Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Security-Basics
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: GFI LanGuard patch-management ... does not work !?

from [David Gillett] Network Security [Permanent Link]
Subject: RE: GFI LanGuard patch-management ... does not work !?
Date: Tue, 28 Dec 2004 08:48:20 -0800 
  Technically, these are false NEGATIVES.  But Windows does also
have a problem with false positives:  patches that report as 
installed, even though they won't actually take effect until the 
box is rebooted (and perhaps sometimes not even then).

David Gillett



-----Original Message-----
From: Matt Byrne [mailto:matt.byrne@ntlworld.com]
Sent: Thursday, December 23, 2004 5:53 AM
To: security-basics@securityfocus.com
Subject: RE: GFI LanGuard patch-management ... does not work !?


Hamid,

I believe it is something to do with the way Windows handles patch
installation information.  Some patches on some MS operating 
systems always
come up as missing even when installed multiple times (good 
examples being
MS 03-023 and MS 03-011) this is not just a GFI issue even MS 
own tool MBSA
reports these false positives, and generally they are the 
same patches.  I
have heard that MS are re-engineering the way patches are 
recorded in the OS
to eliminate these false positives; the sooner the better!

Regards, 
Matt.

-----Original Message-----
From: Hamid . K [mailto:elite_netbios@yahoo.com] 
Sent: 07 December 2004 06:03
To: security-basics@securityfocus.com
Subject: GFI LanGuard patch-management ... does not work !?

Hi

Here in our domain , as a beta solution 
I tried GFI-Security scanner and it`s remote patch
installation feature .
well , seems it`s just a demo !
and what does "demo" means ?
my first scan resault was cool . it detected some
missing patches , I downloaded them to it`s repository
and finally I deployed them .
But on next schedule , I got samething !
scan resault told me same things as first
scan/deployment
and seems non of those patched are not going to be
identified/installed .
the proccess seems to be working , like transfering
patches and installation . all seems ok
but why GFI detect them as missing patches again !?

I tried all possible ways to deploy ..forcing reboot ,
unattended deployments , skipping user notifications
and etc.

any idea , why it does not work fine ?

regards
H,K


              
__________________________________ 
Do you Yahoo!? 
The all-new My Yahoo! - Get yours free! 
http://my.yahoo.com
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  bridge detection, G.P.M
Next by Date:  Fedora 3 Wireless Promiscuous (Monitor) Mode, TStark
Previous by Thread:  RE: GFI LanGuard patch-management ... does not work !?, Matt Byrne
Next by Thread:  w32.donk.s, Calvin . Walker
Indexes:  [Date] [Thread] [Top] [All Lists]