Free Managemnt Baseline Security
Analysis (MBSA) Vulnerability Assessment Trustworthy Computing Scanner Misconfigurations Remediation Guidance http://www.onafree.com/Lists/Announcements/DispForm.aspx?ID=13&Source=http%3A%2F%2Fwww%2Eonafree%2Ecom%2Fdefault%2Easpx
(888)ITISJob.Net -
Information Technology Information Systems Job Network specializing in Managemnt Baseline Security Analysis (MBSA) Vulnerability
Assessment
(888)Nets-Expert.Org - the Network of Experts Organization providing
Expert Witness Testimony and Computer Litigation Support Services email@Nets-Expert.Org
(305)6384-397
Dr. A, & S. Rushinek, Ph.D. U.
of Miami Professor, eMail@OnAFree.com , 1205 Mariposa Ave.
#208, Coral Gables Fl, 33146
Accounting and Computer Information Systems Dept., Business School, 417 Jenkins Bldg, U of Miami,
Coral Gables
Fl, 33124
Checking the standard fare (blank or easily guessed user
passwords, auto-admin login, unnecessary services, etc), MBSA also scans for
unprotected servers; looking for Web servers that haven't run the lockdown tool
or that are still running the IIS sample code. Of particular value is MBSA's ability to scan multiple instances of server,
evaluating the authentication mode, looking for blank password and checking for
privilege escalation opportunities exposed via the Server service account,
among other items. While not many individuals are running full blown installs,
how many people are aware that many applications, such as Visio Enterprise,
install mini-versions of Server (known as MSDE) with a blank SA password?! MBSA
detects each installed instance and provides detailed remediation information.
|
Computer name:
|
WORKGROUP\GWR
|
|
IP address:
|
127.0.0.1
|
|
Security report name:
|
WORKGROUP - GWR (5-1-2006 12-41 AM)
|
|
Scan date:
|
5/1/2006 12:41 AM
|
|
Scanned with MBSA version:
|
2.0.5029.2
|
|
Catalog synchronization date:
|
2006-04-18T17:28:05Z
|
|
Security update catalog:
|
Microsoft Update (offline)
|
|
Security assessment:
|
Incomplete Scan (Could not complete one or more requested
checks.)
|
Security Update Scan Results
Windows Scan Results
Administrative Vulnerabilities
|
Score
|
Issue
|
Result
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Local Account Password Test
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This check was skipped because the computer is not joined to a
domain.
|
|
What was scanned
|
|
|
|
|
|
|
|
This check was skipped because the computer is not joined to a
domain.
|
|
What was scanned
|
|
|
|
Additional System Information
Internet Information Services (IIS) Scan Results
Administrative Vulnerabilities
|
Score
|
Issue
|
Result
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IISAdmin
Virtual Directory
|
|
|
|
|
|
MSADC and Scripts Virtual Directories
|
|
|
Additional System Information
SQL Server Scan Results
Instance (default)
Administrative Vulnerabilities
|
Score
|
Issue
|
Result
|
|
|
|
|
|
|
|
SQL Server/MSDE Security Mode
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Exposed SQL Server/MSDE Password
|
|
|
|
|
|
SQL Server/MSDE Account Password Test
|
|
|
|
|
|
|
Instance MICROSOFTSMLBIZ
Administrative Vulnerabilities
|
Score
|
Issue
|
Result
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Exposed SQL Server/MSDE Password
|
|
|
|
|
|
SQL Server/MSDE Security Mode
|
|
|
SQL Server and/or MSDE authentication mode is set to Windows
Only.
|
|
What was scanned
|
|
|
|
|
|
|
|
The Everyone
group does not have more than Read access to the SQL Server and/or MSDE
registry keys.
|
|
What was scanned
|
|
|
|
|
|
|
|
|
|
|
|
Permissions on the SQL Server and/or MSDE installation folders
are set properly.
|
|
What was scanned
|
|
|
|
|
|
|
|
|
|
|
SQL Server/MSDE Account Password Test
|
|
|
The check was skipped because SQL Server and/or MSDE is operating in Windows Only authentication mode.
|
|
What was scanned
|
|
|
|
Desktop Application Scan Results
Administrative Vulnerabilities
2nd Scan After Connecting to the WWW
|
Computer name:
|
WORKGROUP\GWR
|
|
IP address:
|
71.196.83.214
|
|
Security report name:
|
WORKGROUP - GWR (5-1-2006 12-44 AM)
|
|
Scan date:
|
5/1/2006 12:44 AM
|
|
Scanned with MBSA version:
|
2.0.5029.2
|
|
Catalog synchronization date:
|
|
|
Security update catalog:
|
Microsoft Update
|
|
Security assessment:
|
Incomplete Scan (Could not complete one or more requested
checks.)
|
Security Update Scan Results
Windows Scan Results
Administrative Vulnerabilities
|
Score
|
Issue
|
Result
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Local Account Password Test
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This check was skipped because the computer is not joined to a
domain.
|
|
What was scanned
|
|
|
|
|
|
|
|
This check was skipped because the computer is not joined to a
domain.
|
|
What was scanned
|
|
|
|
Additional System Information
Internet Information Services (IIS) Scan Results
Administrative Vulnerabilities
|
Score
|
Issue
|
Result
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
IISAdmin
Virtual Directory
|
|
|
|
|
|
MSADC and Scripts Virtual Directories
|
|
|
Additional System Information
SQL Server Scan Results
Instance (default)
Administrative Vulnerabilities
|
Score
|
Issue
|
Result
|
|
|
|
|
|
|
|
SQL Server/MSDE Security Mode
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Exposed SQL Server/MSDE Password
|
|
|
|
|
|
SQL Server/MSDE Account Password Test
|
|
|
|
|
|
|
Instance MICROSOFTSMLBIZ
Administrative Vulnerabilities
|
Score
|
Issue
|
Result
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Exposed SQL Server/MSDE Password
|
|
|
|
|
|
SQL Server/MSDE Security Mode
|
|
|
SQL Server and/or MSDE authentication mode is set to Windows
Only.
|
|
What was scanned
|
|
|
|
|
|
|
|
The Everyone
group does not have more than Read access to the SQL Server and/or MSDE
registry keys.
|
|
What was scanned
|
|
|
|
|
|
|
|
|
|
|
|
Permissions on the SQL Server and/or MSDE installation folders
are set properly.
|
|
What was scanned
|
|
|
|
|
|
|
|
|
|
|
SQL Server/MSDE Account Password Test
|
|
|
The check was skipped because SQL Server and/or MSDE is operating in Windows Only authentication mode.
|
|
What was scanned
|
|
|
|
Desktop Application Scan Results
Administrative Vulnerabilities