Chapter 7. Pre-installation 93
msjava.dll and open the file properties. Click the version tab to determine the
build number.
7.4 System security
We have discussed security at the network layer. Security is equally important at
the OS and OS component level. It is imperative that you start off with a secure
system and maintain security for the life of the system.
7.4.1 Microsoft security tools
Microsoft provides a number of tools that are helpful in determining and
eliminating security threats on your servers. These can be downloaded from the
Microsoft Web site http://www.microsoft.com.
HFNetchk
HFNetchck is a command line utility tool that checks the patch status of your
operating system. The HFnetchk tool makes you aware of the vulnerabilities on
your system, but does not remove them. Use Windows Update or do a search on
the warning number to find a fix and remove the vulnerability from your system.
Windows Update is another Microsoft tool that is discussed in greater detail in
the section (see Windows Update on page 95).
Installing HFNetchk
Download the install file.
Click Yes on the license agreement file
Type the location where you wish to extract the files.
Using HFNetchk
Open a command prompt
Navigate to the directory where you installed HFNetchk
Typ e hfnetchk at the command line to display the list of fixes in the command
window (see Example 7-1). Alternately, use hfnetchk > filename to output the
contents to a file.
Example 7-1 HFnetchk run on command prompt
C:\temp>hfnetchk > test1
Microsoft Network Security Hotfix Checker, 3.32
Copyright (C) Shavlik Technologies, 2001-2002
Developed for Microsoft by Shavlik Technologies, LLC
info@shavlik.com (www.shavlik.com)
94 Lotus LearningSpace R5.01 Deployment Guide
Please use the -v switch to view details for
Patch NOT Found, Warning and Note messages
Attempting to download the CAB from:
http://download.microsoft.com/download/xml/security/1.0/NT5/EN-US/mssecure.cab
File was successfully downloaded.
Attempting to load C:\temp\mssecure.xml.
Using XML data version = 1.0.1.278 Last modified on 5/6/2002.
Scanning THOR-2000
....................................
Done scanning THOR-2000
MS Baseline Security Analyzer
This tool uses HFNetchk to performs system scans. The advantage of this tool is
that it has the capability of performing local or remote scans, and reports are
displayed in a graphical interface. As with HFNetchk, this reports vulnerabilities
but does not resolve them.
Installing MS Baseline Security Analyzer
Download the install file from Microsoft’s Web site and run the executable.
Click Next on the Welcome screen.
Accept the license agreement and click Next.
Use the information about your site, and choose whether or not you wish to
grant other users of the machine permission to use the tool. Click Next.
Click the Browse button to select the location where you wish to install the
program. Click Next.
Select your install options and click Next.
Verify the correct settings under features and location. Click Next.
To begin the installation, click Next.
Click Finish.
Using MS Baseline Security Analyzer
Select Start -> Programs -> Microsoft Baseline Security Analyzer.
Click Pick a Computer to Scan or Scan Computer.
Enter the IP Address or machine name of the local or a remote machine.
Click Start Scan.
Get Lotus LearningSpace R5.01 Deployment Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
