[99608] in North American Network Operators' Group
Re: windows update cache
daemon@ATHENA.MIT.EDU (Adrian Chadd)
Fri Sep 28 21:42:38 2007
Date: Sat, 29 Sep 2007 09:47:13 +0800
From: Adrian Chadd <adrian@creative.net.au>
To: Seth Mattinen <sethm@rollernet.us>
Cc: nanog@nanog.org
In-Reply-To: <46FD36F1.4000204@rollernet.us>
Errors-To: owner-nanog@merit.edu
On Fri, Sep 28, 2007, Seth Mattinen wrote:
> One could try to transparently proxy requests to windows update over to
> the WSUS server. No idea if that'll work though. I'm no windows expert,
> nor was I trying to provide some total solution, I was just trying to
> point out it uses TCP on port 8530 and one could try to use that to
> their advantage.
Yup, transproxying windows updates access works fine.
What I'd like to see is more use of service discovery, but what happens when
someone hacks your WSUS server? Or hijacks your DNS? Or your squid box? :)
(Come on DNSSEC..)
Adrian
