RE: MBSA 1.2

[deniz () edizayn com tr (Deniz CEVIK)]

        There are two components of nessus, one of them is "nessus agent/module"
and it should be installed on unix(Linux) based system. Other component of
nessus is GUI.
        You can install gui on nessus agent installed system or separately to
another machine. There is a gui for XP. NeWT 1.4 is widows port of nessus.
Newt uses nessus signatures. If you don't want to deal with unix based
system, newt will be good choice for you.

                BR




-----Original Message-----
From: Nagy Gergely [mailto:gergely.nagy () is-energy hu]
Sent: Tuesday, February 10, 2004 2:16 PM
To: security-basics () securityfocus com
Subject: RE: MBSA 1.2

Does Nessus run on XP?
How can I set it to scan all the Microsoft patches on the given system and
vulnerabilites?


-----Original Message-----
From: Rohan Amin [mailto:rohan () rohanamin com]
Sent: Thursday, February 05, 2004 1:51 AM
To: Nagy Gergely
Cc: security-basics () securityfocus com
Subject: Re: MBSA 1.2

A colleague and I have had success with using Nessus
(http://www.nessus.org) for this purpose.  Just modify smb_login.nasl
to use the various Administrator passwords that you have.  Nessus
already includes a few checks for some patches, but if you need more
you can always write some (its quite easy using NASL).  Of course, you
are trusting the registry to give you accurate information but it
might be better than nothing.

Hope this helps,

Rohan





On Tue, Feb 03, 2004 at 04:01:46PM +0100, Nagy Gergely wrote:
> Hi all,
>
> I have a very heterogenous infrasturcture, with most PC's logged into NDS.
> What is the use of MBSA (that requires local admin priv) if all the PC's
> have different local admin passwords?
> In this case, am I not able to scan the situation on the whole network?
> Then what else tool could I use to determine the state of patches?
>
> Br,
>
> Gery
>
>
>
> Ez a level virusellenorzesen esett at!
>
> This message was checked against viruses!
---------------------------------------------------------------------------
> Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any

> course! All of our class sizes are guaranteed to be 10 students or less.
> We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion
Prevention,
> and many other technical hands on courses.
> Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
> any course!
----------------------------------------------------------------------------
>




Ez a level virusellenorzesen esett at!

This message was checked against viruses!



---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------