At 09:46 AM 2/8/99 -0500, Chris Brenton wrote: >Many security audit tools that I've tested would in fact say that the >system is safe because SP4 has been installed. This is because instead >of checking file dates, they are looking for registry keys which >identify what patches have been loaded on the system. > >I personally can not say if ISS's scanners fall into the same boat, but >from my testing I know many do. We check file dates when checking for NT patches, and would catch your example. David LeBlanc dleblancat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:33:19 PDT