From: Laramie Combs (combslm@appstate.edu)
Date: Fri Jul 23 2004 - 11:32:57 CDT
I would be interested in seeing these applets when you are finished with
them, if you are willing....
-Laramie Combs
----- Original Message -----
From: "Patrick Delancy" <Patrick.Delancy@cuw.edu>
To: <netreg@southwestern.edu>
Sent: Friday, July 23, 2004 12:30 PM
Subject: RE: NetReg: How to tell if machine is patched/virus sw?
> I have been working on implementing NetReg on our campus for a better
> part of the summer, re-writing some of the code to work with our
> specific needs, authentication against our administrative system, and
> this issue of determining antivirus software that is installed.
>
> My current solution (not complete, but in progress) is that I am writing
> a J2SE applet (actually a couple, for different platforms) that I will
> sign (so that the browser will ask to run, allowing me registry and file
> access), then I scan their computer (with their knowledge) for all
> antivirus software applications I know of (I think I have about 17
> different ones I am checking for right now), then I take that
> information and their username (which they type into the applet), and
> their mac address, and I use a reversible encryption to create a
> "Registration Code", which is entered with the username and password
> when they try to register their computer.
>
> register.cgi then (in addition to everything else it does), decrypts the
> "registration code" and will not allow them to register the computer if
> <1> the username does not match, <2> the mac address does not match, or
> <3> they have no known antivirus software installed.
>
> If there are any other ideas, I have not finished writing this solution,
> and I am still open to better suggestions.
>
> _____________________________________
> Patrick Delancy
> Software Developer
> Computer Lab Coordinator
> Concordia University Wisconsin
> 12800 N Lake Shore Dr.
> Mequon, WI 53097
> (262) 243-4553
> _____________________________________
>
> -----Original Message-----
> From: Jeff A. Earickson [mailto:jaearick@colby.edu]
> Sent: Friday, July 23, 2004 10:06 AM
> To: netreg@southwestern.edu
> Subject: NetReg: How to tell if machine is patched/virus sw?
>
> Hi,
>
> We have been having a philosophical discussion in-house about how
> to tell if a machine (lets talk Windows for the moment) is really
> up-to-date on patches, and has anti-virus software installed.
> For the sake of discussion, we are interested in Windows machines
> that are owned by our students and are not part of our Active
> Directory domain. We use Sophos anti-virus, but detecting other
> anti-virus products would be cool too.
>
> As I understand it from reading this list, the only way to tell
> the patch level and anti-virus is by inference -- port scanning
> and/or nessus probes against the Windows client. True? If not
> true, then how does one directly find out:
>
> a) the Windows patches applied to the machine?
> b) what anti-virus, version, and last update is installed?
>
> We are concerned about the issues of false positives and negatives
> from nessus scans, plus the intrusiveness and overhead of indirect
> methods like nessus.
>
> Jeff Earickson
> Colby College
> **********************************************************************
> To unsubscribe from this list, send an e-mail message to
> majordomo@southwestern.edu containing a single line with the words:
> unsubscribe netreg
> Send requests for assistance to: owner-netreg@southwestern.edu
> **********************************************************************
>
> **********************************************************************
> To unsubscribe from this list, send an e-mail message to
> majordomo@southwestern.edu containing a single line with the words:
> unsubscribe netreg
> Send requests for assistance to: owner-netreg@southwestern.edu
> **********************************************************************
>
**********************************************************************
To unsubscribe from this list, send an e-mail message to
majordomo@southwestern.edu containing a single line with the words:
unsubscribe netreg
Send requests for assistance to: owner-netreg@southwestern.edu
**********************************************************************
This archive was generated by hypermail 2.1.4 : Thu Aug 12 2004 - 12:01:47 CDT