PDA

View Full Version : VT[2] + Win2k...MS patches, anyone



creach
05-03-2004, 08:41 PM
We have VT[2] build 3890 and Win2kSP3 on a company intranet. There is NO mail account remotely associated with this machine, altho we do google at times. I have NOT installed any of the Micro$oft patches or hotfixes on our toaster, believing that "if it's working, don't fix it." I've been very leery about potentially mucking up an otherwise stable machine that is in use 8 hours or better a day.
The recent spate of bugs (read: sasser) is starting to freak me out, and I'm wondering if I should begin the process of bringing my machine's OS up to it's "security maximums"...whatever THAT means...by letting "windoze update" do it's magic.
Should I? Will VT[2] be stable? Or should I not worry about it?

All comments are welcome. I'd really like to hear from a Newtek OS guru or two, but I'd be just as happy to hear from "yer garden variety" guru. <grin>

Thanks, all.
Dan

inquisitive
05-03-2004, 09:48 PM
Looks like its a chance you are going to have to take. I have vt2 installed and win2k and have patched it, i believe the only thing i have not installed is the new windows media player.. still using 7

wvp
05-04-2004, 07:07 AM
Originally posted by creach
I've been very leery about potentially mucking up an otherwise stable machine that is in use 8 hours or better a day.
THEN I WOULD NOT ALLOW THIS MACHINE TO CONNECT TO THE INTERNET!!!

Seriously, it can be a pain not having the connection, but it is THE best way to keep all thoughs gremlins out. We use three VT3 machines - none are connected to the internet. On occasion I have temporarily connected a cable to go to specific vendor site for an upgrade in software but 99.9% of the time I transfer all files, updates, dve's, etc via a USB stick or a CD.
If you insist in being connected to the internet then you need to run the latest version of the operating system (patch), install all the Microsoft security updates AND keep installing them, enable the firewall or install a 3rd party one and install antivirus software.
If you do not want to do the above, be prepared to refund money to your clients when you loose all your data.

creach
05-04-2004, 07:22 AM
that our LAN is administered by a couple of MS certified guys that really know their stuff, has firewalls and protection up the yin-yang, and is up to date with every patch known to man.

But your point is duly noted.

Dan

mgrusin
05-04-2004, 11:10 AM
FWIW, I've been keeping our Win2K VT3 box patched to the max, and have had no problems. It's on a local network, with a firewall between it and the 'net. I've turned off all "automatic update" type stuff; I like knowing what in my machine needs to get out, and why.

Like I said, no problems, but the one thing I'm leery of is WMP9. I would rather have not installed it at all because of its sneaky (IMO) DRM issues. You can turn off a bunch of stuff in it, but you can't entirely eliminate it connecting to the internet. It always seems to have a critical security patch for it, which either means it's woefully insecure, or they're putting more sneaky stuff into it. But I need it and WME for a few clients so I'm living with it for now. (There may be an alternative in an open program called Media Player Classic, but since my last reformat I've just gone with the full deal).

-MG.

creach
05-05-2004, 09:43 AM
Well, I hate to think that these are everyone that's gonna post (nothing personal, you guys. We may be few, but we're mighty!) but it sure does look like it.

Are there no Newtek guys that're gonna ring in on this for >my< sanity?

Dan

Jim_C
05-05-2004, 01:30 PM
I never had any problems running T2 3890 on a fully patched/net connected, firewalled and anti virused 2Kpro machine.

It was connected to the net 24/7 and had Norton anti virus and firewall running. Updated all critical updates and patches and a few reccommended that sounded as if they mattered at all.

You could use Norton Ghost or similar and ghost your partition before updates. Just to be safe.

I see you can dload the 9 codec package separately from the player thru updates.

Good luck with the updates.
Jim

creach
05-05-2004, 02:39 PM
Thanks, Jim. Altho reason would dictate that MS patches would repair problems rather than create them, I still hesitate to unintentionally disable our machine by acting out of fear instead of checkin' it out.

I appreciate the reply, and have booked time on the machine to update.

But what do you mean by this? >
I see you can dload the 9 codec package separately from the player thru updates
Are you referring to Win Media Player 9? I thought we (VT[2] dudes) weren't s'posed to install it on the Toaster?

Dan

Jim_C
05-05-2004, 03:20 PM
I use WMP 9 & T3 with no problems on 3 T3 machines.
Actually it's installed but I have been using Media Player Classic and Power DVD rather than WMP recently.

I think, not real sure, but think the problem some are having with the new windows media player is more microsoft/security/info sharing. Not neccessarily with functionality or compatibilty.
Again, not real sure.
(just noted I use T3 machines, I may be mispeaking about compatibilty and T2, so don't trust me there. I switched to XP before 9 came out so I have no real world)


If you just want to dload the window series 9 codecs, and not the player and use WMP 7 or the cool(and free) little Media Player Classic mentioned earlier to play files you can grab them here.
http://tinyurl.com/7e5a

Hope that helped,
Jim

creach
05-05-2004, 04:32 PM
Thanx for the clarification. I'll have a wee bit of time to investigate while I'm patching, tomorrow, so I'll check out the Win MP thing.

You have THREE Toasters? Cool!

Thanks, Jim.
Dan

Jim_C
05-05-2004, 04:43 PM
>>>You have THREE Toasters?

Officially the Bossman has 2. One in a production truck one in the office.
I have one here at home.

Hope you're down time is ultimately uplifting.

jim

Pete Draves
05-05-2004, 05:05 PM
I run both of my toasters on xpp (xp Pro)
with service pack 1
no internet
Latest patch
wmp9
NO INTERNET
internet is on a separate machine
no problems
also latest motherboards
dual xenon's
Pete

kleima
05-05-2004, 09:21 PM
Windows security patches are generally for people without firewalls. A properly configured firewall will keep out the worms and will actually keep out more than any MS security patch. There are always new vulnerabilities to exploit in Windows.
I have my VT machine connected to a DSL (always on) connection all the time. It would be a great pain to upload client files and proofs to the FTP site if I always had to Tx them to another machine to upload.
Plus how do you think you could ever do live streaming from the VT without an internet connection??
BTW, when I say firewall, I don't mean a software firewall!! Get a good hardware firewall!

creach
05-06-2004, 07:41 AM
Well, as I have mentioned, we DO have a good hardware firewall capable of protecting all the traffic on the LAN side, and competent guys to take care of the network itself.

Notwithstanding, some idjut is gonna figure out one day how to get past the firewall, and I therefore MUST patch the machine eventually. Yes?

You raise an interesting point: with the VT streaming output, how do the resellers expect full useage of the machine if they've told their buyers NOT to connect to the internet? Oh, well.

What I have not mentioned, is that I have been "messing around with" personal computers since 1981, and have not (yet) had a virus of any sort on ANY machine that's been under my care.

BTW, Jim. Not recognizing the Media Player Classic you mentioned yesterday, I did a search last night. I found it at sourceforge, and tried it. Fabulous! I really hate the privacy/DRM issues with all the MicroSoft stuff. This is a new fave for me. Thanks!

Dan

Jim_C
05-06-2004, 08:37 PM
Yea man, also google around there is a Real (aaarrggh dreaded) Alternative program and Quicktime if need be.

From what I heard Real is at the forefront of DRM/privacy invasion and the alternative program is lean and pry-free.

It's simply called Real Alternative. It may be by the same guys as Media Player Classic, since it comes packaged with Real Alternative also.


Jim

creach
05-06-2004, 10:22 PM
YES! I use real alternative, but only when the website won't squirt a WMP compatible format. That is, very few and far between. QT...well, the company sprung for that one, so we're okay there.

A patching update: Our machine was eligible for 18 patches and I let it have 15. Of the ones I passed on, one was for Outlook (which we don't use...Magic Eightball says "Outlook not good") and the other two were in case some cretin lures us onto a *malicious* website...which ain't a'gonna happen. The bottom line is the machine is patched and operating.

Thanks to all for your opinions, positive and negative. I appreciate it.

Dan