Microsoft Baseline Security Analyzer
So after installation, how do you know whether your system is as secure as it could be? One great tool that complements an overall security strategy is the Microsoft Baseline Security Analyzer (MBSA). This tool is for both home users and IT administrators. It performs a scan of XP systems (it can scan other Windows versions as well), comparing the system's configured settings against a list of recommended settings.The MBSA is not part of XP installation, although I would suggest that your setup is not complete without this tool. The catch: you first must retrieve this utility from Microsoft's Website. The latest version can be found at: http://www.microsoft.com/technet/security/tools/mbsahome.mspxAfter downloading and installing it, you start the MBSA by choosing Start | All Programs | Microsoft Baseline Security Analyzer, launching the dialog box shown in Figure 2-6.
Figure 2-6. The start page of the MBSA.
Chapter 9, "Playing Nicely with Others".)The end result is a report similar to the one shown in Figure 2-7. By default, the most critical issues are listed first. From here, you can print or copy the report for archiving. Better yet, the MBSA report lets you take corrective action, or at least start the process. For example, the report in Figure 2-7 indicates that I'm missing several updates for Microsoft Office. When I click "How to correct this", I'm given detailed instructions about the steps that I should take to get the missing updates.
Figure 2-7. An MBSA report generates an overall security assessment.
[View full size image]
