Saturday, January 23, 2010

Running Microsoft Baseline Security Analyzer (MBSA) command line

You may already familiar with Microsoft Baseline Security Analyzer (MBSA) GUI, but how about the MBSA command line?

You get at least 2 benefits from the MBSA command line

1. If you want to scan the remote computers that are not part of your domain, MBSA GUI won’t help you, at least I couldn’t find any option to do it. In this situation, MBSA command line comes in place.

2. You can easily schedule MBSA Command line running at midnight to scan a range of computers, and view the reports with a cup of coffee next morning.

The format of MBSA command line is:

MBSACLI [/target /r /d domain] [/n option] [/o file] [/qp] [/qe] [/qr] [/qt] [/listfile file] [/xmlout] [/wa
/wi] [/catalog file] [/nvc] [/ia] [/mu] [/nd] [/rd directory] [/?][/u username /p password]

For example, if you want to scan an IP 192.168.1.1: mbsacli /target 192.168.1.1 /u administrator /p password

Enter “mbsacli /?” for more details.

Something you have to be aware:

1. MBSA Command line need an offline security update signature to perform a scan, the file name is wsusscn2.cab. MBSA GUI can automatically download it and save it in “C:\Documents and Settings\\Local Settings\Application Data\Microsoft\MBSA\2.1.1\Cache\” (depends on your MBSA installation) , but if you haven’t run the GUI for a long time, you can download the latest signature from here http://go.microsoft.com/fwlink/?LinkId=76054. I normally save it in a temporary folder, then use /category parameter to specify the file location: mbsacli /target 192.168.1.1 /catalog c:\temp\wsusscn2.cab /u administrator /p password

2. The cons of this command line is the username and password is in the plain text, you have to change your password after you finish a scan.

3. The output of MBSA command line is ugly, however, you can view the report from MBSA GUI, it is user friendly and pretty beautiful.

4. The version of MBSA we are talking here is 2.1.1, released on Nov 4, 2009. You can download it from here: http://www.microsoft.com/downloads/details.aspx?FamilyID=b1e76bbe-71df-41e8-8b52-c871d012ba78&displaylang=en

Monday, January 18, 2010

VPN Client for Windows 7 Enterprise 64bit

Just upgraded my home computer to Windows 7 Enterprise 64bit, I suddenly found the Cisco VPN Client 5.0.01.0600 stop working, I google it, following the instructions that I found in some websites, but none of them were working. Finally I found this website http://www.shrewsoft.com, I downloaded the Shrew Soft VPN Client 2.1.5, simply import the .pcf file, and it works like a charm!

Tuesday, September 15, 2009

Use Vmware workstation 6.x image in Vmware server 1.09

Vmware workstation is a great product, you can capture the movie, which is very good for training, and you can setup multiple snapshots. I have a crack version of Vmware workstation 6.5.2 in my home computer (Forgive me, I don’t have much money in my pocket), however, you don’t want to run a crack software in your office’s computer, fortunately, Vmware server is free. I tried the Vmware server 2.0.1, to be honest, it sucks, I don’t like the web console, and the performance is really bad. The version 1.0.9 is good, it is neat and clean.

Now here is the problem: When I try to open the images that I created in my home computer using Vmware workstation 6.5.2, I get an error message: “Configuration file was created by a Vmware product with more features than this version”. Can we just modify the .vmx configuration file? I tried, but it didn’t work well, I got some error messages like: “Pipe connection has been broken.”

Ok, the answer is here, VMware vCenter Converter Standalone 4.0.1, you can download it from https://www.vmware.com/tryvmware/?p=converter, and it is free.

The functions of Vmware converter are very straight forward. You click the “Convert Machine” on the toolbar; select the source type, in my case, it is “Vmware workstation or other Vmware virtual machine”; select destination type “Vmware workstation or other Vmware virtual machine”, the product is “Vmware Server 1.x”; give a name and choose a location. You’re ready to go.