Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Microsoft Baseline Security Analyzer A practical look….

Published bySusan Floyd Modified over 8 years ago

Similar presentations

Presentation on theme: "The Microsoft Baseline Security Analyzer A practical look…."— Presentation transcript:

1 The Microsoft Baseline Security Analyzer A practical look….

2 Overview of Network Management Larger networks means: More computers to manage. More computers to maintain. Bigger security management issues. More computers to check for security holes. IT Departments Must Continue to manage workstations even during growth. Effectively find solutions to remain efficient in network security management.

3 The Microsoft Baseline Security Analyzer The Tool: –Scans computers locally or remotely for any possible security hazards. Weak Passwords. Unnecessary services that are running. Firewall status. File Shares –Scans Microsoft related products or technologies for any missing patches or updates. Microsoft Update Patches Microsoft Office Updates Microsoft Windows Vulnerabilities

4 The Microsoft Baseline Security Analyzer The Tool: –Has the ability to scan itself or multiple computers. Up to 10,000 computers can be scanned.

5 The Microsoft Baseline Security Analyzer Installation –Download the msi file from: http://www.microsoft.com/technet/security/tools/mbsahome.mspx –System Requirements Windows NT 4.x Windows 2000 Windows XP or Windows Server 2003 –For Scanning: Locally: Must be an administrator user. Remotely: Must have domain administrator privileges (or administrator access to the remote computer[s]).

6 The MSBA User Interface

7 Using The MSBA Local Scan –Click on “Scan a Computer” –Select your computer using the drop down box –Click “Start Scan”

8 Using The MSBA Remote Scan –Click on “Scan a Computer” or “Scan Multiple Computers” –Enter the computer name or select the domain to scan or enter an IP range. –Click “Start Scan”

9 Using The MSBA The Results Single Computer Scan –Report of the single computer scanned shows. Multiple Computer Scan –Select the report of the computer scanned.

10 Using The MSBA

11 The Security Report

12

13 Details of Report Most reports includes: Microsoft Office Updates Critical Updates or Patches Weak Password Check File Systems Guest Accounts Administrator Accounts Recommended is two. Windows Version Recommended Settings in: –Windows –Internet Explorer –Services –Firewall –File Sharing

14 Details of Report

15

16

17 What is the Tool Doing?! The MSBA uses a product and update catalogue from the Microsoft web site. Or a local intranet website that stores the catalogue. The MSBA parses through the catalogue (XML file) and compares certain values in the registry as well as scan the OS internally. Both remote and local scans are very similar however, To do a complete scan remotely, the remote registry service must be enabled.

18 Some Opinions Pros Very flexible. Command line interface allows customized output. Very efficient. Can scan up to 10,000 computers in one scan. Scans transparently. No downtime required. General User Interface acts like a Wizard. (Step 1, 2, 3…) Cons Security scans do not take into account recently discovered vulnerabilities. Accuracy depends on Microsoft’s knowledge of vulnerabilities. Only scans Microsoft technologies. Microsoft’s control of vulnerability information. –Ultimately, you will only know if Microsoft makes it known. At one point, Microsoft knew of a vulnerability for six months before information was released. Source: CBC News Online Article: –http://www.cbc.ca/story/world/national/2004/02/10/microsoft_040210.html http://www.cbc.ca/story/world/national/2004/02/10/microsoft_040210.html Can give false alarms if you have set your own settings.

19 Some Opinions The Bottom Line –Very useful in enterprise style networks. –A straightforward tool that allows any user to run it. –Free.

20 Thank You! Kaleem Maxwell

Download ppt "The Microsoft Baseline Security Analyzer A practical look…."

Similar presentations

Patch Management Patch Management in a Windows based environment

Patch Management Patch Management in a Windows based environment
Auditing Microsoft Active Directory

Auditing Microsoft Active Directory
Your Definitive Lockdown Guide

Your Definitive Lockdown Guide
Configuring Windows to run Dr.Web scanner remotely.

Configuring Windows to run Dr.Web scanner remotely.
WSUS Presented by: Nada Abdullah Ahmed.

WSUS Presented by: Nada Abdullah Ahmed.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 10: Server Administration.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 10: Server Administration.
Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer

Microsoft Baseline Security Analyzer INLS 187 Security Software Presentation by Hinár György Polczer
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.

Small Business Security By Donatas Sumyla. Content Introduction Tools Symantec Corp. Company Overview Symantec.com Microsoft Company Overview Small Business.
Maintaining and Updating Windows Server 2008

Maintaining and Updating Windows Server 2008
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Installing and Configuring a Secure Web Server COEN 351 David Papay.

Installing and Configuring a Secure Web Server COEN 351 David Papay.
Microsoft Office 2013 ®® Appendix A Introduction to Cloud Computing.

Microsoft Office 2013 ®® Appendix A Introduction to Cloud Computing.
Group Policy in Microsoft Windows Active Directory.

Group Policy in Microsoft Windows Active Directory.
IT:Network:Microsoft Applications

IT:Network:Microsoft Applications
SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.

SUS Services ECE Computer Facilities. SUS Services Software Update Services Microsoft Security And Critical Update Service Microsoft Security And Critical.
Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.

Security Audit Tools Project. CT 395 IT Security I Professor Igbeare Summer Quarter 2009 August 25, 2009.

Similar presentations

Ads by Google