Security Basics mailing list archives

Re: MBSA 1.2

From: Todd <tod () megachump com>
Date: Fri, 13 Feb 2004 18:58:46 -0500

Which tool has a robust set of reporting features in relation to multiple Windows hosts and their patches?

On Thu, Feb 12, 2004 at 10:54:54AM -0500, Mike wrote:

I don't believe that Nessus scans for the presence of Windows patches.
It's more of a general tool that looks for vulnerabilities in services
offered.  It also looks at general configuration problems that can be
detected over a network link.  I don't believe that it can inspect the
registry or look at the filesystem.  Take a look at HFNetChk or MSBSA
for those purposes.

I find Nessus to be a very good complement to these tools when
performing security scans as it will uncover issues that HFNetChk or
MSBSA don't even look for and vice versa, HFN and BSA look at items that
Nessus can't/won't.

Mike Fetherston

-----Original Message-----
From: Aditya, ALD [Aditya Lalit Deshmukh]
[mailto:aditya.deshmukh () online gateway technolabs net]
Sent: Wednesday, February 11, 2004 12:46 PM
To: Nagy Gergely; security-basics () securityfocus com
Subject: RE: MBSA 1.2

maybe you are using the wrong tool for this

we use gfi languard which has the ability to scan for missing patches

also

download the latest update from the windows site

the address is there in the gfi langurd options

also there is a shareware avilabe for download from the website

-aditya

-----Original Message-----
From: Nagy Gergely [mailto:gergely.nagy () is-energy hu]
Sent: Tuesday, February 10, 2004 5:46 PM
To: security-basics () securityfocus com
Subject: RE: MBSA 1.2


Does Nessus run on XP?
How can I set it to scan all the Microsoft patches on the given

system

and

vulnerabilites?

-----Original Message-----
From: Rohan Amin [mailto:rohan () rohanamin com]
Sent: Thursday, February 05, 2004 1:51 AM
To: Nagy Gergely
Cc: security-basics () securityfocus com
Subject: Re: MBSA 1.2

A colleague and I have had success with using Nessus
(http://www.nessus.org) for this purpose.  Just modify

smb_login.nasl

to use the various Administrator passwords that you have.  Nessus
already includes a few checks for some patches, but if you need more
you can always write some (its quite easy using NASL).  Of course,

you

are trusting the registry to give you accurate information but it
might be better than nothing.

Hope this helps,

Rohan





On Tue, Feb 03, 2004 at 04:01:46PM +0100, Nagy Gergely wrote:

Hi all,

I have a very heterogenous infrasturcture, with most PC's

logged into NDS.

What is the use of MBSA (that requires local admin priv) if all

the

PC's

have different local admin passwords?
In this case, am I not able to scan the situation on the whole

network?

Then what else tool could I use to determine the state of patches?

Br,

Gery



Ez a level virusellenorzesen esett at!

This message was checked against viruses!

------------------------------------------------------------------
---------

Ethical Hacking at InfoSec Institute. Mention this ad and get

$720 off any

course! All of our class sizes are guaranteed to be 10 students

or less.

We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion

Prevention,

and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to

get $720 off

any course!

------------------------------------------------------------------
----------





Ez a level virusellenorzesen esett at!

This message was checked against viruses!



------------------------------------------------------------------
---------
Free trial: Astaro Security Linux -- firewall with Spam/Virus

Protection


Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
------------------------------------------------------------------
----------

________________________________________________________________________

Delivered using the Free Personal Edition of Mailtraq

(www.mailtraq.com)

------------------------------------------------------------------------
--

-
Free trial: Astaro Security Linux -- firewall with Spam/Virus

Protection


Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php

------------------------------------------------------------------------
--

--



---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------


---------------------------------------------------------------------------
Free trial: Astaro Security Linux -- firewall with Spam/Virus Protection

Protect your network with the comprehensive security solution that
integrates six applications for ease of use and lower TCO.

Firewall - Virus protection - Spam protection - URL blocking - VPN
- Wireless security.

Download 30-day evaluation at:
http://www.astaro.com/php/contact/securityfocus.php
----------------------------------------------------------------------------

Current thread:

RE: MBSA 1.2 Mike (Feb 13)
- Re: MBSA 1.2 ~Kevin Davis³ (Feb 16)
- Re: MBSA 1.2 Todd (Feb 16)
- <Possible follow-ups>
- RE: MBSA 1.2 Mike (Feb 16)
- RE: MBSA 1.2 Mike (Feb 16)