| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Feb 2004 14:08:00 -0700 From: "kevin hinze" <kevin_hinze@...igators.org> To: Drew Copley <dcopley@...e.com>, <dotsecure@...hmail.com>, <full-disclosure@...ts.netsys.com>, <bugtraq@...urityfocus.com> Subject: Re: Another Low Blow From Microsoft: MBSA Failure! We also are a fairly small shop. But I have found Foundstone's free tools worthwhile. Nessus is always a good choice though. -- > From: "Drew Copley" <dcopley@...e.com> > Date: Tue, 10 Feb 2004 16:09:25 -0800 > To: <dotsecure@...hmail.com>, <full-disclosure@...ts.netsys.com>, > <bugtraq@...urityfocus.com> > Subject: RE: Another Low Blow From Microsoft: MBSA Failure! > > BTW, I should note that one user did respond back to my pseudo-challenge > and noted that small businesses like his can not afford professional > vulnerability assessment solutions. > > I apologize for alienating these users. > > To such users: please start using the free Nessus tool. Use MBSA as a > back-up. Check in-person on any suspicious anomalies. > > > > >> -----Original Message----- >> From: Drew Copley [mailto:dcopley@...e.com] >> Sent: Tuesday, February 10, 2004 11:08 AM >> To: dotsecure@...hmail.com; full-disclosure@...ts.netsys.com; >> bugtraq@...urityfocus.com; >> patchmanagement@...tserv.patchmanagement.org >> Subject: RE: Another Low Blow From Microsoft: MBSA Failure! >> >> >> >>> -----Original Message----- >>> From: dotsecure@...hmail.com [mailto:dotsecure@...hmail.com] >>> Sent: Tuesday, February 10, 2004 10:21 AM >>> To: full-disclosure@...ts.netsys.com; bugtraq@...urityfocus.com; >>> patchmanagement@...tserv.patchmanagement.org >>> Subject: Another Low Blow From Microsoft: MBSA Failure! >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Another Low Blow from Microsoft. >>> >>> Within the last few weeks at our company we have been doing >> testing to >>> find out total number of patched machines we have against >> the latest >>> Messenger Service Vulnerability. After checking few >> thousand computers >>> we have found several hundred were still affected even though patch >>> has been applied. We have scanned with Retina, Foundstone >> and Qualys >>> tools which they all showed as "VULNERABLE", however when >> we scanned >>> with Microsoft Base Security Analyzer it showed as "NOT >> VULNERABLE". >>> This was at first confusing; one would think an assessment tool >>> released by the original vendor would actually be accurate >> >> <snip> >> >> >>> >>> Had we trusted Microsoft Base Analyzer we would still be vulnerable. >> >> Retina has the same potential functionality as MBSA. We can >> also do registry and file checks. And, sometimes we do. But, >> we try to do remote checks that are non-intrusive and that do >> not use these. A big reason for this is that remote registry >> and file checks are very unreliable. >> (Far beyond just the fact that someone could fake out the >> scanner by putting a dummy file or registry entry up there >> intentionally). >> >> I don't know anyone that uses MBSA only for their network. It >> is an interesting toy, but it surely isn't capable of >> replacing a true vulnerability assessment solution. >> >> >> >> >> >>> Questions comments email me at dotsecure@...hamail.com or >>> Aim: Evilkind. >>> >>> >> >> <snip> >> >> > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists