- slide 1 of 5
Why We Need to Scan Computer for Security Risks
Malware exploits, zero-day, and vulnerabilities can damage a computer, steal valuable and personal information, or compromise a PC to become part of a botnet (also known as zombie computers). The basic defense is to keep the operating systems and installed programs up-to-date, use real-time protections using antivirus, anti-malware and firewall programs, ensuring that the user account is not using the administrative account without a password, and that the policy used by security tools is strong enough to block any attempts by hackers or attackers.
Having all of the above setup should be enough to protect against known, but growing numbers of security risks. There’s only one method to know whether the settings and defenses in place are correct and working properly, and that is by scanning a computer using different types of assessment tools or services. Below are the tools you can use to scan computer for security risks.
- slide 2 of 5
Browser Security Test and GRC ShieldsUp!
Scanit offers an online browser security test for current and old versions of any browser. The online scanner by Scanit will check the browser's ability to pass known vulnerabilities or attacks on popular browsers and plugins affecting Internet Explorer, Firefox, and Opera.
GRC ShieldsUp! – An online scanner to check the computer and network ability to prevent known attacks by Trojans and intruders. ShieldsUp will also check if the Internet connection is associated with a DNS machine name. The scanner by GRC lets you choose to scan for common, file sharing, messenger, or all system ports that attackers may use, when they try to scan areas for vulnerable networks and computers. ShieldsUp! is one of the Top 5 port scanners to use.
- slide 3 of 5
Microsoft Baseline Security Analyzer and PC Flank
Microsoft Baseline Security Analyzer (MBSA) – This free tool from Microsoft determines if Windows has the critical security updates installed. Also, MBSA will check if an incomplete or mis-configured installation of security updates exists, and if auto-logon and password for user accounts are properly setup.
PC Flank – A popular web-scanner to determine if the computer is protected from exploits, Trojans, opened ports that Trojans and hackers are known to attack, browser tests, and leak tests for a firewall.
- slide 4 of 5
Secunia and Sophos Endpoint Assessment Test
Secunia – The vulnerability scanners by Secunia are provided using a web-based, Online Software Inspector (OSI) and using an installed program – Personal Security Inspector (PSI). Both will scan the computer for non secure versions of Windows and widely-used applications such as Adobe Flash Player, Adobe Reader, Oracle Java, Apple QuickTime plug-in, etc. Secunia PSI will scan more applications than the web-based Secunia OSI.
Sophos Endpoint Assessment Test – An online or web scanner by Sophos to determine if the computer is protected with security patches for Internet Explorer, Windows Media Player, Office, and Windows. Also, the Sophos’ scanner will check if IE has patches against an Aurora threat, and it will determine if firewall and antivirus protections are installed on the computer. Note that an email registration is required to use the free service by Sophos.
- slide 5 of 5
Symantec Security Check and Online Virus Scanners
Symantec Security Check – Symantec offers two versions in testing the computer's security against malware, hackers, vulnerability, and port scanners that Trojan horses are known to attack. There is a web-based and program version of Symantec Security Check: Norton Security Scan and the browser-based Symantec Security Check.
Virus, Trojans and Malware Scanners - Many security vendors provide free online scanners to verify that an antivirus in Windows did not miss any threats that are maybe residing or hidden on your computer. Check out the several online virus scanners to ensure that your antivirus is protecting what you want or what other virus scanners can detect, prevent or remove.
Image credits: Screenshots taken by the author, Sophos Endpoint Assessment test (http://www.sophos.com/products/free-tools/sophos-endpoint-assessment-test.html)