hi there:
I'm engaged in design a Remote Vulnerability Scanner. We have done
a non-preemptive multithread engine and written almost 2000
vulnerability plugins. Each one of plugins according to one CVE ID.
After we done these work, we get confused and don't know what to
do. first, although Microsoft release several security issue every
month, most of them are local. What our Remote Vulnerability Scanner
could do is just login in remote Windows host via SMB protocol and do
Registry of file version check. These could be done on some Windows
with SMB username/password provided. But Windows XP with sp2 enhance
the security configuration and block these checking way. So we can not
do local check on Windows XP sp2 except ask customers to do a lot of
complex configuration.
Eeye scanner could not do remote local check too. So I am consider
what can Remote Vulnerability Scanner do? Will this thing disappear in
the future?
