Lan Vulnerability Detection

Even if it is a "Shock Wave" or "Shock Wave", almost all computer viruses exploit Microsoft operating system or related software vulnerabilities. Therefore, to make your machine as secure as possible, you must constantly update your system, that is, install one patch after another for our window. But the problem is: we can only manage our own machines, but cannot monitor our "Network neighbors ". The wide application of LAN gives more space for these viruses. Let's quickly and thoroughly scan the entire LAN to prevent all intruders.

Microsoft Baseline Security Analyzer (MBSA) is such a Security scan detection tool. It not only detects vulnerabilities on the local machine, but more importantly, it can easily detect other computers on the network and provide detailed detection reports and solutions.

　　Step 1: software installation and Localization

The English version of the software can go to the release. At the same time, the Chinese version of software can be found on the network for download and installation, in order to facilitate the Internet users with poor E-text base.

　　Step 2: determine necessary conditions

1. if your computer is running Windows XP and only supports simple file sharing, you can only run the check locally. You must select "Tools> Folder Options" in "Resource Manager ", click the "View" tab and then cancel the "use simple file sharing (recommended)" option.

2. to check the security of other user machines in the LAN, you must have the permission to manage the network. Therefore, it is best to double-click the computer you want to scan in "Network neighbors" and log on to the Administrator (you can change the password later), or write the following batch of processing commands.

Net use \ machine1IPC $ "password"/user: "administrator"

Net use \ machine2IPC $ "password"/user: "administrator"

Replace machine1 and machine2 with the name of the machine to be scanned, replace the password with the administrator password on the corresponding machine, and double-click this command to log on to the corresponding machine as administrator.

　　Step 3: scan for machine Vulnerabilities

After installation, double-click "Microsoft Baseline Security Analyzer 1.2" on the desktop to run MBSA, 1. Several functional options of the software are provided on the left. You can scan a computer, a batch of computers, or even all computers in the LAN. Method: click the "select a batch of computer scans" option on the left, 2. Here, you can select or enter a domain name to scan the entire domain, or use the IP address range to limit which machines to scan. You can take the default value for other items and click "Start scan.

Then, the system starts scanning each computer. If there are many computers, pay attention to the Scan progress prompt, 3.

TIPS:

● MBSA mainly scans the following five items:

1. Windows operating system (OS) checks: Windows system Vulnerability Detection, including: Guset account status, file system format, available sharing, members of the Administrator group, etc.]

2. IIS checks: scans for IIS4/5 vulnerabilities, provides detection reports and repair instructions, and checks whether IIS Lockdown Tools is installed.

3. SQL checks: MSSQL7.0/2000 Vulnerability Detection, mainly checks the Verification Mode, password status, and number of accounts.

4. Security updates check: Compares the HFNetChk tool with Microsoft databases to completely detect which Security patches are missing and provide detailed reports.

5. Password checks: weak Password detection, mainly used to test the Password strength. The length of time depends on the number of users. Skip this option when scanning the domain controller.

　　Step 4: handle the problem accordingly

Later, MBSA will provide a detailed detection report. Let's take a look at the available information provided in this report.

4. The detection report is in HTML format, which is intuitive and clear for easy storage and printing. A Red Cross is used to mark serious system vulnerabilities. Three options are listed below. what was scanned has been scanned); 2. detailed results (ResuAlt Details); 3. how to correct (How to correct this ). Click the corresponding option to open the corresponding detailed prompt. After you click "how to correct", the system will provide a detailed description of the vulnerability and the latest patches for the vulnerability. Following its instructions, you can go to the corresponding page of Microsoft, so that you can easily make up for this vulnerability.

With such a good tool, can you, as a network manager (or a home network), greatly reduce the workload? If the administrator can remind users of the solution provided by MBSA from time to time, the security of our Windows-based network will be greatly enhanced. The last note is that you 'd better install this tool on your computer, scan the tool on your own, and patch all Windows vulnerabilities so that you can feel at ease in the LAN.