lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <3F7439A6.7060302@jmu.edu>
From: flynngn at jmu.edu (Gary Flynn)
Subject: RE: Probable new MS DCOM RPC worm for Windo
 ws

I would think a better way of determining if a patch is actually
installed on a system is by examining the files on the system rather
than to depend upon symptoms (scanners) or installation logs (registry
entries).

If the add/remove software control panel, registry, or
msi say the machine is patched but the files aren't
there, an installation problem occurred.

If the scanners say the machine is not patched but the
files are there then either the patch is ineffective in
that machine's particular configuration (PATH?) or the
scanner is generating a false positive.

-- 
Gary Flynn
Security Engineer - Technical Services
James Madison University

Please R.U.N.S.A.F.E.
http://www.jmu.edu/computing/runsafe

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ