On Monday, 2006-07-03 at 05:57 GMT, Gopinath_Ramamoorthy_at_satyam.com wrote:
> My requirement is when there is a machine / laptop are connected to my
network,
> which is not updated with the current Patches, Security updates which is
being
> approved needs to be reported to the Sys admin and immediate necessary
steps
> would be taken.
> Is it possible to have this & if so suggest me the options pls.
What you want is a vulnerability scanner. An IDS, as its name suggests,
reacts to intrusions after they occur. A VS, on the other hand, can tell
you about known vulnerabilities even before they are exploited.
Unfortunately, a network based VS is difficult to accomplish. There are
some that depend on having administrative access to the scanned machines;
while that may be possible in some organizations, it isn't generally the
case. (For example, typical university or ISP networks - the network
administrators (who might want to do such scanning) normally don't have
administrative access to the target systems.) Another alternative, host
based vulnerability scanners, have more ability to find flaws on the local
machine; but that clearly requires that the scanning program be loaded and
run on each target system.
--
Tony Rall
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.securityfocus.com/sponsor/CoreSecurity_focus-ids_040708
to learn more.
------------------------------------------------------------------------
Received on Jul 05 2006
Intro
