RE: [squid-users] Redirecting Windows Update

From: Mark A. Lewis <>
Date: Sat, 21 Feb 2004 14:25:59 -0600

You are both right.

Yes, if you attempt to impersonate the Windows update site it will not

Yes, you can redirect a request for to and let them use that for updates, so long as you don't
try to impersonate the Windows Update site.

My suggestion would be to use SquidGuard to redirect these users to a
page explaining that they should use the SUS site instead. This will
work just fine.

-----Original Message-----
From: Serassio Guido []
Sent: Saturday, February 21, 2004 2:14 PM
To: Scott Phalen;
Subject: RE: [squid-users] Redirecting Windows Update


At 20.08 21/02/2004, Scott Phalen wrote:

>My original question is dealing with SQUID. All I am asking here is
>can a URL be redirected?
>I have been running MSUS for almost a year now. I TOO KNOW HOW IT
>75% of my clients are configured to get updates from my two servers.
>The other 25% go directly to Microsoft.
>Security Features in the Software Update Services solution
> Software Update Services. A server running SUS can download packages
>from either the public Microsoft Windows Update servers or from another

>server running SUS. During any of these downloads, there is no
>server-to-server authentication carried out. All content downloaded by
>SUS is signed by Microsoft. SUS does not trust any content that is not
>signed or is incorrectly signed. Since SUS 1.0 Service Pack 1 supports
>only Windows critical updates and security rollups, all content is
>checked to see that it has a been correctly signed by Microsoft.
> Automatic Updates client. The Automatic Updates client can download
>packages from either the public Windows Update site or from a server
>running SUS. Before installing any packages that have been downloaded,
>SUS checks to confirm that the package has been signed by Microsoft. If

>the package is not correctly signed, it will not be installed.

Ok, You say that You know all, so You don't need any recommendations
from me ... :-)

So, please try an let to know to the list if You are right.



Guido Serassio
Acme Consulting S.r.l.
Via Gorizia, 69 10136 - Torino - ITALY
Tel. : +39.011.3249426 Fax. : +39.011.3293665

This message has been scanned for viruses and dangerous content by
MailScanner, and is believed to be clean.
Received on Sat Feb 21 2004 - 13:26:03 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 01 2004 - 12:00:02 MST