Need help & support regarding MBSA 2.1 beta 2

M

miguel

I am trying to run a scan with MBSA 2.1, but it encounters an error as soon
as it begins. Here is the log of the scan:

Security assessment: Incomplete Scan
Computer name: MSHOME\YOUR-9020FCA106
IP address: 192.168.0.101
Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM)
Scan date: 5/22/2008 2:11 PM
Scanned with MBSA version: 2.1.2030.0
Catalog synchronization date:
Security update catalog: Windows Server Update Services

Security Updates Scan Results

Issue: Security Updates
Score: Unable to scan
Result: Cannot scan because target computer is not assigned to a Update
Services server.


Operating System Scan Results

Administrative Vulnerabilities

Issue: Local Account Password Test
Score: Check passed
Result: No user accounts have simple passwords.

Detail:
| User | Weak Password | Locked Out | Disabled |
| HelpAssistant | - | - | Disabled |
| SUPPORT_388945a0 | - | - | Disabled |
| ASPNET | - | - | - |
| Administrator | - | - | - |
| Guest | - | - | - |
| miguel mesa | - | - | - |
Issue: File System
Score: Check passed
Result: All hard drives (1) are using the NTFS file system.

Detail:
| Drive Letter | File System |
| C: | NTFS |
Issue: Password Expiration
Score: Check not performed
Result: Check is skipped on Windows XP Home Edition computers.

Issue: Guest Account
Score: Check passed
Result: The Guest account is not disabled on this computer.

Issue: Autologon
Score: Check not performed
Result: Check is skipped on Windows XP Home Edition computers.

Issue: Restrict Anonymous
Score: Check passed
Result: Computer is properly restricting anonymous access.

Issue: Administrators
Score: Check passed
Result: No more than 2 Administrators were found on this computer.

Detail:
| User |
| Administrator |
| miguel mesa |
Issue: Windows Firewall
Score: Best practice
Result: Windows Firewall is managed through Group Policy on this
computer. Windows Firewall is disabled and has exceptions configured.

Detail:
| Connection Name | Firewall | Exceptions |
| Incoming Connections | N/A | N/A |
| Internet Connection | N/A | N/A |
| All Connections | Off | Ports, Programs, Services |
| Broadband Connection | Off* | Ports*, Programs*, Services* |
| Local Area Connection | Off* | Ports*, Programs*, Services* |
| MSN | Off* | Ports*, Programs*, Services* |
| Wireless Network Connection 3 | Off* | Ports*, Programs*, Services* |
Issue: Automatic Updates
Score: Check passed
Result: Updates are automatically downloaded and installed on this
computer.

Issue: Incomplete Updates
Score: Best practice
Result: No incomplete software update installations were found.

Additional System Information

Issue: Windows Version
Score: Best practice
Result: Computer is running Windows 2000 or greater.

Issue: Auditing
Score: Best practice
Result: Check is skipped on Windows XP Home Edition computers.

Issue: Shares
Score: Best practice
Result: 1 share(s) are present on your computer.

Detail:
| Share | Directory | Share ACL | Directory ACL |
| print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R,
Administrators - F | Everyone - F |
Issue: Services
Score: Best practice
Result: No potentially unnecessary services were found.


Internet Information Services (IIS) Scan Results
IIS is not running on this computer.

SQL Server Scan Results

Instance MSSMLBIZ

Administrative Vulnerabilities

Issue: SQL Server/MSDE Security Mode
Score: Check passed
Result: SQL Server and/or MSDE authentication mode is set to Windows Only.

Issue: Exposed SQL Server/MSDE Password
Score: Check passed
Result: The 'sa' password and SQL service account password are not
exposed in text files.

Issue: CmdExec role
Score: Check passed
Result: CmdExec is restricted to sysadmin only.

Issue: Registry Permissions
Score: Check passed
Result: The Everyone group does not have more than Read access to the
SQL Server and/or MSDE registry keys.

Issue: Folder Permissions
Score: Check failed (critical)
Result: Permissions on the SQL Server and/or MSDE installation folders
are not set properly.

Detail:
| Instance | Folder | User |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
BUILTIN\Users |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
\CREATOR OWNER |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
\CREATOR OWNER |
Issue: Sysadmin role members
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: Guest Account
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: Sysadmins
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: SQL Server/MSDE Account Password Test
Score: Check not performed
Result: The check was skipped because SQL Server and/or MSDE is
operating in Windows Only authentication mode.

Issue: Service Accounts
Score: Check failed (non-critical)
Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
accounts should not be members of the local Administrators group or run as
LocalSystem.

Detail:
| Instance | Service | Account | Issue |
| MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. |
Issue: Password Policy
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: Public Permissions
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: SSIS Roles
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.

Issue: Sysdtslog
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.


Instance SONY_MEDIAMGR

Administrative Vulnerabilities

Issue: SQL Server/MSDE Security Mode
Score: Check passed
Result: SQL Server and/or MSDE authentication mode is set to Windows Only.

Issue: Exposed SQL Server/MSDE Password
Score: Check passed
Result: The 'sa' password and SQL service account password are not
exposed in text files.

Issue: CmdExec role
Score: Check passed
Result: CmdExec is restricted to sysadmin only.

Issue: Registry Permissions
Score: Check passed
Result: The Everyone group does not have more than Read access to the
SQL Server and/or MSDE registry keys.

Issue: Folder Permissions
Score: Check passed
Result: Permissions on the SQL Server and/or MSDE installation folders
are set properly.

Issue: Sysadmin role members
Score: Best practice
Result: BUILTIN\Administrators group should not be part of sysadmin role.

Issue: Guest Account
Score: Check passed
Result: The Guest account is not enabled in any of the databases.

Issue: Sysadmins
Score: Check failed (non-critical)
Result: More than 2 members of sysadmin role are present.

Issue: SQL Server/MSDE Account Password Test
Score: Check not performed
Result: The check was skipped because SQL Server and/or MSDE is
operating in Windows Only authentication mode.

Issue: Service Accounts
Score: Best practice
Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
accounts should not be members of the local Administrators group or run as
LocalSystem.

Detail:
| Instance | Service | Account | Issue |
| SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |
| SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |

Desktop Application Scan Results

Administrative Vulnerabilities

Issue: IE Zones
Score: Check passed
Result: Internet Explorer zones have secure settings for all users.

Issue: Macro Security
Score: Check not performed
Result: No Microsoft Office products are installed

Any kind of help will be greatly appreciated. Thanks
 
N

Newell White

"miguel" wrote:

> I am trying to run a scan with MBSA 2.1, but it encounters an error as soon
> as it begins. Here is the log of the scan:
>

<snip>
> Security Updates Scan Results
>
> Issue: Security Updates
> Score: Unable to scan
> Result: Cannot scan because target computer is not assigned to a Update
> Services server.
>

<snip>
> Issue: Automatic Updates
> Score: Check passed
> Result: Updates are automatically downloaded and installed on this
> computer.
>
> Issue: Incomplete Updates
> Score: Best practice
> Result: No incomplete software update installations were found.

<snip>
There are two ways of getting updates to Windows installed automatically on
your computer:
Set Automatic Updates to contact the MS web site to download and install them.
Be a client of Windows Server Update Service running on a Windows server at
a fixed IP address.

My interpretation is that the 'Unable to scan' refers to the latter (WSUS)
method.

The two later items refer to the Automatic Install (from MS web-site).

You can check this by manually connecting to Windows Update (Start, All
Programs..), and checking for updates. If you have all recent Security and
Priority updates then this interpretation is valid.

If you don't, then download and install them.

--
Regards,
Newell White
 
R

Roger Abell [MVP]

I have not run into that message before, but I wanted to make sure you
were aware that MSBA 2.1 is now released, no longer in beta.
Perhaps you should start by replacing with the released version.

Roger

"miguel" <miguel@discussions.microsoft.com> wrote in message
news:8DE0C144-5C5E-49D2-B77A-0E55005EBB7D@microsoft.com...
>I am trying to run a scan with MBSA 2.1, but it encounters an error as soon
> as it begins. Here is the log of the scan:
>
> Security assessment: Incomplete Scan
> Computer name: MSHOME\YOUR-9020FCA106
> IP address: 192.168.0.101
> Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM)
> Scan date: 5/22/2008 2:11 PM
> Scanned with MBSA version: 2.1.2030.0
> Catalog synchronization date:
> Security update catalog: Windows Server Update Services
>
> Security Updates Scan Results
>
> Issue: Security Updates
> Score: Unable to scan
> Result: Cannot scan because target computer is not assigned to a Update
> Services server.
>
>
> Operating System Scan Results
>
> Administrative Vulnerabilities
>
> Issue: Local Account Password Test
> Score: Check passed
> Result: No user accounts have simple passwords.
>
> Detail:
> | User | Weak Password | Locked Out | Disabled |
> | HelpAssistant | - | - | Disabled |
> | SUPPORT_388945a0 | - | - | Disabled |
> | ASPNET | - | - | - |
> | Administrator | - | - | - |
> | Guest | - | - | - |
> | miguel mesa | - | - | - |
> Issue: File System
> Score: Check passed
> Result: All hard drives (1) are using the NTFS file system.
>
> Detail:
> | Drive Letter | File System |
> | C: | NTFS |
> Issue: Password Expiration
> Score: Check not performed
> Result: Check is skipped on Windows XP Home Edition computers.
>
> Issue: Guest Account
> Score: Check passed
> Result: The Guest account is not disabled on this computer.
>
> Issue: Autologon
> Score: Check not performed
> Result: Check is skipped on Windows XP Home Edition computers.
>
> Issue: Restrict Anonymous
> Score: Check passed
> Result: Computer is properly restricting anonymous access.
>
> Issue: Administrators
> Score: Check passed
> Result: No more than 2 Administrators were found on this computer.
>
> Detail:
> | User |
> | Administrator |
> | miguel mesa |
> Issue: Windows Firewall
> Score: Best practice
> Result: Windows Firewall is managed through Group Policy on this
> computer. Windows Firewall is disabled and has exceptions configured.
>
> Detail:
> | Connection Name | Firewall | Exceptions |
> | Incoming Connections | N/A | N/A |
> | Internet Connection | N/A | N/A |
> | All Connections | Off | Ports, Programs, Services |
> | Broadband Connection | Off* | Ports*, Programs*, Services* |
> | Local Area Connection | Off* | Ports*, Programs*, Services* |
> | MSN | Off* | Ports*, Programs*, Services* |
> | Wireless Network Connection 3 | Off* | Ports*, Programs*, Services* |
> Issue: Automatic Updates
> Score: Check passed
> Result: Updates are automatically downloaded and installed on this
> computer.
>
> Issue: Incomplete Updates
> Score: Best practice
> Result: No incomplete software update installations were found.
>
> Additional System Information
>
> Issue: Windows Version
> Score: Best practice
> Result: Computer is running Windows 2000 or greater.
>
> Issue: Auditing
> Score: Best practice
> Result: Check is skipped on Windows XP Home Edition computers.
>
> Issue: Shares
> Score: Best practice
> Result: 1 share(s) are present on your computer.
>
> Detail:
> | Share | Directory | Share ACL | Directory ACL |
> | print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R,
> Administrators - F | Everyone - F |
> Issue: Services
> Score: Best practice
> Result: No potentially unnecessary services were found.
>
>
> Internet Information Services (IIS) Scan Results
> IIS is not running on this computer.
>
> SQL Server Scan Results
>
> Instance MSSMLBIZ
>
> Administrative Vulnerabilities
>
> Issue: SQL Server/MSDE Security Mode
> Score: Check passed
> Result: SQL Server and/or MSDE authentication mode is set to Windows
> Only.
>
> Issue: Exposed SQL Server/MSDE Password
> Score: Check passed
> Result: The 'sa' password and SQL service account password are not
> exposed in text files.
>
> Issue: CmdExec role
> Score: Check passed
> Result: CmdExec is restricted to sysadmin only.
>
> Issue: Registry Permissions
> Score: Check passed
> Result: The Everyone group does not have more than Read access to the
> SQL Server and/or MSDE registry keys.
>
> Issue: Folder Permissions
> Score: Check failed (critical)
> Result: Permissions on the SQL Server and/or MSDE installation folders
> are not set properly.
>
> Detail:
> | Instance | Folder | User |
> | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
> BUILTIN\Users |
> | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
> YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
> | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
> \CREATOR OWNER |
> | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
> YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
> | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
> YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
> | MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
> \CREATOR OWNER |
> Issue: Sysadmin role members
> Score: Check not performed
> Result: Could not perform this check because SQL Server and/or MSDE was
> not running.
>
> Issue: Guest Account
> Score: Check not performed
> Result: Could not perform this check because SQL Server and/or MSDE was
> not running.
>
> Issue: Sysadmins
> Score: Check not performed
> Result: Could not perform this check because SQL Server and/or MSDE was
> not running.
>
> Issue: SQL Server/MSDE Account Password Test
> Score: Check not performed
> Result: The check was skipped because SQL Server and/or MSDE is
> operating in Windows Only authentication mode.
>
> Issue: Service Accounts
> Score: Check failed (non-critical)
> Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
> accounts should not be members of the local Administrators group or run as
> LocalSystem.
>
> Detail:
> | Instance | Service | Account | Issue |
> | MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. |
> Issue: Password Policy
> Score: Check not performed
> Result: Could not perform this check because SQL Server and/or MSDE was
> not running.
>
> Issue: Public Permissions
> Score: Check not performed
> Result: Could not perform this check because SQL Server and/or MSDE was
> not running.
>
> Issue: SSIS Roles
> Score: Check not performed
> Result: Could not perform this check because SQL Server and/or MSDE was
> not running.
>
> Issue: Sysdtslog
> Score: Check not performed
> Result: Could not perform this check because SQL Server and/or MSDE was
> not running.
>
>
> Instance SONY_MEDIAMGR
>
> Administrative Vulnerabilities
>
> Issue: SQL Server/MSDE Security Mode
> Score: Check passed
> Result: SQL Server and/or MSDE authentication mode is set to Windows
> Only.
>
> Issue: Exposed SQL Server/MSDE Password
> Score: Check passed
> Result: The 'sa' password and SQL service account password are not
> exposed in text files.
>
> Issue: CmdExec role
> Score: Check passed
> Result: CmdExec is restricted to sysadmin only.
>
> Issue: Registry Permissions
> Score: Check passed
> Result: The Everyone group does not have more than Read access to the
> SQL Server and/or MSDE registry keys.
>
> Issue: Folder Permissions
> Score: Check passed
> Result: Permissions on the SQL Server and/or MSDE installation folders
> are set properly.
>
> Issue: Sysadmin role members
> Score: Best practice
> Result: BUILTIN\Administrators group should not be part of sysadmin
> role.
>
> Issue: Guest Account
> Score: Check passed
> Result: The Guest account is not enabled in any of the databases.
>
> Issue: Sysadmins
> Score: Check failed (non-critical)
> Result: More than 2 members of sysadmin role are present.
>
> Issue: SQL Server/MSDE Account Password Test
> Score: Check not performed
> Result: The check was skipped because SQL Server and/or MSDE is
> operating in Windows Only authentication mode.
>
> Issue: Service Accounts
> Score: Best practice
> Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
> accounts should not be members of the local Administrators group or run as
> LocalSystem.
>
> Detail:
> | Instance | Service | Account | Issue |
> | SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |
> | SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |
>
> Desktop Application Scan Results
>
> Administrative Vulnerabilities
>
> Issue: IE Zones
> Score: Check passed
> Result: Internet Explorer zones have secure settings for all users.
>
> Issue: Macro Security
> Score: Check not performed
> Result: No Microsoft Office products are installed
>
> Any kind of help will be greatly appreciated. Thanks
 
Back
Top Bottom