Re: Windows Patch Auditing & "File and Print Sharing" disabled

[Christian Eric Edjenguele <christian.edjenguele () owasp org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mike Drugov wrote:
> Hello list,
>
> I need some advise 
>
> I'm trying to scan a Windows Network where all end nodes except Domain Controller have "File & Print Sharing" 
> disabled.
>
> What I'm trying to get a list of Microsoft Updates that are missing.
>
>
> So far I tried Nessus & Foundstone and none of them are able to provide a report with missing patches.(I'm able to 
> get a report from Domain Controller)
>
> Nessus support stated that "File & Print Sharing" is required for patch auditing
>
>  
> What is my other options?
>
> Thanks
>
>
> -----------------------------------------
> Visit www.nyc.gov/hhc
>
> CONFIDENTIALITY NOTICE: The information in this E-Mail may be
> confidential and may be legally privileged. It is intended solely
> for the addressee(s). If you are not the intended recipient, any
> disclosure, copying, distribution or any action taken or omitted to
> be taken in reliance on this e-mail, is prohibited and may be
> unlawful. If you have received this E-Mail message in error, notify
> the sender by reply E-Mail and delete the message. 
>
> ------------------------------------------------------------------------
> This list is sponsored by: InfoSec Institute
>
> Tired of using other people's tools? Why not learn how to write your own exploits? 
> InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits 
> for Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well. 
>
> http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
> ------------------------------------------------------------------------
Hello. you can try OpenVAS http://openvas.org , is fork of nessus but
open source, it has a powerful local security check capabilities

Cheers

- --
Christian Eric Edjenguele
IT Security Software Engineer / IT Enterprise Software Architect
Mobile (IT): +39 3408580513
PGP KeyID: 0xB1654498
Key Server: http://pgp.mit.edu
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.9 (GNU/Linux)

mQENBEmka7IBCAC5e8/9BlCZR/3XHMO4DWHYoewaODmQypHqPaCfKR+BLTAy8xLZ
eVJ0wwNwaLheZeLPfBqu3r/lp58xJhgYHm9gzihfqPbmJh4Dibc/d2XL9UQ1eshs
K0JkTlvZtdK5Zo5VmeOZCWlKEMXzlg6HjuYUV4qokqD3qIj6/rhubjtrjlw/XA8P
6pGOFhsDZFXbn+lj80XhRdkObMnmWU6wdgJvEPx1vxvhV9D1sJgZz6FVoXAfTOb3
EjYpluEKdDod46hhF45UJ4Avc8q4DaXxmci5Kdx9rzF2tbvB3Ua6O7l5RaMGNZR2
QtVY65xVxRfAYF+yE3n+YkFQxWGlqVIajry/ABEBAAG0WkNocmlzdGlhbiBFcmlj
IEVESkVOR1VFTEUgKElUIFNlY3VyaXR5IFNvZnR3YXJlIEVuZ2luZWVyKSA8Y2hy
aXN0aWFuLmVkamVuZ3VlbGVAb3dhc3Aub3JnPokBNgQTAQIAIAUCSaRrsgIbAwYL
CQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJENETScWxZUSYS9QH+gOpYUPkon/D/eNm
RLCbTaqJhSV6jRH9t+pomm6FiYgphCxDW96OpzA9BieiFEPHhVXAFcHkEBMlk/u0
wILqDNfBoZk3oCq0+/+Zc7z0zRZfgMHwB4czpqhUCrINEjLO0rb2Jff6Hh0C5S9w
8l+x9IiOG9hHNO8ftVr1sNHGDTAWNNZ+pcCt5ROhqiiqnZsvowO1TcDMKEGD9NTW
BN+jLFGZRY9/MQsUkWoXBQ8K5S9AP1EPPbSTX68VTj0vINLTk2/XfsJlV9Vd9b7G
NkhbAdrvujbqLHDSE3ALpx8sWKg2vPCUAxJJY6S6danpw/XPGKkpcSNfqn4k8sCV
e+9MJSu5Ag0ESaRthQEQALEj8eO2WCRqhOHakHhpvGQ4tFEIDS6Z3mnBaNaMc9VM
i89LNYvJOgOSnWvIu8EF6Ah+PnhOayb9E3wvH+0nfOwzp6XhDor7h8WLQNL+qzk3
cPxkxdfNDaQdyJclstUqa0nIaPOJgbIRs12N6bCxhAeOKffIkrIdDqjxshTI3S3z
fq7choduX8tNHoFzIIl6T+4Q0QXMT8xu5MeBHr+vxlgqNUTWOQn6Q/B6QnrVzWDA
gEq4Id45vN4j18iXGqMy8/xWQg3kRHaU563zx8u+7cjV81feMDbQiC6p6nqQHsD4
U07JIVDqjbJESLdeqju6HsNzYKohi/gxhsgouPXdFTrfgkWCklAGwqT7QE0ZnL/t
SVC0xpmCLneXAxWGGo27zJKVJ1/iMUgi/i4R+u2K4eQbsBXXYwh0gSxwYReTyr+C
51ugKkvYjTy+U2Fedq3lXEVtnRV02zpO/LlpJR446jRAapVH+ZF9tGMoIHg5hATZ
KEzGw9x19/wQSRumTvV0HAQ0lqWW9/0n2VuwI/Sh7YHQ2j/DhyF0blFrooGyIxd2
x5+Xu1PWlYwlUbu7ZsOw1V9cqL5yv5m+w4mL+h8ytHJHHL2Cg8/3qp/QxLT7CnfX
fOHAjNxGkS/QfoxEhuSwigPi/Yd51wHcaOLyUdGceOZ79ciQtPgvCFdyrDrfDhSr
ABEBAAGJAR8EGAECAAkFAkmkbYUCGwwACgkQ0RNJxbFlRJhbLAgAsCBA7KmGkTmQ
mjPNA7Iig8tA5S9fYavbKydNQNxPpL47GLf9V3la4P2/LPLa3rH31Bt+ScfSqAKC
5/geB5BKwmQqRomsQpjhmrpBenPjYrUYG2dEB/BOMvOyvr3dTpWtAg5CwYYnHTNy
yJn7dc7whiE94ZxqFdt58K0H5/H449/VHuCJue+uzy0ldrTK8VVpK6uGgrJc5kre
2bpdGVbALpC+yeNMyXCqgGigg9gu1iHXSSGgbQfW+AhsFpiN37fPq8zDNU2C8sp3
4Y45EYRmRCZ+0a9WSRnYALRZFdvjysKfRjP3o4Ax/d4cSi6v2pT93yfoA2TQMkLF
E1MQObpE5A==
=7VGF
- -----END PGP PUBLIC KEY BLOCK-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBAgAGBQJJ+eSGAAoJENETScWxZUSYSncH+gNcFvK2E8PeWnkqtNC2wEFQ
s1Eom8trKalePRfjIzJ6mnHgLJGQLniS3I4b3zXKUy0G48dsr5NPhDhh05yOU6R6
X72V+kl5jaKFmXpqHSuUetrrDY28XsvQLvC71TAkNd0OHZCGpQAdZRTB0kEb7Db0
Jg8p+5MdmSDpzICsyHP4lrl1p9ofqUfsfBZaAJbE3cx+rXUF0B5dle+UfIQnNupH
zhUUTbl/t0T0MZB408+hmGU5hL7i4rSvqAswt2QvZuT+wIh75J17WhfYR0+SLrJY
/UehKMzopicdBueAuBY1Bzn+WmHBAhR8tcj4jOG40ipiLuPXSYkrBXLBBW5p9Kw=
=t1bB
-----END PGP SIGNATURE-----

------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Tired of using other people's tools? Why not learn how to write your own exploits? 
InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for 
Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well. 

http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
------------------------------------------------------------------------