Re: MS patch scanner - how to use it in "real life"?
From: akomolafe (deji@prontomail.com)Date: 08/16/01
- Previous message: Tom Love: "RE: MS patch scanner - how to use it in "real life"?"
- In reply to: Mattias Nyholm: "MS patch scanner - how to use it in "real life"?"
- Next in thread: Eric: "Re: MS patch scanner - how to use it in "real life"?"
- Reply: Eric: "Re: MS patch scanner - how to use it in "real life"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <006601c1269b$ede52b90$f701fe0a@commtouch.com> From: "akomolafe" <deji@prontomail.com> To: "Mattias Nyholm" <mattias.nyholm@framfab.se>, <focus-ms@securityfocus.com> Subject: Re: MS patch scanner - how to use it in "real life"? Date: Thu, 16 Aug 2001 14:39:29 -0700
You are correct. The hype surrounding the tool does not seem to fit its
capabilities.
I have been testing it since yesterday and I am a little bit dissatisfied
with its detection/reporting ability as well as the usefulness of the report
generated.
One of my biggest gripe is the fact that the tool does not detect/report
based on necessity. I ran it again a non-IIS server and it generated a long
list of missing hotfixes that are ONLY relevant for IIS.
I guess this is OK, if you only have a couple of servers to test. In my
case, I have hundreds and chasing down all reported "missing" patches only
to find out that they are not relevant or getting the "this update does not
need to be installed on this system" errors. If the update does not need to
be installed why is this tool reporting it as missing?
Deji
----- Original Message -----
From: "Mattias Nyholm" <mattias.nyholm@framfab.se>
To: <focus-ms@securityfocus.com>
Sent: Thursday, August 16, 2001 4:48 AM
Subject: MS patch scanner - how to use it in "real life"?
>
> I've been testing the MS patch scanner, and I have some doubts as to
> how useful it is "in real life". The thing is that the tool reports
> on installed and missing hotfixes without considering that several
> patches are outdated and have been replaced by other patches. This
> leads to several problems:
>
> # Even on a fully patched system the tool will still report that
> some patches are missing.
> # The tool can not be used as "run once, tell me if something
> is missing" way to make sure a server is secure.
> # Since the tool reports on missing hotfixes even though they are
> replaced by a later patch one will have to create and maintain a
> list of current patches and compare the tools output to that list.
> To use this on a large scale one must write a separate tool to parse
> the output and compare it to the list.
>
> Have anyone else noticed the same problems, or have I completely
> misunderstood the tool? I'd be glad if I have! :)
>
> -mattias
- Previous message: Tom Love: "RE: MS patch scanner - how to use it in "real life"?"
- In reply to: Mattias Nyholm: "MS patch scanner - how to use it in "real life"?"
- Next in thread: Eric: "Re: MS patch scanner - how to use it in "real life"?"
- Reply: Eric: "Re: MS patch scanner - how to use it in "real life"?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
