Re: Audit Windows Machine,

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2006-11-21 IRM wrote:
> It would be impossible for me to advice all the system administrator to
> install MBSA and also especially all the Windows servers being audited
> have different software installed on the machine. To get around this
> problem, I am thinking to send only mbsaacli.exe and wsus.cab and ask
> the system administrator to run the command line version of the MBSA.
>
> Will it work properly? Because it gave me this error message when I run
> it under my test machine.
>
> mbsaacli.exe /xmlout /catalog wsus.cab /unicode
>
> Microsoft Baseline Security Analyzer
> Version 2.0 (2.0.5029.2)
> (C) Copyright 2002-2005 Microsoft Corporation. All rights reserved.
>
> An error occurred while scanning for security updates. (0x8024400a)
>
> I would like to know is there a better way to take the security patches
> on the Windows machine? Or is there any way to solve this problem?

Please give more details as to why you want to deploy MBSA in the first
place. You can use the tool to scan hosts remotely (e.g. in a domain).

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------