Half a year ago, Microsoft announced that they would discontinue Windows Live One Care and instead would offer a free alternative with the code name Morro. Microsoft Security Essentials is the new name and the beta is now available. You can’t download it anymore through Microsoft, but it is still available at Softpedia.

Windows Live One Care

One Care was not really a success. Its market share was only 2%, which is a little embarrassing for a giant like Microsoft. I suppose some security software vendors heaved a sigh of relief when they realized that OneCare was no real competitor for their antivirus tools. I guess the trembling starts again now. It is one thing if small companies such as AVG or Avira offer a free anti-malware tool, but a completely different matter if the Windows maker himself comes out with a free tool. Moreover, the free version will Microsoft help to improve the detection rate of the Forefront products

(more…)

Some days ago, I wrote an article about the alleged superpowers of the built-in administrator account. As it turned out, the local administrator has more or less the same privileges as the other administrator accounts, but this doesn’t mean that it doesn’t require extra care. In this article, I will share some tips on how to handle the built-in administrator account in a corporate environment. These are partially based on an article by security expert Jesper Johansson, although our opinions on some points differ.

Disable the built-in Administrator account

On Vista machines the built-in administrator account is disabled by default. This is a good a thing. Of course, it is the primary target of all hackers (I don’t distinguish between hackers and crackers; it is all the same to me). I also recommend disabling the built-in Administrator account on all XP machines.

(more…)

Submitted by Edward Lansink

GFI LANguard is a network security scanner that’s used by a large number of net admins and is now available as a freeware version.

GFI LANguard scans your computers and ports to detect, assess and rectify security vulnerabilities on your network, with minimal administrative effort. It also provides the tools to easily and effectively remediate vulnerabilities, install missing patches and automatically uninstall unauthorized software.

(more…)

Rate this tool: (24 votes, average: 4.29 out of 5)

 Loading ...

Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

Several days ago, I blogged about the free tool Steel Run As. It allows standard users to run a program with administrator rights. Since then, I came across two other tools that serve the same purpose. One is the free command line tool CPAU, recommended by Andrew in my earlier post. The other is RUNASSPC (RUNAS + PASSWORD + ENCRYPTION) which is only free for personal use. Prices range between 20 and 200 Euros, depending on the number of computers you have in your network. While playing with RUNASSPC, I learned something new about Steel Run As, which simplifies its usage under Vista if UAC is enabled.

I assumed that it is necessary to avoid a UAC prompt if someone with standard user rights runs a program that requires admin rights. For this reason, I included the elevate command in the batch script, in my example that allows standard users to change the TCP/IP settings.

(more…)

Steel Run As solves a problem that every Windows administrator faces sooner or later. It allows you to let standard users run a specific program with administrator privileges. This works in login scripts, in Windows domains or on standalone workstations. Important is that the user doesn’t have to know the administrator’s password, like with the Windows runas command. Best of all is that Steel Run As is very easy to set up.

When I first heard that Microsoft was going to introduce UAC in Windows, I thought it would be something similar to sudo in Linux. Unfortunately, UAC is no match at all for sudo. The feature I miss most is the ability to allow certain end users to manage specific operating system features that require administrator rights.

(more…)

Rate this tool: (4 votes, average: 4.00 out of 5)

 Loading ...

Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

In my last article I listed all important features of DirectAccess. Today I will share some experiences I made when I placed a little with it.

DirectAccess has to be installed as a feature on Windows Server 2008 R2. I wonder why it is a feature and not a role, considering that it is recommended to use DirectAcess on a server that has no other function. I must admit, I still don’t understand the difference between server roles and features.

It is interesting to note that two network interfaces are required, which indicates that DirectAccess has firewall functionality. One network card is usually enough for VPN. DirectAccess also complained that I have no Public Key Infrastructure. After I installed the Certificate Server role on the same machine, the DirectAccess setup was satisfied. The setup wizard then let me configure the user groups that are allowed to use DirectAccess.

(more…)

DirectAccess is a new feature of Windows 7 and Windows Server 2008 R2. It has the same purpose as VPN, i.e., it allows users to connect securely to the corporate network through the Internet. The main difference is that the connection is established in the background without requiring user interaction. This article is mostly a summary of Microsoft’s white paper Technical Overview of DirectAccess in Windows 7 and Windows Server 2008 R2. I also installed DirectAccess on Windows Server 2008 R2, but since there is no technical documentation yet, I had to postpone more detailed tests until Microsoft provides more information. In my next post I will share some practical experiences.

(more…)

The Action Center is a new feature in the Windows 7 Control Panel that could prove useful for system administrators. It is a replacement of Vista’s Security Center and gives an overview of security and maintenance-related status messages.

Before I start reviewing the Action Center, I want to say a word or two about the changes in the Control Panel. At first sight, it looks pretty much the same as in Vista; however, Microsoft moved quite a few applets to different positions. I don’t know whether the new configuration makes more sense than the old one, or if it makes it easier for newbies to find an applet. But one thing is certain: Vista users who just got used to the new Control Panel will start searching again.

(more…)

Submitted by Maks

AnVir Task Manager Free provides full set of Windows enhancements that help in every-day work.

Security & Performance

• Full information about processes, services, Internet connections, drivers, DLLs
• Detects Trojans with security analysis and get alerts on new startups
• Speed up boot time (Delayed Startup), balance CPU usage, optimize memory
• Run programs as services on Windows startup before user login

(more…)

Rate this tool: (4 votes, average: 4.50 out of 5)

 Loading ...

Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

Submitted by Jan Ivar Beddari

Secunia has some tools similar to Belarc Advisor which you might want to take a look at.

There’s a personal edition of Secunia Personal Software Inspector (PSI) which is free and a business edition with network scanning features. The company is quite well known around EU for their website and security bulletins so I thought I should mention them ..

This util is quite new. I like it better than Belarc

From the publisher’s site

The Secunia PSI is the FREE security tool that is designed with the sole purpose of helping you secure your computer from software vulnerabilities. Software vulnerabilities affect all applications installed on your computer, from the Operating System down to your email client, office application, instant messaging, and so on.

(more…)

Rate this tool: (4 votes, average: 4.00 out of 5)

 Loading ...

Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

Submitted by David Pope

The Belarc Advisor builds a detailed profile of your installed software and hardware, missing Microsoft hotfixes, anti-virus status, CIS (Center for Internet Security) benchmarks, and displays the results in your Web browser. All of your PC profile information is kept private no your PC and is not sent to any web server.

• Operating Systems: Runs on Windows Vista, 2003, XP, 2000, NT 4, Me, 98, and 95.
• Browsers: Requires IE 3 or Netscape 3, and higher versions. Also runs on Opera, Mozilla, and Firefox.
• File size: 1642 KB.
• License: The license associated with this product allows for free personal use only. Use on multiple PCs in a corporate, educational, military or government installation is prohibited. See the license agreement for details.

Belarc Advisor

Rate this tool: (3 votes, average: 4.00 out of 5)

 Loading ...

Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

One of the first things I usually do when I install a new Windows Server in a test environment, is to turn off IE Enhanced Security Configuration (IE ESC). I am talking about this little prompts that get on your nerves whenever you open a website in Internet Explorer on a Windows Server. I described how to disable IE ESC in Windows Server 2003 a while back. Since it is one of the popular articles here on 4syosps and because the procedure is different on Windows Server 2008, I decided to post a follow-up to save you from this constant security prompts.

(more…)

Submitted by Jeff Botts

(The website is in German but has a translation link at the top.)

This is a great tool allowing users with standard rights to run programs with local admin privileges. It is based on SuDown and integrated in the Windows shell. Just right click on the icon of the program you want to run as admin and the context menu will give you the option to “Start as Administrator”. The current stable version doesn’t support global groups, so it won’t work on computers in a Windows domain. There is a beta that the developer put out on 02/24/2008 that is very stable and it works with global groups, too.

See about the new features of the latest release in the comments below.

SuRun

Rate this tool: (8 votes, average: 4.50 out of 5)

 Loading ...

Submit favorite free admin tool | Free tools ranking list | Descriptions of all tools

Microsoft published a new guide about the security settings in Windows Server 2008. This Technet article gives an overview and the guide itself can be downloaded here. What makes this guide so useful is not only the 214 page security guide (plus a 76 page appendix about security related Group Policy settings). Most interesting are the Excel files that come with the guide.

(more…)