?
Solved

Utility to check Holes in the System

Posted on 2003-03-21
11
Medium Priority
?
398 Views
Last Modified: 2013-12-04
Is there any utility for checking the various Security Holes in the Windows NT System, Like Shares, various accesses to the system, user list, etc.
0
Comment
Question by:tsravank
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
11 Comments
 
LVL 34

Accepted Solution

by:
sramesh2k earned 100 total points
ID: 8185907
Use "Microsoft Baseline Security Analyzer".

Microsoft released the Baseline Security Analyser (MBSA), a free tool which analyses Windows systems for common security misconfigurations. I ve tested it and it is excellent. Analyses system security compromize, share vulnerability, permissions etc.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/mbsahome.asp
0
 
LVL 1

Expert Comment

by:bcastaldo
ID: 8185980
how about trying ISS, free download to perform scan on localhost, good tool if you know how to use it
0
 
LVL 4

Expert Comment

by:Ghost_Hacker
ID: 8186443
Another good free tool is Nessus (the Nessus "server"runs only on Linux). Nessus can scan different systems for security holes and can even  be user configured to search for new security holes as they appear ( or new "sigs" can be downloaded if you don't wish to do your own coding.)


Frankly, I never rely on just one tool to do security testing. So you might want to look at ALL the suggested products.
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Expert Comment

by:E1uSiV3
ID: 8187081
I use XScan, www.xfocus.org

It has a lot of usefull scan parameters to look for IIS SQL NTPass netbios and other holes and also provides some support to how to fix these holes.
0
 

Expert Comment

by:Eggb4by
ID: 8190254
You can use Shadow Security Scan or Retina.
download at http://www.eeye.com/html/Products/Retina/Download.html
(Retina)
or
http://www.safety-lab.com/en2/download.htm
(SSS)
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 100 total points
ID: 8194105
I also recommend nessus - but point out that the no-install-needed Knoppix CD (downloadable free here: http://www.knopper.net/knoppix/index-en.html ) contains this scanner in an easy to use form (well, provided you have DHCP on your network anyhow :)

Assuming you have DHCP, you can boot knoppix, have it acquire an ip, and be up and running with nessus scans in under a minute

if you don't, you will need to set the ip address manually.
0
 
LVL 2

Expert Comment

by:Talamasca
ID: 8195364
Leaktest from www.grc.com
Trojan Simulator  http://www.misec.net/trojansimulator/
Email Test http://www.gfi.com/emailsecuritytest/
10 major ports, trojans and privacy http://www.pcflank.com/test.htm
0
 
LVL 24

Expert Comment

by:SunBow
ID: 8197374
done?
0
 

Expert Comment

by:CleanupPing
ID: 9070636
tsravank:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses
Course of the Month8 days, 23 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question