Audit your computer using Helix Incident response Live CD

Helix is a live Linux CD carefully tailored for incident response, system investigation and analysis, data recovery, and security auditing. It is geared toward experienced users and system administrators working in small-to-medium, mixed environments where  threats  of data loss and security breaches are high.Helix is a very powerful tool. Helix focuses on Incident Response and forensics tools. But with great power comes great responsibility, and as a potential forensics investigator, it is your responsibility to learn how to use this tool properly.Let us check one of the fine tool for auditing windows based PC .WinAduit is a freeware program available for free download. 

WinAudit can generate various amounts of information that is of interest only to the specialist user. The default behavior is to audit all categories except for Loaded Modules, System Libraries and Finding Files.WinAduit allows to save the audit report in various format like PDF,HTML,CSV,text.

1.Software installation dates.
2.User privileges.
3.Group or user accounts are available.
4.Dynamic Host Configuration Protocol (DHCP) details.
5.Services.
6.Audit or error logs.
7.Number of connections to a shared drive.
8.Support for the universal character set (Unicode).
9.Software Metering.
10.User Logon Statistics.
11.Network TCP/IP
12.Adapter name, IP address, DHCP details, connection status/speed etc.
13.Network BIOS
14.Adapter configurations showing type, MAC address, session details etc.
15. Hardware Devices
16.Enumeration of devices and their status.
17.Display Capabilities
18.Text, line, curve, polygon and raster drawing capabilities.
19.Display Adapters
20.A list of the computer's display adapters/ graphics cards.
21.Installed Printers
22.Locally installed printers, network printers are ignored by design.
23.BIOS Version
24.System and video identification and dates.
25.System Management
26.Extensive information ranging from chassis to system slots to memory devices.
27.Processors
28.Name, speed, instructions,cache etc.
29.Memory
30.RAM and swap file usage.
31.Physical Disks
32.Drives
33.Details of usage and geometry. Network drives are ignored by design.
34.Communication Ports
35.Parallel and serial ports for peripherals.
36.Startup Programs
37.Services
38.Running Programs
39.List of programs currently in use with a brief description and memory usage.
40.Open ports.
41.system restore
43.file permission 
44.security log
45.security setting


 

















Audit report can be can saved in PDF,HTML,CSV,TEXT formats.

Popular posts from this blog

Step by step configuration of Exchange 2010 Edge Transport server

Image
Edge Transport server role has been designed to provide improved antispam and antivirus protection for Exchange 2010 environment. The Edge Transport server role is deployed in your organization's perimeter network as a stand-alone server or as a member server of a perimeter-based Active Directory domain. Designed to minimize the attack surface, the Edge Transport server handles all Internet-facing mail flow, which provides Simple Mail Transfer Protocol (SMTP) relay and smart host services for the Exchange organization. Additional layers of message protection and security are provided by a series of agents that run on the Edge Transport server and act on messages as they are processed by the message transport components. These agents support the features that provide protection against viruses and spam and apply transport rules to control message flow.    Prerequisites for Edge Transport server 2010. 1. Microsoft .NET Framework 3.5 2. Windows Remote Management (Win...
Read more

Computer Equipment Disposal policy

Computer Equipment Disposal policy To minimize security risks associated with equipment disposal through ensuring the secure destruction of discarded data stores. Technology equipment often contains parts which cannot simply be thrown away.  Proper disposal of equipment is both environmentally responsible and often required by law.  In addition, hard drives, USB drives, CD-ROM's and other storage media contain various kinds of data, some of which is considered sensitive. To prevent information being stolen by dumpster divers. Dumpster diving is the colloquial name for going through somebody's garbage, which will usually be in dumpsters for large organizations. This is a powerful tactic because it is protected by social taboos. Trash is bad, and once it goes into the trash, something is best forgotten. The reality is that most company trash is fairly clean, and provides a gold mine of information. Phone lists Helps map out the power structure of the company, and gives po...
Read more