Like
Microsoft SharePoint Server, Windows Server and Microsoft SQL Server
also require the latest service packs and updates to reduce known
security vulnerabilities. Microsoft offers an intuitive free
downloadable tool, the Microsoft Baseline Security Analyzer (MBSA), to
streamline this procedure. This tool identifies common security
vulnerabilities on SharePoint servers by identifying incorrect
configurations and missing security patches for Windows Server, Internet
Information Services (IIS), and Microsoft SQL Server.
MBSA not only has the potential
to scan a single SharePoint server, but it can also scan multiple
instances of SQL Server if multiple instances are installed. The MBSA
SQL Server scan detects and displays SQL Server vulnerabilities such as
the following: members of the sysadmin role, weak or blank SQL Server
local accounts and SA passwords, SQL Server authentication mode, SQL
Server on a domain controller, and missing service packs and updates.
Scanning for Security Vulnerabilities with MBSA
MBSA can scan a single
computer or a range of computers based on an IP address, range of IP
addresses, computer name, or all computers in a domain. The security
scanner can identify known security vulnerabilities on several Microsoft
technologies such as Windows, IIS, or SQL Server. In addition, MBSA can
identify weak passwords and missing service packs and updates.
To scan a SharePoint server for known SQL or Windows vulnerabilities, weak passwords, and security updates, follow these steps:
1. | Choose Start, All Programs, Microsoft Baseline Security Analyzer 2.1.
|
2. | Click
Scan a Computer to pick the system to scan. An administrator also has
the opportunity to scan more than one computer by either entering a
valid IP address range or a domain name.
|
3. | On
the next screen, enter the computer name or IP address of the desired
SharePoint server. Select all options desired and click Start Scan, as
shown in Figure 1.
|
Viewing MBSA Security Reports
A separate security report
is generated for the desired SQL server when the computer scan is
completed. A report is generated regardless of a local or remote scan.
Scan reports also are stored for future viewing on the same computer on
which the MBSA tool was installed.
The MBSA security reports
are intuitive and address each vulnerability detected. If MBSA detects a
missing SQL Server service pack, Windows patch, or hot fix, it displays
the vulnerability in the Security Update Scan section and provides the
location that will focus on the fix.
Review the security report generated from the scan conducted in the example, as shown in Figure 2.
Each section scanned has a score associated with it. An end user or an
administrator can easily browse each section identifying known security
vulnerabilities, verifying what was scanned, checking the results, and analyzing how to correct any anomalies that MBSA detected.
