Microsoft Baseline Security Analyzer



Similar documents
SQL Server Hardening

Windows IIS Server hardening checklist

Desktop Web Access Single Sign-On Configuration Guide

TROUBLESHOOTING GUIDE

Where can I install GFI EventsManager on my network?

Video Administration Backup and Restore Procedures

Microsoft Baseline Security Analyzer (MBSA)

Data Stored on a Windows Server Connected to a Network

SQL Server Hardening

Propalms TSE Quickstart Guide

Training module 2 Installing VMware View

Windows Operating Systems. Basic Security

Security. TestOut Modules

SECURITY BEST PRACTICES FOR CISCO PERSONAL ASSISTANT (1.4X)

TECHNICAL NOTE. The following information is provided as a service to our users, customers, and distributors.

Activity 1: Scanning with Windows Defender

SQL Server Hardening

Alert Notification of Critical Results (ANCR) Public Domain Deployment Instructions

Remote Administration

Microsoft SQL Server Staging

Cisco SSL Encryption Utility

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 8 Desktop and Server OS Vulnerabilities

Web. Security Options Comparison

SQL EXPRESS INSTALLATION...

Case Closed Installation and Setup

Five Steps to Improve Internal Network Security. Chattanooga ISSA

Data Stored on a Windows Computer Connected to a Network

Immotec Systems, Inc. SQL Server 2005 Installation Document

Propalms TSE Quickstart Guide

General DBA Best Practices

Using Microsoft s Free Security Tools Help Secure your Windows Systems taken from Web and Other Sources by Thomas Jerry Scott November, 2003

Chapter 2 Editor s Note:

Where can I install GFI EventsManager on my network?

MS SQL Server Database Management

Snow Inventory. Installing and Evaluating

Lab Configuring Access Policies and DMZ Settings

User Migration Tool. Note. Staging Guide for Cisco Unified ICM/Contact Center Enterprise & Hosted Release 9.0(1) 1

4. Getting started: Performing an audit

Issue Tracking Anywhere Installation Guide

Moving/Restoring the StarShip SQL database

Installing GFI LANguard Network Security Scanner

LT Auditor Windows Assessment SP1 Installation & Configuration Guide

Accessing the Media General SSL VPN

Security Guidelines for MapInfo Discovery 1.1

Belarc Advisor Security Benchmark Summary

Installing LearningBay Enterprise Part 2

Installation of MicroSoft Active Directory

Microsoft Security Bulletin MS Important

Migrating MSDE to Microsoft SQL 2008 R2 Express

Deployment of Keepit for Windows

Appendix B Lab Setup Guide

Single Sign On. Configuration Checklist for Single Sign On CHAPTER

Migrating MSDE to Microsoft SQL 2005 Express SP4

TANDBERG MANAGEMENT SUITE 10.0

Device Log Export ENGLISH

Advanced Event Viewer Manual

User Guide. Version 3.2. Copyright Snow Software AB. All rights reserved.

Virto Password Reset Web Part for SharePoint. Release Installation and User Guide

Upgrading from MSDE to SQL Server 2005 Express Edition with Advanced Services SP2

Last Updated: July STATISTICA Enterprise Server Security

Step-by-Step Guide to Setup Instant Messaging (IM) Workspace Datasheet

NNT CIS Microsoft SQL Server 2008R2 Database Engine Level 1 Benchmark Report 0514a

NE-2273B Managing and Maintaining a Microsoft Windows Server 2003 Environment

Windows Server 2008/2012 Server Hardening

Single Sign On. Configuration Checklist for Single Sign On CHAPTER

Preparing to Install SQL Server 2005

Quality of Service (bandwidth limitation): Default is 2 megabits per second.

KB Microsoft Network Security Hotfix Checker (Hfnetchk.exe) Tool Is Available

These notes are for upgrading the Linko Version 9.3 MS Access database to a SQL Express 2008 R2, 64 bit installations:

Ensure that your environment meets the requirements. Provision the OpenAM server in Active Directory, then generate keytab files.

Active Directory Authentication Integration

Windows" 7 Desktop Support

Use of Commercial Backup Software with Juris (Juris 2.x w/msde)

MCSE TestPrep: Windows NT Server 4, Second Edition Managing Resources

Insight Video Net. LLC. CMS 2.0. Quick Installation Guide

Windows Password Change Scenarios

How to monitor AD security with MOM

Linko Software Express Edition Typical Installation Guide

Session 17 Windows 7 Professional DNS & Active Directory(Part 2)

Kepware Technologies Remote OPC DA Quick Start Guide (DCOM)

Five Steps to Improve Internal Network Security. Chattanooga Information security Professionals

Upgrade Guide BES12. Version 12.1

NETWRIX WINDOWS SERVER CHANGE REPORTER

Migrating helpdesk to a new server

Technical Requirements for OneStop Reporting products

Implementing Microsoft SQL Server 2008 Exercise Guide. Database by Design

Panorama Necto. Load Balancing Installation Guide. (12.5 and above)

ilaw Installation Procedure

Avatier Identity Management Suite

Active Directory Integration

DC Agent Troubleshooting

Abila MIP. Installation User's Guide

ADO and SQL Server Security

How To Upgrade A Websense Log Server On A Windows 7.6 On A Powerbook (Windows) On A Thumbdrive Or Ipad (Windows 7.5) On An Ubuntu (Windows 8) Or Windows

Historical Reporting Client (HRC) User Login Fails

MICROSTRATEGY 9.3 Supplement Files Setup Transaction Services for Dashboard and App Developers

Locking down a Hitachi ID Suite server

Transcription:

The (MBSA) checks computers running Microsoft Windows Server 2008 R2 for common security misconfigurations. The following are the scanning options selected for Cisco Unified ICM Real-Time Distributor running one or more web applications (for example, Internet Script Editor or Agent-Reskilling). Windows operating system (OS) checks IIS checks SQL checks Security update checks Password checks The report in this chapter shows example results of running the MBSA tool against a Cisco Unified ICM server that runs most Microsoft Server Applications that the tool supports. Security Update Scan s, page 1 Windows Scan s, page 2 Internet Information Services (IIS) Scan s, page 4 SQL Server Scan s, page 5 Desktop Application Scan s, page 6 Security Update Scan s The following table provides an example of security update scan results: Table 1: Security Update Scan s Windows Security Updates 1

Windows Scan s IIS Security Updates SQL Server/MSDE Security Updates MDAC Security Updates MSXML Security Updates Office Security Updates Instance (default): No critical security updates are No Microsoft Office products are installed. Windows Scan s The following table shows Windows scan results: Table 2: Vulnerabilities Automatic Updates Administrators Automatic Updates are managed through Group Policy on this computer. More than 2 Administrators were found on this computer. Note You can ignore this event because the Cisco Unified ICM application requires the addition of certain groups to the Local Administrators group, which triggers this event. Review the Details and remove any known unnecessary accounts. 2

Windows Scan s Password Expiration Windows Firewall Local Account Password Test File System Autologon Guest Account Restrict Anonymous Some user accounts (1 of 7) have nonexpiring passwords. Note When the server is properly configured to require expiring passwords, this warning typically finds the Guest account to have a nonexpiring password even though the account is disabled. This warning can be ignored. Windows Firewall is enabled and has exceptions configured. Windows Firewall is enabled on all network connections. Some user accounts (1 of 7) have blank or simple passwords, or could not be analyzed. All hard drives (1) are using the NTFS file system. Autologon is not configured on this computer. The Guest account is disabled on this computer. Computer is properly restricting anonymous access. The following table provides more scan information: Table 3: More System Information Auditing Services Shares Logon Success and Logon Failure auditing are both enabled. Some potentially unnecessary services are installed. 2 shares are present on your computer. 3

Internet Information Services (IIS) Scan s Windows Version Computer is running Windows Server 2008 R2 or greater. Internet Information Services (IIS) Scan s The following table shows IIS scan results: Table 4: Vulnerabilities IIS Lockdown Tool Sample Applications IISAdmin Virtual Directory Parent Paths The IIS Lockdown tool was developed for IIS 4.0, 5.0, and 5.1, and is not needed for new Windows Server 2008 R2 installations running higher versions of IIS. IIS sample applications are not installed. IISADMPWD virtual directory is not present. Parent paths are not enabled. MSADC and Scripts Virtual Directories The MSADC and Scripts virtual directories are not present. Table 5: Other System Information Domain Controller Test IIS Logging Enabled IIS is not running on a domain controller. All web and FTP sites are using the default logging options. 4

SQL Server Scan s SQL Server Scan s The following table shows SQL Server scan results: Instance (default) Table 6: Vulnerabilities Sysadmin role members Sysadmins Service Accounts Exposed SQL Server/MSDE Password Domain Controller Test SQL Server/MSDE Security Mode Registry Permissions CmdExec role Folder Permissions BUILTIN\Administrators group is part of sysadmin role. Note This is acceptable because the Cisco Unified ICM application adds certain groups to the local Administrators account on the server which require dbo access to the database. No more than 2 members of sysadmin role are present. SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service accounts are not members of the local Administrators group and do not run as LocalSystem. The sa password and SQL service account password are not exposed in text files. SQL Server and/or MSDE is not running on a domain controller. SQL Server and/or MSDE authentication mode is set to Windows Only. The Everyone group does not have more than Read access to the SQL Server and/or MSDE registry keys. CmdExec is restricted to sysadmin only. Permissions on the SQL Server and/or MSDE installation folders are set properly. 5

Desktop Application Scan s Guest Account SQL Server/MSDE Account Password Test The Guest account is not enabled in any of the databases. The check was skipped because SQL Server and/or MSDE is operating in Windows Only authentication mode. Desktop Application Scan s The following table shows desktop application scan results: Table 7: Vulnerabilities IE Zones IE Enhanced Security Configuration for Administrators IE Enhanced Security Configuration for Non-Administrators Macro Security Internet Explorer zones have secure settings for all users. The use of Internet Explorer is restricted for administrators on this server. The use of Internet Explorer is restricted for nonadministrators on this server. No Microsoft Office products are installed. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information