Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


RE: Not patching clients??
.

  • To: "Patch Management Mailing List" <[EMAIL PROTECTED]>
  • Subject: RE: Not patching clients??
  • From: "Jeff Kowalke" <[EMAIL PROTECTED]>
  • Date: Thu, 29 Apr 2004 18:56:04 -0400
  • In-reply-to: <[EMAIL PROTECTED]>
  • Reply-to: "Patch Management Mailing List" <[EMAIL PROTECTED]>
  • Thread-index: AcQuHT+IfFUbUFPZRTS7eoghUblEYgAAGg4gAAeJ9wA=
.
 
Here is a reason to patch your clients:

You have a firewall, but that only protects against attacks from the outside
in.

If you have MOBILE users and they don't patch their notebooks (and your
internal clients are not patched) - LOOK OUT when they return from their
unprotected home networks and dial-up (yes, dial-up!) connections.

WOW - they picked up a worm outside of the office and they don't know, since
they disable their virus checker or don't keep it up to date.

They come waltzing back into the office, plug in and BAM! They start an
internal Denial of Service attack on your unprotected machines.  These
machines start flooding your switches and routers with traffic and soon even
the patched machines are rendered OFFLINE.

If this sounds far-fetched, it isn't.  I lived through it.  6 hours of
sneaker net scans/disinfections/patching.  It only takes ONE notebook to
start the dominoes falling.

SIMPLY PUT, PATCH YOUR CLIENTS.  DO NOT DEPEND ON FIREWALLS.  DO NOT DEPEND
ON VIRUS SCANNERS.

Hope this helps!
Jeff

-----Original Message-----
From: Dutton Alan Civ 512 MSS/SCBN [mailto:[EMAIL PROTECTED] 
Sent: Thursday, April 29, 2004 3:14 PM
To: Patch Management Mailing List
Subject: RE: Not patching clients??

We've been insuring that all of our computers are patched  as soon as
possible after the patches are released.  We've been hit but the I Love
You, viruses, and a few other viruses and worms over the past few years.
I try to insure everybody gets patches done as soon as we test them out.
WE use LAN Guard to scan the systems and if we cannot use it to push
patches out, then we go out and load them by hand. But wait until you
get a virus on one of your critical computers and you have to take it
off line to get it cleaned.  You will hear all kinds of people yelling
that you should have been patching your machines. 

Alan Dutton
System Administrator
[EMAIL PROTECTED]
[EMAIL PROTECTED]
DSN 445-3535
Fax 445-3496


-----Original Message-----
From: Rodriguez, Daniel [EPM-SRM]
[mailto:[EMAIL PROTECTED] 
Sent: Thursday, April 29, 2004 2:54 PM
To: Patch Management Mailing List
Subject: RE: Not patching clients??

Well, that is why you use software and then schedule the task. If, after
initial setup and rollout, everything works ok, then only one person
needs
to manage it. It is our corportate policy, though to make sure that all
of
our computers are patched and up to date. We have been hit by the Nachi
worm
and it requires a specific patch be loaded on all of our Windows 2000
Pro
workstations. Once it is loaded, then and only then, will McAfee be able
to
remove it.

Daniel E. Rodriguez
Information Technology
Emerson Process Management
Fisher Controls Division
Sherman, Texas
(903)868-3357
[EMAIL PROTECTED]


-----Original Message-----
From: Paul Nelson [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 29, 2004 1:37 PM
To: Patch Management Mailing List
Subject: Not patching clients??


Hi group,

Recently there has been talk in our IS group that patching clients is
unnecessary and there will not be a dedicated person to research or
resolve
outstanding issues. We are primarily a Novell environment and have SUS
running for a handful of systems, but that is about it.  We can push out
patches via ZEN, but this is only done in emergencies (think Blaster).
Client-wise, that's absolutely scary.  We do however have dedicated
individuals to cover any server or back-office system, so we are not in
trouble there.  Our management's opinion is that network gear and the
perimeter will take care of the business, so patching clients is
irrelevant..

My question or issue to present to the group is how do you approach a
situation when management considers it unnecessary to patch clients?
Being
a technical person I know the impacts, but of course things don't change
even after everyone talks about it.  We're in the situation where it
almost
takes a major exploit to wreck havoc and change opinions.  I'm surprised
that only the server people are interested in defending the patch issue
and
they are the only ones taking action.

I know many people are (or were) in this situation.  After reading the
survey posting in the group earlier this morning, it does not shock me
that
many organizations have only one person to handle this.  What do you do
if
you essentially have no one?

I'd like to see other's opinions or unique viewpoints on this.

Thanks,

Paul Nelson
Network Specialist
Medical College of Ohio
(419) 383-3638
[EMAIL PROTECTED]


---
To unsubscribe send a blank email to
[EMAIL PROTECTED]

---
To unsubscribe send a blank email to
[EMAIL PROTECTED]

---
To unsubscribe send a blank email to
[EMAIL PROTECTED]



---
To unsubscribe send a blank email to [EMAIL PROTECTED]
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.