Toolkit for Microsoft Windows OS Security Maintenance
In an effort to integrate utilities whch can be used to enforce vulnerability and compromise prevention policy, CNS has developed wrappers for well-known 'run-once' tools that can aid those who self-manage their Microsoft OS computers. They are easy to run, do not require installation and provide quick feedback.
A recent NW-Admins slide presentation is available here.
| Tool |
|
Description |
|
| |
|
|
| Critical Update Detection |
|
a wrapper for MBSA critical update check, Microsoft's utility which will quickly report missing critical OS updates. (runs on XP, 2000, 2003 only). Note: this utility is also a component of the Endpoint Security Policy system. |
| |
|
|
| Host IDS Tool |
|
a light weight host based IDS that checks for SYN packets sent out to ports 135/tcp and 445/tcp. It generates a report if number of SYN packets is more that 20.
|
| |
|
|
Password Audit
|
|
a wrapper for John the Ripper password cracker which is configured to detect: blank passwords, password identical to username and limited (2300 words) dictionary lookup. |
| |
|
|
| Network Traffic Monitor |
|
a Windows Network Monitor Control that displays graphics of packet per second on each interface. Big numbers (like 50 pkts/sec and up) should be considered suspicious. |
| |
|
|
| Marketscore Root Cert Check/Remove Tool |
|
Microsoft 'certmgr' utility will detect and prompt for removal of Marketscore trusted root certificate for Internet Explorer only. |
| |
|
|
Microsoft's Malicious Software Removal Tool
|
|
A new utility which will detect and remove a number of well known viruses and worms. This is updated monthly by Microsoft.
|
|
