Daily Cup of Tech

A few weeks ago, I ran across a couple of articles about a university in Holland that was having difficulty getting all of their Microsoft patches out to all of their systems. What did they decide to do?

Buy more servers? Nope!

Increase bandwidth? Nope!

Use a program that has been essentially outlawed in North American universities? Yep!

The university decided, on the advice of their IT consultant, that they would use bittorrent to deploy the patches.

This really got me thinking about how I would go about creating my own U.Holl server (as I like to call it). These are some of the thoughts that I have come up with.

The Server

Just to add a really strong sense of irony, I would probably build the U.Holl server on Linux, most likely Ubuntu with a typical LAMP installation. Then, for ease of management, I would install a tracker such as phpMyBittorrent or something similar.

In the tracker software, I would create several different categories based on the target systems that I would use. For example, there would be Windows XP, Windows Vista, Office 2007, etc. categories. Each category would have its own RSS feed.

The Clients

Each workstation or server that was to receive updates using bittorrent would have a copy of uTorrent running in the background. This would be critical. You would also need to tweak uTorrent so that it automatically ran an installation script r program each time it finished downloading a new patch. This script would also schedule a reboot at 3:00 AM (or whatever time you wanted) since it seems almost every hotfix from Microsoft needs to reboot the system.

A potential install script might look like this:

The trick to automatically downloading files is to subscribe each uTorrent client to the proper RSS feeds given out by the server. This way, each system only gets the patches it needs.

Potential

I think that this type of a delivery system has great potential. You could even use it across slow bandwidth links or to deploy other software, not just patches.

This is a project that I am hoping to spend some time on over the next while but I am looking for your input/suggestions now so that I can hopefully avoid some pitfalls later. Any input would be greatly appreciated!

Similar Posts:

• Why AutoPatcher Beats Windows Update and WSUS
• APT-GET for Windows
• Stop IE7 Via Windows Update
• The Vista SkipRearm Debacle
• Freebie 5 of 24 in 24: Ultimate Deployment Appliance

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?

Trackback link - http://www.dailycupoftech.com/2008/06/12/diy-bittorrent-patch-server/trackback/

 

4 Responses to “DIY Bittorrent Patch Server”

1. Charles Anderson Says:
   June 12th, 2008 at 9:30 am

   I was kind of thinking the same thing. But instead of a feed for each type (OS, Office), why not a feed for each client, you could use the baseline security analyzer to populate the feed. You could use it to scan a subnet, build a list for each client in xml, then parse that into each feed. The advantage is auto-discovery and central reporting. The diffs between scans would show which patches took and which ones failed. The statistics for each feed would show then the clients are checking in.

   Just a thought.
   MSBA found here

   http://technet.microsoft.com/en-us/security/cc184924.aspx

2. Chris Britton Says:
   June 18th, 2008 at 7:46 am

   I have been thinking about a similar set up. At my work, we have about 90 windows machines and 50 unix servers that need files mirrored from a single host. Currently, rsync is being used to pull down the files from the main host (Windows) via either scheduled task on windows or cron job on unix. (These are not patches, so no reboot is necessary).

   When a new set of files get put out on the main server and all these systems connect to grab them, distribution could take a long time.

   What I thought about was using rsync to distribute the .torrent file(s) created when new files appear on the main server. How to detect when a file has been placed in a directory is something I have yet to figure out.

   Another problem is using utorrent on these hosts. Obviously, I can use it on unix. I like utorrent’s small footprint, but having a GUI front end isn’t necessary for this to work. Something quiet and discreet running in the background is best.

3. Massimo Says:
   July 1st, 2008 at 5:32 am

   i’m missing the utorrent tweaking part.
   The screenshot you made is referred to a single torrent download, and i can’t put the same settings generally to all the downloads.
   how can i do this? thanks

4. myak Says:
   August 19th, 2008 at 5:38 am

   And why don’t you just use WSUS (Windows Server Update Services) on Windows 2003 Server if you have to update so many clients? BitTorrent traffic will kill the routers and switches, even at low bandwidth due to protocol’s design.

Leave a Reply