having loads of fun with viruses...

[scottyman]

post your blocked virus count on your OWN account...
435 for me already - averaging another every 5 seconds or so.

Sobig.F is fun... and even better, it's hoaxing a send address of webmaster@mydomain.com (mydomain meaning ... MY DOMAIN! ) so I'm getting a large number of false positives!

Just found out that one of my clients had "forgotten" to update their a/v software for 3 dat releases (two weeks) and managed to propogate a large number of viruses before I literally pulled the plug. Say goodbye router!

[Jcb33]

IM getting hundreds of e-mails from msn about it i think its a fake lol i bloked em ne way and i keep getting someone trying to send me deep throat which is anoying i carnt let my shilds down to let scotty beem a file from msn lol

[Bunjiweb]

i've had 1 virus warning this week that was trapped and quarentined before it even got a chance to run

Viva Virus updates, Firewalls and regular windows upadates... oh, and Win 2k

Ben

[tonicblue]

AVG is all I need. My router blocks all the porty stuff. Alsot the fact that i'm running 98 stops most of the new Viruses. I gotta format and install 2000. 98 Is starting to slowly kill me

[pmk24]

all go back to 3.1 and your problems will be solved ........

[acidrainy]

Originally posted by pmk24
all go back to 3.1 and your problems will be solved ........

/me hops over to Linux
Now I'm safe for a while, "muhahaha"

[joshwa]

I wouldn't really call it fun ... we've got hundreds of windows 2000 PCs that need patching to stop them getting infected by the MSBlast worm

[Stoo]

The easiest way would be to setup one of those SMS/SUS servers? Save a bunch of time when applying the patches to all those machines..

Either that or add a line to their login scripts to grab the patch, install it and reboot..?

[pmk24]

yes stoo your correct there but sometimes its better going to each pc and doing it yourself, why? if 200+ pc's all login at 8:45am the amount of traffic and pressure would cause more stress on techies and not every pc would be switched on so you would have the odd unpatched pc. and the login script couldnt tell if it had patched this pc before or not so each time a person would login it would repatch untill you took it away from their group.

[joshwa]

another problem we've found is that the patch needs SP2 at least on the w2k boxes, so we have to upgrade the service pack when they only have sp1. we're looking into the other options though....

[rc55]

Sorry, OT, but doesn't tonicblue look like David Sneddon?

[scottyman]

ouch - what about HFNetChk 4? from Shavlik?

Free up to 50 users (create user groups of 49 users each) and distribute all required patches

one of our problems is that some of our software will simply not run on machines higher than sp1 for Win2k - which means most patches just will not install.

[Jiff Lemon]

Originally posted by www.josh.org.uk
another problem we've found is that the patch needs SP2 at least on the w2k boxes, so we have to upgrade the service pack when they only have sp1. we're looking into the other options though....

We found that SP3 is minimum for 2k.

Currently on 54 hours of overtime so far....

The company I support has for the last 9 months resisted going to SP3, despite our warnings. It's also still primarily an NT4 server based network.

Initially around 15k machines to manually upgrade to SP3, then install the patch. We're now in the mopping up phase, but estimate at least another thousand PC's with problems.

[Paul Adams]

If you don't want to use a SUS server to update clients on a large LAN, and they log into some kind of directory (NDS, Active Directory) or domain, why not use a silent install in the login script?

SUS updates are scheduled by the client computer, the best thing to do is have a well-structured Active Directory and set up group policies for different containers, each policy having a different time to schedule the update check.
Or use a farm of SUS servers to share the load.

That's what we're doing for clients - the servers use SUS, but the clients have their system checked on login and new patches loaded silently if they aren' t yet applied.

Like the latest cumulative hotfix for IE (20th August) - just run it with /Q on the end of the command line and the only prompt you get is if you wish to restart the computer for it to take effect.

Much easier than actually visiting 1000 PCs on a WAN

Not sure the same applies for service packs, though...

[joshwa]

Originally posted by Jiff Lemon
We found that SP3 is minimum for 2k.

Currently on 54 hours of overtime so far....

The company I support has for the last 9 months resisted going to SP3, despite our warnings. It's also still primarily an NT4 server based network.

Initially around 15k machines to manually upgrade to SP3, then install the patch. We're now in the mopping up phase, but estimate at least another thousand PC's with problems.

why is sp3 a minimum? some of the people here have found that after installing sp3 , that they then need to reinstall office 2k to get it to work properly...

i personally think sp4 would probably be best as it's got the most patches in place.

[Paul Adams]

SP4 was the first service pack I've actually encountered issues with on Windows 2000, but specifically with web servers.

When the SP install gets to the very end, it tries to execute some scripts related to IIS - I think it assumes certain default values so if you've hardened your web server (as is good practice) then some of these scripts throw out errors.

On one of our web servers it reported more of these errors than others, and now reports it is still on SP3 - but it didn't roll back any of the files, so I'm certain SP4 is actually in effect.

The client applications of SP4 I have done have all been fine - some use Office 97, some Office 2000 and some Office XP.


To be honest, the best practice I think to employ for large networks is to have a constant rollout of machine builds, and roaming user profiles.
As a new SP gets released, start building new PCs from a disk image set up from scratch (Norton Ghost is a godsend for speeding this up), then swap the PCs over with users, and rebuild the PCs you just swapped out.

Stops users storing files on the local drives too, which is great
Usually, by the time you complete a rollout there's a new SP to apply hehe.