Presentation is loading. Please wait.

Presentation is loading. Please wait.

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer"— Presentation transcript:

1 Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer http://www.microsoft.com

2 Outline What is MBSA? How to get it? Installation Features How to use it? Evaluation Additional Resources Links Microsoft Baseline Security Analyzer

3 What is MBSA? Microsoft Baseline Security Analyzer is a tool to make Windows based systems and server applications more secure. MBSA points out known flaws which are not fixed on the tested system Shows ways to patch security holes Explains correct security guidelines New version v1.2.1 is needed for SP2 Microsoft Baseline Security Analyzer

4 How to get it? Easiest to find it with a search on Microsoft’s download center: http://www.microsoft.com/downloads/ The exact address to the MBSA page: http://www.microsoft.com/downloads/details.aspx ?FamilyID=b13ebd6b-e258-4625-b0a3- 64a4879f7798&DisplayLang=en http://www.microsoft.com/downloads/details.aspx ?FamilyID=b13ebd6b-e258-4625-b0a3- 64a4879f7798&DisplayLang=en Microsoft Baseline Security Analyzer

5 Installation Installation Demonstration Microsoft Baseline Security Analyzer

6 Features MBSA is the free, best practices vulnerability assessment tool for the Microsoft platform. It is a tool designed for the IT Professional that helps with the assessment phase of an overall security management strategy. MBSA Version 1.2.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA scans for common system security misconfigurations http:// www.microsoft.com/technet/security/tools/mbsahome.mspx

7 Features MBSA runs on Windows 2000, Windows XP and Windows Server 2003 systems and will scan Windows NT 4.0, Windows 2000, Windows XP, Windows Server 2003, Internet Information Server (IIS), SQL Server, Internet Explorer, MS Office http:// www.microsoft.com/technet/security/tools/mbsahome.mspx

8 Features MBSA checks: OS: account status, file system type, available file shares, members of the Administrators group, critical security patches IIS: sample applications and certain virtual directories present on the machine, if the IIS Lockdown tool has been run on the machine IIS Lockdown SQL: type of authentication mode, sa account password status and SQL service account memberships http://www.microsoft.com/technet/security/tools/mbsawp.mspx

9 Features MBSA Scans: Internet Explorer 5.01+ zone settings for each local user account and macro settings for Office 2000,Office XP, and Office System 2003. Supports: Software Update Services (SUS) Systems Management Server (SMS) http://www.microsoft.com/technet/security/tools/mbsawp.mspx

10 Features Scanning Computer(s): Single computer check local or remote Multiple computers: –all computers in a domain (by domain name) –specific range of IP addresses –scan all of the Windows-based machines found within the range –up to 10,000 machines These scans require Administrator access! http://www.microsoft.com/technet/security/tools/mbsawp.mspx

11 Features Types of Scans: MBSA-Style Scan An MBSA-style scan will scan and store results in an individual XML file to then be viewed in the MBSA UI (GUI-interface) HFNetChk-Style Scan: HFNetChk-style scan will check for missing security updates only and will display scan results as text in the command line window http://www.microsoft.com/technet/security/tools/mbsawp.mspx

12 Features Previous security reports are saved in XML format and can be reviewed later Items Checked for Vulnerabilities: Administrators Group Membership, Auditing, Auto Logon, Automatic Updates, Unnecessary Services, File System, Guest Account, Internet Connection Firewall, Account Passwords and Policies, Anonymous User, Shares… http://www.microsoft.com/technet/security/tools/mbsawp.mspx

13 Features MBSA checks for installed Security Updates by –system file versions –registry settings –sometimes does not recognize installed updates For more information read Microsoft MBSA White Paper Microsoft MBSA White Paper Sample Scripts Sample Scripts are also available http://www.microsoft.com/technet/security/tools/mbsawp.mspx

14 How to use it? MBSA Demonstration

15 Evaluation MBSA is a tool created for Microsoft Systems specifically MBSA is a tool created for Microsoft Systems specifically Cannot be used as widely as other tools Cannot be used as widely as other tools Presents a security snapshot of the system with the expectations of a Microsoft security expert Presents a security snapshot of the system with the expectations of a Microsoft security expert Allows a safe scan of multiple Windows systems Allows a safe scan of multiple Windows systems

16 Additional Resources The Microsoft Security Home Page is a good resource for Microsoft product security: http://www.microsoft.com/security/default.mspx Windows 2000 & NT 4.0 Tool: Baseline Urlscan Baseline Urlscan Internet Information Services (IIS) Lockdown Tool 2.1 Lockdown Tool 2.1

17 Questions Please ask if you have any questions, and I will try to answer them! Thank you for your attention!

18 Links http://www.microsoft.com/downloads/ http://www.microsoft.com/downloads/details.aspx?FamilyID=b13ebd6b- e258-4625-b0a3-64a4879f7798&DisplayLang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=b13ebd6b- e258-4625-b0a3-64a4879f7798&DisplayLang=en http://www.microsoft.com/technet/security/tools/mbsawp.mspx http://www.microsoft.com/security/default.mspx http://www.microsoft.com/downloads/details.aspx?FamilyID=dde9efc0- bb30-47eb-9a61-fd755d23cdec&DisplayLang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=dde9efc0- bb30-47eb-9a61-fd755d23cdec&DisplayLang=en http://www.microsoft.com/downloads/details.aspx?FamilyID=42661e18- 93c2-4ce2-85d6-3679defe1a3e&DisplayLang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=42661e18- 93c2-4ce2-85d6-3679defe1a3e&DisplayLang=en http://www.microsoft.com/downloads/details.aspx?FamilyID=12244f33- a5da-4203-a3a8-83f4388bb71f&DisplayLang=enhttp://www.microsoft.com/downloads/details.aspx?FamilyID=12244f33- a5da-4203-a3a8-83f4388bb71f&DisplayLang=en

Download ppt "Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer"

Similar presentations

Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Your Definitive Lockdown Guide

Your Definitive Lockdown Guide
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 13: Planning Server and Network Security.
Chapter 7 HARDENING SERVERS.

Chapter 7 HARDENING SERVERS.
Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.

Hands-On Microsoft Windows Server 2003 Chapter 2 Installing Windows Server 2003, Standard Edition.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
File sharing. Connect the two win 7 systems with LAN card Open the network.

File sharing. Connect the two win 7 systems with LAN card Open the network.
DePaul Information Security

DePaul Information Security
Group Policy in Microsoft Windows Active Directory.

Group Policy in Microsoft Windows Active Directory.
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.

SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.

11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.
Guide to MCSE 70-290, Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.

Guide to MCSE , Enhanced 1 Activity 10-1: Restarting Windows Server 2003 Objective: to restart Windows Server 2003 Start  Shut Down  Restart Configure.
Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.

Avanade: 10 tips for å sikring av dine SQL Server databaser Bernt Lervik Infrastructure Architect Avanade.

Similar presentations

Ads by Google