| LocateIPs . Using
the Visual Route demo servers, you can locate any IP address that you find in your
logs, or are curious about on a world map. Locate
Users with Visual Route . The
Geobytes IP Locator tool plots the location of IP addresses very accurately on city
is a remote access program that allows you to use a java enabled web browser to access
a windows desktop and control the system as if you were there. Download
and learn about WinVNC
you can do numerous types of domain look-ups and perform domain tracking. Site
usage is free after registration. Whois.
Using Netcraft.com you can reseach OS types, server types, and uptime. Netcraft. Central
Ops provides several online research utilities. Using Network-tools.com
you can locate network admins, identify site and netblock owners, perform digs and
many other network related research functions. Network-Tools
WSFTP Free FTP Client
WSFTP is a free FTP
client that can be used to upload or download files from almost any FTP server you
have access too. WSFTP
FTP Client Download
Zone Alarm Firewall
Zone Alarm is a free
for personal use firewall you can install on your PC to help protect yourself from
A one-stop start page
to many different free web proxy servers. They will allow you to filter scripts and
cookies as well as hide your IP address. Web
Putty Telnet Client
is small free telnet and SSH client. Putty
is a free program that scans for wireless networks using your wireless network card.
Help files are available at: Netstumbler
Netstumbler can be downloaded here: Net
AirSnare is a
free program that monitors your wireless network for intuders. It
alerts you when unwanted MAC addresses are detected. AirSnare.
is a very useful Windows 2000 domain security, groups, and polices reporting tool.
Get more information here: Domain
Detective Info. Domain
Detective is free after registering for the download here: Domain
GFI System Integrity
GFI SIM is
a free system integrity monitor for Windows 2000 and XP. Once loaded, it
scans your system to detect changes in the files you configure it to monitor.
Get more information and download the free software here: GFI
GFI DNSBL For Microsoft
Essentials 8 is a demo spam blocking product with one important feature
that does not expire--A Window's DNSBL. The free unlimited DNS
black list checker compares incoming mail to one of several DNSBLs. Mail from
known spammer IPs is then dealt with according to rules you supply. The
product is made to work directly on Exchange, or with Microsoft Windows SMTP server
used as a proxy relaying mail to any other brand of mail server. However,
I have installed this directly on production Microsoft SMTP servers to check
incoming mail without using Exchange or a mail proxy server. Get more information
and download the free software here: GFI
GFI Mail Security
For Microsoft SMTP Servers
Security's demo has a Bit Defender virus scanner for your Microsoft SMTP
service that does not expire. It is a great way to scan incoming mail to
your server for virus infections. This product is made to integrate with
Exchange or to be used on another Microsoft SMTP server being used as proxy relaying
mail to any other brand of mail server. However, I have installed the gateway
version of this product directly on production Microsoft SMTP servers to check
incoming mail without using Exchange or a mail proxy server. Get more information
and download the free software here: GFI
Web Matrix Site Editor
Web Matrix is
a WYSIWYG web editor that simplifies HTML and ASP site creation. It comes
with both drag and drop and direct code editing capabilities. Many
features and templates included. Web
Baseline Security Analyzer) is a free Microsoft product that can scan one computer,
or a whole network for security hotspots and missing software patches. MBSA.
addition is a free program which detects and cleans spy-ware and ad-ware
on your computer. Ad-Aware.
is another free program which detects and cleans spy-ware and ad-ware on your
Si Meter is a
free application which will monitor network, hard drive, CPU, processes, and memory
in realtime. A small stackable display meter places the information on
your desktop. This program is capable of monitoring multiple NICs. Si
Filemon is a Windows
utility that displays system file activity in realtime on your desktop. Filemon.
a Windows utility that reports who has access to what files on a system. AccessEnum
is a great file auditing tool that fills a gap in the Windows operating system for
security minded admins. AccessEnum.
Dead System Drive
two ways to access data off of unbootable drives. These tools use both client
and host software. The read only versions of these tools are free. The
pay version allows you to perform remote disk troubleshooting as well.
For access across a LAN use Remote
Recover. For access via serial ports use NTRecover.
SolarWinds TFTP Server
"This TFTP Server is commonly
used to upload/download executable images and configurations to routers, switches,
hubs, XTerminals, etc. The TFTP Server form SolarWinds will run on any Microsoft Operating
System including Windows 95, 98, NT, ME and even Windows XP." --SolarWinds. SolarWinds
Systernal ShareEnum scans
all computers, within domains accessable to it, for file and print shares. It
then displays these shares and their security settings. Best used from
a domain administrator account for maximum information. ShareEnum.
xSharez Scanner scans for
shared printers and files within a range of IP addresses you specify. The free
demo version will only scan 255 systems at a time. xSharez is good
tool for locating improperly shared folders on your network. xSharez
Microsoft EventComb is
a graphical event log reader which will scan multiple machine logs for events
you specify. The tool is part of the security scripts download available
is a program for creating interactive network diagrams with user definable management
features such as point and click telnet." --Network Notepad Homepage. Network
for scripting information, free scripts, and the script-o-matic tool. Microsoft
"MAKEMSI is a
freeware tool which allows you to build MSIs (or other Windows Installer databases)
from scratch within minutes/hours. Subsequent rebuilds take minutes and require
no MSI skills (in general)." -- MAKEMSI Webpage. MAKEMSI.
Snort IDS For
Snort is an open
source network intrusion detection system. For Windows functionality, you
will want to install the two required files; the latest version of Winpcap,
and the Windows
Snort Binary. For maximum Windows
functionality , you will also want to install IDS
Center from Engage security to use as your Snort GUI.
A Snort installation tutorial has been provided by Network Decisions here.
SwatIt Trojan Removal
SwatIt is a free
trojan detection and removal program for personal use. Manual trojan signature
updates are also free. SwatIt.
Online Port Scans
Verify the integrity
of your firewall, and see which ports you are leaving open with an online
port scan. Broadband
Reports Online Scanner. PCFlank
Create boot disks
for various OS's using the executables available at www.bootdisk.com.
The Belarc Advisor
audits your PC for all software and hotfixes installed. Belarc
AD Object Restore
Object Restore for Active Directory is a utility that empowers Active Directory administrators
to rapidly recover deleted Active Directory objects." --Quest website. Object
Ethereal Packet Sniffer
A packet sniffer
is a piece of software that analyzes all the raw data that enters and leaves your
computer/server. As a webmaster running your own server, it can be a great tool to
analyze "suspect" activity. Ethereal will only record data on the computer it
is installed on. First download and install WinPcap. This program is the brains behind
many sniffers and is required to run Ethereal: Winpcap. Then
Download and install Ethereal: Ethereal .
you require instructions, see the help files on the website: Ethereal
Help Files . To
start monitoring after installation click "Capture" on the top menu and then choose
"start" from the drop down. In the box that opens, click the square next to "capture
packets in real time". Then click "ok" at the bottom. The program will be monitoring
in real time and display packets on your screen. To stop monitoring you must choose
stop from the small floating window that appears when monitoring starts.
Micronet Utilities Micronet
Utilities is a suite of network utilities presented with a graphical interface. With
it you can monitor all ports and connections to your computer, ping, trace route and
research email. Download
a free virus scan at any time from Trend Micro.
Virus Removal Tools
trial version of Anti-Keylogger detects keystroke monitoring programs running on the
system it is installed on. Get information on the program here: Anti-Keylogger
Page Download the software here: Anti-Keylogger
Vision is a Windows
program which maps all of your open ports to their owning executables. The
program is free after registration at Foundstone. Download Vision here: Vision.
Top 75 Security Tools
is a list of the top 75 network security tools as compiled by insecure.org.
The list contains links to downloads. Top
75 security tools.
Following are links to running
lists of security vulnerabilities for most major brands of software and hardware. Security Focus
Vulnerabilites List. LWN
Multiple Vendor Linux Security Vulnerabilities. Winguide Microsoft
Mail Server Open Relay
Check to see if
your mail server is an open relay by sending a test mail using the following link.
This open relay check will try several spammer tricks to get your server to relay.
Remember to send to an email address not hosted on the server you are testing. Open
URLSCAN For IIS
Urlscan is a free
microsoft product that can be installed on your IIS webserver. Through the use
of the config file named Urlscan.ini, administrators can tell webservers to ignore
requests that could pose security problems. Microsoft
Microsoft Web Stress
stress testing tool can be used to test your site's ability to handle incoming requests.
It simulates as heavy usage as you need it to, and reports the results. Web
Create and unpack
Zip files with this internet favorite compression utility. WinZip.
Analog-X Netstat Live
live is real time graphical network activity monitor. It monitors one NIC per
instance and places the output on your desktop. Multiple instances can be loaded
to monitor several NICs at the same time. Analog-X
SQL and MSDE Editors/Administration
Data Administrator installs as virtual directory off
of your website. It allows editing of SQL databases through a web based interface.
The Webmatrix ASP.NET editor listed on this page also has the ability to create or
edit Microsoft databases as a feature. The ASP
Enterprise Manager is an ASP.NET web tool
for administration of Microsoft SQL and MSDE servers that mimics the Microsoft SQL
Enterprise Manager snap-in. The MSDE
Query tool is tool that allows you to query an MSDE server. The DBAMGR2K is
a very good stand alone replacement for the Microsoft Enterprise Manager that
works with the MSDE engine. The MSDE
TinyAdmin is a standalone graphical MSDE administration
a Windows utility that defrags your pagefile and registry hives. PageDefrag.
a Windows utility that dynamically displays system info on the wallpaper
of a desktop at startup. The display is a fully customizable quick
reference for users, admins, and tech service personnel. BgInfo.
Lite allows an NT/2000 system administrator to create a new NT user in seconds, including
home directory & share, group memberships and Exchange mailbox." --Advanced Toolware. UserManagemeNT
is an easy-to-use Microsoft Windows application to configure a small network of Cisco
routers (800, 1000, 1600, 1700,2500, 2600, 3600 and 4000 series), switches, hubs and
other network devices from a single PC without requiring knowledge of IOS. It assists
you in configuring IPSec, IOS Firewall, voice, NAT (NetworkAddress Translation), CAR
(Committed Access Rate), DHCP and other IOS features. Cisco ConfigMaker is designed
for resellers and network administrators of small to medium-sized businesses who are
proficient in LAN and WAN fundamentals and basic network design." --Cisco Website. ConfigMaker.
IIS Lockdown Tool
Lockdown tool is used to secure IIS webservers. "IIS Lockdown Wizard works by
turning off unnecessary features thereby reducing attack surface available to attackers.
To provide defense in depth, or multiple layers of protection against attackers, URLscan,
with customized templates for each supported server role, has been integrated into
the IIS Lockdown Wizard." --Microsoft Website. Please carefully consider the potential
complications that may occur when using this on a server that is not a dedicated
"Funnel Web Analyzer
- Measure the effectiveness of your Web site through log file analysis."--Quest
Software. This log analyzer is free to use after registration at the Quest
website. It is customizable and produces numerous reports in HTML
format. It can parse several separate logs into one report. Web
you can easily get rid of those old and obsolete registry entries created by software
that you have removed. RegCleaner.
For Digital Signing and Encryption
free certificates to enable the digital signing and encryption features built into
Outlook and Outlook Express. Comodo's Root Certificate is included
in Microsoft's default Trusted Certificates Store on most computers. Comodo's
Certificates For All Purposes
offers free certificates for all purposes to include digital email signing, encryption,
and securing all methods of communication through SSL. Please
go here for more information.
Sam Spade can
be used as an online tool from the following link, or downloaded as a utility.
It is an multi-tool for online research and abuse tracking. Sam
Win2K MSConfig Replacement
Your copy of Windows
2000 may or may not have MSConfig on it. If not, you can download the Start-Up
Control Panel to perform many of the same tasks performed by MSConfig. Start-Up
FREEping Network Monitor
"Do you want to
know if all your Windows 2003/XP/2000/NT servers are alive and pinging? Do you want
to receive a pop-up message when one of them is not running anymore? Start using FREEping.
It's all in the name: FREEping is a free ping utility which will ping all your 2003/XP/2000/NT
servers (or any other IP address) in free-definable intervals. FREEping will send
you a popup when one of the 2003/XP/2000/NT servers stops responding. Take a look
at the FREEping overview window to view all important statistics." --Advanced
Sender ID DNS Record
Sender ID SPX DNS records and learn how to implement them. Sender