Re: Proxy server hit... Any ideas?

>> Valdis Kletnieks said:

>> Of course, this begs the question of how to get the patches onto the

1. Ensure that you have an effective perimeter firewall that blocks all incoming traffic to the new box
2. Connect ONLY to the sites needed to download patches - starting with Windows update, or your specific operating system equivalents

If you are really paranoid (like I am ;)

1. Harden the box PRIOR to connecting
2. Run a personal firewall on the box that is collecting patches, making sure that you allow no incoming traffic

NEVER EVER put an un-patched, un-firewalled box directly onto the Internet (with all those nice juicy ports wide open) since yes, it can get 0wn3d before you have patched it (though if it's not effectively firewalled then you still have a problem anyway). Only once patched should you consider opening ports for incoming traffic.

It's not that hard really.....;)

Regards

-- 
Emeric Miszti
UK Security Online
http://www.uksecurityonline.com

Tel No: 0870 088 5689
Fax No: 0870 706 2162

PGP Public Key available at 
http://www.uksecurityonline.com/emeric.asc




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: 
http://aris.securityfocus.com