Recipe11.1.Analyzing Your Security Configuration
Recipe 11.1. Analyzing Your Security ConfigurationProblemYou want to analyze the security configuration of one or more servers to find any vulnerabilities or missing security updates. SolutionThe Microsoft Baseline Security Analyzer (MBSA) is a freely available tool from Microsoft that let's you scan computers for the latest security problems with Windows along with numerous Microsoft products. Some of these include Office, Exchange Server 2003, Microsoft Virtual Machine, and BizTalk. It can also check the configuration of Internet Configuration Firewall, Automatic Updates, and password settings. MBSA has both a graphical and command-line interface. The MBSA graphical interface allows you to scan a single or multiple computers at one time (up to 10,000). Figure 11-1 shows the MBSA screen for selecting multiple computers. You can choose computers based on domain name and IP address range. Figure 11-1. MBSA multiple computer selection screen The MBSA command-line interface, mbsacli.exe, has the same functionality as the graphical interface. With it, you can easily automate periodic scans of your servers. For more information on MBSA, including download instructions, see http://www.microsoft.com/technet/security/tools/mbsahome.mspx. DiscussionMBSA keeps itself up to date with the latest vulnerabilities and security updates by automatically polling Microsoft when you start the program. As of Version 1.2, you can alternately point MBSA at a SUS server to download the update catalog. This lets you determine what servers in your network are up to date according to your internal SUS server. See AlsoMS KB 320454 (Microsoft Baseline Security Analyzer (MBSA)) |
EAN: 2147483647
Pages: 380