Task 8.3: Performing Assessments with MBSA

Microsoft Baseline Security Analyzer (MBSA) is a free tool provided by Microsoft to help security professionals determine their level of security. It provides guidance for improving the overall security of Microsoft systems. MBSA can also detect missing security patches and flag potential problems. Its strengths include the following:

  • It is free.
  • It provides an easy-to-read, browser-based report.
  • It provides links to detailed information of specific weaknesses.

Scenario

You need to examine several network servers to investigate their overall security level and make sure they are secure enough to withstand an attack.

Scope of Task

Duration

This task should take about 15 minutes.

Setup

For this task, you will need a Windows XP, Windows Vista, or Windows 7 computer; access to the Administrator account; and an Internet connection.

Caveat

MBSA may clash with some of the other common security workarounds, and it may not properly detect some of the Windows updated information.

Procedure

In this task, you will learn how to install and run MBSA.

Equipment Used

For this task, you must have:

  • A Windows XP computer
  • Access to the Administrator account
  • An Internet connection

Details

This task will show you how to install and run MBSA. This program will scan a system for security vulnerabilities and common misconfigurations.

1. Once you have accessed your Windows computer and logged in as Administrator, open your browser and go to www.microsoft.com/downloads/en/details.aspx?FamilyID=b1e76bbe-71df-41e8-8b52-c871d012ba78.

You can download the program from this page. Once the program has completed downloading, execute it from the folder to which it was saved. This will start the installation process.

2. After the installation has completed, you can start MBSA from the shortcut on the desktop or from the Start menu. The program will give you three options:

  • Scan A Computer
  • Scan Multiple Computers
  • View Existing Security Scan Reports
image

For this task, choose Scan Multiple Computers. This will allow you to put in a range of IP addresses and check a range of computers at once.

image

3. Once the scan has completed, you will be taken to the View Security Report screen. This page will describe the findings for each system that was scanned. The report is broken down into five areas:

Security Update Scan Results This area details which security scans are missing.

Windows Scan Results This area lists Windows vulnerabilities that were discovered.

Additional System Information This area lists details such as open shares and services.

Internet Information Services Scan This area lists information about IIS, such as version and patch level.

Desktop Application Scan This area lists details about vulnerable applications.

4. For each problem found, MBSA provides lists of what was scanned, the scan results, and instructions on how to correct the problem. Choosing How To Correct This provides details on the specific security concern and more information on solving the problem. In this example, we’ve chosen an item that indicates there was a problem with service packs. MBSA then provides details on service packs and updates so we can better address the deficiency.

image

Criteria for Completion

You have completed this task when you have downloaded and installed MBSA on a Windows system and scanned one or more systems for vulnerabilities.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.223.158.21