How to disable security questions on Windows 10

Losing the password to your desktop system is never good. With desktop systems, it’s important that a password isn’t easy to reset. This is great if you want to keep your system secure, but not so great if you’ve forgotten your password. To get around this, Windows 10 allows users to set security questions for recovering a forgotten password for local accounts. This may not be the greatest or the safest way to recover your password. If you want to disable security questions on Windows 10, you can.

This trick was covered by Lifehacker and it uses a simple PowerShell script to get the job done.

Disable security questions

Download the PS1 file from this Github repository. Save it to a separate folder. Don’t just leave it on your desktop or in your Downloads folder.

After you download the file, open PowerShell with admin rights. Use the CD command to move to the folder that you downloaded the PowerShell file to.

Once you’re in the folder, run the following command to disable security questions.

Update-AllUsersQA

This script can run with one parameter; -answer. The syntax is as follows;

Update-AllUsersQA -answer SecretAnswer

You will need to replace SecretAnswer with an answer of your own choice and that will set the same answer for all questions.

If you need to enable security questions again, the script doesn’t give you a direct way to do it. The first command listed above will disable the feature and any time you try and set a security questions, you will get a message telling you that the feature has been disabled. To enable it again, run the command with the -answer parameter. Use it to set the same answer to all questions and then go to the Settings app to change the answer to the questions. You can change the security questions from Account>Sign in options. Click the Change button under password and you will get an option to change the answer to your security questions.

This will not work for user accounts connected to your Microsoft account. The security questions are only available for local users since they have no other way to recover a forgotten password. Users who have forgotten their Microsoft account password can reset it from the Microsoft website using either their phone number or their email to recover it.

Be warned that if you disable security questions on Windows 10 and later forget your password, you will make it harder on yourself to get back into your system.

Read How to disable security questions on Windows 10 by Fatima Wahab on AddictiveTips – Tech tips to make you smarter

How to check for rootkits on Linux with Tiger

Concerned that you may have a rootkit on your Linux server, desktop or laptop? If you want to check whether or not rootkits are present on your system, and get rid of them, you’ll need to scan you system first. One of the best tools to scan for rootkits on Linux is Tiger. When run, it does a complete security report of your Linux system that outlines where the problems are (including rootkits).

In this guide, we’ll go over how to install the Tiger security tool and scan for dangerous Rootkits.

Install Tiger

Tiger doesn’t come with any Linux distributions out of the box, so before going over how to use the Tiger security tool on Linux, we will need to go over how to install it. You will need Ubuntu, Debian, or Arch Linux to install Tiger without compiling the source code.

Ubuntu

Tiger has long been in the Ubuntu software sources. To install it, open up a terminal window and run the following apt command.

sudo apt install tiger

Debian

Debian has Tiger, and it is installable with the Apt-get install command.

sudo apt-get install tiger

Arch Linux

The Tiger security software is on Arch Linux via the AUR. Follow the steps below to install the software on your system.

Step 1: Install the packages required to install AUR packages by hand. These packages are Git and Base-devel.

sudo pacman -S git base-devel

Step 2: Clone the Tiger AUR snapshot to your Arch PC using the git clone command.

git clone https://aur.archlinux.org/tiger.git

Step 3: Move the terminal session from its default directory (home) to the new tiger folder that holds the pkgbuild file.

cd tiger

Step 4: Generate an Arch installer for Tiger. Building a package is done with the makepkg command, but beware: sometimes package generation doesn’t work due to dependency problems. If this happens to you, check the official Tiger AUR page for the dependencies. Be sure also to read the comments, as other users may have insights.

makepkg -sri

Fedora and OpenSUSE

Sadly, both Fedora, OpenSUSE and other RPM/RedHat-based Linux distributions do not have an easy to install binary package to install Tiger with. To use it, consider converting the DEB package with alien. Or follow the source code instructions below.

Generic Linux

To build the Tiger app from source, you’ll need to clone the code. Open up a terminal and do the following:

git clone https://git.savannah.nongnu.org/git/tiger.git

Install the program by running the included shell script.

sudo ./install.sh

Alternatively, if you’d like to run it (rather than install it) do the following:

sudo ./tiger

Check for rootkits on Linux

Tiger is an automatic application. It doesn’t have any unique options or switches that users can use in the command-line. The user can’t just “run the rootkit” option to check for one. Instead, the user must use Tiger and run a full scan.

Each time the program runs, it does a scan of many different types of security threats on the system. You’ll be able to see everything it’s scanning. Some of the things that Tiger scans are:

  • Linux password files.
  • .rhost files.
  • .netrc files.
  • ttytab, securetty, and login configuration files.
  • Group files.
  • Bash path settings.
  • Rootkit checks.
  • Cron startup entries.
  • “Break-in” detection.
  • SSH configuration files.
  • Listening processes.
  • FTP configuration files.

To run a Tiger security scan on Linux, gain a root shell using the su or sudo -s command.

su -

or

sudo -s

Using root privileges, execute the tiger command to start the security audit.

tiger

Let the tiger command run and go through the audit process. It will print out what it’s scanning, and how it is interacting with your Linux system. Let the Tiger audit process run its course; it’ll print out the location of the security report in the terminal.

View Tiger Logs

To determine if you have a rootkit on your Linux system, you must view the security report.

To look at any Tiger security report, open up a terminal and use the CD command to move into /var/log/tiger.

Note: Linux will not let non-root users in /var/log. You must use su.

su -

or

sudo -s

Then, access the log folder with:

cd /var/log/tiger

In the Tiger log directory, run the ls command. Using this command prints out all the files in the directory.

ls

Take your mouse and highlight the security report file that ls reveals in the terminal. Then, view it with the cat command.

cat security.report.xxx.xxx-xx:xx

Look over the report and determine if Tiger has detected a rootkit on your system.

Removing rootkits on Linux

Removing Rootkits from Linux systems — even with the best tools, is hard and not successful 100% of the time. While it is true there are programs out there that may help get rid of these kinds of issues; they don’t always work.

Like it or not, if Tiger has determined a dangerous worm on your Linux PC, it’s best to back up your critical files, create a new live USB, and re-install the operating system altogether.

Read How to check for rootkits on Linux with Tiger by Derrik Diener on AddictiveTips – Tech tips to make you smarter

How To Remove ‘Protected View’ Status From A File In Microsoft Office

Files downloaded from the internet aren’t always safe. While this usually means EXE files, documents too can be dangerous. This is why apps that can open documents, spreadsheets, or presentations, etc., are weary of items that were downloaded from the internet or copied from a different system. Microsoft Office will open files that came from the internet but it won’t enable editing unless you explicitly allow it to. While this is for your own protection, it also applies to documents you downloaded from your own email. If you want, you can remove the ‘Protected File’ status from a file.

Remove ‘Protected View’ Status

Open the folder containing the file that has ‘Protected View’ status. Right-click it, and select Properties from the context menu. In the Properties window, on the General tab, look for a Security section at the very bottom. Select the Unblock box and click the Apply button.

Open the file and you will no longer see the Protect View bar at the top. If you do see it, close the file, and open it again. On the second attempt, the bar ought to be gone.

This will apply only to that file alone. All other files that were copies of this file, or that you downloaded, or copied from a different system will still open in Protected View. You have to remove the ‘Protected Status’ from each file individually.

This works for all sorts of files that any of the apps in the Microsoft Office suite can open. If you have a spreadsheet or a presentation that opens in protected view, this will disable it.

If you have other apps that open files in some similar protected mode, this will likely disable it as well. If it doesn’t, it’s likely that the app is using its own protection mode to keep you safe. Check the app’s settings, or the file’s security settings to see if there’s an option to disable it.

Once removed, the protection can’t be added back. What you’re basically doing is editing the properties of a file so that it is no longer recognized as one downloaded from a different system. If you need to add some sort of protection to the document, you can check some of the options that Microsoft Office apps offer. There are ways to restrict people from editing a file and you can always add a password to make sure that no one without it can make changes to it.

Read How To Remove ‘Protected View’ Status From A File In Microsoft Office by Fatima Wahab on AddictiveTips – Tech tips to make you smarter

How To Check The Security Of A Linux PC With Lynis

If your Linux security is lacking, a good idea is to audit your system. A great way to run an audit is to use a program that tests security and offers concrete solutions. One such auditing tool is Lynis. It’s a a tool that can check the security of a Linux PC. It scans any Linux PC, tests its security, and prints out a list of possible issues and fixes. The best part of this tool is that it’s very simple to use and anyone can use it.

Ubuntu/Debian

Lynis has excellent support for Debian and Ubuntu through their own software repository. Enabling this software repository is a little different from other software sources, as it’s a traditional software repository. There are no PPAs or anything. This is so that Lynis works on both Debian and Ubuntu without issue.

To start the installation, launch a terminal window and download the correct GPG key.

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C80E383C3DE9F082E01391A0366C67DE91CA5D5F

With the key working, add the new Lynis software source to the system.

sudo -s
echo '#Lynis repo ' >> /etc/apt/sources.list

echo 'deb https://packages.cisofy.com/community/lynis/deb/ stable main' >> /etc/apt/sources.list

The Lynis software repo needs a special package. This package will allow Ubuntu (or Debian) to interact with HTTPS software sources.

sudo apt install apt-transport-https

or

sudo apt-get install apt-transport-https

With the Apt-transport-https package working on your system, it’s safe to refresh the software sources. Run update in the terminal.

sudo apt update

or

sudo apt-get update

Finally, install Lynis.

sudo apt install lynis

or

sudo apt-get install lynis

Arch Linux

Like most programs, Arch has the Lynis security tool in the AUR. To install it, launch a terminal and install Git and the Base-devel packages. Then pull the code down and generate a new Arch package.

Note: please understand that installing software directly from the Arch AUR, rather than the official software sources means that sometimes dependencies do not install. You may need to install these packages manually if this happens during the Lynis installation process. Dependencies can be found at the bottom of this page here.

sudo pacman -S git base-devel
git clone https://aur.archlinux.org/lynis-git.git

cd lynis-git

makepkg -si

Fedora

Lynis has support for Fedora, though it requires a third-party software source to install it. Enable the software source by launching a terminal and using the touch and echo commands.

sudo -s

touch /etc/yum.repos.d/cisofy-lynis.repo
echo '[lynis]' >> /etc/yum.repos.d/cisofy-lynis.repo
echo 'name=CISOfy Software - Lynis package' >> /etc/yum.repos.d/cisofy-lynis.repo
echo 'baseurl=https://packages.cisofy.com/community/lynis/rpm/' >> /etc/yum.repos.d/cisofy-lynis.repo
echo 'enabled=1' >> /etc/yum.repos.d/cisofy-lynis.repo
echo 'gpgkey=https://packages.cisofy.com/keys/cisofy-software-rpms-public.key' >> /etc/yum.repos.d/cisofy-lynis.repo
echo 'gpgcheck=1' >> /etc/yum.repos.d/cisofy-lynis.repo

Next, update the following packages on your system:

sudo dnf update ca-certificates curl nss openssl -y

Finally, install Lynis with dnf install.

sudo dnf install lynis -y

OpenSUSE

The Lynis tool has a software repository available for all versions of OpenSUSE. Turn it on with the following commands in a terminal window.

sudo rpm --import https://packages.cisofy.com/keys/cisofy-software-rpms-public.key
sudo zypper addrepo --gpgcheck --name "CISOfy Lynis repository" --priority 1 --refresh --type rpm-md https://packages.cisofy.com/community/lynis/rpm/ lynis

With the repo on Suse, it’s time to refresh the system.

sudo zypper refresh

Finish up the setup process by using Zypper to install Lynis.

sudo zypper install lynis

 Generic Linux

The Lynis auditing tool has a generic Tarball for those on Linux distributions that don’t have direct support from the developer. Thankfully, this downloadable Tar archive requires no compilation of any kind. Instead, users just download it and run the program as is.

To install Lynis via a downloadable  Tar archive, use the wget tool and download the package, then extract it.

wget https://downloads.cisofy.com/lynis/lynis-2.6.8.tar.gz
tar -zxvf lynis-2.6.8.tar.gz 

cd lynis

Run the Lynis tool with:

./lynis

Using Lynis

Lynis is a simple tool with a lot of options. For the average user, basic options will do. The most basic (yet comprehensive) operation that the program can do is to do a complete audit of the system. To run the audit, open up a terminal and enter the following command into it.

lynis audit system

Running the above command without any Sudoer privileges will scan many aspects of the system. However, it won’t get everything. Running a full scan requires sudo.

sudo lynis audit system --pentest

Need to save the results for later? Pipe them to a text file.

sudo lynis audit system >> /home/username/Documents/lynis-results.txt

Scan Docker File

Docker is becoming increasingly popular on Linux systems. With all of the pre-made Docker images out there, security breaches are bound to happen. Thankfully, Lynis allows users to scan Docker files and test them for issues. To run a test, try the following command.

lynis audit dockerfile /home/username/path/to/dockerfile

Quick Scan

Lynis can do many different types of scans. A scan that may be useful if you’re in a hurry is the “quick” scan mode. This mode tests basic areas of the system, for fasts results.

Run a quick system audit with:

lynis audit system -Q

Read How To Check The Security Of A Linux PC With Lynis by Derrik Diener on AddictiveTips – Tech tips to make you smarter

Best FREE Network Vulnerability Scanners: Top 6 Tools That Don’t Cost Money

You wouldn’t want your network to become the target of malicious users trying to steal your data or cause damage to your organization. But how can you ascertain that there are as little ways as possible for them to enter? By making sure each and every vulnerability on your network is known, addressed, and fixed or that some measure is in place to mitigate it. And the first step in accomplishing that is to scan your network for those vulnerabilities. This is the job of a specific type of software tool and today, we’re glad to bring you our top 6 best free network vulnerability scanners.

We’ll be starting today’s discussion by talking about network vulnerability–or perhaps vulnerabilities–trying to explain what they are. We’ll next discuss vulnerability scanners in general. We’ll see who needs them and why. Since a vulnerability scanner only works as part of a vulnerability management process, this is what we’ll discuss next. Then, we’ll study how vulnerability scanners typically work. They are all different but at their core, there are usually more similarities than differences. And before we reveal what the best free vulnerability scanners are, we’ll tell you what to look for in them.

Vulnerability 101

Computer systems and networks are more complex than ever. It’s not uncommon for a typical server to be running hundreds of processes. Each of these processes is a program, some of them are big programs containing thousands of lines of code. And within this code, there could be all sorts of unexpected things. A programmer may, at one point, have added some backdoor feature to facilitate debugging and this feature might have mistakenly made it to the final version. There could be some errors in input validation that will cause an unexpected–and undesirable–results under some specific circumstance.

Each of these is a hole and there are numerous people out there who have nothing better to do than to find these holes and use them to attack your systems. Vulnerabilities are what we call these holes. And if left unattended, they can be used by malicious users to gain access to your systems and data–or even worse, your client’s data–or to otherwise cause some damage such as rendering your systems unusable.

Vulnerabilities can be everywhere on your network. They are often found on software running on your servers or their operating systems but they are also common in networking equipment such as switches, routers and even security appliances such as firewalls.

Network Vulnerability Scanners — What They Are And How They Work

Vulnerability scanners or vulnerability assessment tools as they are often called are software tools whose sole purpose is to identify vulnerabilities in your systems, devices, equipment, and software. We call them scanners because they will usually scan your equipment to look for specific vulnerabilities.

But how do they find these vulnerabilities? After all, they are usually not there in plain sight or the developer would have addressed them. Somewhat like virus protection software which use virus definitions databases to recognize computer viruses most vulnerability scanners rely on vulnerability databases and scan systems for specific vulnerabilities. These vulnerability databases can either be sourced from well-known security testing labs which are dedicated to finding vulnerabilities in software and hardware or they can be proprietary databases. The level of detection you get is as good as the vulnerability database that your tool uses.

Network Vulnerability Scanners — Who Needs Them?

The quick and easy answer to this question is simple: You do! No really, everyone needs them. Just like no one in his right mind would think of running a computer without some virus protection, no network administrator should be without at least some vulnerability detection scheme.

Of course, this is possibly something that could be theoretically done manually but practically, this is an impossible job. It would require a tremendous amount of time and human resources. Some organizations are dedicated to finding vulnerabilities and they often employ hundreds of people if not thousands.

The fact is that if you are managing a number of computer systems or devices, you probably need a vulnerability scanner. Complying with regulatory standards such as SOX or PCI-DSS will often mandate that you do. And even if they don’t require it, compliance will be easier to demonstrate if you can show that you are scanning your network for vulnerabilities.

A Word About Vulnerability Management

It’s one thing to detect vulnerabilities using some sort of software tool but it is kind of useless unless it is part of a holistic vulnerability management process. Just like Intrusion Detection systems are not Intrusion Prevention Systems Network vulnerability scanners–or at least the vast majority of them–will only detect vulnerabilities and point them to you.

It is up to you to have some process in place to react to these detected vulnerabilities. The first thing that should be done is to assess them. The idea here is to make sure detected vulnerabilities are real. Makers of vulnerability scanners often prefer to err on the side of caution and many of their tools will report a certain number of false positives.

The next step in the vulnerability management process is to decide how you want to address–and fix–real vulnerabilities. If they were found in a piece of software your organization barely uses–or doesn’t use at all–your best course of action might be to remove and replace it with another software offering similar functionality. In many instances, fixing vulnerabilities is as easy as applying some patch from the software publisher or upgrading to the latest version. At times, they can also be fixed by modifying some configuration setting(s).

What To Look For In Network Vulnerability Scanners

Let’s have a look at some of the most important things to consider when evaluating network vulnerability scanners. First and foremost is the range of devices the tool can scan. This has to match your environment as closely as possible. If, for example, your environment has many Linux servers, you should pick a tool that will scan these. Your scanner should also be as accurate as possible in your environment so as to not drown you in useless notifications and false positives.

Another important factor to consider it the tool’s vulnerability database. Is it updated regularly? Is it stored locally or in the cloud? Do you have to pay additional fees to get the vulnerability database updated? These are all things you’ll want to know before you pick your tool.

Not all scanners are created equal, some will use a more intrusive scanning method than others and will potentially affect system performance. This is not a bad thing as the most intrusive are often the best scanners but if they affect system performance, you’ll want to know about is and schedule the scans accordingly. And talking about scheduling, this is another important aspect of network vulnerability scanners. Does the tool you’re considering even have scheduled scans? Some tools need to be launched manually.

The last important aspect of network vulnerability scanners is their alerting and reporting. What happens when they detect a vulnerability? Is the notification clear and easy to understand? Does the tool provide some insight on how to fix found vulnerabilities? Some tools even have automated remediation of some vulnerabilities. Other integrate with patch management software. As for reporting, this is often a matter of personal preference but you have to ensure that the information you expect to find in the reports is actually there. Some tools only have predefined reports, some will let you modify them, and some will let you create new ones from scratch.

Our Top 6 The Best Network Vulnerability Scanners

Now that we know what to look for in vulnerability scanners, let’s have a look at some of the best or most interesting packages we could find. All but one of them are free and the paid one has a free trial available.

1. SolarWinds Network Configuration Manager (FREE TRIAL)

Our first entry in an interesting piece of software from SolarWinds called the Network Configuration Manager. However, this is neither a free tool nor is it a network vulnerability scanner. So you may be wondering what it is doing in this list. There is one primary reason for its inclusion: the tool addresses a specific type of vulnerability that not many other tools do and that it the misconfiguration of networking equipment.

SolarWinds Network Configuration Manager - Summary Dashboard

FREE TRIAL: SolarWinds Network Configuration Manager

This tool’s primary purpose as a vulnerability scanner is validating network equipment for configurations errors and omissions. It will also periodically check device configurations for changes. This can be useful as some attacks are started by modifying some device configuration in a way that can facilitate access to other systems. The Network Configuration Manager can also help you with network compliance with its automated network configuration tools that can deploy standardized configs, detect out-of-process changes, audit configurations, and even correct violations.

The software integrates with the National Vulnerability Database and has access to the most current CVE’s to identify vulnerabilities in your Cisco devices. It will work with any Cisco device running ASA, IOS, or Nexus OS. In fact, two useful tools, Network Insights for ASA and Network Insights for Nexus are built right into the product.

Pricing for the SolarWinds Network Configuration Manager starts at $2 895 and varies according to the number of nodes. If you’d like to give this tool a try, a free 30-day trial version can be downloaded from SolarWinds.

2. Microsoft Baseline Security Analyzer (MBSA)

Our second entry is an older tool from Microsoft called the Baseline Security Analyser, or MBSA. This tool is a less-than-ideal option for larger organizations but it could be OK for small businesses with only a few servers. Given its Microsoft origin, don’t expect this tool to look at anything but Microsoft products, though. It will scan the base Windows operating system as well as some services such as the Windows Firewall, SQL server, IIS and Microsoft Office applications.

The tool doesn’t scan for specific vulnerabilities like true vulnerability scanners do but it will look for missing patches, service packs and security updates as well as scan systems for administrative issue. The MBSA’s reporting engine will let you get a list of missing updates and misconfigurations

MBSA Report Detail Screenshot

MBSA is an old tool from Microsoft. So old that it is not totally compatible with Windows 10. Version 2.3 will work with the latest version of Windows but will require some tweaking to clean up false positives and to fix checks that can’t be completed. For example, MBSA will falsely report that Windows Update is not enabled on the latest Windows version. Another drawback is that MBSA won’t detect non-Microsoft vulnerabilities or complex vulnerabilities. Still, this tool is simple to use and does its job well and it could be the perfect tool for a smaller organization with only Windows computers.

3. Open Vulnerability Assessment System (OpenVAS)

The Open Vulnerability Assessment System, or OpenVAS, is a framework of many services and tools which combine to offer a comprehensive and powerful vulnerability scanning and management system. The framework behind OpenVAS is part of Greenbone Networks’ vulnerability management solution from which developments have been contributed to the community for about ten years. The system is entirely free and most of its component are open-source although some are proprietary. The OpenVAS scanner comes with over fifty thousand Network Vulnerability Tests which are updated on a regular basis.

OpenVAS 7 Software Architecture

OpenVAS has two main components, the OpenVAS scanner, which is responsible for the actual scanning of target computers and the OpenVAS manager, which controls the scanner, consolidates results, and stores them in a central SQL database along with the system’s configuration. Other components include browser-based and command-line user interfaces. An additional component of the system is the Network Vulnerability Tests database. This database is updated from either the fee Greenborne Community Feed or the Greenborne Security Feed. The latter is a paid subscription server while the community feed is free.

4. Retina Network Community

Thre Retina Network Community is the free version of the Retina Network Security Scanner from AboveTrust, one of the best-known vulnerability scanner. It is a comprehensive vulnerability scanner with many features. The tool can perform a free vulnerability assessment of missing patches, zero-day vulnerabilities, and non-secure configurations. User profiles aligned with job functions simplify the operation of the system. Its metro styled intuitive user interface allows for a streamlined operation of the system.

Retina Network Community Screenshot

Retina Network Community uses the Retina scanner’s database, an extensive database of network vulnerabilities, configuration issues, and missing patches. It is automatically updated and covers a wide range of operating systems, devices, applications, and virtual environments. Talking about virtual environments, the product fully supports VMware environments and includes online and offline virtual image scanning, virtual application scanning, and integration with vCenter.

The main limitation of the Retina Network Community is that it’s limited to scanning 256 IP addresses. While this is not much, it will be more than enough for several smaller organizations. If your environment is bigger than that, you can opt for the Retina Network Security Scanner, available in Standard and Unlimited editions. Both editions have an extended feature set compared to the Retina Network Community scanner.

5. Nexpose Community Edition

Nexpose from Rapid7 is another well-known vulnerability scanner although perhaps less than Retina. The Nexpose Community Edition is a limited version of Rapid7’s comprehensive vulnerability scanner. The limitations are important. First and foremost, you can only use the product to scan a maximum of 32 IP addresses. This makes it a good option only for the smallest of networks. Furthermore, the product can only be used for one year. Besides these limitations, this is an excellent product.

Nexppose Community Edition Screenshot

Nexpose can run on physical machines running either Windows or Linux. It is also available as a VM appliance. The product’s extensive scanning capabilities will handle networks, operating systems, web applications, databases, and virtual environments. Nexpose uses what it calls Adaptive Security which can automatically detect and assess new devices and new vulnerabilities the moment they access your network. This combines with dynamic connections to VMware and AWS and integration with the Sonar research project to provide true live monitoring. Nexpose provides integrated policy scanning to assist in complying to popular standards like CIS and NIST. The tool’s Intuitive remediation reports give step-by-step instructions on remediation actions to quickly improve compliance.

6. SecureCheq

Our last entry is a product from Tripwire, another household name in IT security. Its SecureCheq software is advertised as a free Microsoft Windows configuration security checker for desktops and servers. The tool performs local scans on Windows computers and identifies insecure Windows advanced settings as defined by CIS, ISO or COBIT standards. It will seek about two dozen common configuration errors related to security.

Tripwire SecureCheq Screenshot

This is a simple tool that is easy to use. You simply run it on the local machine and it will list al the checked settings with a pass or fail status. Clicking on any of the listed settings reveals a summary of the vulnerability with references on how to fix it. The report can be printed or saved as an OVAL XML file.

Although SecureCheq scans for some advanced configuration settings, it misses many of the more general vulnerabilities and threats. Your best bet is to use it in combination with a more basic tool such as the Microsoft Baseline Security Analyzer reviewed above.

Read Best FREE Network Vulnerability Scanners: Top 6 Tools That Don’t Cost Money by Renaud Larue-Langlois on AddictiveTips – Tech tips to make you smarter