Re: Windows Patch Auditing & "File and Print Sharing" disabled

["Mike Drugov" <DRUGOVM () nychhc org>]

Alright

List of tools that failed

Nessus
FoundStone
GFI
MBSA


Please keep in mind that on remote nodes "Windows Update Service" is disabled and stopped as well as "Client for File & 
Print Sharing" is uninstalled

I think my last resort will be to run WMI scripts pull up a list of installed updates and correlate with MS database





> > > "Mike Drugov" <DRUGOVM () nychhc org> 4/30/2009 1:41 PM >>>
Will it work with File & Print Sharing disabled?

> > > eek hmm <eek3hmm () gmail com> 4/30/2009 1:39 PM >>>
GFI LanGuard will work.
http://www.gfi.com/lannetscan/?adv=675&loc=1 


On 4/30/09 11:01 AM, "Mike Drugov" <DRUGOVM () nychhc org> wrote:


> Hello list,

>

> I need some advise

>

> I'm trying to scan a Windows Network where all end nodes except Domain

> Controller have "File & Print Sharing" disabled.

>

> What I'm trying to get a list of Microsoft Updates that are missing.

>

>

> So far I tried Nessus & Foundstone and none of them are able to provide a

> report with missing patches.(I'm able to get a report from Domain
Controller)

>

> Nessus support stated that "File & Print Sharing" is required for patch

> auditing

>

>

> What is my other options?

>

> Thanks

>

>

> -----------------------------------------

> Visit www.nyc.gov/hhc 

>

> CONFIDENTIALITY NOTICE: The information in this E-Mail may be

> confidential and may be legally privileged. It is intended solely

> for the addressee(s). If you are not the intended recipient, any

> disclosure, copying, distribution or any action taken or omitted to

> be taken in reliance on this e-mail, is prohibited and may be

> unlawful. If you have received this E-Mail message in error, notify

> the sender by reply E-Mail and delete the message.

>

> ------------------------------------------------------------------------

> This list is sponsored by: InfoSec Institute

>

> Tired of using other people's tools? Why not learn how to write your own

> exploits?

> InfoSec Institute's Advanced Ethical Hacking class teaches you how to
write

> stack and heap buffer overflow exploits for Windows and Linux. Gain your

> Certified Expert Penetration Tester (CEPT) cert as well.

>

>
http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html 

> ------------------------------------------------------------------------

>



------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Tired of using other people's tools? Why not learn how to write your own exploits?
InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for 
Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well.

http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html 
------------------------------------------------------------------------




------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

Tired of using other people's tools? Why not learn how to write your own exploits?
InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for 
Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well.

http://www.infosecinstitute.com/courses/advanced_ethical_hacking_training.html
------------------------------------------------------------------------