Pin Me

Top Ten Free Security Tests

written by: Lee Clemmer•edited by: Bill Bunter•updated: 5/16/2011

Is your computer secure? Is your network secure? Here's a list of ten free security tests that you can use to test whether your computers and network are secure.

  • slide 1 of 4

    Free Security Testing

    I've compiled a list of ten free internet security tests and network security tests. Several are my favorites that I've used for years. Many of them are online tests, accessed through a browser. Several them are downloads that you run from a local system, some with a desktop GUI or from the command prompt. Testing frequently with various tools can be much more effective than relying on a single tool, test, or product.

  • slide 2 of 4

    The Tests

    Here are the tests, (in alphabetical order) with links and a brief description included.

    Hackerwhacker http://hackerwhacker.com/freetools.php This site provides a web interface to several simple tools to test for open ports, blocked ports, and so forth.

    LeakTest http://www.grc.com/lt/leaktest.htm Leaktest, by Gibson Research Corporation, is a downloadable application run locally on a host behind a firewall to check for "leaks", or unauthorized outbound traffic through your firewall. The same site hosts the ShieldsUP security test.

    Microsoft Baseline Security Analyzer (MBSA) http://technet.microsoft.com/en-us/security/cc184924.aspx The MBSA is a tool for business IT professionals. The tool evaluates the security state of Microsoft OS platforms and applications and provides specific, detailed recommendations for improvements. See this article for details on using MBSA.

    Nessus http://www.nessus.org/nessus/ This is probably my favorite network vulnerability scanner of all time. I've used it since its first release. Tenable offers the basic scanner for free, on many platforms. Professional user licenses and commercial licesnes are available.

    Nmap http://nmap.org Nmap is one of my long-time favorites. It is an open source program, and can be run from the command prompt on many platforms, and a precompiled Windows version with a graphical interface is available. This tool takes more knowledge than many of the others to run and interpret, but its flexibility makes it worth it. Information about using Nmap can be found here.

    Norton Security Scan http://security.symantec.com/sscv6/WelcomePage.asp This link includes the downloadable Norton Security Scan, which automatically scans your computer weekly, and a link to Symantec Security Check, an on-demand web-based security scan or virus detection check.

    PC Flank http://www.pcflank.com/ This site provides a group of web based tests, including a quick test, stealth test, browser test, trojan test, an advanced port scanner, and an exploits test. They also provide a downloadable leak test application. The site has excellent information, help, and forums for assistance, and news.

    ShieldsUP http://www.grc.com/default.htm Also by GRC, this is a web based Internet vulnerabiltiy testing suite. The site has excellent help and documentation explaining the tests and the results.

    Spybot Search & Destroy http://www.safer-networking.org/en/index.html This excellent downloadable application scans for spyware, adware, trojans, and other malware. Free updates are available. Read Bright Hub's detailed review of Spybot.

    Windows Defender http://www.microsoft.com/windows/products/winfamily/defender/default.mspx This is Microsoft's spyware and malware prevention and removal program. Aimed at the home user, it is included in Windows Vista. See our article How to Use Windows Defender for more information.

  • slide 3 of 4

    Which one is best?

    Which one is best? Well, I think they are all good, or I wouldn't have included them in my list. Best, in my opinion, depends on what we are trying to accomplish. The tests don't all do the same things, so there's not a "best" on this list. Since they are all free, my advice is to use several of them and compare the results. Then, make configuration changes and updates, and run those tests again. You may find false positives from some of the tests, or that a test misses a weakness in your situation that the other tests you use catch. Pick the ones that work best for you, and run them frequently, especially whenever you make changes to your system(s) or network.