HFNetChk is a command-line tool that enables an administrator to check the patch status of all the machines in a network from a central location. The tool does this by referring to an XML database that’s constantly updated by Microsoft. HFNetChk can be run on Windows NT 4.0 or Windows 2000 systems, and will scan either the local system or remote ones for patches available for the following products:

• Windows NT 4.0
• Windows 2000
• All system services, including Internet Information Server 4.0 and 5.0
• SQL Server 7.0 and 2000 (including Microsoft Data Engine)
• Internet Explorer 5.01 and later

The HFNetChk tool uses an Extensible Markup Language (XML) file that contains information about which hotfixes are available for each product. The XML file contains security bulletin name and title, and detailed data about product-specific security hotfixes, including: files in each hotfix package and their file versions and checksums, registry keys that were applied by the hotfix installation package, information about which patches supersede which other patches, related Microsoft Knowledge Base article numbers, and much more.

When you run the HFNetChk tool for the first time from a command line (without any switches), the tool must obtain a copy of this XML file so that the tool can find the hotfixes that are available for each product. The XML file is available on the Microsoft Download Center Web site in compressed form. The file is a digitally signed .cab file. HFNetChk downloads the .cab file, verifies the signature, and then decompresses the .cab file to your local computer. Note that a .cab file is a compressed file that is similar to a .zip file.

Download the Latest Mssecure.cab

After the .cab file is decompressed, HFNetChk scans your computer (or the selected computers) to determine the operating system, service packs, and programs that you are running. HFNetChk then parses the XML file and identifies security patches that are available for your combination of installed software. Patches that are available for your computer but are not currently installed on your computer are displayed as “Patch NOT Found” in the resulting output. In the default configuration, HFNetChk output displays only those patches that are necessary to bring your computer up to date. HFNetChk recognizes roll-up packages and does not display those patches that are superseded by later patches.

HFNetChk first examines the computer to determine if the registry key that is associated with the patch exists. If the registry key does not exist, the patch is considered not installed. If the registry key does exist, HFNetChk searches for the related files on the computer and compares the file version and checksum from the XML file to the file version and checksum of the files on the computer. If any of the file tests are not successful, the hotfix is listed as “Patch NOT Found”.

HFNetChk was developed for Microsoft by Shalvik Technologies LLC (http://www.shavlik.com/). More information about Shalvik, including a GUI version and an advanced command-line version of HFNetChk, is available on the http://www.shavlik.com/nshc.htm Web site.

The following are the requirements for a computer that is running HFNetChk:

• Windows NT 4.0, Windows 2000, or Microsoft Windows XP. HFNetChk does not operate on Microsoft Windows 95, Microsoft Windows 98, Microsoft Windows 98 Second Edition, or Microsoft Windows Millennium Edition (Me).

• Internet Explorer 5.01 or greater or an XML parser (Microsoft XML Parser 3.0 Service Pack 2 Release) is required for the tool to function correctly. XML parsers are included in Internet Explorer 5.01 and later. If you are running Internet Explorer 5.01 or greater, you do not need to install a separate parser. If you are running an earlier version of Internet Explorer and you do not want to upgrade to Internet Explorer 5.01 or greater, you may download and install a stand-alone version of the Microsoft XML Core Services 4.0 SP2.

To run HFNetChk:

1. Download the Nshc33.exe file.
2. Double-click the Nshc33.exe file that you downloaded, and then follow the installation instructions.
3. Read the End-user License Agreement (EULA).
4. At a command prompt, locate the folder that you created.
5. Type hfnetchk -v -z -s 1, and then press Enter.
6. The tool will connect to Microsoft’s website and download the XML file that contains information about which hotfixes are available for each product.

7. A report is generated:

Download Microsoft HFNetChk 3.3 (released January 17, 2001) (250kb)

Download Shalvik HFNetChk 3.86 (released November 20, 2002) (600kb)<
img src="http://www.petri.co.il/images/link_out_ico.gif" border="0" height="11" width="22" />

Three pillars of network vulnerability management

var so = new SWFObject(“/images/pricedrop_feb08_LANSS_en.swf”, “imagespricedrop_feb08_LANSS_enswf”, “253″, “133″, “8″, “”); so.addParam(“wmode”, “transparent”); so.addParam(“loop”, “false”); so.write(“imagespricedrop_feb08_LANSS_enswf”); GFI LANguard Network Security Scanner (N.S.S.) is an award-winning solution that allows you to scan, detect, assess and rectify any security vulnerabilities on your network. As an administrator, you often have to deal separately with problems related to vulnerability issues, patch management and network auditing, at times using multiple products. However, with GFI LANguard N.S.S., these three pillars of vulnerability management are addressed in one package. Using a single console with extensive reporting functionality, GFI LANguard N.S.S.’s integrated solution helps you address these issues faster and more effectively.

Detect security vulnerabilities on your network
GFI LANguard N.S.S. makes use of state of the art vulnerability check databases based on OVAL and SANS Top 20, providing over 15,000 vulnerability assessments when your network is scanned. GFI LANguard N.S.S. gives you the information and tools you need to perform multi-platform scans across all environments, to analyze your network’s security health and effectively install and manage patches on all machines across different operating systems and in different languages. This results in a consistently configured environment that is secure against all vulnerabilities.

Award winning security scanner and patch management
Voted the best commercial network security scanner by users of Nmap for two years running, named the winner in the Patch Management category in TechTarget’s 2006 ‘Products of the Year’ awards, and voted the winner in the security category of the Best of TechEd Awards 2007, GFI LANguard N.S.S. is the most complete vulnerability management solution in one convenient integrated package. GFI LANguard N.S.S. is an essential, cost-effective solution for businesses to safeguard their systems and networks from hacker attacks and security breaches

download

Guide Review – Microsoft Baseline Security Analyzer

In response to the avalanche of criticism Microsoft has received regarding the security of their products, Microsoft created a free tool to analyze your security configuration. Now in its second release, the Microsoft Baseline Security Analyzer (MBSA) can be used to detect security configuration errors on the local computer or remotely across a network.

The tool does not work flawlessly. Some Microsoft Security Bulletins contain workarounds or manual fixes rather than patches to install. For these items MBSA will report yellow X’s to signify that it can not tell whether or not you have applied the patch. There are also discrepancies at times between what MBSA finds and what Windows Update detects.

The report will supply a checklist of problems found- whether configuration errors or missing patches and updates. More importantly, the report contains instructions for how to repair the problem complete with links to the relevant information and downloads

Read Full Review