• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1548
  • Last Modified:

MBSA Microsoft Baseline Security Analyzer not scanning all pc's

I keep getting the following responses for each pc that MBSA is trying to scan:
Computer not found.
Could not resolve to computer name.

I can ping the computers by name, so DNS is resolving the name.  And I get successful replies from the computers, so IP connectivity is working.

Does anybody know what this could be?   Could it be that the Microsoft Firewall on the target computers is preventing the scan?

Thanks
0
cliffordgormley
Asked:
cliffordgormley
3 Solutions
 
prashsaxCommented:
It could be possible that DNS is not resolving to correct IP address.

Sometimes, DNS does not update quick enough and you see incorrect IP and Name pairs.

Have you check if the machine name is resolving to correct IP address or not.

To do this, ping the machine by name.(You will get the IP address).

Now go to that machine and check the IP address by ipconfig.

They should match.
0
 
Rich RumbleSecurity SamuraiCommented:
The firewall sounds more likely, especially if you put the IP into the mbsa and use the IP rather than the DNS name. The MBSA also requires admin priv's on the pc it's scanning. The firewall on XP Pro is turned on automatically when SP2 is applied.
-rich
0
 
cliffordgormleyAuthor Commented:
Prashax.  I stated that DNS works when I ping the target computer by name.  So that is not the problem.

Rich.  You are probably correct.  So does that mean I have to go to each machine and disable the firewall to run MBSA?  Maybe I could use Group Policy to temporarily disable the firewall, run MBSA, then re-enable the Firewall.  MBSA must have come out before the XP firewall for this to happen.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
prashsaxCommented:
You can create a GP to disable the firewall.

But, since you are able to ping those machine, see if you can remotly access their c$, and can connect using computer management.

MBSA scans files and registry using admin$ share and remote registry.

This can also happen if do not have admin rights on that machine.
0
 
kevinf40Commented:
Hi

It is also worth ensuring that you have the latest version of MSBA (you have probably already done this, but IT thought it was worth mentioning just in case).

If you are trying to scan a win xp sp2 machine you need this version of MSBA to be compatible -

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/xpsp2sec.mspx

You can manage the firewall vi GP, or if you have access to the machine you could just manually turn it off to run the scan - which would confirm whether the firewall was the issue or not.

cheers

Kevin
0
 
Rich RumbleSecurity SamuraiCommented:
You can use the Group Policies to turn off the firewall, or to make an exception for the pc that your scanning from. Typically on a Lan the firewall isn't necessary unless you have regular Virus outbreaks or users that might be "script-kiddies" and just too curious. We have over 5000 pc's and leave it off. We also follow best practices and don't allow our users to be local admins of their PC's, so they can't install unapproved software and it also mitigates against spyware and viri
http://xinn.org/win_bestpractices.html
http://www.xinn.org/annoyance_spy-ware.html

The MBSA came out before XP was even released, and win2k and NT don't have firewalls. The only port you need to open is 445 tcp, and or you can open 135-139 tcp or udp.
I would open port 445 from to the "mbsa_pc_name" http://www.microsoft.com/technet/community/columns/cableguy/cg0204.mspx#ESG
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2/mngwfw.mspx
http://www.microsoft.com/technet/prodtechnol/winxppro/deploy/depfwset/wfsp2wgp.mspx
-rich
0
 
tonyteriCommented:
Install NETBIOS on the pc you are using to do the scanning.  This should fix the issue.

/TT
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now