[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] What can a Remote Vulnerability Scanner do in Future?

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] What can a Remote Vulnerability Scanner do in Future?
From: Michael Holstein <michael.holstein@xxxxxxxxxxx>
Date: Mon, 06 Feb 2006 09:07:48 -0500

But Windows XP with sp2 enhance the security configuration and block
these checking way. So we can not do local check on Windows XP sp2except ask customers to do a lot of complex configuration.

Well, with the enhanced security configuration and firewall enabled, thevulnerability is no longer "remotely exploitable", is it?

If you want to check for local vulnerabilities, you'll to run somethingclient-side. There's at least a half-dozen ways to do this in a domainmodel (eg: GPO or logon scripts) -- but in a standalone environment,you'll need an agent of some type.


Cheers,

Michael Holstein CISSP GCIA
Cleveland State University
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] What can a Remote Vulnerability Scanner do in Future?
  - From: Alice Bryson

References:
- [Full-disclosure] What can a Remote Vulnerability Scanner do in Future?
  - From: Alice Bryson

Prev by Date: [Full-disclosure] [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability
Next by Date: [Full-disclosure] According to Ivan, the secret ZA phone-home server is located at 127.0.0.1 [was Re: Re: Re: ZoneAlarm phones home]
Previous by thread: [Full-disclosure] What can a Remote Vulnerability Scanner do in Future?
Next by thread: Re: [Full-disclosure] What can a Remote Vulnerability Scanner do in Future?
Index(es):
- Date
- Thread