Bugtraq mailing list archives
Re: ISS Internet Scanner Cannot be relied upon for conclusive
From: trockij () TRANSMETA COM (Jim Trocki)
Date: Thu, 11 Feb 1999 10:46:40 -0800
On Tue, 9 Feb 1999, David LeBlanc wrote:
How does ISS handle the NT example referenced above??We get that one right. All the NT patch checks are based on file timestamps, not service pack numbers. We have seperate checks for just service pack numbers, since you need less access to get the SP level than to get timestamps on system files.
C'mon. Haven't you learned to use digital signatures (like MD5) instead of timestamps to identify files? A timestamp is a bunch of crap, and it has no relation at all to the contents of the file. You could easily build a database of MD5 hashes of the different DLLs which are included in each different service pack, and use that to identify SP levels. Jim Trocki <trockij () transmeta com> Computer System and Network Engineer Transmeta Corporation Santa Clara, CA
Current thread:
- Re: Cyrix bug: freeze in hell, badboy, (continued)
- Re: Cyrix bug: freeze in hell, badboy Ragnar Hojland Espinosa (Feb 06)
- remote exploit on pine 4.10 - neverending story? Michal Zalewski (Feb 07)
- Re: remote exploit on pine 4.10 - neverending story? Thomas Roessler (Feb 08)
- Re: remote exploit on pine 4.10 - neverending story? John D. Hardin (Feb 08)
- Possible Security Problem: Fake PGP Key Ben Laurie (Feb 08)
- ISS Internet Scanner Cannot be relied upon for conclusive Audits Mr. joej (Feb 07)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive blkadder () VALUE NET (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive BVE (Feb 08)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 09)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive Jim Trocki (Feb 11)
- How scanners actually work David LeBlanc (Feb 10)
- Re: ISS Internet Scanner Cannot be relied upon for conclusive David LeBlanc (Feb 08)
- Sendmail 8.9.3 Patrick Oonk (Feb 09)