RE: [squid-users] Redirecting Windows Update

From: Scott Phalen <>
Date: Sat, 21 Feb 2004 13:08:36 -0600

My original question is dealing with SQUID. All I am asking here is can a
URL be redirected?
I have been running MSUS for almost a year now. I TOO KNOW HOW IT WORKS!
75% of my clients are configured to get updates from my two servers. The
other 25% go directly to Microsoft.
Security Features in the Software Update Services solution
 Software Update Services. A server running SUS can download packages from
either the public Microsoft Windows Update servers or from another server
running SUS. During any of these downloads, there is no server-to-server
authentication carried out. All content downloaded by SUS is signed by
Microsoft. SUS does not trust any content that is not signed or is
incorrectly signed. Since SUS 1.0 Service Pack 1 supports only Windows
critical updates and security rollups, all content is checked to see that it
has a been correctly signed by Microsoft.
 Automatic Updates client. The Automatic Updates client can download
packages from either the public Windows Update site or from a server running
SUS. Before installing any packages that have been downloaded, SUS checks to
confirm that the package has been signed by Microsoft. If the package is not
correctly signed, it will not be installed.

-----Original Message-----
From: Serassio Guido []
Sent: Saturday, February 21, 2004 12:02 PM
To: Scott Phalen;
Subject: RE: [squid-users] Redirecting Windows Update


At 18.12 21/02/2004, Scott Phalen wrote:

>Actually, it is a mirror of Microsoft's Update Service. All updates (my
>concern is Critical Updates) are downloaded locally and by changing the
>"wuserver" registry key on the client machine, they get their critical
>updates via MSUS locally. Essentially the same as going out to Microsoft's
>servers but saving loads of bandwidth.

Again, I know MS SUS, I'm a SUS 2.0 beta tester !!!

>Is there a way to redirect a specific URL in squid to a web server inside
>the network?

Again NO:

- SUS doesn't mirror all Windows Update services contents
- All updates are digitally signed and verified, so you cannot fake the
Windows update site: Your clients will search for ORIGINAL Windows updates
Digital Signatures, not for the Digital signatures generated from SUS.



Guido Serassio
Acme Consulting S.r.l.
Via Gorizia, 69 10136 - Torino - ITALY
Tel. : +39.011.3249426 Fax. : +39.011.3293665
Received on Sat Feb 21 2004 - 12:08:48 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:02 MST