APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

2005/07/16 MBSA (Microsoft Baseline Security Analyzer)


© July 2005 Tony Lawrence

Available only to "customers running genuine Microsoft Windows", Microsoft Baseline Security Analyzer v2.0 (for IT Professionals) offers to "Improve your security management process by using MBSA to detect common security misconfigurations and missing security updates on your computer systems."

OK, good. I'll give 'em a brownie point for providing the tool. But what's with the restricted download? Why does the machine I'm downloading to have to pass Microsoft's check to be sure I have a genuine copy of Windows? Did these paranoid jackasses ever think that I might want to download it on my Mac or one of my Linux boxes and deploy it from there? Sheesh - if you are so worried about somebody stealing your oh-so-valuable operating system, why not put that check in the scan itself instead of limiting the download? Buncha maroons, as usual.

But at least they offer the tool. It's probably just as good or better than the ridiculously expensive "security audits" that so many firms are pushing nowadays. These folks are selling you the computer equivalent of a driveway sealcoat. There are honest contractors who will do a good job sealing your driveway and would honestly point out any real issues that might require more expensive work. There are also those who will apply a cosmetic coating that does nothing useful, and those who will falsely tell you that you need costly repairs that they will be happy to provide. The security audit folks have the same good guys and bad guys. Almost all of them use commercial versions of tools like this; it's the level of expertise applied while using them that matters. I'd say anyone considering spending money for an audit like that might want to take a look at this first. It could save some money and provide some talking points if you do go ahead with an outside audit.


Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

->
-> 2005/07/16 MBSA (Microsoft Baseline Security Analyzer)

4 comments


Inexpensive and informative Apple related e-books:

Take Control of Automating Your Mac

Take Control of Pages

Take Control of Parallels Desktop 12

Photos for Mac: A Take Control Crash Course

Photos: A Take Control Crash Course




More Articles by © Tony Lawrence






Sat Jul 16 04:01:55 2005: 803   bruceg2004


I was able to download it on my Linux box. I just answered "No" to proceed with the Windows verification, and it brought me to the download page, with options for various languages. The file is an .msi file, not an .exe. Here is a link, but I do not know if it is a dynamic link, with session information:

(link)

Good luck!

- Bruce






Wed Jul 20 15:53:47 2005: 822   anonymous


Agreed with Bruce, the software does not have to be validated. It clearly states that they recommend validation (not mandatory), but you can simply say "no" to validation and download on any computer.



Thu Aug 18 21:26:14 2005: 988   anonymous


Where I have to put "no", i don't find it nowhere







Thu Aug 18 21:33:10 2005: 989   anonymous


so?

------------------------


Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us


Printer Friendly Version





The camel has evolved to be relatively self-sufficient. (On the other hand, the camel has not evolved to smell good. Neither has Perl.) (Larry Wall)




Linux posts

Troubleshooting posts


This post tagged:

Security



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode





SCO Unix Sales, Support, & Service

Phone:  707-SCO-UNIX (707-726-8649Toll Free: 833-SCO-UNIX (833-726-8649)
www.SCOsales.com