So after installation, how do you know whether your system is as secure as it could be? One great tool that complements an overall security strategy is the Microsoft Baseline Security Analyzer (MBSA). This tool is for both home users and IT administrators. It performs a scan of XP systems (it can scan other Windows versions as well), comparing the system's configured settings against a list of recommended settings.
The MBSA is not part of XP installation, although I would suggest that your setup is not complete without this tool. The catch: you first must retrieve this utility from Microsoft's Website. The latest version can be found at:
After downloading and installing it, you start the MBSA by choosing Start | All Programs | Microsoft Baseline Security Analyzer, launching the dialog box shown in Figure 2-6.
Figure 2-6. The start page of the MBSA.
The tool is very intuitive; scanning a computer for security vulnerabilities is a matter of clicking on the appropriate hyperlinks. As an added bonus for administrators, you can use this tool to scan other computers on the network, so not every computer being scanned needs a copy of this program installed.
To get started, click "Scan a computer" and then designate a computer using the computer name or IP address in the window that follows. (IP addresses are discussed in Chapter 9, "Playing Nicely with Others".)
The end result is a report similar to the one shown in Figure 2-7. By default, the most critical issues are listed first. From here, you can print or copy the report for archiving. Better yet, the MBSA report lets you take corrective action, or at least start the process. For example, the report in Figure 2-7 indicates that I'm missing several updates for Microsoft Office. When I click "How to correct this", I'm given detailed instructions about the steps that I should take to get the missing updates.
Figure 2-7. An MBSA report generates an overall security assessment.
And, even if you decide not to take action based on MBSA recommendations, at least this tool will help raise awareness about security issues for your computer.