| UTORprotect |
Endpoint Security Policy System
Malicious Code
Network Security Policy
Open-Source Firewall
Password Usage Guidelines
Security Incident Reporting
Symantec Anti-Virus
Windows Security Maintenance
Windows Incident Response
Windows Security

Toolkit for Microsoft Windows OS Security Maintenance


In an effort to integrate utilities whch can be used to enforce vulnerability and compromise prevention policy, CNS has developed wrappers for well-known 'run-once' tools that can aid those who self-manage their Microsoft OS computers. They are easy to run, do not require installation and provide quick feedback.

A recent NW-Admins slide presentation is available here.


Tool   Description

Critical Update Detection   a wrapper for MBSA critical update check, Microsoft's utility which will quickly report missing critical OS updates. (runs on XP, 2000, 2003 only). Note: this utility is also a component of the Endpoint Security Policy system.
Host IDS Tool   a light weight host based IDS that checks for SYN packets sent out to ports 135/tcp and 445/tcp. It generates a report if number of SYN packets is more that 20.

Password Audit

  a wrapper for John the Ripper password cracker which is configured to detect: blank passwords, password identical to username and limited (2300 words) dictionary lookup.
Network Traffic Monitor   a Windows Network Monitor Control that displays graphics of packet per second on each interface. Big numbers (like 50 pkts/sec and up) should be considered suspicious.
Marketscore Root Cert Check/Remove Tool   Microsoft 'certmgr' utility will detect and prompt for removal of Marketscore trusted root certificate for Internet Explorer only.

Microsoft's Malicious Software Removal Tool


A new utility which will detect and remove a number of well known viruses and worms. This is updated monthly by Microsoft.


©2008 - University of Toronto Computing and Networking Services, All Rights Reserved.