Guide to MS' Baseline Security Analyzer (MBSA)

Recently Microsoft released the Microsoft Baseline Security Analyzer (MBSA), to analyse Windows 2000/XP (& NT4 remotely) systems for potential security issues, e.g. Hotfixes not installed. This short guide will take you though configuring stand-alone PCs to use this tool.

 

Networking components

MBSA requires several Services installed & activate in order to ensure it can operate correctly. To account for any Windows 2000 differences please see information in brackets. To ensure these Services are available click on Start, (Settings) Control Panel, Network Connections (Network & Dial-up connections) & right click on your Internet connection & select Properties. Finally select the Networking tab.

Ensure that, as shown above, that Internet Protocol (TCP/IP) (Protocol), File & Printer Sharing for Microsoft Networks (Service) & Client for Microsoft Networks (Client) are installed. If any of these are not installed then select the Install button & select the Client/Service/Protocol & select the respective component to be installed.

After installation you can Tick the component to enable itís use, should you require it. Unticking the component will disable it. The most important thing to note here is that by merely installing the component it will add the required Service(s) for MBSA, disabling the components use will not affect itís functionality, e.g. In my case I disabled File & Printer Sharing for Microsoft Networks & Client for Microsoft Networks as I do not require nor wish to run them.

Click Ok once you have made all the changes necessary here & reboot your PC (Or at least disconnect & reconnect to the Internet).

 

Services

Now click on Start, (Settings) Control Panel, Administrative Tools & select Services.

Whenever you intend to run MBSA load this utility, right click on & select Start for the following Services: Server & Workstation - You may find it more convenient to set these to Automatic instead, to do so right click on the respective Service & select Properties then the General tab & change the Startup type accordingly.

The Remote Registry service may also be required for some systems, though most likely not on stand-alone PCs (At least not on mine).

For more detailed information on adjusting Windows 2000/XP Services be sure to check out the Windows 2000 & Windows XP Services Guides. This can also aid you in better securing your system.

 

Scanning

Once youíve loaded MSBA select Pick a computer to scan. Assuming youíve followed the steps as described previously you should be greeted with the screen beneath.

The Security report name indicates where reports are to be saved, as in the default option shown that would indicate, where x represents a Drive letter, x:\Documents and Settings\Accountname\SecurityScans\domainname Ė PCname (date & time of scan).xml, e.g. C:\Documents and Settings\Admin\SecurityScans\Workgroup - Main (04-18-2002 06-02 PM).xml. Edit this to a more fitting report title if you wish to do so.

As regards the Options be sure to Untick all unneeded options. Being that this guide is intended for stand-alone systems itís unlikely youíll have IIS or SQL installed so be sure to Untick those.

Select Start scan to (predictably) run the MBSA scan of your system.

 

Suggestion box & Other Useful resources  

By now you should be able to successfully use MBSA on your Windows 2000/XP system to scan for vulnerabilities or other weak areas of your system. If you have a Questions/Comments be sure to post them in the Misc. Software & Utilities Forum. In the future this guide may be further expanded or alternatively an additional system security article will be posted.

If you liked this guide, then you will probably enjoy some of our previous OS guides, among the latest we have:

Other useful tweaking resources can be found in our hardware tweaking and gaming tweaking sections.

       
Go to 3D Spotlight !