RE: Patch Scanning/Reporting Solution

["Hayes, Ian" <Ian.Hayes () wynnlasvegas com>]

> -----Original Message-----
> From: K. Tyler Leet [mailto:tyler.leet () attustech com]
> Sent: Tuesday, October 04, 2005 8:33 AM
> To: security-basics () securityfocus com
> Subject: Patch Scanning/Reporting Solution
>
> I am currently evaluating patch scanning/reporting solutions for my
> company.  I am not interested in patch deployment or any other
> kind of network management services; I only need a product to scan
> networks for missing patches and have the ability to generate an
> XML output for reporting purposes.  I have already evaluated Shavlik's
> HFNetChk and GFI Languard, but wanted to get some names of a
> few other solutions to evaluate.  Also, if anyone has any good Spyware
> scanning solutions feel free to share those as well :), I am
> aware of Shavlik's but no other remote scanners ATM.  Thanks in
advance
> for the advice!

Probably not exactly what you're looking for, but when I worked for the
DoD, I developed a compliance scanner that would run in the user's login
script and report back to a central database. The scanning/compliance
portion was written in KIX. It worked pretty well as a reporting tool
and only took a couple of days to develop.

Ian Hayes | Senior Systems Engineer
Wynn Las Vegas
3131 South Las Vegas Blvd, Las Vegas, NV 89109
Ph (702) 770-3252 | Cell (702) 266-6002
Ian.hayes () wynnlasvegas com