Secunia PSI (Personal Software Investigator),
This is now a full version release (v1.0.0.1) following on from the RC4.
http://secunia.com/vulnerability_scanning/personal/
:)
Printable View
Secunia PSI (Personal Software Investigator),
This is now a full version release (v1.0.0.1) following on from the RC4.
http://secunia.com/vulnerability_scanning/personal/
:)
I actually find this to be very helpful software. For those of you who don't know what this is, it scans all installed software (or most of all) and makes sure each one is the most up to date version to keep your computer as up to date with patches as possible. It saves a lot of hassle (well, i mean, i wouldn't take the time to make sure everything was updated before I had this software), keeps your computer more secure, and even gives you a link that will download the update for you for the software that hasn't been updated yet.
Hmm carn't seem to get the thing to work, it keeps crashing while doing the initial scan, it get's to 4% and just freezes up and starts getting non-responsive.:urinate:
Are you possibly attaching a debugger or do you have a proxy that doesn't support CONNECT?
I spent some time playing with this because I love the concept. I think it's a great tool for a home user... I dislike the implementation though.
I understand that it's a free tool and that building lists of vulnerable software takes resources and effort (I've done it myself :) ). However the approach of scanning my computer for files, uploading the versions to their server to match against the scan engine and then pulling the results back down. I dislike that... I dislike it a lot.
I want to know exactly what they're looking at, what pieces of software they identify, and a number of other things. Maybe it's just me, but if I don't know what they're scanning and uploading... especially given that this is free software... what's to stop them from taking information they shouldn't?
I love how it says for personal use only and then expects you to choose between personal and corporate :)
Its complaining about not having a connection to the server ... there is no proxy support though which could be a problem.
I ran a tracert on psi.secunia.com [213.150.41.227] and it died on 213.150.41.227.
Nihil, did yours run fine?
It does indeed have proxy support. It uses whatever your proxy is configured as in IE. As I mentioned above it has to support CONNECT, this is because SSL is used, so you can't just pass it a get. Which means you can't use a proxy to even log the transactions (you'll simply see CONNECT -- host in your proxy logs).
Some things I noted. On startup it resolves psi.secunia.com (which has two IPs). If you filter the IPs at your firewall, it won't start. If you point psi.secunia.com to another IP where you have a server running with SSL, it won't start (due to a certificate mismatch). If you setup a proxy, it will use CONNECT, which means you still can't log transactions.
The most you can do is looking in your temporary internet files folder and take note of the files that are created (which contains a UID... which I'm wondering if it's unique, which means they can track software installed on various machines over time).
As I said.. software that behaves in this way doesn't sit right with me...
Yes, I have been running this on XP Sp3 since RC3 without problems.
I am just using a standard ADSL connection.
Hmmm I dont know about this software :)
HT~ I'll go through your steps and see if I can get it up and running.