Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: ISS Internet Scanner Cannot be relied upon for conclusive

From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Tue, 9 Feb 1999 11:05:25 -0500

At 09:46 AM 2/8/99 -0500, Chris Brenton wrote:

Many security audit tools that I've tested would in fact say that the
system is safe because SP4 has been installed. This is because instead
of checking file dates, they are looking for registry keys which
identify what patches have been loaded on the system.

I personally can not say if ISS's scanners fall into the same boat, but
from my testing I know many do.


We check file dates when checking for NT patches, and would catch your
example.


David LeBlanc
dleblanc () mindspring com
Previous By Date Next
Previous By Thread Next

Current thread: