Results 1 to 2 of 2

Thread: Microsoft Baseline Security Analyzer

  1. March 26th, 2003, 01:42 AM #1
    gore
    gore is offline
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177

    Exclamation Microsoft Baseline Security Analyzer

    i found this today and thought it was kinda cool sounding, so if you have Windows (any version based on NT seems to work on it) check it out.

    http://download.com.com/3000-2086-10...ml?tag=lst-0-6




    Publisher's Description :
    As part of Microsoft's Strategic Technology Protection Program, and in response to direct customer need for a streamlined method of identifying common security misconfigurations, Microsoft has developed the Microsoft Baseline Security Analyzer (MBSA).
    Version 1.1 is the second release of MBSA and includes a graphical and command-line interface that can perform local or remote scans of Windows systems. MBSA runs on Windows 2000 and Windows XP systems and will scan for common system misconfigurations in the following products: Windows NT 4.0, Windows 2000, Windows XP, Internet Information Server (IIS) 4.0 and 5.0, SQL Server 7.0 and 2000, Internet Explorer 5.01 and later, and Office 2000 and 2002. MBSA will also scan for missing security updates for the following products: Windows NT 4.0, Windows 2000, Windows XP, IIS 4.0 and 5.0, SQL Server 7.0 and 2000, IE 5.01 and later, Exchange 5.5 and 2000, and Windows Media Player 6.4 and later.
    Reply With Quote Reply With Quote
  2. March 26th, 2003, 02:17 AM #2
    tonybradley
    tonybradley is offline
    AO Security for Non-Geeks tonybradley's Avatar
    Join Date
    Aug 2002
    Posts
    830
    I have done a review of MBSA before.

    It isn't perfect, but I think it is helpful for companies that want to start to identify what patches and updates they are missing. It definitely is worth the money (being that its FREE).

    The tool doesn't work flawlessly. Some Microsoft Security Bulletins contain workarounds or manual fixes rather than patches to install. For these items MBSA will report yellow X's to signify that it can not tell whether or not you have applied the patch / workaround. There are also discrepancies at times between what MBSA finds and what Windows Update detects.

    At its core, MBSA still uses HFNetChk Lite. MBSA is essentially a GUI interface for HFNetChk that outputs a nice XML-based report. If you want, you can still use HFNetChk commands and switches if you run the tool from the command line instead of the GUI interface.

    Lastly, it is not comprehensive because it only assesses Microsoft products (and not even 100% of those). I believe for corporations there are better tools to use to do vulnerability assessments, but for small companies and home users I think MBSA is a great tool that is at least a step in the right direction.
    Tony Bradley, CISSP, Microsoft MVP
    Follow me on Twitter
    Blogs:
    The Edge
    Evangelyze Communications Security
    Unified Communications: Click to Talk
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules