We also are a fairly small shop. But I have found Foundstone's free tools worthwhile.
Nessus is always a good choice though. -- > From: "Drew Copley" <[EMAIL PROTECTED]> > Date: Tue, 10 Feb 2004 16:09:25 -0800 > To: <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]>, > <[EMAIL PROTECTED]> > Subject: RE: Another Low Blow From Microsoft: MBSA Failure! > > BTW, I should note that one user did respond back to my pseudo-challenge > and noted that small businesses like his can not afford professional > vulnerability assessment solutions. > > I apologize for alienating these users. > > To such users: please start using the free Nessus tool. Use MBSA as a > back-up. Check in-person on any suspicious anomalies. > > > > >> -----Original Message----- >> From: Drew Copley [mailto:[EMAIL PROTECTED] >> Sent: Tuesday, February 10, 2004 11:08 AM >> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; >> [EMAIL PROTECTED]; >> [EMAIL PROTECTED] >> Subject: RE: Another Low Blow From Microsoft: MBSA Failure! >> >> >> >>> -----Original Message----- >>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] >>> Sent: Tuesday, February 10, 2004 10:21 AM >>> To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; >>> [EMAIL PROTECTED] >>> Subject: Another Low Blow From Microsoft: MBSA Failure! >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> Another Low Blow from Microsoft. >>> >>> Within the last few weeks at our company we have been doing >> testing to >>> find out total number of patched machines we have against >> the latest >>> Messenger Service Vulnerability. After checking few >> thousand computers >>> we have found several hundred were still affected even though patch >>> has been applied. We have scanned with Retina, Foundstone >> and Qualys >>> tools which they all showed as "VULNERABLE", however when >> we scanned >>> with Microsoft Base Security Analyzer it showed as "NOT >> VULNERABLE". >>> This was at first confusing; one would think an assessment tool >>> released by the original vendor would actually be accurate >> >> <snip> >> >> >>> >>> Had we trusted Microsoft Base Analyzer we would still be vulnerable. >> >> Retina has the same potential functionality as MBSA. We can >> also do registry and file checks. And, sometimes we do. But, >> we try to do remote checks that are non-intrusive and that do >> not use these. A big reason for this is that remote registry >> and file checks are very unreliable. >> (Far beyond just the fact that someone could fake out the >> scanner by putting a dummy file or registry entry up there >> intentionally). >> >> I don't know anyone that uses MBSA only for their network. It >> is an interesting toy, but it surely isn't capable of >> replacing a true vulnerability assessment solution. >> >> >> >> >> >>> Questions comments email me at [EMAIL PROTECTED] or >>> Aim: Evilkind. >>> >>> >> >> <snip> >> >> > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
