|elopescardozo||Async scans - how to optimize PSI's scan timing|
|13th Feb, 2013 19:57|
User Since: 13th Feb, 2013
System Score: N/A
We all agree that getting as much systems patched as soon as a patch becomes available is an important goal. It reduces the the income of malware writers,
After Microsoft, more and more software producers have adopted the strategy of batching patches. in addition, it becomes good practice to publish a patch for an exploited vulnerability as soon as possible, separate from the regular patch days. Thus, we may find that on just any day one or more critical patches are published. However, PSI checks only once ever week.
Setting PSI to check every day is NOT the solution. It would take to much resources, both from the central database servers and from the users'machine. Much better would be to have PSI check a single flag on the server, to see if a significant update has been published. Secunia would then raise this flag whenever it feels one or more critical patches have become available.Checking the flag requires no more than a simple UDP query, similar to the way many email program check for the availability of new mail on a POP server. Since that state of the flag is no secret and in no way connected to any particular user, there is no need for a secure session.
In the end, this mechanism might even allow a reduction of the number of scans performed by the millions of PSI clients. Of course the flag can have multiple values (green, yellow, red, etc.) to allow the clients to optimized their scan behavior (e,g, postpone till the user is inactive, run according to the fixed schedule or run *now*.).
The same technique may be applicable to other Secunia products - they are not using it already.
|This user no longer exists||RE: Async scans - how to optimize PSI's scan timing|
|14th Feb, 2013 13:13|
Thank you for your feedback, it is much appreciated and will be taken in to consideration.