Windows Server Guides

Using the GUI Version of MBSA

• Best Strategies To Increase Your Website Traffic

Once you have installed MBSA, you can access it from Start > All Programs > Microsoft Baseline Security Analyzer or by opening the command prompt and executing mbsa.exe. This brings up the Baseline Security Analyzer utility shown in Figure 1.48.

You can select from Scan A Computer, Scan More Than One Computer, or View Existing Security Reports.

When you click Scan A Computer, the Pick A Computer To Scan dialog box will appear, as shown in Figure 1.49. You can specify that you want to scan a computer based on computer name or IP address. You can also specify the name of the security report that will be generated. Options for the security scan include:

■ Check for Windows vulnerabilities

■ Check for weak passwords

■ Check for IIS vulnerabilities

FIGURE 1.48 Baseline Security Analyzer

^ Microsoft Baseline Security Analyzer

Microsoft i- Baseline Security Analyzer

Microsoft

Microsoft Baseline Security Analyzer

El Welcome

□ Pick a computer to scan

□ Pick multiple computers to scan

E] Pick a security report to view E] View a security report

□ Microsoft Baseline Security Analyser Help

□ About Microsoft Baseline Security Analyser

□ Microsoft Security Web site

Welcome to the Microsoft Baseline Security Analyzer

The Microsoft Baseline Security Analyzer checks computers running Microsoft Windows NT 4.0, Windows 2000, or Windows XP for common security misconfigurations. Vou must have administrator privileges for each computer you want to scan.

Scans can be performed locally and remotely against Windows NT 4.0, Windows 2000, and Windows XP computers. Note that on Windows XP computers using simple file sharingj only local scans can be performed.

Scan a computer H| Scan more than one computer

QJ View existing security reports

5 2002 Microsoft Corporation, All rights reserved.

FIGURE 1.49 Pick A Computer To Scan dialog box

■ Check for SQL vulnerabilities

■ Check for security updates (if you use this option and are using SUS, you can specify the name of the SUS server that should be checked for the security updates)

Once you are done with your selections, click Start Scan.

Once the scan is complete, the security report will be automatically displayed, as shown in Figure 1.50.

FIGURE 1.50 View Security Report dialog box

If you have scanned multiple computers, you can sort the security reports based on issue name, score (worst first), or score (best first).

+1 0

Average user rating: 5 stars out of 1 votes