ComputerSecurityStudent (CSS) [Login] [Join Now]




|WINDOWS >> Windows 2008 Server >> Current Page |Views: 5172

(Windows 2008 Server: Lesson 11)

{ Installing Microsoft Security Baseline Analyzer }


Section 0. Background Information
  • Overview 
    • In this lab, we will install Microsoft Security Baseline Analyzer.  We will also turn on and configure Windows Update.
    • To easily assess the security state of Windows machines, Microsoft offers the free Microsoft Baseline Security Analyzer (MBSA) scan tool.
    • MBSA includes a graphical and command line interface that can perform local or remote scans of Microsoft Windows systems.

     

Section 1. Login to your W2K8 server.
  1. Start your Windows 2008 Server
    • Instructions
      1. Click on W2K8 Server
      2. Click on Play virtual machine

     

  2. CRTL + ALT + DELETE
    • Instructions
      1. Virtual Machine
      2. Send Ctrl+Alt+Del

     

  3. Login as Administrator
    • Click on the Administrator icon.

     

  4. Login
    • Command: Provide the password for the Administrator account.

     

Section 2. Turn Off Microsoft Internet Explorer Enhanced Security
  1. Launch Group Policy Editor
    • Instructions:
      1. Start --> Administrative Tools --> Server Manager

     

  2. Open Internet Explorer Enhanced Security
    • Instructions:
      1. Click on "Configure IE ESC"

     

  3. Configure Internet Explorer Enhanced Security
    • Instructions:
      1. Administrators: Radio Button: Off
      2. Users: Radio Button: On (Recommended)
      3. Click OK

 

Section 3. Download Microsoft Security Baseline Analyzer
  1. Open Internet Explorer
    • Instructions:
      1. Start --> Internet Explorer

     

  2. Download

     

  3. Save
    • Instructions:
      1. Click on the Save Button

     

  4. Browse Folders
    • Instructions:
      1. Click on the Browse Folders

     

  5. Browse Folders
    • Instructions:
      1. If not already, Navigate to C:\Users\Administrator\Downloads
      2. Click Save

     

  6. Open Folder
    • Instructions:
      1. Click on the Open Folder

     

  7. Open Folder
    • Instructions:
      1. Right Click on MBSASetup-x86-EN
      2. Click on Install

     

  8. Run
    • Instructions:
      1. Click on Run

     

  9. Next
    • Instructions:
      1. Click on Next

     

  10. Accept Agreement
    • Instructions:
      1. Click the I accept radio button.
      2. Click the Next Button.

     

  11. Next
    • Instructions:
      1. Click Next

     

  12. Install
    • Instructions:
      1. Click Install

     

  13. Completed Successfully Message
    • Instructions:
      1. Click OK.

 

Section 4. Running Microsoft Security Baseline Analyzer
  1. Open a Command Prompt
    • Instructions:
      1. Start --> Command Prompt

     

  2. Obtain Your IP Address
    • Instructions:
      1. ipconfig
        • My IP Address is 192.168.1.109; Your IP Address will probably be different.

     

  3. Completed Successfully Message
    • Instructions:
      1. Right Click on Microsoft Baseline Security Analyzer
      2. Run as administrator

     

  4. Scan a computer
    • Instructions:
      1. Click on Scan a computer

     

  5. Start Scan
    • Instructions:
      1. Enter the IP Address you obtained earlier.
      2. Click on the Start Scan Button.
      3. This report might take between 2 and 15 minutes depending on System and Network resources.

     

  6. View General Results
    • Instructions:
      1. Using the Scroll Bar, you will see a general report for each Issue that was scanned.
      2. Scroll down to Windows Security Updates.
        • Notice I have 75 security dates that are missing, because this server was just installed and no updates have been applied.
      3. Click on Result details for Windows Security Updates

     

  7. View Detailed Results
    • Notes:
      1. Notice that all 75 issues are listed below.
      2. Each line contains a MS ID, Description, Severity and Download link.
      3. Some System Administrator install these updates manually depending on their customer and applications restrictions.
      4. However, that is a lot of work.
      5. Continue to next section.

 

Section 4. Configuring Windows Update
  1. Open Control Panel
    • Instructions:
      1. Start --> Control Panel

     

  2. Open Windows Update
    • Instructions:
      1. Double Click on Windows Update

     

  3. Open View advanced options
    • Instructions:
      1. Click on View advanced options, under the Turn on now button.

     

  4. Configuring Windows Update
    • Instructions:
      1. Select the Install updates automatically radio button.
      2. Select the time you want the check and install to occur.
      3. Select the OK Button.

     

  5. Install new Windows Update Software
    • Instructions:
      1. Click on Install now.

     

  6. Install updates
    • Instructions:
      1. Click on the Install updates button

     

  7. Accept Terms
    • Instructions:
      1. Click on the I accept radio button.
      2. Click the Finish button.

     

  8. Waiting on Download updates
    • Informational:
      1. Now you will just wait and watch.
      2. This might take between 1 and 2 hours depending on how many patches are required to make your machine compliant.
      3. Go ahead and continue to the Proof of Lab Section.

     

  9. Restart After Installation Completes
    • Informational:
      1. Click on Restart now.

 

Section 5. Proof of Lab
  1. Copy to Clipboard
    • Instructions:
      1. Click on Copy to Clipboard.

     

  2. Open Notepad
    • Instructions:
      1. In the search box type Notepad
      2. Click on Notepad once displayed under programs.

     

  3. Paste Report Contents
    • Instructions:
      1. Edit --> Paste

     

  4. Save the Contents
    • Instructions:
      1. File --> Save As...

     

  5. Browse Folders
    • Instructions:
      1. Click the Browse Folder

     

  6. Save File
    • Instructions:
      1. Navigate to C:\Users\Administrator\Documents
      2. Filename: YYYYMMDD.txt
        • e.g., 20120130.txt
      3. Click Save

     

  7. Open a Command Prompt
    • Instructions:
      1. Start --> Command Prompt

     

  8. Proof of Lab
    • Instructions:
      1. cd "C:\Users\Administrator\Documents"
      2. dir
      3. date
      4. Press <Enter>
      5. echo "Your Name"
    • Proof of Lab Instructions:
      1. Do a PrtScn
      2. Paste into a word document
      3. echo "Your Name"
        • Replace the string "Your Name" with your actual name.
        • e.g., echo "John Gray"

     



Help ComputerSecurityStudent
pay for continued research,
resources & bandwidth