M
miguel
Guest
I am trying to run a scan with MBSA 2.1, but it encounters an error as soon
as it begins. Here is the log of the scan:
Security assessment: Incomplete Scan
Computer name: MSHOME\YOUR-9020FCA106
IP address: 192.168.0.101
Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM)
Scan date: 5/22/2008 2:11 PM
Scanned with MBSA version: 2.1.2030.0
Catalog synchronization date:
Security update catalog: Windows Server Update Services
Security Updates Scan Results
Issue: Security Updates
Score: Unable to scan
Result: Cannot scan because target computer is not assigned to a Update
Services server.
Operating System Scan Results
Administrative Vulnerabilities
Issue: Local Account Password Test
Score: Check passed
Result: No user accounts have simple passwords.
Detail:
| User | Weak Password | Locked Out | Disabled |
| HelpAssistant | - | - | Disabled |
| SUPPORT_388945a0 | - | - | Disabled |
| ASPNET | - | - | - |
| Administrator | - | - | - |
| Guest | - | - | - |
| miguel mesa | - | - | - |
Issue: File System
Score: Check passed
Result: All hard drives (1) are using the NTFS file system.
Detail:
| Drive Letter | File System |
| C: | NTFS |
Issue: Password Expiration
Score: Check not performed
Result: Check is skipped on Windows XP Home Edition computers.
Issue: Guest Account
Score: Check passed
Result: The Guest account is not disabled on this computer.
Issue: Autologon
Score: Check not performed
Result: Check is skipped on Windows XP Home Edition computers.
Issue: Restrict Anonymous
Score: Check passed
Result: Computer is properly restricting anonymous access.
Issue: Administrators
Score: Check passed
Result: No more than 2 Administrators were found on this computer.
Detail:
| User |
| Administrator |
| miguel mesa |
Issue: Windows Firewall
Score: Best practice
Result: Windows Firewall is managed through Group Policy on this
computer. Windows Firewall is disabled and has exceptions configured.
Detail:
| Connection Name | Firewall | Exceptions |
| Incoming Connections | N/A | N/A |
| Internet Connection | N/A | N/A |
| All Connections | Off | Ports, Programs, Services |
| Broadband Connection | Off* | Ports*, Programs*, Services* |
| Local Area Connection | Off* | Ports*, Programs*, Services* |
| MSN | Off* | Ports*, Programs*, Services* |
| Wireless Network Connection 3 | Off* | Ports*, Programs*, Services* |
Issue: Automatic Updates
Score: Check passed
Result: Updates are automatically downloaded and installed on this
computer.
Issue: Incomplete Updates
Score: Best practice
Result: No incomplete software update installations were found.
Additional System Information
Issue: Windows Version
Score: Best practice
Result: Computer is running Windows 2000 or greater.
Issue: Auditing
Score: Best practice
Result: Check is skipped on Windows XP Home Edition computers.
Issue: Shares
Score: Best practice
Result: 1 share(s) are present on your computer.
Detail:
| Share | Directory | Share ACL | Directory ACL |
| print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R,
Administrators - F | Everyone - F |
Issue: Services
Score: Best practice
Result: No potentially unnecessary services were found.
Internet Information Services (IIS) Scan Results
IIS is not running on this computer.
SQL Server Scan Results
Instance MSSMLBIZ
Administrative Vulnerabilities
Issue: SQL Server/MSDE Security Mode
Score: Check passed
Result: SQL Server and/or MSDE authentication mode is set to Windows Only.
Issue: Exposed SQL Server/MSDE Password
Score: Check passed
Result: The 'sa' password and SQL service account password are not
exposed in text files.
Issue: CmdExec role
Score: Check passed
Result: CmdExec is restricted to sysadmin only.
Issue: Registry Permissions
Score: Check passed
Result: The Everyone group does not have more than Read access to the
SQL Server and/or MSDE registry keys.
Issue: Folder Permissions
Score: Check failed (critical)
Result: Permissions on the SQL Server and/or MSDE installation folders
are not set properly.
Detail:
| Instance | Folder | User |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
BUILTIN\Users |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
\CREATOR OWNER |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
\CREATOR OWNER |
Issue: Sysadmin role members
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: Guest Account
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: Sysadmins
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: SQL Server/MSDE Account Password Test
Score: Check not performed
Result: The check was skipped because SQL Server and/or MSDE is
operating in Windows Only authentication mode.
Issue: Service Accounts
Score: Check failed (non-critical)
Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
accounts should not be members of the local Administrators group or run as
LocalSystem.
Detail:
| Instance | Service | Account | Issue |
| MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. |
Issue: Password Policy
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: Public Permissions
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: SSIS Roles
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: Sysdtslog
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Instance SONY_MEDIAMGR
Administrative Vulnerabilities
Issue: SQL Server/MSDE Security Mode
Score: Check passed
Result: SQL Server and/or MSDE authentication mode is set to Windows Only.
Issue: Exposed SQL Server/MSDE Password
Score: Check passed
Result: The 'sa' password and SQL service account password are not
exposed in text files.
Issue: CmdExec role
Score: Check passed
Result: CmdExec is restricted to sysadmin only.
Issue: Registry Permissions
Score: Check passed
Result: The Everyone group does not have more than Read access to the
SQL Server and/or MSDE registry keys.
Issue: Folder Permissions
Score: Check passed
Result: Permissions on the SQL Server and/or MSDE installation folders
are set properly.
Issue: Sysadmin role members
Score: Best practice
Result: BUILTIN\Administrators group should not be part of sysadmin role.
Issue: Guest Account
Score: Check passed
Result: The Guest account is not enabled in any of the databases.
Issue: Sysadmins
Score: Check failed (non-critical)
Result: More than 2 members of sysadmin role are present.
Issue: SQL Server/MSDE Account Password Test
Score: Check not performed
Result: The check was skipped because SQL Server and/or MSDE is
operating in Windows Only authentication mode.
Issue: Service Accounts
Score: Best practice
Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
accounts should not be members of the local Administrators group or run as
LocalSystem.
Detail:
| Instance | Service | Account | Issue |
| SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |
| SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |
Desktop Application Scan Results
Administrative Vulnerabilities
Issue: IE Zones
Score: Check passed
Result: Internet Explorer zones have secure settings for all users.
Issue: Macro Security
Score: Check not performed
Result: No Microsoft Office products are installed
Any kind of help will be greatly appreciated. Thanks
as it begins. Here is the log of the scan:
Security assessment: Incomplete Scan
Computer name: MSHOME\YOUR-9020FCA106
IP address: 192.168.0.101
Security report name: MSHOME - YOUR-9020FCA106 (5-22-2008 2-11 PM)
Scan date: 5/22/2008 2:11 PM
Scanned with MBSA version: 2.1.2030.0
Catalog synchronization date:
Security update catalog: Windows Server Update Services
Security Updates Scan Results
Issue: Security Updates
Score: Unable to scan
Result: Cannot scan because target computer is not assigned to a Update
Services server.
Operating System Scan Results
Administrative Vulnerabilities
Issue: Local Account Password Test
Score: Check passed
Result: No user accounts have simple passwords.
Detail:
| User | Weak Password | Locked Out | Disabled |
| HelpAssistant | - | - | Disabled |
| SUPPORT_388945a0 | - | - | Disabled |
| ASPNET | - | - | - |
| Administrator | - | - | - |
| Guest | - | - | - |
| miguel mesa | - | - | - |
Issue: File System
Score: Check passed
Result: All hard drives (1) are using the NTFS file system.
Detail:
| Drive Letter | File System |
| C: | NTFS |
Issue: Password Expiration
Score: Check not performed
Result: Check is skipped on Windows XP Home Edition computers.
Issue: Guest Account
Score: Check passed
Result: The Guest account is not disabled on this computer.
Issue: Autologon
Score: Check not performed
Result: Check is skipped on Windows XP Home Edition computers.
Issue: Restrict Anonymous
Score: Check passed
Result: Computer is properly restricting anonymous access.
Issue: Administrators
Score: Check passed
Result: No more than 2 Administrators were found on this computer.
Detail:
| User |
| Administrator |
| miguel mesa |
Issue: Windows Firewall
Score: Best practice
Result: Windows Firewall is managed through Group Policy on this
computer. Windows Firewall is disabled and has exceptions configured.
Detail:
| Connection Name | Firewall | Exceptions |
| Incoming Connections | N/A | N/A |
| Internet Connection | N/A | N/A |
| All Connections | Off | Ports, Programs, Services |
| Broadband Connection | Off* | Ports*, Programs*, Services* |
| Local Area Connection | Off* | Ports*, Programs*, Services* |
| MSN | Off* | Ports*, Programs*, Services* |
| Wireless Network Connection 3 | Off* | Ports*, Programs*, Services* |
Issue: Automatic Updates
Score: Check passed
Result: Updates are automatically downloaded and installed on this
computer.
Issue: Incomplete Updates
Score: Best practice
Result: No incomplete software update installations were found.
Additional System Information
Issue: Windows Version
Score: Best practice
Result: Computer is running Windows 2000 or greater.
Issue: Auditing
Score: Best practice
Result: Check is skipped on Windows XP Home Edition computers.
Issue: Shares
Score: Best practice
Result: 1 share(s) are present on your computer.
Detail:
| Share | Directory | Share ACL | Directory ACL |
| print$ | C:\WINDOWS\system32\spool\drivers | Everyone - R,
Administrators - F | Everyone - F |
Issue: Services
Score: Best practice
Result: No potentially unnecessary services were found.
Internet Information Services (IIS) Scan Results
IIS is not running on this computer.
SQL Server Scan Results
Instance MSSMLBIZ
Administrative Vulnerabilities
Issue: SQL Server/MSDE Security Mode
Score: Check passed
Result: SQL Server and/or MSDE authentication mode is set to Windows Only.
Issue: Exposed SQL Server/MSDE Password
Score: Check passed
Result: The 'sa' password and SQL service account password are not
exposed in text files.
Issue: CmdExec role
Score: Check passed
Result: CmdExec is restricted to sysadmin only.
Issue: Registry Permissions
Score: Check passed
Result: The Everyone group does not have more than Read access to the
SQL Server and/or MSDE registry keys.
Issue: Folder Permissions
Score: Check failed (critical)
Result: Permissions on the SQL Server and/or MSDE installation folders
are not set properly.
Detail:
| Instance | Folder | User |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
BUILTIN\Users |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn |
\CREATOR OWNER |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
YOUR-9020FCA106\SQLServer2005MSSQLUser$YOUR-9020FCA106$MSSMLBIZ |
| MSSMLBIZ | c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data |
\CREATOR OWNER |
Issue: Sysadmin role members
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: Guest Account
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: Sysadmins
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: SQL Server/MSDE Account Password Test
Score: Check not performed
Result: The check was skipped because SQL Server and/or MSDE is
operating in Windows Only authentication mode.
Issue: Service Accounts
Score: Check failed (non-critical)
Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
accounts should not be members of the local Administrators group or run as
LocalSystem.
Detail:
| Instance | Service | Account | Issue |
| MSSMLBIZ | MSSQL$MSSMLBIZ | miguel mesa | Local Administrator account. |
Issue: Password Policy
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: Public Permissions
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: SSIS Roles
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Issue: Sysdtslog
Score: Check not performed
Result: Could not perform this check because SQL Server and/or MSDE was
not running.
Instance SONY_MEDIAMGR
Administrative Vulnerabilities
Issue: SQL Server/MSDE Security Mode
Score: Check passed
Result: SQL Server and/or MSDE authentication mode is set to Windows Only.
Issue: Exposed SQL Server/MSDE Password
Score: Check passed
Result: The 'sa' password and SQL service account password are not
exposed in text files.
Issue: CmdExec role
Score: Check passed
Result: CmdExec is restricted to sysadmin only.
Issue: Registry Permissions
Score: Check passed
Result: The Everyone group does not have more than Read access to the
SQL Server and/or MSDE registry keys.
Issue: Folder Permissions
Score: Check passed
Result: Permissions on the SQL Server and/or MSDE installation folders
are set properly.
Issue: Sysadmin role members
Score: Best practice
Result: BUILTIN\Administrators group should not be part of sysadmin role.
Issue: Guest Account
Score: Check passed
Result: The Guest account is not enabled in any of the databases.
Issue: Sysadmins
Score: Check failed (non-critical)
Result: More than 2 members of sysadmin role are present.
Issue: SQL Server/MSDE Account Password Test
Score: Check not performed
Result: The check was skipped because SQL Server and/or MSDE is
operating in Windows Only authentication mode.
Issue: Service Accounts
Score: Best practice
Result: SQL Server, SQL Server Agent, MSDE and/or MSDE Agent service
accounts should not be members of the local Administrators group or run as
LocalSystem.
Detail:
| Instance | Service | Account | Issue |
| SONY_MEDIAMGR | MSSQL$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |
| SONY_MEDIAMGR | SQLAgent$SONY_MEDIAMGR | SYSTEM | LocalSystem account. |
Desktop Application Scan Results
Administrative Vulnerabilities
Issue: IE Zones
Score: Check passed
Result: Internet Explorer zones have secure settings for all users.
Issue: Macro Security
Score: Check not performed
Result: No Microsoft Office products are installed
Any kind of help will be greatly appreciated. Thanks