Guide to MS' Baseline Security Analyzer (MBSA) Posted on April 23, 2002 by Thomas McGuire
Networking
components MBSA
requires several Services installed & activate in order to ensure it
can operate correctly. To account for any Windows 2000 differences
please see information in brackets. To ensure these Services are
available click on Start, (Settings) Control Panel,
Network Connections (Network & Dial-up connections)
& right click on your Internet connection & select Properties.
Finally select the Networking tab.
Ensure
that, as shown above, that Internet Protocol (TCP/IP) (Protocol),
File & Printer Sharing for Microsoft Networks (Service) &
Client for Microsoft Networks (Client) are installed. If any of
these are not installed then select the Install button &
select the Client/Service/Protocol & select the
respective component to be installed. After
installation you can Tick the component to enable it’s
use, should you require it. Unticking the component will disable
it. The most important thing to note here is that by merely installing
the component it will add the required Service(s) for MBSA, disabling
the components use will not affect it’s functionality, e.g. In my case
I disabled File & Printer Sharing for Microsoft Networks
& Client for Microsoft Networks as I do not require nor wish
to run them. Click
Ok once you have made all the changes necessary here & reboot
your PC (Or at least disconnect & reconnect to the Internet).
Services Now
click on Start, (Settings) Control Panel, Administrative
Tools & select Services.
Whenever
you intend to run MBSA load this utility, right click on &
select Start for the following Services: Server & Workstation
- You may find it more convenient to set these to Automatic
instead, to do so right click on the respective Service &
select Properties then the General tab & change the Startup
type accordingly.
The
Remote Registry service may also be required for some systems,
though most likely not on stand-alone PCs (At least not on mine). For
more detailed information on adjusting Windows 2000/XP Services be sure
to check out the Windows
2000 & Windows
XP Services Guides. This can also aid you in better securing your
system.
Scanning Once
you’ve loaded MSBA select Pick a computer to scan. Assuming
you’ve followed the steps as described previously you should be
greeted with the screen beneath.
The
Security report name indicates where reports are to be saved, as
in the default option shown that would indicate, where x
represents a Drive letter, x:\Documents and Settings\Accountname\SecurityScans\domainname
– PCname (date & time of scan).xml, e.g. C:\Documents and
Settings\Admin\SecurityScans\Workgroup - Main (04-18-2002 06-02 PM).xml.
Edit this to a more fitting report title if you wish to do so. As
regards the Options be sure to Untick all unneeded
options. Being that this guide is intended for stand-alone systems
it’s unlikely you’ll have IIS or SQL installed so be sure to Untick
those. Select
Start scan to (predictably) run the MBSA scan of your system.
Suggestion box & Other Useful resources By
now you should be able to successfully use MBSA on your Windows 2000/XP system
to scan for vulnerabilities or other weak areas of your system. If you have a
Questions/Comments be sure to post them in the Misc.
Software & Utilities Forum. In the future this guide may be further
expanded or alternatively an additional system security article will be posted. If you liked this guide, then you
will probably enjoy some of our previous
OS guides, Other useful tweaking resources can
be found in our hardware
tweaking and gaming
tweaking sections. |
Recently
