lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 10 Feb 2004 16:09:25 -0800
From: "Drew Copley" <dcopley@...e.com>
To: <dotsecure@...hmail.com>, <full-disclosure@...ts.netsys.com>,
   <bugtraq@...urityfocus.com>
Subject: RE: Another Low Blow From Microsoft: MBSA Failure!


BTW, I should note that one user did respond back to my pseudo-challenge
and noted that small businesses like his can not afford professional
vulnerability assessment solutions. 

I apologize for alienating these users. 

To such users: please start using the free Nessus tool. Use MBSA as a
back-up. Check in-person on any suspicious anomalies.




> -----Original Message-----
> From: Drew Copley [mailto:dcopley@...e.com] 
> Sent: Tuesday, February 10, 2004 11:08 AM
> To: dotsecure@...hmail.com; full-disclosure@...ts.netsys.com; 
> bugtraq@...urityfocus.com; 
> patchmanagement@...tserv.patchmanagement.org
> Subject: RE: Another Low Blow From Microsoft: MBSA Failure!
> 
>  
> 
> > -----Original Message-----
> > From: dotsecure@...hmail.com [mailto:dotsecure@...hmail.com]
> > Sent: Tuesday, February 10, 2004 10:21 AM
> > To: full-disclosure@...ts.netsys.com; bugtraq@...urityfocus.com; 
> > patchmanagement@...tserv.patchmanagement.org
> > Subject: Another Low Blow From Microsoft: MBSA Failure!
> > 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > Another Low Blow from Microsoft.
> > 
> > Within the last few weeks at our company we have been doing 
> testing to 
> > find out total number of patched machines we have against 
> the latest 
> > Messenger Service Vulnerability. After checking few 
> thousand computers 
> > we have found several hundred were still affected even though patch 
> > has been applied. We have scanned with Retina, Foundstone 
> and Qualys 
> > tools which they all showed as "VULNERABLE", however when 
> we scanned 
> > with Microsoft Base Security Analyzer it showed as "NOT 
> VULNERABLE". 
> > This was at first confusing; one would think an assessment tool 
> > released by the original vendor would actually be accurate
> 
> <snip>
> 
> 
> > 
> > Had we trusted Microsoft Base Analyzer we would still be vulnerable.
> 
> Retina has the same potential functionality as MBSA. We can 
> also do registry and file checks. And, sometimes we do. But, 
> we try to do remote checks that are non-intrusive and that do 
> not use these. A big reason for this is that remote registry 
> and file checks are very unreliable.
> (Far beyond just the fact that someone could fake out the 
> scanner by putting a dummy file or registry entry up there 
> intentionally).
> 
> I don't know anyone that uses MBSA only for their network. It 
> is an interesting toy, but it surely isn't capable of 
> replacing a true vulnerability assessment solution.
> 
> 
> 
> 
> 
> > Questions comments email me at dotsecure@...hamail.com or
> > Aim: Evilkind.
> > 
> > 
> 
> <snip>
> 
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ