Re: Hfnetchk scans every file
From: Tod Beardsley (todb@planb-security.net)Date: 05/23/02
- Previous message: Craig Humphrey: "RE: IIS 5.0 and Netscape Authentication"
- In reply to: Greene, Michael: "Hfnetchk scans every file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 May 2002 17:06:20 -0700 From: Tod Beardsley <todb@planb-security.net> To: focus-ms@securityfocus.com
Michael Green (Monday, May 20, 2002, 12:23 PM) appeared to be
quoting Darren W. MacDonald when he wrote:
> A : Hfnetchk examines several values before it reports on the status of a
> patch.
Just to pipe in with a personal preference -- I almost always skip the
registry check with the "-z" switch. If the files are the right
version, the right age, and have the right checksum, I consider the
system patched -- after all, exploit code run against my machines
isn't going to bother checking the registry for patch presence, so why
should I?
To me, the registry check seems pretty unnecessary.
BTW, it would appear that the MS Baseline Security Analyzer lacks the
"write your own XML reference file" functionality of HFNetCheck.
Anyone have an inside scoop as to why? I asked Microsoft about it, and
was advised to use the (unreleased) MS Windows Update Corporate
Edition instead. For some reason.
-- Tod Beardsley (GCIA, MCSE) "It's okay to yell fire in a crowded theater if the theater is actually on fire."
- Previous message: Craig Humphrey: "RE: IIS 5.0 and Netscape Authentication"
- In reply to: Greene, Michael: "Hfnetchk scans every file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
