Security Basics mailing list archives
RE: Windows Network Audit Tool Question
From: "Rosado, Rafael (Rafael)" <rarosado () lucent com>
Date: Mon, 30 Dec 2002 13:10:06 -0700
You might want to consider running Microsoft's Baseline Security Analyzer (MSBA) - http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/ tools/Tools/MBSAhome.asp or GFI's Languard Network Scanner (http://www.gfi.com/lannetscan/index.htm). Both are open source/freeware and run under Windows (MSBA requires Windows 2000 Professional and Administrator rights over the machines being scanned, Languard runs under 9x/NT/2000 and you do not need Administrator rights over the machines being scanned). The commercial version of Languard is $99 and allows a Network Administrator to push/distribute security patches remotely. FYI...version 3.1 of Languard (beta) advertises that it will allow Network Administrators remotely push service packs (in addition to security patches). Rafael Rosado IT Security Manager Caribbean and Latin America Region (CALA) Lucent Technologies O Corporate Security Business Assurance and Risk Mitigation Services (B.A.R.M.S.) 2400 SW 145th Avenue - Room 3S039 Miramar, Florida 33027 +1 954-885-2176 (voice) * +1 954-885-3861 (fax) * +1 954-648-3532 (mobile) or 9546483532 () mobile att net (text message) * rarosado () lucent com (email) * This electronic mail message contains information belonging to Lucent Technologies, which may be confidential and/or legal privileged. The information is intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, printing, copying, distribution, or the taking of any action in reliance on the contents of this electronically mailed information is strictly prohibited. If you receive this message in error, please immediately notify us by electronic mail and delete this message. -----Original Message----- From: Havens, Ben [mailto:benh () bf umich edu] Sent: Monday, December 30, 2002 12:59 AM To: security-basics () securityfocus com Subject: RE: Windows Network Audit Tool Question Nessus (nessus.org) has a plugin for checking service pack level. Don't see one for querying installed hotfixes, but you might be able to rework this one to return those hotfix regkeys/values. That appears to be all that Winfingerprint does. IMHO, this is not a very reliable method. Something like Hfnetchk (shavlik.com) which also verifies file versions and checksums would give you a better idea of whether installed hotfixes are still intact. -Ben -----Original Message----- From: Old Ben [mailto:obwan51 () fastmail fm] Sent: Friday, December 27, 2002 1:21 PM To: security-basics () securityfocus com Subject: Windows Network Audit Tool Question Greetings, As an admin of a Windows Domain I am looking for a tool that will provide the same type of information (especially the service pack/patch level) that I can get from Winfingerprint http://winfingerprint.sourceforge.net/ but that will run from a shell on Linux. I suspect that it is possible to do this with the Samba client software but can't find any information on it. Can anyone provide me a starting point or a link to an (open source) tool that provides this functionallity? Thanks. -fb -- Old Ben obwan51 () fastmail fm
Current thread:
- Windows Network Audit Tool Question Old Ben (Dec 27)
- <Possible follow-ups>
- re: Windows Network Audit Tool Question H C (Dec 30)
- RE: Windows Network Audit Tool Question Havens, Ben (Dec 30)
- RE: Windows Network Audit Tool Question Rosado, Rafael (Rafael) (Dec 31)