[unisog] Developing "Security Guidelines" email

Michael Holstein michael.holstein at csuohio.edu
Mon Feb 28 13:39:04 GMT 2005


> "Help!  We have a machine that we've wiped & built from scratch 3 times, 
> and it keeps getting hacked.  What should we do?"

Our response to this problem is a "security cd" that contains the 
Microsft service pack and all patches released since (plus McAfee and 
other goodies). A small MFC application autoruns and determines various 
environment variables (like version of windows, office, etc) and builds 
a list of patches to install using 'qchain'.

Thus, one can fully patch a machine without ever plugging it into the 
network.

I would offer to make available an ISO image of this but other chatter 
on this and other lists seems to imply that redistributing Microsoft 
service packs is a violation of the license agreement.

Cheers,

Michael Holstein CISSP GCIA
Cleveland State University



More information about the unisog mailing list