Virus.Org IT Security News and Information Portal. We offer the latest IT security news, updates, product reviews, books, and articles for all you IT security professionals out there. Enter and get the best IT security information on the Internet.

 
. Welcome to the Virus.Org Mailing List Archive  
.
.


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]


Re: Getting patch information on Systems without ADMIN rights !?
.

  • To: "Patch Management Mailing List" <[EMAIL PROTECTED]>
  • Subject: Re: Getting patch information on Systems without ADMIN rights !?
  • From: Jerry Parlee <[EMAIL PROTECTED]>
  • Date: Fri, 30 Apr 2004 16:42:43 -0500
  • In-reply-to: <[EMAIL PROTECTED]>
  • References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
  • Reply-to: "Patch Management Mailing List" <[EMAIL PROTECTED]>
.
 
At 04:18 PM 4/30/2004, you wrote:

In my view the challenge that remains to be address by third party vendors
is how to identify and patch systems where (for various reasons) we don't
have remote admin rights.(Lab Systems, Engineering Systems , ...)


Absolutely true.


At this point I am merely interested in being able to scan the systems and
report on them. Once we can identify them I am sure the is the challenge to
get them patched. ( Login  scripts .., SUS, PUSH method apps ... or CDs\
Only tool I know of is the Cisco product that won't hand out an IP address to an unknown machine. What I've been doing is parsing the HfnetChk results for rogue computers and tracking them manually. Not the perfect solution. 


In light of above mentioned shortcomings,not yet addressed by third party
vendors (i.e SUS, SMS, SHAVLIK...all others mentioned on this list), I have
developed a suite of VBS scripts that launches a remote process using
(PSEXEC)a and runs HFNETCHECK using a centralized & customized copy of
mssecure.XML. It copies the results to a central repository which is then
merged into a CSV file to be merged into a DATABASE or EXCEL workbook using
VBA. This also handles the issue of dealing with Mobile, VPN and dhcp USERS.
Cool, will you share? Would you like a vbs script that runs and parses the Hfnetchk output into useful text files? 


This suite has allowed us to capture all the info that we need without
having to maintain client side apps or pay expensive licensing fees.

The remaining problem is still dealing with systems where Domain Admins DO
NOT have remote admin rights. I would be interested to see how others are
accounting for such systems in your environments!
Its the big hole as far as we're concerned. Trying to get someone to spring for the Cisco product has been fruitless. 


Sincerely,
Tony Zirnoon
[EMAIL PROTECTED]



Jerry Parlee
Psych Dept UT Austin



---
To unsubscribe send a blank email to [EMAIL PROTECTED]
 
.
.
 
Copyright (c) Virus.Org 1997-2006.
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.