Re:Belarc Advisor

[gep]

Windows XP Pro --- Zonealarm free - Norton Anti-Virus - WinPatrol - SpywareBlaster - Adaware Free - A-Squared - Spybot - Ccleaner -

Hello All, i downloaded and installed the New version of Belarc Advisor, ran it, and it informed me that my score security wise was only 3.13 of 10

It advised me to see last part.

Why are benchmarks important for IT security? Many current threats are not stopped by perimeter security systems such as firewall and anti-virus systems. Setting and monitoring configurations based on consensus benchmarks is a critical step because this is a pro-active way to avoid many successful attacks. The U.S. National Security Agency has found that configuring computers with proper security settings blocks 90% of the existing threats (IA Newsletters "Security Benchmarks: A Gold Standard." Click here to request a copy.) For our white paper, "Security Within", click here to request a copy.

What is the Center for Internet Security (CIS)? The CIS is an open association consisting of industry, government and academic members. Its mission is to help IT organizations more effectively manage their risks related to information security. Click here for details.

What are the CIS Benchmarks? The Benchmarks are developed by CIS members and staff and are consensus based, best-practice security configurations for computers connected to the Internet. Click here for details.

What is the CIS Benchmark Score? The Belarc Advisor has performed a security audit of your system using the CIS Level-I benchmark appropriate to your operating system. The result is a number between zero and ten that gives a measure of the vulnerability of your system to potential threats. The higher the number the less vulnerable your system.

How can you reduce your security vulnerability? The CIS configurations are available as Microsoft security template files from the CIS. Warning: Applying these security templates may cause some applications to stop working correctly. Back up your system prior to applying these security templates or apply the templates on a test system first.Click here to download the templates from the CIS (requires registration and acceptance of the CIS license agreement).

If i where to download them, should i create a Restore Point?
Or not bother downloading them??

A Load of RED X's in File and Registry Permissions, and some in User Rights and some in Available Services and some in Security Options Loads in Audit and Account Policies

Any ideas welcome.

Thanks, GEP

[LindaHewitt]

Sounds like the better idea is to go back to the previous version of Belarc, IMO. I really don't like it when a software program starts telling me I need to do this or that. Everything that the new Belarc program is asking you to do may be OK but I am just naturally suspicious.

What I would do is run the Microsoft Baseline Security Analyzer and see what security recommendations that it has.

I would also do a Google search on "Belarc version 7 problems" without the quotes. I did the search and it appears that there are a lot of people, who are unhappy with this new version. It seems that it is not reporting everything accurately. For more information, go to

http://www.google.com/search?sourcei...ion+7+problems

Be sure and go to the Wilders Security forums because that is an excellent source of information, which is security related.

Cheers,

Linda

[TxTazDad]

Have seen proven results that Belarc can "lie", don't rely on it 100%. I also agree with Linda, as well as going to the GRC site & testing there. No one program will do it all

Use Belarc today, not saying anything bad, just filter it

[poppy4]

I keep Belarc up todate and use the new version 7.1h and also have a score of 3.13.....and after checking thru the red 'x'es realised that most of it is for an (enterprise environment)?......mutliple users, and not for me the single user. I keep my pc's pretty well locked down and have not had any problems with security.
So in answer to your question gep about downloading, I think not, but don't know your situation.....just my 2cents...

[gep]

Hello all, thanks for your replies.

Thought my security was very good, i know nothing is 100% but thought i would have a better score than 3.13 out of 10.

No problems viruses, trojans etc, just the normal which are mostly dealt with through the programs i have, like adaware. spybot, Norton, Zonealarm etc.

I think i will leave things alone, mostly working fine, only downloaded new version of Belarc because i just wanted to a new list of installed programs etc on my computer.

It did say that i had a Microsoft security update that was faulty or something like that, so deleted it and i downloaded it fresh and another one at the same time from Microsoft updater.

Re:Belarc. Removed the end piece as advised -bAdvisor.bcx see below Start, programs, Belarc, right click, Properties, Target as advised through a website see here last post http://www.wilderssecurity.com/showthread.php?t=80408
As chachazz was nice enough to post, Belarc Advisor 7.0m is released and should help discover more anti-virus vendors.

For those of you who don't want to see the new security features in version 7, you can edit the properties of the Belarc Advisor shortcut and remove the
-bAdvisor.bcx from the end of the Target command. The report will then be nearly the same as version 6.

Many of our customers have asked us to provide security auditing in our professional product, so we thought "free" Advisor end-users would appreciate it as well. Sorry to hear only negative feedback on it from this security forum though. We'd appreciate any constructive thoughts you may have on the security audit, so please let us know.

Thanks for your replies, GEP