Penetration Testing mailing list archives
RE: Windows Patch Auditing & "File and Print Sharing" disabled
From: "Thakrar, Saurabh" <saurabh.thakrar () roche com>
Date: Thu, 14 May 2009 16:21:13 -0400
Hi Mike, I tried to post this reply couple days ago, but it seems like it bounced back... Anyway, It seems like the scanner is unable to authenticate to the domain. Windows Patch assessment scan requires that the scanner (in your case nessus) at least be able to read registry of the systems being scanned. In other words you may need to pass along domain credentials in nessus, when scanning. Hope this helps, Best Regards, Saurabh Thakrar Email: sthakrar12 () yahoo com Best Regards, Saurabh A. Thakrar Integration & Security Consultant - IT Products Roche Diagnostics Corporation 9115 Hague Road, Bldg-L14 Indianapolis, Indiana 46250-0457 USA Phone: +1 317-521-4092 Mobile: +1 317-372-9178 mailto:saurabh.thakrar () roche com P Please consider the environment before printing this e-mail Confidentiality Note: This message is intended only for the use of the named recipient(s) and may contain confidential and/or proprietary information. If you are not the intended recipient, please contact the sender and delete this message. Any unauthorized use of the information contained in this message is prohibited. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of intel96 Sent: Thursday, May 14, 2009 3:17 PM To: marcelo carvalho Cc: pen-test list Subject: Re: Windows Patch Auditing & "File and Print Sharing" disabled Something simple: You could script something that calls systeminfo.exe. http://technet.microsoft.com/en-us/library/bb491007.aspx Something more advance: You could write something in C# that queries the registry for missing patches? The registry key on my system that contains this information is: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP marcelo carvalho wrote:
Do y try null section Netbios with MBSA Analayzer? -------------------------------------------------- From: "Mike Drugov" <DRUGOVM () nychhc org> Sent: Thursday, April 30, 2009 1:01 PM To: <pen-test () securityfocus com> Subject: Windows Patch Auditing & "File and Print Sharing" disabledHello list, I need some advise I'm trying to scan a Windows Network where all end nodes except Domain Controller have "File & Print Sharing" disabled. What I'm trying to get a list of Microsoft Updates that are missing. So far I tried Nessus & Foundstone and none of them are able to provide a report with missing patches.(I'm able to get a report from Domain Controller) Nessus support stated that "File & Print Sharing" is required for patch auditing What is my other options? Thanks ----------------------------------------- Visit www.nyc.gov/hhc CONFIDENTIALITY NOTICE: The information in this E-Mail may be confidential and may be legally privileged. It is intended solely for the addressee(s). If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on this e-mail, is prohibited and may be unlawful. If you have received this E-Mail message in error, notify the sender by reply E-Mail and delete the message.
------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute Tired of using other people's tools? Why not learn how to write your own exploits? InfoSec Institute's Advanced Ethical Hacking class teaches you how to write stack and heap buffer overflow exploits for Windows and Linux. Gain your Certified Expert Penetration Tester (CEPT) cert as well.
http://www.infosecinstitute.com/courses/advanced_ethical_hacking_trainin g.html
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org
------------------------------------------------------------------------
------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Re: Windows Patch Auditing & "File and Print Sharing" disabled Terry M (May 04)
- <Possible follow-ups>
- Re: Windows Patch Auditing & "File and Print Sharing" disabled Nikhil Wagholikar (May 04)
- Re: Windows Patch Auditing & "File and Print Sharing" disabled Kurt Buff (May 04)
- Re: Windows Patch Auditing & "File and Print Sharing" disabled τ∂υƒιφ * (May 07)
- RE: Windows Patch Auditing & "File and Print Sharing" disabled Robinson A. Malagon Mendoza (Consorcio Colombia) (May 07)
- Re: Windows Patch Auditing & "File and Print Sharing" disabled marcelo carvalho (May 14)
- Re: Windows Patch Auditing & "File and Print Sharing" disabled intel96 (May 14)
- RE: Windows Patch Auditing & "File and Print Sharing" disabled Thakrar, Saurabh (May 14)
- Re: Windows Patch Auditing & "File and Print Sharing" disabled intel96 (May 14)