Improving Web Application Security: Threats and - CGISecurity

774 Improving Web Application Security: Threats and Countermeasures4. Click Start scan. Your configuration is now analyzed. When the scancompletes, MBSA displays a security report, which it also writes to the%Userprofile%\SecurityScans directory.5. Review the failed checks, and fix vulnerable configuration settings.Click Result details next to each failed check for more information about whythe check failed. Click How to correct this, for information about how to fix thevulnerability.For more information about using MBSA, see “How To: Use Microsoft BaselineSecurity Analyzer (MBSA),” in the How To section of this guide.Evaluate Your Configuration CategoriesTo evaluate the security of your workstation configuration, review the configurationcategories shown in Table 6. Start by using the categories to evaluate the securityconfiguration of the base operating system. Then apply the same configurationcategories to review your IIS, SQL Server, and .NET Framework installation.Table 6 Configuration CategoriesConfiguration Category MethodologyPatches and updates Setup Automatic Updates. Use MBSA or Windows Updates to verify thatthe latest updates are installedServicesProtocolsAccountsFiles and directoriesSharesPortsRegistryAuditing and loggingDisable unused services.Check that SMB and NetBIOS over TCP are removed if your workstationis not a member of a domain.Check that all local accounts use strong passwords.Be sure your workstation uses only NTFS partitions.Enumerate shares, remove unnecessary ones, and secure theremaining ones with restricted permissions.Ensure that unused ports are closed by disabling the service that hasthe port open. To verify which ports are listening use the netstat –n –acommand.Disable null sessions.Audit failed Windows attempts to log on and log failed actions acrossthe file system.