Microsoft security tools

Kurt Seifried, [email protected]

The following are several free Microsoft security tools that not many people seem to be aware of, but that no administrator should be without.

Baseline security analyzer -;en-us;q320454

This program is from Microsoft, it can scan the local host, remote systems, or a group of systems for common security problems. Checks include account password settings, hotfix status, security settings such as "RestrictAnonymous" and more. You should download this tool immediately, install it, and check the report.

HFNetChk -

HFNetChk, a free tool actually written by a company called "Shavlik", the free version must be run manually (although it can be scripted), and it generates text output essentially listing hotfixes and patches you need to apply. A commercial version, HFNetChkPro, is also available which allows you to schedule updates, automatically down and install updates, and generally maintain a large group of systems without going insane.

IIS Lockdown -



Last updated 10/4/2002

Copyright Kurt Seifried 2002