Update Tuesday came and went this week with a few updates, but a vulnerability has been exposed for Internet Explorer versions 6-8 on Windows XP, 2003, Vista, and even 2008. Microsoft has decided to release and out-of-band security update for this vulnerability due to its critical nature. Unfortunately this zero-day exploit has not fix yet from Microsoft. The update is expected to be released sometime today. Be sure to sync up your WSUS servers after the exploit has been released.
Wednesday, December 17, 2008
Tuesday, December 9, 2008
Every sysadmin knows that software of all kinds needs to be updated. Sometimes the updates provide new features and enhancements, but many times the updates are bug fixes and security patches. Keeping your servers, desktops, and software up to date can help prevent your networks from being comprimised.
I've compiled a short list of best practices I use for patch management:
- Schedule your patch management on a regular basis. It is easy for the busy sysadmin to be distracted by all the end-users' needs which to them are always critical. Prioritize a time for updates where you will not be distractec. This may need to be after hours if necessary. Many Windows updates require system restarts so be sure to schedule the restarts to minimize downtime, and be sure to check that the servers and services come back up afterwards.
- Subscribe to mailing lists and/or rss feeds that provide you with information on exploits, patches, and security notices for the specific software you run. Visit your vendor's website to see if they have these options available.
- Keep a log of your patch installations. I've created an Excel template that I print each week to record the packages and updates that I install on my Linux and Windows servers. Should something break due to the updates I will know exactly what has changed.
Nagios released another point update this past week bringing it to 3.0.6. The changelog reports only a few minor fixes and additions. I noticed the available update during my weekly server updates time. Remember that on Linux systems you must restart the service (daemon) to run the new version (command: service nagios restart).
Nagios is an opensource service/host monitor that allows the everyday sysadmin to keep tabs on all of the crucial network services and hosts. You can setup all kinds of checks and then be notified should any crucial hosts or services are down.
Setting up your own Nagios installation can be difficult, but many tutorials exist online. If you would like assistance designing and deploying your own Nagios installation please contact me.