spyclone
05-07-2002, 18:00
Summary: SecurityExpressions WebScan Free Edition is a free tool for
assessing how well computers comply with industry-standard security
hardening policies and guidelines.
URL: http://www.securityexpressions.com/webscan
Hardnening policies to choose from:
- Microsoft Security Guidelines for Windows NT
- National Security Administration (NSA) Guidelines for Windows 2000
- Hotfixes for Windows, Outlook, IIS, Internet Explorer and other
Microsoft Products
- Others to be added over time
Examples of misconfigurations uncovered:
- Incorrect registry permissions
- Lax file/directory permissions
- Unneeded services
- Lenient user rights
- Missing hotfixes
Requirements:
- Windows NT 4.0 or higher
- Internet Explorer 5 or higher
- Administrator account
How it works:
- Visit http://www.securityexpressions.com/webscan
- Select the policy
- Click "Begin Scan"
- IE will download the WebScan ActiveX object
- The ActiveX object will scan your local computer
- Output will be displayed in IE
Security implications of running WebScan:
- WebScan runs only on the local machine so that no sensitive
information is sent through the Internet.
- WebScan does not require any registration or other type of user
identification.
- WebScan provides an option that, if checked, sends back the results of
the scan so that we can collect aggregate statistics. These statistics
help us to improve the product.
The technology:
- WebScan is based on our SecurityExpressions product that is used by
organizations to ensure that their systems comply with custom policies.
- WebScan uses only documented, standard Windows API.
- A commercial version interfaces directly with SecurtyExpressions and
allows fixing of any problems discovered
------------------
Lord, grant me the serenity to accept the things I cannot change,
the courage to change those I can
and the wisdom to hide the bodies of the people I killed because they pissed me off !
-------------------------
Linus, I am your father.
Relinquish your open source, join me and we will rule the Internet as father and son.
-Darth Gates
assessing how well computers comply with industry-standard security
hardening policies and guidelines.
URL: http://www.securityexpressions.com/webscan
Hardnening policies to choose from:
- Microsoft Security Guidelines for Windows NT
- National Security Administration (NSA) Guidelines for Windows 2000
- Hotfixes for Windows, Outlook, IIS, Internet Explorer and other
Microsoft Products
- Others to be added over time
Examples of misconfigurations uncovered:
- Incorrect registry permissions
- Lax file/directory permissions
- Unneeded services
- Lenient user rights
- Missing hotfixes
Requirements:
- Windows NT 4.0 or higher
- Internet Explorer 5 or higher
- Administrator account
How it works:
- Visit http://www.securityexpressions.com/webscan
- Select the policy
- Click "Begin Scan"
- IE will download the WebScan ActiveX object
- The ActiveX object will scan your local computer
- Output will be displayed in IE
Security implications of running WebScan:
- WebScan runs only on the local machine so that no sensitive
information is sent through the Internet.
- WebScan does not require any registration or other type of user
identification.
- WebScan provides an option that, if checked, sends back the results of
the scan so that we can collect aggregate statistics. These statistics
help us to improve the product.
The technology:
- WebScan is based on our SecurityExpressions product that is used by
organizations to ensure that their systems comply with custom policies.
- WebScan uses only documented, standard Windows API.
- A commercial version interfaces directly with SecurtyExpressions and
allows fixing of any problems discovered
------------------
Lord, grant me the serenity to accept the things I cannot change,
the courage to change those I can
and the wisdom to hide the bodies of the people I killed because they pissed me off !
-------------------------
Linus, I am your father.
Relinquish your open source, join me and we will rule the Internet as father and son.
-Darth Gates