Well, it's difficult patch servers that are required to be up 24/7. It would be nice if people would only have medical problems during regular business hours. Also, Vendors have a habit of using these exploits to make their application work... (ahem, Lawson for one) It happens all TOO frequently that a new Security Hotfix breaks an application. Some orgs have over 700 applications so how do you test? Some applications require FDA approval, other vender certification (if you want support). It's not as simple as plug and pray. Joe -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Nicolai Imset Sent: Wednesday, November 17, 2004 5:11 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Reboot Schedule A stated in previous posts we have a huge amount of users (approx 40'000) not simultanously (however that is spelt) online. but amongothers we run all the schools in Oslo. We still patch as often as patches are available. Thenagain we also get patches already approved. So we don't have the issue of testing them. On Wed, 17 Nov 2004 11:55:11 -0000, BRUTON, Malcolm, FM <malcolm.bruton@xxxxxxxx> wrote: > Yes but when you have several hundred servers that you patch and suddenly > they don't work it causes far fewer problems to patch slowly and make sure > you test as much as you can before you patch. > > I'm not so keen to tell 3000 users that they can't do anything today as we > are removing a security hotfix and they can't work until we are finished. > > Hopefully you should have other security systems in place to prevent some of > these critical updates being a problem until you can fully test and release. > > I believe that if you start rushing our every new patch a manufacturer > releases it will end in tears unless you conduct proper testing. > > Malcolm > > > > -----Original Message----- > From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf > Of Nicolai Imset > Sent: 17 November 2004 06:44 > To: thin@xxxxxxxxxxxxx > Subject: [THIN] Re: Reboot Schedule > > I'm reading this and sit here amazed/stunned (in lack of better words) > to see many of you boot servers once a month due to new patches. > > I do hope you install critical ones outside this schedule. > > The period between a vulnerability is discovered and the actual > exploit of it is now Really short :-/ Can't remember the exact time, > but i think the record is 16 hours. (set now recently, from the top of > my head, correct me if I'm wrong) > > -- > Nicolai Imset > CCA > NT Consultant > ------- > "Then follow! But! Follow only if ye be men of valor, for the entrance > to this cave is guarded by a creature so foul, > so cruel that no man yet has fought with it and lived! Bones of four > fifty men lie strewn about its lair. So, brave knights, > if you do doubt your courage or your strength, come no further, for > death awaits you all with nasty big pointy teeth." > ******************************************************** > This Weeks Sponsor Emergent Online ThinCity Conference > Join us at ThinCity 2004: The 1st Annual Emergent OnLine Technology > Conference > http://www.ThinCity.com > ********************************************************** > Useful Thin Client Computing Links are available at: > http://thin.net/links.cfm > *********************************************************** > For Archives, to Unsubscribe, Subscribe or > set Digest or Vacation mode use the below link: > http://thin.net/citrixlist.cfm > > > **************************************************************************** ******* > The Royal Bank of Scotland plc. Registered in Scotland No 90312. Registered Office: 36 St Andrew Square, Edinburgh EH2 2YB. > Authorised and regulated by the Financial Services Authority > > This e-mail message is confidential and for use by the > addressee only. If the message is received by anyone other > than the addressee, please return the message to the sender > by replying to it and then delete the message from your > computer. Internet e-mails are not necessarily secure. The > Royal Bank of Scotland plc does not accept responsibility for > changes made to this message after it was sent. > > Whilst all reasonable care has been taken to avoid the > transmission of viruses, it is the responsibility of the recipient to > ensure that the onward transmission, opening or use of this > message and any attachments will not adversely affect its > systems or data. No responsibility is accepted by The Royal > Bank of Scotland plc in this regard and the recipient should carry > out such virus and other checks as it considers appropriate. > Visit our websites at: > http://www.rbs.co.uk/CBFM > http://www.rbsmarkets.com > **************************************************************************** **** > > > > ******************************************************** > This Weeks Sponsor Emergent Online ThinCity Conference > Join us at ThinCity 2004: The 1st Annual Emergent OnLine Technology Conference > http://www.ThinCity.com > ********************************************************** > Useful Thin Client Computing Links are available at: > http://thin.net/links.cfm > *********************************************************** > For Archives, to Unsubscribe, Subscribe or > set Digest or Vacation mode use the below link: > http://thin.net/citrixlist.cfm > -- Nicolai Imset CCA NT Consultant ------- "Then follow! But! Follow only if ye be men of valor, for the entrance to this cave is guarded by a creature so foul, so cruel that no man yet has fought with it and lived! Bones of four fifty men lie strewn about its lair. So, brave knights, if you do doubt your courage or your strength, come no further, for death awaits you all with nasty big pointy teeth." ******************************************************** This Weeks Sponsor Emergent Online ThinCity Conference Join us at ThinCity 2004: The 1st Annual Emergent OnLine Technology Conference http://www.ThinCity.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm ******************************************************** This Weeks Sponsor Emergent Online ThinCity Conference Join us at ThinCity 2004: The 1st Annual Emergent OnLine Technology Conference http://www.ThinCity.com ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm