Interesting that it proved to be such a reliable indicator. Why do you think
that is? what led you to pick it in the first place? I'm guessing that for
whatever reason, the old logic you used is not working, and you are looking
to catch those machines which are post-this patch, yet don't have automatic
updates on.
the only plugins i can find with MS07 are
find ./ -exec grep -l MS07 {} \;
.//macosx_ms_office_may2007.nasl
.//smb_nt_ms05-002.nasl
.//smb_nt_ms07-004.nasl
.//smb_nt_ms07-011.nasl
.//smb_nt_ms07-012.nasl
.//smb_nt_ms07-013.nasl
.//smb_nt_ms07-016.nasl
.//smb_nt_ms07-017.nasl
.//smb_nt_ms07-021.nasl
.//smb_nt_ms07-027.nasl
.//smb_nt_ms07-029.nasl
.//smb_nt_ms07-030.nasl
.//smb_nt_ms07-031.nasl
.//smb_nt_ms07-032.nasl
.//smb_nt_ms07-033.nasl
and they all suspiciously look like they might really like authentication...
they all require enumeration of the registry.
On 10/7/07, Klun, Jim <[EMAIL PROTECTED]> wrote:
>
>
> I do an automated light nessus scan on all our VPN users as they enter
> private space.
>
> I cannot rely on having credentials to the user's machine.
>
> MS06-040 plugin 21294 has been my test for the last year for users who
> are likely not-doing auto-updates - and it has proved a reliable test.
>
> The test works and invariably they do not have any form of automated
> patching.
>
> I am looking for a more current ( 2007 would be nice ;-) ) Microsoft
> vuln plugin that achieves the same - without requiring credentials.
>
> Any suggestions?
>
>
> James A. Klun
>
> _______________________________________________
> Nessus mailing list
> [email protected]
> http://mail.nessus.org/mailman/listinfo/nessus
>
--
Doug Nordwall
Unix, Network, and Security Administrator
You mean the vision is subject to low subscription rates?!!? - Scott Stone,
on MMORPGs
_______________________________________________
Nessus mailing list
[email protected]
http://mail.nessus.org/mailman/listinfo/nessus
