Welcome to Smokey's Security Forums.
Guests have only limited access to the board and it's features, please consider registering to gain full access!
Registration is free and it only takes a few moments to complete.

Smokey's Security Forums

Please login or register.

Login with username, password and session length
Multilingual OTL (OldTimer ListIt) Log Analysis * Multilingual OTL Tutorials * OTL Downloads * Malware Removal * Microsoft Security Info & Alert Center * Official Jetico Inc. Support Forums

Share this topic on FacebookShare this topic on MySpaceShare this topic on Del.icio.usShare this topic on DiggShare this topic on RedditShare this topic on StumbleUponShare this topic on TwitterAuthorTopic: Windows Update  (Read 1353 times)

0 Members and 1 Guest are viewing this topic.

Mido

  • Full Member
  • **
  • Offline Offline
  • Posts: 24
Re: Windows Update
« Reply #4 on: July 06, 2008, 10:56:52 PM »
Simplet,

For my part since the SP3, I didn't have to do many Update.

I have may be 2 or 3 rule with port:443

About how find, if necessary, they CIDR (from Whois) who is not a multiple of 8;

Tommy

  • Jetico Forums Team Leader
  • Administrator
  • *
  • Offline Offline
  • location: Buenos Aires - München
  • Posts: 1105
  • .: Stranger in the night
    • WWW
Re: Windows Update
« Reply #3 on: June 28, 2008, 10:21:47 PM »
The IP-Range svchost uses for Windows update is enormes. I personal disable Jetico while i use the windows update funcion.

brutus01

  • Full Member
  • **
  • Offline Offline
  • Posts: 13
Re: Windows Update
« Reply #2 on: June 28, 2008, 01:10:59 PM »
Having the same "problem" and it would be nice to know the best practice.

SimpletTopic starter

  • Member
  • *
  • Offline Offline
  • Posts: 1
Windows Update
« Reply #1 on: June 08, 2008, 06:02:53 PM »
Hello.
Sorry for my poor english... It's not my birth language.

Jetico 1.0.1.61
LAN
Windows XP Pro SP2
Admin
KAV 7.0 - AdAware SE Pro 1.06r1


I want to know how to configure jetico to automatically allow update of windows.

I allow C:\WINDOWS\system32\wuauclt.exe to acces network
The problem is with C:\WINDOWS\System32\svchost.exe , TCP/IP protocol, Outbound connexion
Each day, windows update server IP change...
87.248.221.155
87.248.221.200
87.248.221.217
65.55.184.29
65.55.184.93
...
...
and each day, i must allow svchost.exe for TCP/IP, outbound connexion for the new IP adress of the windows server
Port is always 80 or 443.

I found a solution: allow a network ip range for svchost, for example 87.248.221.0/255.255.255.0 (87.248.221.0/24) for port 80 and same one for port 443, TCP/IP, outbound connexion.

BUT...

i haven't got all IP addresses of windows servers
I do not like allowing firewall leak for svchost at 255 IP adress range...


What is the good way to do that ?
Is there a danger to allow svchost for TCP/IP outbound connexion port 80 or 443 at network range 87.248.221.0 to 87.248.221.255 (and equal for 65.55.184.0/24 and .....)

Don't know if i'm clear enough
Thanks for answering.
 

* Permissions
You can't post new topics.
You can't post replies.
You can't post attachments.
You can't modify your posts.
 BBCode Enabled
Smilies Enabled
[img] Enabled
HTML Disabled


Except where otherwise stated, all content © 2006 - 2010 Smokey Services™ -- All rights reserved
Design of all board graphics, banners and images by Emma aka Tinker - © 2006 - 2010 Smokey Services™ -- All rights reserved
Smokey's Security Forums is member AQMRB - Alliance of Qualified Malware Removal Boardsâ„¢, an organisation of Approved Qualified Malware Removal Help & Support Boards
Member ASAP - Alliance of Security Analysis Professionalsâ„¢

    

  

Smokey's provide fully qualified OTL (OldTimer ListIt) Log Analysis & Malware Removal services in English, German and Spanish language