Run Hfnetchk against a local copy of the catalog and capture the audit in a text file. Download the most current copy of the security hotfix catalog file mssecure.cab, which Hfnetchk uses to audit systems.Here’s a quick review of the current procedure you must follow when you use Microsoft tools:
Each step makes sense when you evaluate it on its own, but there’s room for some serious integration. When you go through the hotfix-update cycle for multiple systems, it becomes obvious that several independent teams contribute to the overall effort of developing, publishing, and auditing hotfixes-and it’s quite clear that the teams don’t communicate with one another.
Although I truly appreciate Hfnetchk’s ability to audit multiple OS components and applications, I can't believe the hoops we must jump through to cross-reference a security bulletin number with a Microsoft article number, locate and download individual hotfix updates, install the updates (either manually or with a script), and perform a final audit to verify that all updates installed properly. Using Hfnetchk reports as a guide, I’ve stared with glazed eyes at systems that needed anywhere from 6 to 14 security hotfixes to close vulnerabilities in Windows 2000 Service Pack 2 (SP2), Microsoft Internet Information Services (IIS) 5.0, Internet Explorer (IE) 5.x, and SQL Server 7.0. I also trashed several infected Windows 9x systems (hooray, hooray) and encountered numerous problems with Line Print Remote (LPR) -based print shares. During the past few days, I performed security audits and multiple hotfix updates on at least eight servers. I've endured almost 2 months of nonstop troubleshooting, updating, scanning, disconnecting runaway systems from hubs and switches, updating virus scanners and firewall software and rules, and updating the OS, Microsoft SQL Server, and Microsoft Exchange Server. Like many of you, I’ve been frantically cleaning up after the Code Red worm and the W32.Nimda virus.
0 kommentar(er)
