In my previous tip I provided a "Top 5 List" of standalone security scanning software for Windows. These kinds of scanners are reasonably accurate, if kept up to date. They're also reasonably convenient, if installed on a laptop that you can connect to those networks most in need of scanning. But for sheer convenience and ease of use, nothing beats an online scanning service run remotely—typically, through your favorite Web browser—because there's no software to install nor anything that you must update locally (the service provider does that for you in the background, with no effort required on your part). That's why I prefer this option myself, especially when asked about tools for home desktops, or SOHO networks, in need of a security checkup.
Thus, the list of security scanners mentioned here are all service-based offerings, and all of them work through a Web browser. In fact, all of the following sites offer free Web-based security scans, though some of them also offer low cost, one-shot security scans, if not various fee-based recurring or regularly scheduled scanning options as well.
- Steve Gibson's ShieldsUP!! scan has been around for some time, but still remains a favorite. He includes Windows sharing scans, a complete port scan, common service port scans, and more among his various offerings. Don't neglect his UnPlug n' Pray - Disable the Dangerous UPnP Internet Server Windows security software tweaks either (such as the Three Musketeers, or "UnPlug 'n' Pray," "DCOMbobulator," and "Shoot the Messenger")—they're also worth grabbing and installing as well.
- Although lots of other anti-virus/security companies offer similar scanning tools, my favorite resides on the Symantec Security Response Web page (find the link that reads "check for security risks," then click the Start button in the Security Scan pane on the resulting pop-up window).
- Security Space offers a free security audit, a more comprehensive one-time $10 audit, and ongoing security scanning and auditing services of all kinds. They've built a comprehensive set of scans around the Open Source security scanner called Nessus, and do an entirely creditable job of keeping their scans as up-to-date and complete as possible.
- Security Metrics free port scan and firewall test are both worth checking out. These make an excellent teaser for the company's various products and services, which include various tailored scanning tools, security appliances, and more.
- Pedestal Software (one of my favorite purveyors of Windows security software and tools, including their outstanding Security Expressions product) offers a free WebAudit built around this very tool. You have to download a small software program to make things work, and select a sample security policy against which to audit your system, but the results are painless and worthwhile. It also shows how scary software access to a system can be, because it reads lots of interesting data, especially from your Registry!
If you spend a little time looking into and using one or more of the items on this list, you'll probably find something worth returning to from time to time (who knows, you may even decide to sign up for a service offering of this kind).
Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.