A New Security Tool; Notes from the Working World

Microsoft Releases MBSA, A New Security Tool
Last week, Microsoft released the Microsoft Baseline Security Analyzer (MBSA), the newest security tool in the company's Strategic Technology Protection Program arsenal. MBSA checks systems for compliance with minimum recommended security settings by scanning for current hotfixes, blank or simple passwords, FAT or FAT32 partitions, and Guest and Anonymous account restrictions. MBSA also checks Microsoft IIS and Microsoft SQL Server for excessively lenient permissions, including registry and service-account permissions. The MBSA is Microsoft's most complete security tool to date.

MBSA is an excellent tool for scanning an entire domain of workstations—but only if you log on to the domain using an account that's a member of the Administrators group on each target device. If you want to scan multiple standalone servers, this limitation might present a problem. Fortunately, a workaround exists: You can run the following command on all the machines that you want to scan to "pre-authorize" yourself on each machine:

net use \\\ipc$ password /user:\administrator

(Thanks to Eric Schultze for providing this workaround!)

MBSA supports scripting, so you can automate a scan of multiple computers. To automate a scan of a computer, you use MBSA's Command-Line Interface (CLI), mbsacli.exe. To automate a scan of a server, for example, you'd use a command such as

MBSACLI /c mydomain\myserver 

The results of this scan will appear as an XML file in your user profile directory's SecurityScans subfolder. You must use the MBSA GUI (mbsa.exe) to view and print the XML file, but with the rise of Microsoft .NET, I'm certain that more viewing options will become available soon.

Do yourself (and your company) a favor: Download and test the free MBSA today. You can find the MBSA and a white paper that discusses the tool at the Microsoft Web site.

Notes from the Working World
A recent discussion in CertTutor.net Live!'s IT Jobs area confirms that regardless of how much money and resources you devote to training yourself for a career, you can expect to earn only the "going rate" for any given job. In the IT world, this reality is a key—and often painful—fact of life. Of course, if your company pays for your training, you'll feel less pain, but you'll still have invested your own time and effort.

Now more than ever, you must direct your energy toward the training that will benefit you most. Research the major products on the market today. Identify a few products that interest you, read the reviews and industry commentary about those products, and get evaluation copies of the software. Finally, make a choice.

What you're choosing is a technology or a product that you think will show a growth in demand. "Safe" choices include Windows 2000 Server and, by extension, Windows .NET Server (Win.NET Server). "Niche" products such as Microsoft SharePoint Portal Server (formerly code-named Tahoe) and Internet Security and Acceleration (ISA) Server 2000 will also continue to require expertise. In the non-Microsoft realm, Check Point Software Technologies' new firewalls look intriguing. But don't take my advice—do your own research and follow your own instincts. And be sure to consult CertTutor.net Live! when you're gathering information. See this thread for some great advice for staying current and marketable

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.