Guest miguel Posted May 22, 2008 Posted May 22, 2008 I am trying to run a scan with MBSA 2.1, but it encounters an error as soon as it begins. Here is the log of the scan: Security assessment: Incomplete Scan Computer name: MSHOME\YOUR-9020FCA106 IP address: 192.168.0.101 Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM) Scan date: 5/22/2008 2:11 PM Scanned with MBSA version: 2.1.2030.0 Catalog synchronization date: Security update catalog: Windows Server Update Services Security Updates Scan Results Issue: Security Updates Score: Unable to scan Result: Cannot scan because target computer is not assigned to a Update Services server. Operating System Scan Results Administrative Vulnerabilities Issue: Local Account Password Test Score: Check passed Result: No user accounts have simple passwords. Detail: | User | Weak Password | Locked Out | Disabled | | HelpAssistant | - | - | Disabled | | SUPPORT_388945a0 | - | - | Disabled | | ASPNET | - | - | - | | Administrator | - | - | - | | Guest | - | - | - | | miguel mesa | - | - | - | Issue: File System Score: Check passed Result: All hard drives (1) are using the NTFS file system. Detail: | Drive Letter | File System | | C: | NTFS | Issue: Password Expiration Score: Check not performed Result: Check is skipped on Windows XP Home Edition computers. Issue: Guest Account Score: Check passed Result: The Guest account is not disabled on this computer. Issue: Autologon Score: Check not performed Result: Check is skipped on Windows XP Home Edition computers. Issue: Restrict Anonymous Score: Check passed Result: Computer is properly restricting anonymous access. Issue: Administrators Score: Check passed Result: No more than 2 Administrators were found on this computer. Detail: | User | | Administrator | | miguel mesa | Issue: Windows Firewall Score: Best practice Result: Windows Firewall is managed through Group Policy on this computer. Windows Firewall is disabled and has exceptions configured. Detail: | Connection Name | Firewall | Exceptions | | Incoming Connections | N/A | N/A | | Internet Connection | N/A | N/A | | All Connections | Off | Ports, Programs, Services | | Broadband Connection | Off | Ports , Programs , Services | | Local Area Connection | Off | Ports , Programs , Services | | MSN | Off | Ports , Programs , Services | | Wireless Network Connection 3 | Off | Ports , Programs , Services | Issue: Automatic Updates Score: Check passed Result: Updates are automatically downloaded and installed on this computer. Issue: Incomplete Updates Score: Best practice Result: No incomplete software update installations were found. Additional System Information Issue: Windows Version Score: Best practice Result: Computer is running Windows 2000 or greater. Issue: Auditing Score: Best practice Result: Check is skipped on Windows XP Home Edition computers. Issue: Shares Score: Best practice Result: 1 share(s) are present on your computer. Detail: | Share | Directory | Share ACL | Directory ACL | | print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R, Administrators - F | Everyone - F | Issue: Services Score: Best practice Result: No potentially unnecessary services were found. Internet Information Services (IIS) Scan Results IIS is not running on this computer. SQL Server Scan Results Instance MSSMLBIZ Administrative Vulnerabilities Issue: SQL Server/MSDE Security Mode Score: Check passed Result: SQL Server and/or MSDE authentication mode is set to Windows Only. Issue: Exposed SQL Server/MSDE Password Score: Check passed Result: The 'sa' password and SQL service account password are not exposed in text files. Issue: CmdExec role Score: Check passed Result: CmdExec is restricted to sysadmin only. Issue: Registry Permissions Score: Check passed Result: The Everyone group does not have more than Read access to the SQL Server and/or MSDE registry keys. Issue: Folder Permissions Score: Check failed (critical) Result: Permissions on the SQL Server and/or MSDE installation folders are not set properly. Detail: | Instance | Folder | User | | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn | BUILTIN\Users | | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn | YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ | | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn | \CREATOR OWNER | | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data | YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ | | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data | YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ | | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data | \CREATOR OWNER | Issue: Sysadmin role members Score: Check not performed Result: Could not perform this check because SQL Server and/or MSDE was not running. Issue: Guest Account Score: Check not performed Result: Could not perform this check because SQL Server and/or MSDE was not running. Issue: Sysadmins Score: Check not performed Result: Could not perform this check because SQL Server and/or MSDE was not running. Issue: SQL Server/MSDE Account Password Test Score: Check not performed Result: The check was skipped because SQL Server and/or MSDE is operating in Windows Only authentication mode. Issue: Service Accounts Score: Check failed (non-critical) Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service accounts should not be members of the local Administrators group or run as LocalSystem. Detail: | Instance | Service | Account | Issue | | MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. | Issue: Password Policy Score: Check not performed Result: Could not perform this check because SQL Server and/or MSDE was not running. Issue: Public Permissions Score: Check not performed Result: Could not perform this check because SQL Server and/or MSDE was not running. Issue: SSIS Roles Score: Check not performed Result: Could not perform this check because SQL Server and/or MSDE was not running. Issue: Sysdtslog Score: Check not performed Result: Could not perform this check because SQL Server and/or MSDE was not running. Instance SONY_MEDIAMGR Administrative Vulnerabilities Issue: SQL Server/MSDE Security Mode Score: Check passed Result: SQL Server and/or MSDE authentication mode is set to Windows Only. Issue: Exposed SQL Server/MSDE Password Score: Check passed Result: The 'sa' password and SQL service account password are not exposed in text files. Issue: CmdExec role Score: Check passed Result: CmdExec is restricted to sysadmin only. Issue: Registry Permissions Score: Check passed Result: The Everyone group does not have more than Read access to the SQL Server and/or MSDE registry keys. Issue: Folder Permissions Score: Check passed Result: Permissions on the SQL Server and/or MSDE installation folders are set properly. Issue: Sysadmin role members Score: Best practice Result: BUILTIN\Administrators group should not be part of sysadmin role. Issue: Guest Account Score: Check passed Result: The Guest account is not enabled in any of the databases. Issue: Sysadmins Score: Check failed (non-critical) Result: More than 2 members of sysadmin role are present. Issue: SQL Server/MSDE Account Password Test Score: Check not performed Result: The check was skipped because SQL Server and/or MSDE is operating in Windows Only authentication mode. Issue: Service Accounts Score: Best practice Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service accounts should not be members of the local Administrators group or run as LocalSystem. Detail: | Instance | Service | Account | Issue | | SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. | | SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. | Desktop Application Scan Results Administrative Vulnerabilities Issue: IE Zones Score: Check passed Result: Internet Explorer zones have secure settings for all users. Issue: Macro Security Score: Check not performed Result: No Microsoft Office products are installed Any kind of help will be greatly appreciated. Thanks Quote
Guest Newell White Posted May 23, 2008 Posted May 23, 2008 "miguel" wrote: <span style="color:blue"> > I am trying to run a scan with MBSA 2.1, but it encounters an error as soon > as it begins. Here is the log of the scan: > </span> <snip><span style="color:blue"> > Security Updates Scan Results > > Issue: Security Updates > Score: Unable to scan > Result: Cannot scan because target computer is not assigned to a Update > Services server. > </span> <snip><span style="color:blue"> > Issue: Automatic Updates > Score: Check passed > Result: Updates are automatically downloaded and installed on this > computer. > > Issue: Incomplete Updates > Score: Best practice > Result: No incomplete software update installations were found.</span> <snip> There are two ways of getting updates to Windows installed automatically on your computer: Set Automatic Updates to contact the MS web site to download and install them. Be a client of Windows Server Update Service running on a Windows server at a fixed IP address. My interpretation is that the 'Unable to scan' refers to the latter (WSUS) method. The two later items refer to the Automatic Install (from MS web-site). You can check this by manually connecting to Windows Update (Start, All Programs..), and checking for updates. If you have all recent Security and Priority updates then this interpretation is valid. If you don't, then download and install them. -- Regards, Newell White Quote
Guest Roger Abell [MVP] Posted May 27, 2008 Posted May 27, 2008 I have not run into that message before, but I wanted to make sure you were aware that MSBA 2.1 is now released, no longer in beta. Perhaps you should start by replacing with the released version. Roger "miguel" <miguel@discussions.microsoft.com> wrote in message news:8DE0C144-5C5E-49D2-B77A-0E55005EBB7D@microsoft.com...<span style="color:blue"> >I am trying to run a scan with MBSA 2.1, but it encounters an error as soon > as it begins. Here is the log of the scan: > > Security assessment: Incomplete Scan > Computer name: MSHOMEYOUR-9020FCA106 > IP address: 192.168.0.101 > Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM) > Scan date: 5/22/2008 2:11 PM > Scanned with MBSA version: 2.1.2030.0 > Catalog synchronization date: > Security update catalog: Windows Server Update Services > > Security Updates Scan Results > > Issue: Security Updates > Score: Unable to scan > Result: Cannot scan because target computer is not assigned to a Update > Services server. > > > Operating System Scan Results > > Administrative Vulnerabilities > > Issue: Local Account Password Test > Score: Check passed > Result: No user accounts have simple passwords. > > Detail: > | User | Weak Password | Locked Out | Disabled | > | HelpAssistant | - | - | Disabled | > | SUPPORT_388945a0 | - | - | Disabled | > | ASPNET | - | - | - | > | Administrator | - | - | - | > | Guest | - | - | - | > | miguel mesa | - | - | - | > Issue: File System > Score: Check passed > Result: All hard drives (1) are using the NTFS file system. > > Detail: > | Drive Letter | File System | > | C: | NTFS | > Issue: Password Expiration > Score: Check not performed > Result: Check is skipped on Windows XP Home Edition computers. > > Issue: Guest Account > Score: Check passed > Result: The Guest account is not disabled on this computer. > > Issue: Autologon > Score: Check not performed > Result: Check is skipped on Windows XP Home Edition computers. > > Issue: Restrict Anonymous > Score: Check passed > Result: Computer is properly restricting anonymous access. > > Issue: Administrators > Score: Check passed > Result: No more than 2 Administrators were found on this computer. > > Detail: > | User | > | Administrator | > | miguel mesa | > Issue: Windows Firewall > Score: Best practice > Result: Windows Firewall is managed through Group Policy on this > computer. Windows Firewall is disabled and has exceptions configured. > > Detail: > | Connection Name | Firewall | Exceptions | > | Incoming Connections | N/A | N/A | > | Internet Connection | N/A | N/A | > | All Connections | Off | Ports, Programs, Services | > | Broadband Connection | Off | Ports , Programs , Services | > | Local Area Connection | Off | Ports , Programs , Services | > | MSN | Off | Ports , Programs , Services | > | Wireless Network Connection 3 | Off | Ports , Programs , Services | > Issue: Automatic Updates > Score: Check passed > Result: Updates are automatically downloaded and installed on this > computer. > > Issue: Incomplete Updates > Score: Best practice > Result: No incomplete software update installations were found. > > Additional System Information > > Issue: Windows Version > Score: Best practice > Result: Computer is running Windows 2000 or greater. > > Issue: Auditing > Score: Best practice > Result: Check is skipped on Windows XP Home Edition computers. > > Issue: Shares > Score: Best practice > Result: 1 share(s) are present on your computer. > > Detail: > | Share | Directory | Share ACL | Directory ACL | > | print$ | C:WINDOWSsystem32spooldrivers | Everyone - R, > Administrators - F | Everyone - F | > Issue: Services > Score: Best practice > Result: No potentially unnecessary services were found. > > > Internet Information Services (IIS) Scan Results > IIS is not running on this computer. > > SQL Server Scan Results > > Instance MSSMLBIZ > > Administrative Vulnerabilities > > Issue: SQL Server/MSDE Security Mode > Score: Check passed > Result: SQL Server and/or MSDE authentication mode is set to Windows > Only. > > Issue: Exposed SQL Server/MSDE Password > Score: Check passed > Result: The 'sa' password and SQL service account password are not > exposed in text files. > > Issue: CmdExec role > Score: Check passed > Result: CmdExec is restricted to sysadmin only. > > Issue: Registry Permissions > Score: Check passed > Result: The Everyone group does not have more than Read access to the > SQL Server and/or MSDE registry keys. > > Issue: Folder Permissions > Score: Check failed (critical) > Result: Permissions on the SQL Server and/or MSDE installation folders > are not set properly. > > Detail: > | Instance | Folder | User | > | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinn | > BUILTINUsers | > | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinn | > YOUR-9020FCA106SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ | > | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinn | > CREATOR OWNER | > | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLData | > YOUR-9020FCA106SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ | > | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLData | > YOUR-9020FCA106SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ | > | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLData | > CREATOR OWNER | > Issue: Sysadmin role members > Score: Check not performed > Result: Could not perform this check because SQL Server and/or MSDE was > not running. > > Issue: Guest Account > Score: Check not performed > Result: Could not perform this check because SQL Server and/or MSDE was > not running. > > Issue: Sysadmins > Score: Check not performed > Result: Could not perform this check because SQL Server and/or MSDE was > not running. > > Issue: SQL Server/MSDE Account Password Test > Score: Check not performed > Result: The check was skipped because SQL Server and/or MSDE is > operating in Windows Only authentication mode. > > Issue: Service Accounts > Score: Check failed (non-critical) > Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service > accounts should not be members of the local Administrators group or run as > LocalSystem. > > Detail: > | Instance | Service | Account | Issue | > | MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. | > Issue: Password Policy > Score: Check not performed > Result: Could not perform this check because SQL Server and/or MSDE was > not running. > > Issue: Public Permissions > Score: Check not performed > Result: Could not perform this check because SQL Server and/or MSDE was > not running. > > Issue: SSIS Roles > Score: Check not performed > Result: Could not perform this check because SQL Server and/or MSDE was > not running. > > Issue: Sysdtslog > Score: Check not performed > Result: Could not perform this check because SQL Server and/or MSDE was > not running. > > > Instance SONY_MEDIAMGR > > Administrative Vulnerabilities > > Issue: SQL Server/MSDE Security Mode > Score: Check passed > Result: SQL Server and/or MSDE authentication mode is set to Windows > Only. > > Issue: Exposed SQL Server/MSDE Password > Score: Check passed > Result: The 'sa' password and SQL service account password are not > exposed in text files. > > Issue: CmdExec role > Score: Check passed > Result: CmdExec is restricted to sysadmin only. > > Issue: Registry Permissions > Score: Check passed > Result: The Everyone group does not have more than Read access to the > SQL Server and/or MSDE registry keys. > > Issue: Folder Permissions > Score: Check passed > Result: Permissions on the SQL Server and/or MSDE installation folders > are set properly. > > Issue: Sysadmin role members > Score: Best practice > Result: BUILTINAdministrators group should not be part of sysadmin > role. > > Issue: Guest Account > Score: Check passed > Result: The Guest account is not enabled in any of the databases. > > Issue: Sysadmins > Score: Check failed (non-critical) > Result: More than 2 members of sysadmin role are present. > > Issue: SQL Server/MSDE Account Password Test > Score: Check not performed > Result: The check was skipped because SQL Server and/or MSDE is > operating in Windows Only authentication mode. > > Issue: Service Accounts > Score: Best practice > Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service > accounts should not be members of the local Administrators group or run as > LocalSystem. > > Detail: > | Instance | Service | Account | Issue | > | SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. | > | SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. | > > Desktop Application Scan Results > > Administrative Vulnerabilities > > Issue: IE Zones > Score: Check passed > Result: Internet Explorer zones have secure settings for all users. > > Issue: Macro Security > Score: Check not performed > Result: No Microsoft Office products are installed > > Any kind of help will be greatly appreciated. Thanks </span> Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.