[unisog] Validation problems with Windows Update

BACHAND, Dave (Info. Tech. Services) BachandD at easternct.edu
Fri Aug 26 19:47:11 GMT 2005


Hello-

We're looking at the same issue here.

A trace is showing a connection to a number of Microsoft sites, as well
as one packet sent to 208.172.13.251.  It has a destination port of 80,
and source of 1433.

Are looking into seeing if allowing this to pass will help.


++++++++++++++++++++++++++++++++++
Dave Bachand
Data Network Manager
Information Technology Services
Eastern Connecticut State University
83 Windham Street
Willimantic, CT
Tel. (860)465-5376
++++++++++++++++++++++++++++++++++

-----Original Message-----
From: unisog-bounces at lists.sans.org
[mailto:unisog-bounces at lists.sans.org] On Behalf Of Matt Ashfield
Sent: Friday, August 26, 2005 8:46 AM
To: 'UNIversity Security Operations Group'
Subject: [unisog] Validation problems with Windows Update

HI All

Our students are beginning to show up on campus and are looking to
register for our network. We are forcing students to do a few security
related things before they are allowed on the network. One of the main
things they must do is update their system by going to WindowsUpdate.

We have experienced a lot of problems with users being able to validate
their OS with Microsoft. Even people who appear to have legitimate
copies of Windows. 

Among the problems we've experienced:

- Users being able to download, but not install the Windows Genuine
Advantage Validation tool. Despite repeated downloads, and attempts at
installing, it simply will not install.

- A potential timeout issue when users go to the website to validate
their version of windows. There is a message stating that the validation
tool was not able to communicate properly. This is potentially a problem
with our firewall rules. What sites/addresses are people letting through
their firewalls now to accommodate for this newly revamped
WindowsUpdate. The error that's given only tells the user to ensure
their date/time is correct.
Not very helpful.

Any info is greatly appreciated!

Cheers


Matt Ashfield
Network Analyst
Integrated Technology Services
University of New Brunswick
mda at unb.ca 




_______________________________________________
unisog mailing list
unisog at lists.sans.org
http://www.dshield.org/mailman/listinfo/unisog




More information about the unisog mailing list