Results 1 to 3 of 3

Thread: Baseline Security Analyzer

  1. #1
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828

    Baseline Security Analyzer

    I understand there is the MBSA, but I also heard there is a method to create and .inf to configure the settings inside Windows 2000 is that correct?

  2. #2
    Senior Member
    Join Date
    Feb 2003
    Posts
    109
    Uh, I guess. But you would still have to do manual imports of security templates and such. You would still need to use MBSA to check for patches. I guess you could rewrite MBSA as a wsh script, but what would be the point? My advice is, if there is a prewritten tool that does it, use it. If not, then make one yourself. Unless your just curious. Then rewritting stuff rocks!
    $person!=$kiddie or die(\"Alas, die you hotmail hacker!!\");
    SecureVision

  3. #3
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    OK, the BLSA is a complete piece of crap. It often givs false positives on missing patches and such. Go to the CIS site (Center for Internet Security) and get their analyzer. It is far superior. Also, they have canned INF files that you can import and run via the Security Configuration and Analysis snap-in. They have INFs based on NSA standards all the way down to a basic lockdown.

    Editing INF files is tricky business and is not for the average user to attempt. Take a look at the INFs available at www.cisecurity.org. The analyzer is free and I know it is used by auditing firms such as KPMG.

    Hope this helps!
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •