Know security tools from microsoft

There are several security tools from Microsoft to protect the windows environment.Few of them can be use free of cost.It is a good practice to keep update the softwares and OSs from any security loopholes. The Basics is to understand different programs and functions in teams of security.

Spam :-A Spam is a electronic messaging systems to send unsolicited bulk messages indiscriminately.

Malware :-A Malware(malicious software), is a program(code, scripts, active content, and other software) to disrupt/ deny operation / gather information that leads to loss of privacy or exploitation/ gain unauthorized access to system resources, and other abusive behavior.

Trojan :- A Trojan is a destructive program (user prior to installation and/or execution)steals information or harms the system.

Spyware :-A Spyware is a type of malware which collects the information about users without their knowledge(hidden from the user).

Virus :-A Virus is a computer program that can copy itself and infect a computer or spread in a network.

Worm :-A computer worm is a self-replicating malware computer program, which uses a computer network to send copies of itself to other nodes and it may do so without any user intervention.

Rootkit :-A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications. The term rootkit is a concatenation of “root” (the traditional name of the privileged account on Unix operating systems) and the word “kit” (which refers to the software components that implement the tool).

Adware :-Is any software package which automatically plays, displays, or downloads advertisements (This can be in the form of a pop-up)to a computer.

Ad-Aware :-is an anti-spyware and anti-virus program developed by Lavasoft that detects and removes malware, spyware and adware on a user’s computer.

MBSA

Microsoft Baseline Security Analyzer (MBSA) is a tool to detect common security misconfigurations and missing security updates on computer and networks systems. commandline usages:- ——————– To check for security updates and patches, run the following command from a command-line prompt.

mbsacli /target 192.168.195.137 /n os+iis+sql+password > mbsa.txt

scans all computers in the CONTOSO domain for security updates, but it does not scan for administrative vulnerabilities:

mbsacli /d contoso /n os+iis+sql+password > mbsa.txt

scans all computers in the IP address range 192.168.195.130 to 192.168.195.254 for security updates, but it does not scan for administrative vulnerabilities:

mbsacli /r 192.168.195.130-192.168.195.254 /n os+iis+sql+password

scans all computers listed in the ComputerNames.txt file for security updates, but it does not scan for administrative vulnerabilities:

mbsacli /listfile computernames.txt /n os+iis+sql+password

Rootkitreveler

RootkitRevealer is a rootkit detection utility(rootkit is used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities). RootkitRevealer detects rootkits including AFX, Vanquish and HackerDefender. commandline usages:- —————— rootkitrevealer [-a [-c] [-m] [-r] outputfile]

-a : Automatically scan and exit when done.

-c : Format output as CSV

-m : Show NTFS metadata files

-r : Don’t scan the Registry.

Forfront

Microsoft Forefront is a security software to protect computer networks, network servers and individual devices.It has two components Server security  and Client security

Protection

* Forefront Endpoint Protection * Forefront Protection 2010 for Exchange Server * Forefront Online Protection for Exchange * Forefront Protection 2010 for SharePoint * Forefront Security for Office Communication Server

Management

* Forefront Identity Manager 2010 * Forefront Protection Server Management Console

Microsoft Security Essentials

Microsoft’s free real-time protection for PC that guards against viruses, spyware, and other malicious software.

Microsoft Safety Scanner

Tool to scan your computer for malicious and potentially unwanted software.

Windows Automatic updates

Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a freeware that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment.

Read more from below sites

http://technet.microsoft.com/en-us/security/cc297183

http://technet.microsoft.com/en-us/library/cc700837.aspx

http://sectools.org/

Advertisements

Posted on June 29, 2011, in General, Uncategorized. Bookmark the permalink. Leave a comment.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: