When it comes to performing a security assessment of Windows servers (SQL, ISA, IIS etc), the Microsoft Baseline Security Analyzer (MBSA) tool provides a good idea of the key security settings implemented on the Windows server being audited.
One drawback though is MBSA v2.1 needs admin privileges on the remote Window server and offers no way of specifying alternate admin credentials in its GUI…what if you’re MBSA client isn’t even in the same domain??……..
Using the “runas” command from Windows Command Prompt, its possible to specify the remote servers admin credentials for use with the MBSA executable:
‘runas’ command with custom credentials and mbsa.exe
In this screenshot, we used the local admin account on ‘WIN2K3TESTSVR’ rather than a domain account.
NOTE: The ‘/netonly’ switch is a must, this tells your client to use these credentials when making a remote connection. If you dont use this switch, when you hit Enter, wWndows will try and verify these credentials which will most likely fail.
When MBSA starts, specify the IP address of the remote server ‘WIN2K3TESTSVR’ and click ‘Scan’. MBSA will now use the credentials you specified on the command line.
NOTE: If you are scanning IIS servers, you will need to have the IIS Common Files installed on your MBSA machine so that a number of the IIS scripts will run correctly. MBSA will soon let you know that a scan was incomplete because it could run the necessary IIS checks.