[9567] in bugtraq
Re: ISS Internet Scanner Cannot be relied upon for conclusive
daemon@ATHENA.MIT.EDU (Francis Favorini)
Sat Feb 13 18:45:55 1999
Date: Fri, 12 Feb 1999 15:45:06 -0500
Reply-To: Francis Favorini <francis.favorini@DUKE.EDU>
From: Francis Favorini <francis.favorini@DUKE.EDU>
To: BUGTRAQ@NETSPACE.ORG
David LeBlanc [mailto:dleblanc@mindspring.com] wrote...
> At 07:37 PM 2/10/99 +1100, Darren Reed wrote:
> >In some mail from David LeBlanc, sie said:
> >> We check file dates when checking for NT patches, and would catch
your
> >> example.
>
> >I don't see how that can be considered "adequate".
>
> Because it is going to be accurate on 99+% of NT systems. The file
> timestamps are all the same when you install a hotfix.
What about daylight savings, which can change the time of a file by one
hour, which in turn can bump it to a new date?
What about patches that don't change file dates or sizes? (Like some of
the recent Office 97 ones.)
-Francis
