Hi,
I hope everyone here is keeping ok. You haven't heard from me for a while -
I've moved jobs and only just got back on mailing lists.
I'm using Nessus for Windows local checks much more these days, and I usually
cross-correlate results with MBSA. I've found Nessus to be a great companion,
especially as it has broader coverage. However, there is one issue I'd like to
see resolved - handling cumulative patches. For example, if a system has
MS05-038 installed then it does not need MS05-020. MBSA correctly handles this
case, but unfortunately Nessus produces a false positive "MS05-020 missing". I
guess it doesn't come up often as most systems are on auto-updates.
Is there any chance of getting this fixed? I'm prepared to help, although time
is more limited these days.
BTW, I'm only proposing changing behaviour to remove false positives. If a
system is missing MS05-038 and MS05-020 I suggest Nessus continues to report
both. MBSA only reports MS05-038 in that case.
Best wishes,
Paul
--
Paul Johnston
IT Security Services
HBOS Plc
PAJohnston@HBOSplc.com
Tel: +44 (0)113 235 3071 (Internal 53071)
Fax: +44 (0)113 235 3206 (Internal 53206)
Internal Postal Reference : PDC/1/IT/SEC
--
------------------------------------------------------------------------------
HBOS plc, Registered in Scotland No. SC218813. Registered Office: The Mound,
Edinburgh EH1 1YZ. HBOS plc is a holding company, subsidiaries of which are
authorised and regulated by the Financial Services Authority.
==============================================================================
_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
