrote: > What do you do about non-Windows patching? Our only non-Windows computers are running Linux, and Linux makes patch management ridiculously easy. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~

Re: Patch Management - again

suffer - Original Message - From: "Alex Eckelberry" To: "NT System Admin Issues" Sent: Friday, June 11, 2010 3:59 PM Subject: RE: Patch Management - again WSUS. What do you do about non-Windows patching? Alex -Original Message- From: Ben S

RE: Patch Management - again

> WSUS. What do you do about non-Windows patching? Alex -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, June 10, 2010 11:30 AM To: NT System Admin Issues Subject: Re: Patch Management - again On Thu, Jun 10, 2010 at 11:17 AM, Joseph Heaton wr

RE: Patch Management - again

o: NT System Admin Issues Subject: Re: Patch Management - again On 10 Jun 2010 at 15:05, paul d wrote: > I pretty much do the same here. Auto download, manual reboot. I disabled "automatic download" after the failed Excel patch a few months ago. Those machines with &

RE: Patch Management - again

une 2010 13:56 To: NT System Admin Issues Subject: RE: Patch Management - again +1 Prior to that we used WSUS for the workstations. On the servers, we use WSUS to auto-download and do a manual install. WSUS is really rock solid. From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, J

Re: Patch Management - again

On 10 Jun 2010 at 15:05, paul d wrote: > I pretty much do the same here. Auto download, manual reboot. I disabled "automatic download" after the failed Excel patch a few months ago. Those machines with "auto download" had downloaded the bad patch. Even though I waited to apply the updates

RE: Patch Management - again

+1 Prior to that we used WSUS for the workstations. On the servers, we use WSUS to auto-download and do a manual install. WSUS is really rock solid. From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, June 10, 2010 11:32 AM To: NT System Admin Issues Subject: Re: Patch Management

Re: Patch Management - again

WSUS for Windows VMWare Update Manager for ESX GPOs for all the other crap (Adobe, Java, etc.) Dell IT Assistant for hardware On 10 June 2010 16:17, Joseph Heaton wrote: > I've been asked to research this arena again. > > What are you guys using for automating patch management for your servers?

RE: Patch Management - again

June 10, 2010 11:40 PM To: NT System Admin Issues Cc: NT System Admin Issues Subject: Re: Patch Management - again Hi Rod, Doesn't SCCM already handle third party updates? I may be wrong. Andrew. On 2010/06/11, at 9:13, "Rod Trent" wrote: > And, by the way, Shavlik has an

Re: Patch Management - again

espan.org] Sent: Thursday, June 10, 2010 7:18 PM To: NT System Admin Issues Subject: RE: Patch Management - again Shavlik... Z Edward Ziots CISSP,MCSA,MCP+I,Security +,Network +,CCA Network Engineer Lifespan Organization 401-639-3505 ezi...@lifespan.org -Original Message- From: Ben Scott

RE: Patch Management - again

And, by the way, Shavlik has an awesome add-in for SCCM for 3rd party patching. -Original Message- From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, June 10, 2010 7:18 PM To: NT System Admin Issues Subject: RE: Patch Management - again Shavlik... Z Edward Ziots CISSP

RE: Patch Management - again

: Patch Management - again On Thu, Jun 10, 2010 at 11:17 AM, Joseph Heaton wrote: > What are you guys using for automating patch management for your servers? WSUS. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE

Re: Patch Management - again

;> From: kennedy...@elyriaschools.org >> To: ntsysadmin@lyris.sunbelt-software.com >> Date: Thu, 10 Jun 2010 12:47:03 -0400 >> Subject: RE: Patch Management - again >> >> On the server side that won't change muchI don't think you want >> downloa

RE: Patch Management - again

kennedy...@elyriaschools.org > To: ntsysadmin@lyris.sunbelt-software.com > Date: Thu, 10 Jun 2010 12:47:03 -0400 > Subject: RE: Patch Management - again > > On the server side that won't change muchI don't think you want download > and install automatically as a ser

RE: Patch Management - again

ready done. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, June 10, 2010 12:18 PM To: NT System Admin Issues Subject: Re: Patch Management - again I currently have 67 boxes that I patch manually each month, ranging from XP to 2k8R2. It's actual

Re: Patch Management - again

I currently have 67 boxes that I patch manually each month, ranging from XP to 2k8R2. It's actually kind of nice, at the moment, as I do it at night from home, through a VPN back to the office. >>> Phil Brutsche 6/10/2010 9:15 AM >>> +1 I get nightmares thinking about what it was like before.

Re: Patch Management - again

+1 I get nightmares thinking about what it was like before. On 6/10/2010 10:29 AM, Ben Scott wrote: > On Thu, Jun 10, 2010 at 11:17 AM, Joseph Heaton wrote: >> What are you guys using for automating patch management for your servers? > > WSUS. -- Phil Brutsche p...@optimumdata.com ~ Final

Re: Patch Management - again

Yeah I just use WSUS for our desktops and servers as well. James - Original Message - From: "Ben Scott" To: "NT System Admin Issues" Sent: Thursday, June 10, 2010 11:29 AM Subject: Re: Patch Management - again On Thu, Jun 10, 2010 at 11:17 AM, Joseph Heaton

RE: Patch Management - again

. Free and very reliable. I am thrilled with it. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, June 10, 2010 11:36 AM To: NT System Admin Issues Subject: RE: Patch Management - again Desktops is done by a different group. We currently are a Novell

RE: Patch Management - again

+1 Sean Rector, MCSE -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, June 10, 2010 11:30 AM To: NT System Admin Issues Subject: Re: Patch Management - again On Thu, Jun 10, 2010 at 11:17 AM, Joseph Heaton wrote: > What are you guys using

RE: Patch Management - again

Desktops is done by a different group. We currently are a Novell environment, with a Windows application domain. I personally have both of my machines in the Windows domain, and doing updates myself. I think the desktop group has the clients automatically downloading and installing updates di

Re: Patch Management - again

We use the Dell Kace KBOX here. It gets its patching stream from Patchlink (not that it really matters). I have no issues with it, and it's very easy to use. KBOX is a full management product, so that might be overkill if you looking for patching exclusively. >>> "Joseph Heaton" 6/10/2

Re: Patch Management - again

On Thu, Jun 10, 2010 at 11:17 AM, Joseph Heaton wrote: > What are you guys using for automating patch management for your servers? WSUS. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ ~

RE: Patch Management - again

You're wanting this just for servers? What are you currently using for desktops? -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, June 10, 2010 11:17 AM To: NT System Admin Issues Subject: Patch Management - again I've been asked to research this arena