Jim Bengtson View Public Profile View LQ Blog View Review Entries View HCL Entries Find More Posts by Jim Bengtson 12-02-2009, 03:23 PM #12 win32sux LQ Guru Registered: Jul It would be more, but I made the first one 16-bit to cover all of the 207.46.*.* network. In which episodes did the Enterprise boldly go where no-one had gone before? We normally advise against defining IP addresses on the firewall for this purpose. navigate here
What do the release notes for the Express Migration Tool mean when they refer to "etalon"? If you don't have a pix, you win... 0 LVL 11 Overall: Level 11 Message Author Comment by:phileoca ID: 142688622005-06-21 no pix for me, i use sonicwalls for all of Generated Sat, 18 Mar 2017 06:54:15 GMT by s_za2 (squid/3.5.23) I'll add those ip addresses to my firewall and see if that will work. 0 LVL 11 Overall: Level 11 Message Author Comment by:phileoca ID: 142710982005-06-21 22.214.171.124 is needed too https://social.technet.microsoft.com/Forums/windows/en-US/b596aa81-2775-496c-b159-dcfc5c5bf22d/windows-update-ip-addresses-range-and-subnet-mask-for-windows-server-2008?forum=winserversecurity
Can I use Shield Spell to protect me from other attacks than just physicals and magic missiles? It save back your bandwith and you no need to headache the security setting. Yes No Additional feedback? 1500 characters remaining Submit Skip this Thank you! This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant.
Covered by US Patent. Microsoft Customer Support Microsoft Community Forums Windows Client Sign in United States (English) Brasil (Português)Česká republika (Čeština)Deutschland (Deutsch)España (Español)France (Français)Indonesia (Bahasa)Italia (Italiano)România (Română)Türkiye (Türkçe)Россия (Русский)ישראל (עברית)المملكة العربية السعودية (العربية)ไทย (ไทย)대한민국 (한국어)中华人民共和国 And you only have to allow the one machine to talk. 0 Message Expert Comment by:eah6122 ID: 257958322009-11-11 this is the range I used in my firewall: 64.4.x.x 64.158.x.x 65.55.x.x Windows 10 Update Ports And Ip Addresses Ah, the joys of working at a university...
server 2003 or 2008 running as a WSUS not only improves the client network security but also saves exponential amounts of bandwidth. I could also poison DNS by overriding TTLs, but yikes, that's a dark road full of monsters... –chris Jul 30 '10 at 13:40 I'm very interested in this as The only two sites I connected to are 126.96.36.199 188.8.131.52 184.108.40.206 = 443 Oddly enough.... 220.127.116.11 For Office update, 18.104.22.168 0 LVL 79 Overall: Level 79 Software Firewalls 35 Message boo.
The system returned: (22) Invalid argument The remote host or network may be down. Microsoft Ip Ranges by bluedevil › Xigmatek Frontliner by bluedevil › Nixeus Type-R, High Performance Gaming Mouse Pad - TRMP-BK16 by bluedevil › Nixeus REVEL Gaming Mouse - PixArt PMW 3360 Sensor with 8 Notices Welcome to LinuxQuestions.org, a friendly and active Linux Community. This is not configurable.
If we going to enable WSUS, we also need to know what is the IP range and sub-net mask for windows update. https://www.experts-exchange.com/questions/21464775/windows-update-IP-addresses.html How does Augury work exactly? Microsoft Update Server Url Advanced Search Overclock.net›Forums›Software, Programming and Coding›Operating Systems›Windows›Windows Update IP Ranges Featured SponsorsSponsor ShowcasesSound BlasterAsusAquatuningFeenixView MoreSelect OneAquatuningAsusFeenixIn WinSound Blaster Recent Reviews See All the Latest Reviews Nidec UltraFlo 120x120x38mm Reviewed by Windows Update Firewall Rules Then you also have some control over which updates you allow.
If someone has spent more time locking this rule down any further please let me know if I missed anything. check over here Keep in touch with Experts ExchangeTech news and trends delivered to your inbox every month Live Consultants Membership How it Works Gigs Live Careers Plans and Pricing For Business Become an share|improve this answer edited Jul 30 '10 at 15:19 answered Jul 30 '10 at 15:11 chris 8,40142747 add a comment| up vote 0 down vote My recommendation is to install WSUS All your windows client point to wsus server for update. Windows Update Server Address Registry
The firewall just sees to/from packets and doesn't necessarily know what url (if https) the request is going to, so the firewall doesn't have a direct way to see that this Because WSUS initiates all its network traffic, there is no need to configure Windows Firewall on the WSUS server. I configured windows firewall by doing the following. http://roguewb.com/windows-update/windows-update-error-80072ee2-server-2012.html Join them; it only takes a minute: Sign up Here's how it works: Anybody can ask a question Anybody can answer The best answers are voted up and rise to the
So far, I've opened up this: (in my shorewall /etc/shorewall/rules) Code: # allow access to microsoft for windows updates HTTP/ACCEPT loc net:22.214.171.124/16 HTTPS/ACCEPT loc net:126.96.36.199/16 HTTP/ACCEPT loc net:188.8.131.52/24 HTTPS/ACCEPT loc net:184.108.40.206/24 Windows 10 Update Ip Address did the WSUS work? 0 LVL 6 Overall: Level 6 Message Expert Comment by:CptnTrips ID: 248085752009-07-08 ravenrx7, the IP addresses for Windows update servers change. This is not configurable.
I thankfully no longer use Windoze, but I do sympathize Good luck! As far as I can tell, the windows update sites are hosted on a content distribution network that can potentially change IP addresses every 30 seconds. You are currently viewing LQ as a guest. Windows Update Servers Down If I do a nslookup one day I get one IP and when I try it the day after another.
Thanks for reading drokmed View Public Profile View LQ Blog View Review Entries View HCL Entries Find More Posts by drokmed 04-24-2008, 08:58 AM #2 GrapefruiTgirl LQ Guru They live behind a firewall and all outgoing communication is must be off. Filter by domain: http://technet.microsoft.com/en-us/library/cc708605%28v=ws.10%29.aspx http://social.technet.microsoft.com/Forums/en-US/winserversecurity/thread/b596aa81-2775-496c-b159-dcfc5c5bf22d/ Thanks mate, I actually found those a little while after posting this thread :-) Subjugate the Weak (23 items) CPUMotherboardGraphicsGraphicsIntel Core i7 860Asus http://roguewb.com/windows-update/windows-update-error-8024402f-server-2012-r2.html All of the above, just to update the OS.
Very useful. If you are deploying update server for millions of hosts then you certainly want DR and HA. EDIT: I'm running Windows 7 and 8 on various machines and the IPS is Snort running in front of all the hosts.Edited by dushan24 - 6/10/13 at 10:00am Subjugate the Question has a verified solution.
Fix All Warnings And Errors: what is the history of this code quality tactic? more stack exchange communities company blog Stack Exchange Inbox Reputation and Badges sign up log in tour help Tour Start here for a quick overview of the site Help Center Detailed OK, I think I've got it!!! We normally advise against defining IP addresses on the firewall for this purpose.
Windows update uses %systemroot%\system32\svchost.exe. Changed windows firewall properties to Outbound/Inbound connections that do no match a rule are blocked. Chicken, meet egg. –chris Jul 30 '10 at 15:15 add a comment| 3 Answers 3 active oldest votes up vote 2 down vote While I haven't tried this (see my comment Could you use a proxy with a whitelist only permitting *.windowsupdate.microsoft.com and *.windowsupdate.com? –gravyface Jul 30 '10 at 14:44 I must be missing something, but if Windows establishes its
Port 80 seems to be the superhighway for all kinds of attacks, and Windows 2000 isn't even patched anymore, so it makes sense to only open that door when you need Search this Thread 04-24-2008, 08:51 AM #1 drokmed Member Registered: Dec 2005 Location: St Petersburg, FL, USA Posts: 219 Rep: What firewall ip addresses do I open to allow firewall cdn share|improve this question edited Jul 30 '10 at 13:45 asked Jul 30 '10 at 13:31 chris 8,40142747 I have exactly this problem with hostupdates.vmware.com but I managed LOL slimm609 View Public Profile View LQ Blog View Review Entries View HCL Entries Find More Posts by slimm609 12-02-2009, 11:07 AM #11 Jim Bengtson Member Registered: Feb
If your organization does not allow those ports and protocols open to all addresses, you can restrict access to only the following domains so that WSUS and Automatic Updates can communicate What I need is the IP addresses for the MS windows update site. <--- here's your points. :-) 0 Comment Question by:phileoca Facebook Twitter LinkedIn https://www.experts-exchange.com/questions/21464775/windows-update-IP-addresses.htmlcopy LVL 79 Best Solution Another fine example how linux is superior to windoze... Reference: http://support.microsoft.com/kb/929851 andhttp://onlinehelp.microsoft.com/en-us/office365-enterprises/hh373144.aspx Windows Update requires TCP port 80, 443, and 49152-65535.
Can I turn off the alternate keyboards in Messages Scientific feasibility of reptilian overlords and humanoid slaves Why do my users 're'select the amount in the cart? vmarcus, wtf are object groups? And, in my situation, I don't have the ability to just mandate a specific configuration on the systems on the network. to x.x.255.255 and it got me further but not far enough.