Patching Paranoia - How Fast Do You Patch?

← Back to Stories (view on slashdot.org)

Patching Paranoia - How Fast Do You Patch?

Posted by Cliff on Tuesday October 21, 2003 @03:33AM from the closing-the-holes dept.

selfassembled asks: "I work for an IT group in the Boston area called Thrive Networks. After the most recent exploit was revealed, my company scrambled to get our client's servers patched within 48 hours. This is extremely difficult because no customer wants to be interrupted by a reboot during business hours. Our staff worked after hours to get this patch installed ASAP. How fast do you (or your IT group) install patches for major exploits like this? What do you consider to be an acceptable turn around time for a vulnerability patch that may not even have an exploit yet? After Blaster and Welchia we decided it's better to be safe than sorry, and our customers seem to agree."

8 of 681 comments (clear)

Min score:

Reason:

Sort:

As fast as ... by billstr78 · 2003-10-21 03:34 · Score: 3, Funny

... I am to post to a new Slashdot article
I wait until... by Bull999999 · 2003-10-21 03:35 · Score: 4, Funny

I wait until I get feedbacks from sites such as The Register to make sure that the patch doesn't break anything.

--
1f u c4n r34d th1s u r34lly n33d t0 g37 l41d
1. Re:I wait until... by croddy · 2003-10-21 03:50 · Score: 4, Funny
  
  I guess you didn't hear about the patch for XP that disabled Internet access for hundreds of thousands of users.
  well they should have POSTED about it! jeez!
2. Re:I wait until... by hoggoth · 2003-10-21 04:18 · Score: 4, Funny
  
  > We used to have Groupwise, and pretty much every MS patch broke Groupwise
  
  I think "Breaking Groupwise" is an MS patch all by itself.
  "CRITICAL UPDATE: SOME SYSTEMS HAVE GROUPWISE INSTALLED ON THEM. THIS PATCH WILL BREAK GROUPWISE."
  
  --
  - For the complete works of Shakespeare: cat /dev/random (may take some time)
3. Re:I wait until... by __past__ · 2003-10-21 04:42 · Score: 3, Funny
  
  To be honest, that would definitly be one of their more useful patches.
  
  --
  Programming can be fun again. Film at 11.
On a Windows network, by RgrRmjt · 2003-10-21 03:39 · Score: 3, Funny

Middle of the day reboots are normal, so we patch whenever we want.
Lie about it. by EvilJohn · 2003-10-21 03:53 · Score: 4, Funny

If it's windows patch early, and patch often. If anyone asks why you rebooted a box, lie about it and say "It crashed." That's one everyone will believe.

--

Less Talk, More Beer.
Re:MS by cperciva · 2003-10-21 04:34 · Score: 3, Funny

Ah. Now your inexperience in the *nix world shines through. There IS no guessing. Upgrade apache, restart the apache service (httpd .. maybe slightly confusing..). Upgrade mysql, restart mysqld.

I just upgraded libc. What do I have to restart?

--
Tarsnap: Online backups for the truly paranoid