|
|
Forum Thread: Does PSI scan registry...or just drives
You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.
This thread was submitted in the following forum:
Secunia PSI - Feedback and Questions
| tridom
| Does PSI scan registry...or just drives
|
|
|
by tridom on 27th Nov, 2008 17:56, last edited on 27th Nov, 2008 17:57
|
Posts: 20
User Since: 26th Nov, 2008
Secunia System Score: N/A
Location: N/A |
The reason I ask....
I have an old system drive I use as a slave and it is detecting programs on that drive as being insecure. I can't update these programs because they are not active (newer versions are installed on my OS drive). When ever I install a patch, it installs, or detects a previous installation, against the version on my OS drive, which does show up under "patched".
So I was wondering if PSI just deteacts that the program exists on the drive, or actually finds it in the registry.
|
|
|
| BigDave_39
| RE: Does PSI scan registry...or just drives
|
|
|
by BigDave_39 on 27th Nov, 2008 18:07
|
Posts: 175
User Since: 26th Nov, 2008
Secunia System Score: N/A
Location: Washington, DC, US |
on 27th Nov, 2008 17:56, tridom wrote:
The reason I ask....
I have an old system drive I use as a slave and it is detecting programs on that drive as being insecure. I can't update these programs because they are not active (newer versions are installed on my OS drive). When ever I install a patch, it installs, or detects a previous installation, against the version on my OS drive, which does show up under "patched".
So I was wondering if PSI just deteacts that the program exists on the drive, or actually finds it in the registry.
I'm pretty sure that the PSI scans the actual files rather than the registry... but don't kill me if i'm wrong :)
--
Big Dave |
|
|
| tridom01
| RE: Does PSI scan registry...or just drives
|
|
|
by tridom01 on 27th Nov, 2008 19:14
|
Posts: 4
User Since: 27th Nov, 2008
Secunia System Score: N/A
Location: N/A |
on 27th Nov, 2008 18:07, BigDave_39 wrote:
I'm pretty sure that the PSI scans the actual files rather than the registry... but don't kill me if i'm wrong :)
BANG!....you're dead! (J/K)
Thanks for replying. I think you're right, but I'd like to find out for sure. |
|
|
| E.Jeppesen
| RE: Does PSI scan registry...or just drives
|
|
Secunia official |
by E.Jeppesen on 28th Nov, 2008 10:04
|
Posts: 64
User Since: 24th Nov, 2008
Secunia System Score: N/A
Location: Copenhagen, DK
|
on 27th Nov, 2008 18:07, BigDave_39 wrote:
I'm pretty sure that the PSI scans the actual files rather than the registry... but don't kill me if i'm wrong :)
That is correct. The Secunia PSI looks at what is actually on the drive, not just what the registry says. That is a more reliable detection method as the registry can often be wrong. |
|
|
| tridom
| RE: Does PSI scan registry...or just drives
|
|
|
by tridom on 28th Nov, 2008 20:49
|
Posts: 20
User Since: 26th Nov, 2008
Secunia System Score: N/A
Location: N/A |
on 28th Nov, 2008 10:04, E.Jeppesen wrote:
That is correct. The Secunia PSI looks at what is actually on the drive, not just what the registry says. That is a more reliable detection method as the registry can often be wrong.
Thank you, sir. That is what I wanted to know.
So I guess its safe to exclude those particular files. |
|
|
| RenoBill
| RE: Does PSI scan registry...or just drives
|
|
|
by RenoBill on 29th Nov, 2008 02:42
|
Posts: 1
User Since: 29th Nov, 2008
Secunia System Score: N/A
Location: N/A |
I have two drives, both partitioned. I place nearly all my programs on the 2nd (non OS) HD. Does PSI look in all drives and partitions, or just the OS partition? I realize that many programs, even if installed in some other location, place hooks into the OS. But not all of them do that, and I'm wondering if PSI is able to examine them. |
|
|
| BigDave_39
| RE: Does PSI scan registry...or just drives
|
|
|
by BigDave_39 on 29th Nov, 2008 10:01
|
Posts: 175
User Since: 26th Nov, 2008
Secunia System Score: N/A
Location: Washington, DC, US |
on 29th Nov, 2008 02:42, RenoBill wrote:
I have two drives, both partitioned. I place nearly all my programs on the 2nd (non OS) HD. Does PSI look in all drives and partitions, or just the OS partition? I realize that many programs, even if installed in some other location, place hooks into the OS. But not all of them do that, and I'm wondering if PSI is able to examine them.
I'm pretty sure it does. I have 3 HDs and the psi detected various programs on all of them
--
Big Dave |
|
|
| tridom
| RE: Does PSI scan registry...or just drives
|
|
|
by tridom on 29th Nov, 2008 20:51
|
Posts: 20
User Since: 26th Nov, 2008
Secunia System Score: N/A
Location: N/A |
Same here. The programs I refer to are actually on partitions on a physically seperate drive from the OS and PSI detects them. |
|
|
| x_nix
| RE: Does PSI scan registry...or just drives
|
|
|
by x_nix on 6th Dec, 2008 08:34
|
Posts: 4
User Since: 4th Dec, 2008
Secunia System Score: N/A
Location: US |
I have a Dell machine which has a partition intended for re-install, and is never used by me at all, and it gets scanned. I set up a rule to ignore D:\windows\system32 because I do not want to fool around with it, but at least I am aware that if I ever did restore (which since I have gone from Vista 1.0 to service pack 1, I probably cannot anyway) that I would have an insecure system which would require fixing.
If you look at the directories where the complaints reside, they may well be in obsolete software, or in installation packages, rather than in code which would actually be executed. Unfortunately, there is no absolute guarantee that no program could be executing the old code unless you take action against it. |
|
|
|
