Jump to content

Need help & support regarding MBSA 2.1 beta 2


Recommended Posts

Guest miguel
Posted

I am trying to run a scan with MBSA 2.1, but it encounters an error as soon

as it begins. Here is the log of the scan:

 

Security assessment: Incomplete Scan

Computer name: MSHOME\YOUR-9020FCA106

IP address: 192.168.0.101

Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM)

Scan date: 5/22/2008 2:11 PM

Scanned with MBSA version: 2.1.2030.0

Catalog synchronization date:

Security update catalog: Windows Server Update Services

 

Security Updates Scan Results

 

Issue: Security Updates

Score: Unable to scan

Result: Cannot scan because target computer is not assigned to a Update

Services server.

 

 

Operating System Scan Results

 

Administrative Vulnerabilities

 

Issue: Local Account Password Test

Score: Check passed

Result: No user accounts have simple passwords.

 

Detail:

| User | Weak Password | Locked Out | Disabled |

| HelpAssistant | - | - | Disabled |

| SUPPORT_388945a0 | - | - | Disabled |

| ASPNET | - | - | - |

| Administrator | - | - | - |

| Guest | - | - | - |

| miguel mesa | - | - | - |

Issue: File System

Score: Check passed

Result: All hard drives (1) are using the NTFS file system.

 

Detail:

| Drive Letter | File System |

| C: | NTFS |

Issue: Password Expiration

Score: Check not performed

Result: Check is skipped on Windows XP Home Edition computers.

 

Issue: Guest Account

Score: Check passed

Result: The Guest account is not disabled on this computer.

 

Issue: Autologon

Score: Check not performed

Result: Check is skipped on Windows XP Home Edition computers.

 

Issue: Restrict Anonymous

Score: Check passed

Result: Computer is properly restricting anonymous access.

 

Issue: Administrators

Score: Check passed

Result: No more than 2 Administrators were found on this computer.

 

Detail:

| User |

| Administrator |

| miguel mesa |

Issue: Windows Firewall

Score: Best practice

Result: Windows Firewall is managed through Group Policy on this

computer. Windows Firewall is disabled and has exceptions configured.

 

Detail:

| Connection Name | Firewall | Exceptions |

| Incoming Connections | N/A | N/A |

| Internet Connection | N/A | N/A |

| All Connections | Off | Ports, Programs, Services |

| Broadband Connection | Off | Ports , Programs , Services |

| Local Area Connection | Off | Ports , Programs , Services |

| MSN | Off | Ports , Programs , Services |

| Wireless Network Connection 3 | Off | Ports , Programs , Services |

Issue: Automatic Updates

Score: Check passed

Result: Updates are automatically downloaded and installed on this

computer.

 

Issue: Incomplete Updates

Score: Best practice

Result: No incomplete software update installations were found.

 

Additional System Information

 

Issue: Windows Version

Score: Best practice

Result: Computer is running Windows 2000 or greater.

 

Issue: Auditing

Score: Best practice

Result: Check is skipped on Windows XP Home Edition computers.

 

Issue: Shares

Score: Best practice

Result: 1 share(s) are present on your computer.

 

Detail:

| Share | Directory | Share ACL | Directory ACL |

| print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R,

Administrators - F | Everyone - F |

Issue: Services

Score: Best practice

Result: No potentially unnecessary services were found.

 

 

Internet Information Services (IIS) Scan Results

IIS is not running on this computer.

 

SQL Server Scan Results

 

Instance MSSMLBIZ

 

Administrative Vulnerabilities

 

Issue: SQL Server/MSDE Security Mode

Score: Check passed

Result: SQL Server and/or MSDE authentication mode is set to Windows Only.

 

Issue: Exposed SQL Server/MSDE Password

Score: Check passed

Result: The 'sa' password and SQL service account password are not

exposed in text files.

 

Issue: CmdExec role

Score: Check passed

Result: CmdExec is restricted to sysadmin only.

 

Issue: Registry Permissions

Score: Check passed

Result: The Everyone group does not have more than Read access to the

SQL Server and/or MSDE registry keys.

 

Issue: Folder Permissions

Score: Check failed (critical)

Result: Permissions on the SQL Server and/or MSDE installation folders

are not set properly.

 

Detail:

| Instance | Folder | User |

| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |

BUILTIN\Users |

| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |

YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |

| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |

\CREATOR OWNER |

| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |

YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |

| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |

YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |

| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |

\CREATOR OWNER |

Issue: Sysadmin role members

Score: Check not performed

Result: Could not perform this check because SQL Server and/or MSDE was

not running.

 

Issue: Guest Account

Score: Check not performed

Result: Could not perform this check because SQL Server and/or MSDE was

not running.

 

Issue: Sysadmins

Score: Check not performed

Result: Could not perform this check because SQL Server and/or MSDE was

not running.

 

Issue: SQL Server/MSDE Account Password Test

Score: Check not performed

Result: The check was skipped because SQL Server and/or MSDE is

operating in Windows Only authentication mode.

 

Issue: Service Accounts

Score: Check failed (non-critical)

Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service

accounts should not be members of the local Administrators group or run as

LocalSystem.

 

Detail:

| Instance | Service | Account | Issue |

| MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. |

Issue: Password Policy

Score: Check not performed

Result: Could not perform this check because SQL Server and/or MSDE was

not running.

 

Issue: Public Permissions

Score: Check not performed

Result: Could not perform this check because SQL Server and/or MSDE was

not running.

 

Issue: SSIS Roles

Score: Check not performed

Result: Could not perform this check because SQL Server and/or MSDE was

not running.

 

Issue: Sysdtslog

Score: Check not performed

Result: Could not perform this check because SQL Server and/or MSDE was

not running.

 

 

Instance SONY_MEDIAMGR

 

Administrative Vulnerabilities

 

Issue: SQL Server/MSDE Security Mode

Score: Check passed

Result: SQL Server and/or MSDE authentication mode is set to Windows Only.

 

Issue: Exposed SQL Server/MSDE Password

Score: Check passed

Result: The 'sa' password and SQL service account password are not

exposed in text files.

 

Issue: CmdExec role

Score: Check passed

Result: CmdExec is restricted to sysadmin only.

 

Issue: Registry Permissions

Score: Check passed

Result: The Everyone group does not have more than Read access to the

SQL Server and/or MSDE registry keys.

 

Issue: Folder Permissions

Score: Check passed

Result: Permissions on the SQL Server and/or MSDE installation folders

are set properly.

 

Issue: Sysadmin role members

Score: Best practice

Result: BUILTIN\Administrators group should not be part of sysadmin role.

 

Issue: Guest Account

Score: Check passed

Result: The Guest account is not enabled in any of the databases.

 

Issue: Sysadmins

Score: Check failed (non-critical)

Result: More than 2 members of sysadmin role are present.

 

Issue: SQL Server/MSDE Account Password Test

Score: Check not performed

Result: The check was skipped because SQL Server and/or MSDE is

operating in Windows Only authentication mode.

 

Issue: Service Accounts

Score: Best practice

Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service

accounts should not be members of the local Administrators group or run as

LocalSystem.

 

Detail:

| Instance | Service | Account | Issue |

| SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |

| SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |

 

Desktop Application Scan Results

 

Administrative Vulnerabilities

 

Issue: IE Zones

Score: Check passed

Result: Internet Explorer zones have secure settings for all users.

 

Issue: Macro Security

Score: Check not performed

Result: No Microsoft Office products are installed

 

Any kind of help will be greatly appreciated. Thanks

  • Replies 2
  • Created
  • Last Reply
Guest Newell White
Posted

"miguel" wrote:

<span style="color:blue">

> I am trying to run a scan with MBSA 2.1, but it encounters an error as soon

> as it begins. Here is the log of the scan:

> </span>

<snip><span style="color:blue">

> Security Updates Scan Results

>

> Issue: Security Updates

> Score: Unable to scan

> Result: Cannot scan because target computer is not assigned to a Update

> Services server.

> </span>

<snip><span style="color:blue">

> Issue: Automatic Updates

> Score: Check passed

> Result: Updates are automatically downloaded and installed on this

> computer.

>

> Issue: Incomplete Updates

> Score: Best practice

> Result: No incomplete software update installations were found.</span>

<snip>

There are two ways of getting updates to Windows installed automatically on

your computer:

Set Automatic Updates to contact the MS web site to download and install them.

Be a client of Windows Server Update Service running on a Windows server at

a fixed IP address.

 

My interpretation is that the 'Unable to scan' refers to the latter (WSUS)

method.

 

The two later items refer to the Automatic Install (from MS web-site).

 

You can check this by manually connecting to Windows Update (Start, All

Programs..), and checking for updates. If you have all recent Security and

Priority updates then this interpretation is valid.

 

If you don't, then download and install them.

 

--

Regards,

Newell White

Guest Roger Abell [MVP]
Posted

I have not run into that message before, but I wanted to make sure you

were aware that MSBA 2.1 is now released, no longer in beta.

Perhaps you should start by replacing with the released version.

 

Roger

 

"miguel" <miguel@discussions.microsoft.com> wrote in message

news:8DE0C144-5C5E-49D2-B77A-0E55005EBB7D@microsoft.com...<span style="color:blue">

>I am trying to run a scan with MBSA 2.1, but it encounters an error as soon

> as it begins. Here is the log of the scan:

>

> Security assessment: Incomplete Scan

> Computer name: MSHOMEYOUR-9020FCA106

> IP address: 192.168.0.101

> Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM)

> Scan date: 5/22/2008 2:11 PM

> Scanned with MBSA version: 2.1.2030.0

> Catalog synchronization date:

> Security update catalog: Windows Server Update Services

>

> Security Updates Scan Results

>

> Issue: Security Updates

> Score: Unable to scan

> Result: Cannot scan because target computer is not assigned to a Update

> Services server.

>

>

> Operating System Scan Results

>

> Administrative Vulnerabilities

>

> Issue: Local Account Password Test

> Score: Check passed

> Result: No user accounts have simple passwords.

>

> Detail:

> | User | Weak Password | Locked Out | Disabled |

> | HelpAssistant | - | - | Disabled |

> | SUPPORT_388945a0 | - | - | Disabled |

> | ASPNET | - | - | - |

> | Administrator | - | - | - |

> | Guest | - | - | - |

> | miguel mesa | - | - | - |

> Issue: File System

> Score: Check passed

> Result: All hard drives (1) are using the NTFS file system.

>

> Detail:

> | Drive Letter | File System |

> | C: | NTFS |

> Issue: Password Expiration

> Score: Check not performed

> Result: Check is skipped on Windows XP Home Edition computers.

>

> Issue: Guest Account

> Score: Check passed

> Result: The Guest account is not disabled on this computer.

>

> Issue: Autologon

> Score: Check not performed

> Result: Check is skipped on Windows XP Home Edition computers.

>

> Issue: Restrict Anonymous

> Score: Check passed

> Result: Computer is properly restricting anonymous access.

>

> Issue: Administrators

> Score: Check passed

> Result: No more than 2 Administrators were found on this computer.

>

> Detail:

> | User |

> | Administrator |

> | miguel mesa |

> Issue: Windows Firewall

> Score: Best practice

> Result: Windows Firewall is managed through Group Policy on this

> computer. Windows Firewall is disabled and has exceptions configured.

>

> Detail:

> | Connection Name | Firewall | Exceptions |

> | Incoming Connections | N/A | N/A |

> | Internet Connection | N/A | N/A |

> | All Connections | Off | Ports, Programs, Services |

> | Broadband Connection | Off | Ports , Programs , Services |

> | Local Area Connection | Off | Ports , Programs , Services |

> | MSN | Off | Ports , Programs , Services |

> | Wireless Network Connection 3 | Off | Ports , Programs , Services |

> Issue: Automatic Updates

> Score: Check passed

> Result: Updates are automatically downloaded and installed on this

> computer.

>

> Issue: Incomplete Updates

> Score: Best practice

> Result: No incomplete software update installations were found.

>

> Additional System Information

>

> Issue: Windows Version

> Score: Best practice

> Result: Computer is running Windows 2000 or greater.

>

> Issue: Auditing

> Score: Best practice

> Result: Check is skipped on Windows XP Home Edition computers.

>

> Issue: Shares

> Score: Best practice

> Result: 1 share(s) are present on your computer.

>

> Detail:

> | Share | Directory | Share ACL | Directory ACL |

> | print$ | C:WINDOWSsystem32spooldrivers | Everyone - R,

> Administrators - F | Everyone - F |

> Issue: Services

> Score: Best practice

> Result: No potentially unnecessary services were found.

>

>

> Internet Information Services (IIS) Scan Results

> IIS is not running on this computer.

>

> SQL Server Scan Results

>

> Instance MSSMLBIZ

>

> Administrative Vulnerabilities

>

> Issue: SQL Server/MSDE Security Mode

> Score: Check passed

> Result: SQL Server and/or MSDE authentication mode is set to Windows

> Only.

>

> Issue: Exposed SQL Server/MSDE Password

> Score: Check passed

> Result: The 'sa' password and SQL service account password are not

> exposed in text files.

>

> Issue: CmdExec role

> Score: Check passed

> Result: CmdExec is restricted to sysadmin only.

>

> Issue: Registry Permissions

> Score: Check passed

> Result: The Everyone group does not have more than Read access to the

> SQL Server and/or MSDE registry keys.

>

> Issue: Folder Permissions

> Score: Check failed (critical)

> Result: Permissions on the SQL Server and/or MSDE installation folders

> are not set properly.

>

> Detail:

> | Instance | Folder | User |

> | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinn |

> BUILTINUsers |

> | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinn |

> YOUR-9020FCA106SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |

> | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLBinn |

> CREATOR OWNER |

> | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLData |

> YOUR-9020FCA106SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |

> | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLData |

> YOUR-9020FCA106SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |

> | MSSMLBIZ | c:Program FilesMicrosoft SQL ServerMSSQL.1MSSQLData |

> CREATOR OWNER |

> Issue: Sysadmin role members

> Score: Check not performed

> Result: Could not perform this check because SQL Server and/or MSDE was

> not running.

>

> Issue: Guest Account

> Score: Check not performed

> Result: Could not perform this check because SQL Server and/or MSDE was

> not running.

>

> Issue: Sysadmins

> Score: Check not performed

> Result: Could not perform this check because SQL Server and/or MSDE was

> not running.

>

> Issue: SQL Server/MSDE Account Password Test

> Score: Check not performed

> Result: The check was skipped because SQL Server and/or MSDE is

> operating in Windows Only authentication mode.

>

> Issue: Service Accounts

> Score: Check failed (non-critical)

> Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service

> accounts should not be members of the local Administrators group or run as

> LocalSystem.

>

> Detail:

> | Instance | Service | Account | Issue |

> | MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. |

> Issue: Password Policy

> Score: Check not performed

> Result: Could not perform this check because SQL Server and/or MSDE was

> not running.

>

> Issue: Public Permissions

> Score: Check not performed

> Result: Could not perform this check because SQL Server and/or MSDE was

> not running.

>

> Issue: SSIS Roles

> Score: Check not performed

> Result: Could not perform this check because SQL Server and/or MSDE was

> not running.

>

> Issue: Sysdtslog

> Score: Check not performed

> Result: Could not perform this check because SQL Server and/or MSDE was

> not running.

>

>

> Instance SONY_MEDIAMGR

>

> Administrative Vulnerabilities

>

> Issue: SQL Server/MSDE Security Mode

> Score: Check passed

> Result: SQL Server and/or MSDE authentication mode is set to Windows

> Only.

>

> Issue: Exposed SQL Server/MSDE Password

> Score: Check passed

> Result: The 'sa' password and SQL service account password are not

> exposed in text files.

>

> Issue: CmdExec role

> Score: Check passed

> Result: CmdExec is restricted to sysadmin only.

>

> Issue: Registry Permissions

> Score: Check passed

> Result: The Everyone group does not have more than Read access to the

> SQL Server and/or MSDE registry keys.

>

> Issue: Folder Permissions

> Score: Check passed

> Result: Permissions on the SQL Server and/or MSDE installation folders

> are set properly.

>

> Issue: Sysadmin role members

> Score: Best practice

> Result: BUILTINAdministrators group should not be part of sysadmin

> role.

>

> Issue: Guest Account

> Score: Check passed

> Result: The Guest account is not enabled in any of the databases.

>

> Issue: Sysadmins

> Score: Check failed (non-critical)

> Result: More than 2 members of sysadmin role are present.

>

> Issue: SQL Server/MSDE Account Password Test

> Score: Check not performed

> Result: The check was skipped because SQL Server and/or MSDE is

> operating in Windows Only authentication mode.

>

> Issue: Service Accounts

> Score: Best practice

> Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service

> accounts should not be members of the local Administrators group or run as

> LocalSystem.

>

> Detail:

> | Instance | Service | Account | Issue |

> | SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |

> | SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |

>

> Desktop Application Scan Results

>

> Administrative Vulnerabilities

>

> Issue: IE Zones

> Score: Check passed

> Result: Internet Explorer zones have secure settings for all users.

>

> Issue: Macro Security

> Score: Check not performed

> Result: No Microsoft Office products are installed

>

> Any kind of help will be greatly appreciated. Thanks </span>

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...