Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Paul Rogers (paul.rogersmis-cds.com)
Date: Wed Aug 15 2001 - 10:46:52 CDT
-----BEGIN PGP SIGNED MESSAGE-----
We've got an issue with the scanner:
Creates a runtime exception when attempting to scan a Linux system
running Samba 2.0.8 (confirmed) within the same network / NT domain,
from an NT4 SP6a fully patched workstation.
Also, the -r and -i switches (used in the examples but are not
present within the parameter list), are not recognised so cannot scan
IP ranges. To get around this I've found you have to use the -h
switch. For example:
hfnetchk -h 184.108.40.206,220.127.116.11,18.104.22.168,22.214.171.124 ....... works. Just a
real pain having to type every IP address
Apart from that it seems to be working... Just testing further.
Network Security Analyst.
MIS Corporate Defence Solutions Limited
Tel: +44 (0)1622 723422 (Direct Line)
+44 (0)1622 723400 (Switchboard)
Fax: +44 (0)1622 728580
> -----Original Message-----
> From: Thomas C. Greene [mailto:tcgreenebellatlantic.net]
> Sent: 15 August 2001 10:18
> To: focus-mssecurityfocus.com; bugtraqsecurityfocus.com
> Subject: MS patch-scanner for Win-NT, 2K, IIS, SQL
> *** THIS MESSAGE ORIGINATED OUTSIDE MIS ***
> MS patch-scanner for Win-NT, 2K, IIS, SQL
> By Thomas C Greene in Washington
> Posted: 15/08/2001 at 06:07 GMT
> We've been eager to spill the beans about this for weeks, and
> even hinted at
> it in a previous story
> Today it's official; MS has released a command-line
> application, HFNetChk,
> which will scan all NT and/or 2K machines in a network from a
> single location and compare their currently-installed patches with
> the latest ones
> available, making it easy for admins to identify and patch
> vulnerable machines.
> The app was developed by MS Security Program Manager Eric
> Schultze. We gave
> it a whirl over the weekend and it performed as advertised.
> It covers Win-NT
> and 2K; IIS 4.0 and 5.0; SQL Server 7.0 and 2000 (including
> MS Data Engine);
> and Internet Explorer 5.01 and later.
> The tool accesses an XML file, which it downloads
> automatically, and which
> contains information such as the files in each patch and
> their file versions
> and checksums, registry keys that would be applied by the hotfix,
> information about which patches supersede others, related Microsoft
> Knowledge Base article numbers, and the like.
> If any of the file or registry details on a scanned machine
> don't match the
> information in the XML file, the associated security patch is
> identified as
> not installed and the results are displayed on the screen.
> The corresponding
> Knowledge Base article number is also displayed.
> Switches can be used specify groups of computers to scan,
> output format,
> engine speed, types of checks, the location of the XML file and so
> on, according to the complete instructions, which should be
> available from MS
> later today. ®
> The progie:
The instructions (note, going live some time Wednesday):
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.3
-----END PGP SIGNATURE-----