Security Basics mailing list archives
Re: Security scanning tools
From: Chris Burton <cyberhiker99 () yahoo com>
Date: Mon, 15 Dec 2003 11:38:33 -0800 (PST)
I would try out SecurityExpressions from Pedestal Software. They put out an MS-Fixes file everytime that Microsoft releases an update. It will require you to have admin access on the target. However, the upside is that you can right-click and fix it on the spot. We have had good success with it, on many machines here. We also run ISS Internet Scanner, and have accepted the fact that all scanners cannot reliably report whether a machine is patched or not. Regards, Chris --- Jack Solomon <solzjack43 () hotmail com> wrote:
All Im currently testing new scanning tools to replace nessus. I ran ISS system scanner and Micro$oft Baseline Security analyst on a win2000 box and compared the results to the regular nessus scan. Each product reports different things... - Nessus says everything is cool - MS BSA reports that patch ms02-032 has not been applied - System scanner finds a nonexistent modem, no virus software (as if!) but no patches When I logon to the machine and try to run the MS update routine through IE, it reports no patches to be applied. Am I going crazy or using the tools wrong? surely they should all report the same vulnerabilities? My questions to the group are: 1. What tool[s] should I look to buy that that correctly reports security vulnerabilties with the least false positives? 2. Are false positives a known [feature] of all scanning tools? Jack
_________________________________________________________________
Hotmail messages direct to your mobile phone http://www.msn.co.uk/msnmobile
---------------------------------------------------------------------------
----------------------------------------------------------------------------
__________________________________ Do you Yahoo!? New Yahoo! Photos - easier uploading and sharing. http://photos.yahoo.com/ --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Security scanning tools Jack Solomon (Dec 15)
- Re: Security scanning tools Carlton Foster (Dec 15)
- Re: Security scanning tools Devilscrow Sr (Dec 15)
- Re: Security scanning tools Chris Burton (Dec 15)
- SV: Security scanning tools Kim Guldberg (Dec 16)
- <Possible follow-ups>
- Re: Security scanning tools H Carvey (Dec 15)
- RE: Security scanning tools KoRe MeLtDoWn (Dec 15)