One thing to note when using HFNectChk - it won't tell you to get a new service pack, it will just tell you to get the patches applicable to the SP you have. If you want to close all the known, published, and fixed holes (OK, if you want to do that there is a lot more than just patching involved) you usually need to update SPs, and sometimes even product versions. Also, be aware of what applications HFNetChk scans, and which applications it does not. (It does not scan the entire set of MS applications for which patches are available, nor does it scan every version of the products it does check.) -Patrick R. Sweeney http://boston.craigslist.org/bos/res/8484283.html ----- Original Message ----- From: "Lucas Zaichkowsky" <Lucasat_private> To: "Greg Wiedeman" <gswcentralat_private>; <incidentsat_private> Sent: Thursday, February 20, 2003 6:08 PM Subject: RE: Weird Profile in Documents and Settings > Possible file corruption or someone attempting to exploit an unpatched hole. > > First, get properties on the C drive and do an error check. Check in both > boxes and let it reboot to perform the scan. You should be using NTFS for > the filesystem. If not, I encourage you to convert unless you have a reason > for sticking with FAT. > > Second, Go to windows update and make sure you have all the critical updates > installed. > > Third, install hfnetchklt (shavlik.com) and run a scan on your computer, > suppressing notes and warnings. Install any patches it complains about. > Make sure you redownload the patches since MS updates them on occasion. > > -Lucas > > > -----Original Message----- > From: Greg Wiedeman [mailto:gswcentralat_private] > Sent: Thursday, February 20, 2003 5:38 AM > To: incidentsat_private > Subject: Weird Profile in Documents and Settings > > > > > I have an incident where in the documents and settings in windows 2000 I > > have a profile show up under a number of systems where the name of the > > folder shows up as 3 squares. I don't know where it came from but it > > appears on my workstations and my servers. I don't know what it is. Does > > anyone know anything that would make this profile???? I have done virus > > scans and trojan scans along with scumware scans but all turn up negative. > > Thanks > > > -------------------------------------------------------------------------- -- > > Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 > box? > CORE IMPACT does. > www.securityfocus.com/core > > > -------------------------------------------------------------------------- -- > > Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 > box? > CORE IMPACT does. > www.securityfocus.com/core > > ---------------------------------------------------------------------------- Do you know the base address of the Global Offset Table (GOT) on a Solaris 8 box? CORE IMPACT does. www.securityfocus.com/core
This archive was generated by hypermail 2b30 : Fri Feb 21 2003 - 16:59:16 PST