Security Basics mailing list archives

Re: MBSA 1.2

From: Rohan Amin <rohan () rohanamin com>
Date: Wed, 4 Feb 2004 16:51:04 -0800

A colleague and I have had success with using Nessus
(http://www.nessus.org) for this purpose.  Just modify smb_login.nasl
to use the various Administrator passwords that you have.  Nessus
already includes a few checks for some patches, but if you need more
you can always write some (its quite easy using NASL).  Of course, you
are trusting the registry to give you accurate information but it
might be better than nothing.

Hope this helps,

Rohan





On Tue, Feb 03, 2004 at 04:01:46PM +0100, Nagy Gergely wrote:

Hi all,

I have a very heterogenous infrasturcture, with most PC's logged into NDS.
What is the use of MBSA (that requires local admin priv) if all the PC's
have different local admin passwords?
In this case, am I not able to scan the situation on the whole network?
Then what else tool could I use to determine the state of patches?

Br,

Gery



Ez a level virusellenorzesen esett at!

This message was checked against viruses!



---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------

Current thread:

Reserved named COM1 used as filename - IIS W2K Geo You (Feb 02)
- IIS Sniffing for newb Edmund Mitchell (Feb 02)
  - SV: IIS Sniffing for newb Kim Guldberg (Feb 02)
  - Re: IIS Sniffing for newb John LeMay (Feb 02)
    - MBSA 1.2 Nagy Gergely (Feb 03)
    - Re: MBSA 1.2 Rohan Amin (Feb 06)
    - RE: MBSA 1.2 Nagy Gergely (Feb 10)
    - RE: MBSA 1.2 Deniz CEVIK (Feb 11)
    - Re: MBSA 1.2 Rohan Amin (Feb 11)
    - RE: MBSA 1.2 Aditya, ALD [Aditya Lalit Deshmukh] (Feb 12)
    - RE: MBSA 1.2 Deniz CEVIK (Feb 12)
    - RE: MBSA 1.2 Kelly Martin (Feb 12)
- RE: Reserved named COM1 used as filename - IIS W2K Joey Peloquin (Feb 02)