Utility to check Holes in the System

Is there any utility for checking the various Security Holes in the Windows NT System, Like Shares, various accesses to the system, user list, etc.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Use "Microsoft Baseline Security Analyzer".

Microsoft released the Baseline Security Analyser (MBSA), a free tool which analyses Windows systems for common security misconfigurations. I ve tested it and it is excellent. Analyses system security compromize, share vulnerability, permissions etc.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
how about trying ISS, free download to perform scan on localhost, good tool if you know how to use it
Another good free tool is Nessus (the Nessus "server"runs only on Linux). Nessus can scan different systems for security holes and can even  be user configured to search for new security holes as they appear ( or new "sigs" can be downloaded if you don't wish to do your own coding.)

Frankly, I never rely on just one tool to do security testing. So you might want to look at ALL the suggested products.
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

I use XScan, www.xfocus.org

It has a lot of usefull scan parameters to look for IIS SQL NTPass netbios and other holes and also provides some support to how to fix these holes.
You can use Shadow Security Scan or Retina.
download at http://www.eeye.com/html/Products/Retina/Download.html
Dave HoweSoftware and Hardware EngineerCommented:
I also recommend nessus - but point out that the no-install-needed Knoppix CD (downloadable free here: http://www.knopper.net/knoppix/index-en.html ) contains this scanner in an easy to use form (well, provided you have DHCP on your network anyhow :)

Assuming you have DHCP, you can boot knoppix, have it acquire an ip, and be up and running with nessus scans in under a minute

if you don't, you will need to set the ip address manually.
Leaktest from www.grc.com
Trojan Simulator  http://www.misec.net/trojansimulator/
Email Test http://www.gfi.com/emailsecuritytest/
10 major ports, trojans and privacy http://www.pcflank.com/test.htm
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.