Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Windows Network Audit Tool Question

From: "Rosado, Rafael (Rafael)" <rarosado () lucent com>
Date: Mon, 30 Dec 2002 13:10:06 -0700
You might want to consider running Microsoft's Baseline Security Analyzer
(MSBA) -
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
tools/Tools/MBSAhome.asp

or GFI's Languard Network Scanner (http://www.gfi.com/lannetscan/index.htm).


Both are open source/freeware and run under Windows (MSBA requires Windows
2000 Professional and Administrator rights over the machines being scanned,
Languard runs under 9x/NT/2000 and you do not need Administrator rights over
the machines being scanned).  The commercial version of Languard is $99 and
allows a Network Administrator to push/distribute security patches remotely.

FYI...version 3.1 of Languard (beta) advertises that it will allow Network
Administrators remotely push service packs (in addition to security
patches).

Rafael Rosado
IT Security Manager
Caribbean and Latin America Region (CALA)
Lucent Technologies O  
Corporate Security
Business Assurance and Risk Mitigation Services (B.A.R.M.S.) 
2400 SW 145th Avenue - Room 3S039
Miramar, Florida 33027 
+1 954-885-2176 (voice) *
+1 954-885-3861 (fax) * 
+1 954-648-3532 (mobile) or 9546483532 () mobile att net (text message) *
rarosado () lucent com (email) *

This electronic mail message contains information belonging to Lucent
Technologies, which may be confidential and/or legal privileged. The
information is intended only for the use of the individual or entity named
above. If you are not the intended recipient, you are hereby notified that
any disclosure, printing, copying, distribution, or the taking of any action
in reliance on the contents of this electronically mailed information is
strictly prohibited. If you receive this message in error, please
immediately notify us by electronic mail and delete this message.



-----Original Message-----
From: Havens, Ben [mailto:benh () bf umich edu]
Sent: Monday, December 30, 2002 12:59 AM
To: security-basics () securityfocus com
Subject: RE: Windows Network Audit Tool Question


Nessus (nessus.org) has a plugin for checking service pack level.  Don't see
one for querying installed hotfixes, but you might be able to rework this
one to return those hotfix regkeys/values.  That appears to be all that
Winfingerprint does.

IMHO, this is not a very reliable method.  Something like Hfnetchk
(shavlik.com) which also verifies file versions and checksums would give you
a better idea of whether installed hotfixes are still intact.

-Ben


-----Original Message-----
From: Old Ben [mailto:obwan51 () fastmail fm]
Sent: Friday, December 27, 2002 1:21 PM
To: security-basics () securityfocus com
Subject: Windows Network Audit Tool Question


Greetings,

As an admin of a Windows Domain I am looking for a tool that will provide
the same type of information (especially the service pack/patch level)
that I can get from Winfingerprint http://winfingerprint.sourceforge.net/
but that will run from a shell on Linux.  I suspect that it is possible
to do this with the Samba client software but can't find any information
on it.  Can anyone provide me a starting point or a link to an (open
source) tool that provides this functionallity?  Thanks.

-fb
-- 
  Old Ben
  obwan51 () fastmail fm
Previous By Date Next
Previous By Thread Next

Current thread: