Here is an easy way to find all snmp devices on your network and check if they are running any of a list of common strings you want to test for. And do it without risking a write access check. I did the following with my Mac PowerBook just using the C compiler CC.
The Microsoft Baseline Security Scanner comes with a Command Line Interface. So it is pretty easy make a bat file to schedule. You will need blat to email the notification if you want. I tried to make blat email a UNC or URL link to where the reports are saved but have not had luck. Put your list of targets to scan in the servers.txt file with one name per line.
rem ———- Set Variables
set MailTo1=”admin@company.com”
set ServerList=g:\logs\servers.txt
set ArchivePath=g:\logs\LogArchive\MBSA
set ReportPath=%ArchivePath%
set MBSAPath=”C:\Program Files\Microsoft Baseline Security Analyzer 2\”
set uname=%username%rem ———- Enter Logs folder and clear out temp files and old reports
del “%userprofile%\SecurityScans\*.mbsa”
del resultslist.txtrem ———- Run MBSA Against Server List to Generate Reports
%MBSAPath%mbsacli /listfile %ServerList%rem ———- archive scan
@ECHO OFF
FOR /f “tokens=2-4 delims=/ ” %%G IN (‘DATE /T’) DO (
SET _mm=%%G
SET /A _dd=%%H
SET _yyyy=%%I
)
@ECHO ONmkdir %ArchivePath%\%_yyyy%%_mm%%_dd%
copy “%userprofile%\SecurityScans\*.mbsa” %ArchivePath%\%_yyyy%%_mm%%_dd%\*.mbsa
dir /b %ArchivePath%\%_yyyy%%_mm%%_dd%\ > resultslist.txt
rem ———- use blat to email report
blat -to %MailTo1% -subject MBSA-Scan-Completed -sig resultslist.txt -body “To view results check files located at %ReportPath%\%_yyyy%%_mm%%_dd%\”
