none
Check my WSUS on external network before putting them on isolated network

    Dotaz

  • Hi,

     

    I would like to install 2 WSUS servers in Network-A which is connected to the internet and download updates to both servers separately.

    From those servers I’d like to check the hash/checksum of the files (compare it) to see if there’s any data manipulation before moving them to my internal WSUS.

     

    Anyone had an idea to implement such a thing?

     

    Thanks.

    3. května 2012 19:01

Odpovědi

  • Hi,

    Windows Server Update Services 3.0 SP2 Step By Step Guide:http://technet.microsoft.com/en-us/library/dd939822(v=ws.10).aspx

    How to move WSUS from one server to another:http://blogs.technet.com/b/sus/archive/2009/07/02/how-to-move-wsus-from-one-server-to-another.aspx

    Best regards,

    Clarence


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    4. května 2012 10:02
    Moderátor
  • I would like to install 2 WSUS servers in Network-A which is connected to the internet and download updates to both servers separately.

    From those servers I’d like to check the hash/checksum of the files (compare it) to see if there’s any data manipulation before moving them to my internal WSUS.

    It's really totally unnecessary because it is architecturally impossible for WSUS to download a file that does not match the hash/checksum of the same file on any of the other gazillion WSUS servers around the globe.

    WSUS has built-in hash/checksum checking, and in fact, will not even allow the file to be written to the ~\Content folder if the hash/checksum (SHA-1 hashes are used with WSUS) fails the value coded into the update metadata.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    7. května 2012 22:19
    Moderátor

Všechny reakce

  • Hi,

    Windows Server Update Services 3.0 SP2 Step By Step Guide:http://technet.microsoft.com/en-us/library/dd939822(v=ws.10).aspx

    How to move WSUS from one server to another:http://blogs.technet.com/b/sus/archive/2009/07/02/how-to-move-wsus-from-one-server-to-another.aspx

    Best regards,

    Clarence


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    4. května 2012 10:02
    Moderátor
  • I would like to install 2 WSUS servers in Network-A which is connected to the internet and download updates to both servers separately.

    From those servers I’d like to check the hash/checksum of the files (compare it) to see if there’s any data manipulation before moving them to my internal WSUS.

    It's really totally unnecessary because it is architecturally impossible for WSUS to download a file that does not match the hash/checksum of the same file on any of the other gazillion WSUS servers around the globe.

    WSUS has built-in hash/checksum checking, and in fact, will not even allow the file to be written to the ~\Content folder if the hash/checksum (SHA-1 hashes are used with WSUS) fails the value coded into the update metadata.


    Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
    Microsoft MVP - Software Distribution (2005-2012)
    My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin

    7. května 2012 22:19
    Moderátor
  • Where is this process documented? Is there a KB note, TechNet note, etc.?

    Thanks

    Tom


    Thomas Talley

    5. března 2013 22:14