Posts Tagged: Auditing

SNMP Auditing

Here is an easy way to find all snmp devices on your network and check if they are running any of a list of common strings you want to test for.  And do it without risking a write access check.  I did the following with my Mac PowerBook just using the C compiler CC.

Read More

Scheduled MSBA Scans

The Microsoft Baseline Security Scanner comes with a Command Line Interface. So it is pretty easy make a bat file to schedule. You will need blat to email the notification if you want. I tried to make blat email a UNC or URL link to where the reports are saved but have not had luck. Put your list of targets to scan in the servers.txt file with one name per line. rem ———- Set Variables set MailTo1=”” set ServerList=g:\logs\servers.txt set ArchivePath=g:\logs\LogArchive\MBSA set ReportPath=%ArchivePath% set MBSAPath=”C:\Program Files\Microsoft Baseline Security Analyzer 2\” set uname=%username% rem ———- Enter Logs folder and clear out temp files and old reports del “%userprofile%\SecurityScans\*.mbsa” del resultslist.txt rem ———- Run MBSA Against Server List to Generate Reports %MBSAPath%mbsacli /listfile %ServerList% rem ———- archive scan @ECHO OFF FOR /f “tokens=2-4 delims=/ ” %%G IN (‘DATE /T’) DO ( SET _mm=%%G SET /A _dd=%%H SET _yyyy=%%I ) @ECHO ON mkdir %ArchivePath%\%_yyyy%%_mm%%_dd% copy “%userprofile%\SecurityScans\*.mbsa” %ArchivePath%\%_yyyy%%_mm%%_dd%\*.mbsa dir /b %ArchivePath%\%_yyyy%%_mm%%_dd%\ > resultslist.txt rem ———- use blat to email report blat -to %MailTo1% -subject MBSA-Scan-Completed -sig resultslist.txt -body “To view results check files located at %ReportPath%\%_yyyy%%_mm%%_dd%\”

Read More