Intrusion detection systems do a good job in protecting physical environments against desperados, burglars, and trespassers. But, creating an access point by leaving a window or a door open, obviously reduces the efficiency of such a system.
Computer intrusion detection systems are no different – leaving a window open in Windows (if you’ll pardon the expression), can result in an illegal intrusion that can often remain undetected.
To help you assess the overall state of security on your computer (and close any open windows in Windows), Microsoft provides a free scanning tool – Microsoft Baseline Security Analyzer 2.2 (MBSA), which will scan your system and provide you with a report on your machine’s security, based on Microsoft security recommendations.
For reference purposes, I’ve gathered the following statistics from the Iolo Threat Center. The Global System Status Details are based on 86,098 samples accumulated by Iolo since March 26, 2011. This data is in line with the data obtained from more comprehensive studies we’ve seen over the last several years.
PCs without active virus protection: 53.42%
PCs without active firewall protection: 20.88%
Average number of security flaws: 13.56
MBSA includes both a graphical and a command line interface, that can perform local or remote scans of Microsoft Windows systems.
For each scan, the following options can be enabled, or disabled, as needed, in the MBSA user interface:
Check for Windows administrative vulnerabilities – scans for security issues such as Guest account status, file-system type, available file shares, and members of the Administrators group.
Check for weak passwords – checks computers for blank and weak passwords during a scan.
Check for Internet Information Services (IIS) administrative vulnerabilities.
Check for SQL administrative vulnerabilities – checks for the type of authentication mode, account password status, and service account memberships.
Check for security updates (missing updates) – scans for missing security updates for the products published to the Microsoft Update site only.
The two areas, in the report, you will find most useful as a home user, are:
Security misconfiguration (less secure settings and configurations).
Missing security updates and service packs (if any).
The report will provide you with specific steps to take, should the application find issues.
The following screen capture from my test machine, illustrates the partial results of a typical scan – click to expand to original size.
In order to run a scan with MBSA, you may need the IP address of your computer – an easy way to obtain this is here.
System Requirements: Windows 2000; Windows 7; Windows Server 2003; Windows Server 2008; Windows Server 2008 R2; Windows Vista; Windows XP; Windows XP Embedded. (32 bit and 64 bit).
Download at: Microsoft
Note: Microsoft recommends viewing the readme.html file, before running MBSA the first time. If you are a regular reader here, I don’t think this is necessary, but….
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.