帮我看看

四只眼看世界

Microsoft Baseline Security Analyzer (MBSA) Version 1.0 Is Available
The information in this article applies to:
Microsoft Windows NT Server 4.0 Terminal Server Edition, versions SP4, SP5, SP6
Microsoft Windows 2000 Server, versions SP1, SP2
Microsoft Windows 2000 Advanced Server, versions SP1, SP2
Microsoft Windows 2000 Professional, versions SP1, SP2
Microsoft Internet Explorer 5.5 for Windows NT 4.0, versions SP 1, SP 2
Microsoft Internet Explorer 5.01 for Windows NT 4.0, versions SP 1, SP 2
Microsoft Internet Explorer 3.02 for Windows NT 4.0
Microsoft Internet Explorer 5.5 for Windows 2000, versions SP 1, SP 2
Microsoft Internet Explorer 5.01 for Windows 2000, versions SP 1, SP 2
Microsoft Windows NT Workstation versions 4.0 SP4, 4.0 SP5, 4.0 SP6, 4.0 SP6a
Microsoft Windows NT Server versions 4.0 SP4, 4.0 SP5, 4.0 SP6, 4.0 SP6a
Microsoft Windows NT Server, Enterprise Edition versions 4.0 SP4, 4.0 SP5, 4.0 SP6, 4.0 SP6a
Microsoft SQL Server versions 7.0, 7.0 Service Pack 1, 7.0 Service Pack 2, 7.0 Service Pack 3
Microsoft SQL Server 2000 (all editions) SP1
Microsoft Internet Information Server versions 4.0, 5.0
Microsoft Data Engine (MSDE), version 1.0
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Microsoft Internet Explorer version 6 for Windows XP
Microsoft Internet Explorer version 6 for Windows 2000
Microsoft Internet Explorer version 6 for Windows NT 4.0
SUMMARYThis article provides information about the Microsoft Baseline Security Analyzer tool (MBSA, or Mbsa.exe). This tool centrally scans Windows-based computers for common security misconfigurations. MBSA runs on Windows 2000-based and Windows XP-based computers, and can scan for missing hotfixes and security vulnerabilities on Windows NT 4.0-based, Windows 2000-based, and Windows XP-based computers. MBSA generates individual security reports for each computer that is scanned for security issues in Microsoft Windows, Microsoft Internet Information Services (IIS), Microsoft SQL Server, and Microsoft Internet Explorer. A graphical user interface and command line interface are available in version 1.0.
Download Location
The following file is available for download from the Microsoft Download Center:
Download Mbsasetup.msi now
For additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
Q119591 How to Obtain Microsoft Support Files from Online Services
Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on secure servers that prevent any unauthorized changes to the file.

MORE INFORMATIONHow to Use the MBSA Tool
The graphical user interface version of the tool is run by starting Mbsa.exe from the folder in which the tool was installed. You can run the command line version by running the Mbsacli.exe command in a command window (from the folder in which the tool was installed).
System and Language Applicability
Microsoft Baseline Security Analyzer version 1 may be run on Windows 2000-based or Windows XP-based computers. It can scan Windows NT 4.0-based, Windows 2000-based, and Windows XP-based computers. Note that only local scans can be run against Windows XP Home Edition-based and Windows XP Professional-based computers that use the simple file sharing model. For additional information about simple file sharing, click the article number below to view the article in the Microsoft Knowledge Base:
Q304040 Description of File Sharing and Permissions in Windows XP
MBSA does not work on Microsoft Windows 95-based, Microsoft Windows 98-based, or Microsoft Windows Millennium Edition-based computers. Microsoft Baseline Security Analyzer is currently not localized for languages other than English.
System Requirements
The following are the requirements for a computer that is running MBSA:
Windows 2000 or Windows XP.
Internet Explorer 5.01 or greater or an XML parser (MSXML version 3.0 SP2) is required for the tool to function correctly. See the "Additional Information" section later in this article for more information about this requirement.
The IIS Common Files are required on the computer on which the tool is installed if you want to run remote scans of IIS-based computers.
The following are the requirements for a computer that will be scanned by MBSA:
Windows NT 4.0 Service Pack 4 (SP4) and above, Windows 2000, or Windows XP (local scans only on Windows XP-based computers that use simple file sharing).
IIS 4.0, 5.0 (required for IIS vulnerability checks).
Internet Explorer 5.01 or greater.
SQL 7.0, 2000 (required for SQL vulnerability checks).
Microsoft Office 2000, Microsoft Office XP (required for Office vulnerability checks).
Users must have local administrative privileges on each computer to be scanned, whether a local or remote scan is being performed. The Server service (as well as the Remote Registry service on Windows 2000 and Windows XP) is required to be running on all computers that are being scanned. The Server service is installed when you enable the File and Print Sharing option on the computer.
MBSA Scanning Options
The following parts of a scan are optional and can be turned off in the user interface before you scan a computer:
Windows Operating System checks
IIS checks
SQL checks
Hotfix checks
Password checks
MBSA Command-Line Options
You can run MBSA from the command line by using the mbsacli.exe command with the following parameters.
Select Computer to Scan
<no option> - Scan the local computer

/c <domainname>\<computername> - Scan the named computer
/i <xxx.xxx.xxx.xxx> - Scan the named IP
/r <xxx.xxx.xxx.xxx - xxx.xxx.xxx.xxx> - Scan range of IP addresses
/d <domainname> - scan named domain
Select Which Scan Options to Not Run (Can Concatenate Like /n OS+IIS+Hotfix)
/n IIS - Skip IIS checks
/n OS - Skip Windows Operating System (OS) checks
/n Password - Skip password checks
/n SQL - Skip SQL checks
/n Hotfix - Skip Hotfix checks
Specify Output File Name Template
/o %domain% - %computername% (%date%)

Display Results and Details
/e - List errors from latest scan
/l - List all reports available
/ls - List of reports from latest scan
/lr <report name> - Display overview report
/ld <report name> - Display detailed report
Miscellaneous Options
/? - Usage help
/qp - Don't display progress
/qe - Don't display error list
/qr - Don't display report list
/q - Don't display any of the above
/f - Redirect output to a file
Notes About Scanning
Scan Reports
Scan reports are stored on the computer on which the tool is installed in the %userprofile%\SecurityScans folder. An individual security report is created for each computer that is scanned (locally and remotely). Users must use Windows Explorer to rename or delete scans that are created by the tool in this folder.
Password Checks
The password checks can add a substantial amount of time to a scan, depending on the computer role and the number of user accounts on the computer. In addition, attempts to check individual accounts for weak passwords can add Security log entries (Logon/Logoff events) if auditing is enabled on the computer. Note that MBSA resets any account lockout policies that are detected on the computer so as to not lockout any individual user accounts during the password check. This check is not performed on domain controllers.
SQL Server Checks
MBSA checks for vulnerabilities on the first (DEFAULT) instance of SQL Server that is found on the computer. If the DEFAULT instance is not found, the tool checks for the first named instance that is found. Scanning multiple versions of SQL may be supported in a future version of the tool.
Localized Windows Builds
MBSA version 1 can scan localized builds of the Windows operating system, however, this feature on version 1 is not fully supported or tested on non-English builds.
Support Options
Assisted support for MBSA is available directly from Microsoft by sending an e-mail message to:
mbsafdbk@microsoft.com
You can also receive assistance from other experienced MBSA users in the following Microsoft public newsgroup:
news://microsoft.public.security.baseline_analyzer
If you are reporting bugs to the newsgroup or by sending an e-mail message, please include the following information:
Operating system and service pack version on the computer that is running the tool.
Operating system and service pack version of the computer that is being scanned.
Internet Explorer version on the computer that is running the tool.
Internet Explorer version on the computer that is being scanned.
Version of MBSA. You can locate this information by clicking About Microsoft Baseline Security Analyzer in MSBA.
MBSA was developed for Microsoft by Shavlik Technologies LLC. For additional information about Shavlik Technologies LLC, see the following Shavlik Technologies LLC Web site:
http://www.shavlik.com/security
Microsoft provides third-party contact information to help you find technical support. This contact information may change without notice. Microsoft does not guarantee the accuracy of this third-party contact information.
Additional Information
Note that the hotfix checks that are performed on the computer use a custom version of the HFNetChk tool which is automatically installed during Setup. If hotfix checks are not performed by using MBSA, you can download the HFNetChk tool separately from the following Microsoft Web site:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/hfnetchk.asp
More Information About XML
XML parsers are included in Internet Explorer 5.01 and later. If you are running Internet Explorer 5.01 or greater, you do not need to install a separate parser.
If you are running an earlier version of Internet Explorer and you do not want to upgrade to Internet Explorer 5.01 or greater, you may download and install a stand-alone version of the Microsoft XML parser. MSXML version 3.0 Service Pack 2 (SP2) is available from the following Microsoft Web site:
http://msdn.microsoft.com/downloads/default.asp?url=/downloads/sample.asp?url=/msdn-files/027/001/772/msdncompositedoc.xml
For additional information about the Microsoft XML parser, please see the following Microsoft Web site:
http://www.microsoft.com/xml
If you are running Internet Explorer 5.01 or later and the tool is still unable to read or locate the XML file, there is a chance that another program may have "unregistered" the XML parser. To "re-register" the XML parser, please type regsvr32 msxml.dll at a command prompt, and then press ENTER.

wangdef

拉稀语。