-
November 29th, 2008, 07:19 PM
#1
Secunia PSI
Secunia PSI (Personal Software Investigator),
This is now a full version release (v1.0.0.1) following on from the RC4.
http://secunia.com/vulnerability_scanning/personal/
-
November 30th, 2008, 12:59 AM
#2
I actually find this to be very helpful software. For those of you who don't know what this is, it scans all installed software (or most of all) and makes sure each one is the most up to date version to keep your computer as up to date with patches as possible. It saves a lot of hassle (well, i mean, i wouldn't take the time to make sure everything was updated before I had this software), keeps your computer more secure, and even gives you a link that will download the update for you for the software that hasn't been updated yet.
-
November 30th, 2008, 03:53 AM
#3
Hmm carn't seem to get the thing to work, it keeps crashing while doing the initial scan, it get's to 4% and just freezes up and starts getting non-responsive.
-
December 1st, 2008, 08:04 AM
#4
Originally Posted by t34b4g5
Hmm carn't seem to get the thing to work, it keeps crashing while doing the initial scan, it get's to 4% and just freezes up and starts getting non-responsive.
Are you possibly attaching a debugger or do you have a proxy that doesn't support CONNECT?
I spent some time playing with this because I love the concept. I think it's a great tool for a home user... I dislike the implementation though.
I understand that it's a free tool and that building lists of vulnerable software takes resources and effort (I've done it myself ). However the approach of scanning my computer for files, uploading the versions to their server to match against the scan engine and then pulling the results back down. I dislike that... I dislike it a lot.
I want to know exactly what they're looking at, what pieces of software they identify, and a number of other things. Maybe it's just me, but if I don't know what they're scanning and uploading... especially given that this is free software... what's to stop them from taking information they shouldn't?
-
December 1st, 2008, 10:24 AM
#5
I love how it says for personal use only and then expects you to choose between personal and corporate
Its complaining about not having a connection to the server ... there is no proxy support though which could be a problem.
I ran a tracert on psi.secunia.com [213.150.41.227] and it died on 213.150.41.227.
Nihil, did yours run fine?
Last edited by Cider; December 1st, 2008 at 10:28 AM.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
-
December 1st, 2008, 05:27 PM
#6
Originally Posted by Cider
Its complaining about not having a connection to the server ... there is no proxy support though which could be a problem.
It does indeed have proxy support. It uses whatever your proxy is configured as in IE. As I mentioned above it has to support CONNECT, this is because SSL is used, so you can't just pass it a get. Which means you can't use a proxy to even log the transactions (you'll simply see CONNECT -- host in your proxy logs).
Some things I noted. On startup it resolves psi.secunia.com (which has two IPs). If you filter the IPs at your firewall, it won't start. If you point psi.secunia.com to another IP where you have a server running with SSL, it won't start (due to a certificate mismatch). If you setup a proxy, it will use CONNECT, which means you still can't log transactions.
The most you can do is looking in your temporary internet files folder and take note of the files that are created (which contains a UID... which I'm wondering if it's unique, which means they can track software installed on various machines over time).
As I said.. software that behaves in this way doesn't sit right with me...
-
December 1st, 2008, 09:31 PM
#7
Yes, I have been running this on XP Sp3 since RC3 without problems.
I am just using a standard ADSL connection.
-
December 2nd, 2008, 07:28 AM
#8
Hmmm I dont know about this software
HT~ I'll go through your steps and see if I can get it up and running.
The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
Albert Einstein
Similar Threads
-
By Soda_Popinsky in forum The Security Tutorials Forum
Replies: 7
Last Post: January 19th, 2006, 10:44 PM
-
By Egaladeist in forum *nix Security Discussions
Replies: 3
Last Post: October 2nd, 2005, 12:44 PM
-
By Soda_Popinsky in forum *nix Security Discussions
Replies: 34
Last Post: January 4th, 2005, 08:42 PM
-
By fraggin in forum Spyware / Adware
Replies: 13
Last Post: December 28th, 2004, 10:57 PM
-
By NeonWizard in forum Miscellaneous Security Discussions
Replies: 5
Last Post: July 16th, 2004, 02:41 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|