Herramientas de Seguridad para entornos Microsoft

En innumerables ocasiones nos hemos encontrado con que debemos de realizar una auditoría de seguridad, analizar vulnerabilidad o simplemente detectar algún malware o código malicioso en entornos microsoft, llámese servidores o estaciones de trabajo.

En esta entrega quiero compartir con todos vosotros tres herramientas que nos ayudarán a realizar esta labor de una manera sencilla y quitándonos mucho tiempo en buscar alternativas que en ocasiones no sirven para nada.

La primera herramienta es PROCESS EXPLORER:

Process Explorer es una herramienta de la suite de sysinternals de Microsoft que nos permite identificar todos los procesos que se están ejecutando en Windows (Servidores o estaciones de trabajo) dando como resultado tanto los procesos legítimos como ilegítimos o sospechosos.

Aunque algunas personas lo confunden con el «administrador de tareas de Windows» hay que decir que NO es asi.

A través del Process Explorer podemos hacer un dump, ver el ID del proceso que está ejecutando la herramienta, matar (kill) el proceso en caliente, identificar la ruta donde esta instalado el proceso, ver el nivel de permisos a nivel de NTFS que tiene el proceso, entre muchas otras cosas.

Como bono extra de la herramienta nos da las estadisticas en tiempo real de consumo de memoria, CPU y Disco Duro.

2015-12-09_23-06-49

Esta formidable herramienta fue desarrollada por Mark Russinovich actual CIO de Azure en Microsoft.

Para descargar dar clic aquí:

https://technet.microsoft.com/en-us/sysinternals/processexplorer.aspx

 

La segunda herramienta es el Microsoft Baseline Security Analyzer (MBSA):

https://technet.microsoft.com/es-es/security/cc184924.aspx

Es una herramienta muy útil que se utiliza para realizar auditoría de seguridad y escaneo de vulnerabilidades en entornos Microsoft.

Su enfoque es para ayudar a las pequeñas y medianas compañías que no cuentan con un departamento de tecnología especializado en seguridad pero desean tener sus sistemas operativos blindados con las recomendaciones por parte de Microsoft que incluyen:

  • Actualizaciones y parches de seguridad
  • Recomendaciones de Seguridad
  • Detección de vulnerabilidades de seguridad
  • Auditoría de seguridad

woorden-wdb-gif-mbsa

Es importante destacar que se puede escanear múltiples ordenadores lo que hace muy simple el poder ver como esta el estado de seguridad de mis servidores o estaciones de trabajo.

Los sistemas operativos soportados por MBSA son:

Windows 2000, Windows 7, Windows 8, Windows 8.1, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Vista, Windows XP .

Puedes descargar la herramienta dando clic aquí:

https://www.microsoft.com/en-us/download/details.aspx?id=7558

 

La tercera herramienta es Microsoft Malicious Software Removal Tool (MSRT):

microsoft-malicious-software-removal-tool

Esta última herramienta nos permite detectar y eliminar software y codigos maliciosos (malware) en nuestros servidores y ordenadores con sistemas operativos.

  • Microsoft Windows XP Professional
  • Microsoft Windows XP Home Edition
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Windows Vista Home Basic
  • Windows Vista Home Premium
  • Windows Vista Business
  • Windows Vista Enterprise
  • Windows Vista Ultimate
  • Windows Server 2008 Standard
  • Windows Server 2008 Enterprise
  • Windows 7 Enterprise
  • Windows 7 Enterprise N
  • Windows 7 Home Basic
  • Windows 7 Home Premium
  • Windows 7 Home Premium N
  • Windows 7 Professional
  • Windows 7 Professional N
  • Windows 7 Starter
  • Windows 7 Starter N
  • Windows 7 Ultimate
  • Windows 7 Ultimate N
  • Windows 8
  • Windows 8 Enterprise
  • Windows 8 Pro
  • Windows Server 2012 Datacenter
  • Windows Server 2012 Essentials
  • Windows Server 2012 Foundation
  • Windows Server 2012 Standard
  • Windows 8.1 Enterprise
  • Windows 8.1 Pro
  • Windows 8.1
  • Windows Server 2012 R2 Datacenter
  • Windows Server 2012 R2 Standard
  • Windows Server 2012 R2 Essentials
  • Windows Server 2012 R2 Foundation
  • Windows 10

Esta herramienta he de confesar que me ha salvado en muchas ocasiones como por ejemplo cuando la crisis en su momento del malware Conficker, realizando un sencillo script que permitía ejecutar la herramienta de manera silenciosa en los ordenadores y servidores se pudo eliminar y controlar el malware.

Muchos administradores de sistemas siguen utilizando este script en el inicio de sesión de los usuarios, es una manera efectiva de mantener los ordenadores limpios de codigos maliciosos.

Para más detalles podemos ir al siguiente enlace, donde adicionalmente podemos descargar la herramienta.

https://support.microsoft.com/en-us/kb/890830

Hasta la próxima…..

 

 

Peter Frank Díaz
1703 comentarios
  1. donald j trump store
    donald j trump store Dice:

    Whats up are using WordPress for your blog platform? I’m new
    to the blog world but I’m trying to get started and creeate my own. Do you
    require any coding knowledge to make your own blog?
    Any help wuld be really appreciated!

  2. mp3juice
    mp3juice Dice:

    This is a very good tip especially to those new to the blogosphere. Simple but very accurate info… Thank you for sharing this one. A must read post!

  3. youtube converter -- converter mp3
    youtube converter -- converter mp3 Dice:

    Howdy! This article couldn’t be written much better! Reading through this article reminds me of my previous roommate! He always kept talking about this. I am going to forward this post to him. Fairly certain he will have a good read. Many thanks for sharing!

  4. tubidy music download
    tubidy music download Dice:

    After looking at a number of the blog articles on your site, I really like your technique of blogging. I saved it to my bookmark webpage list and will be checking back soon. Please visit my website too and tell me what you think.

  5. ytmp3 plus
    ytmp3 plus Dice:

    You’re so cool! I do not suppose I have read anything like this before. So wonderful to find another person with original thoughts on this topic. Seriously.. thanks for starting this up. This website is one thing that is required on the internet, someone with a little originality.

  6. weihunchunan
    weihunchunan Dice:

    Marketing of food products successfully needs a number of methods by the marketers.
    Global demand for natural merchandise stays
    strong, with gross sales increasing by over
    5 billion US Dollars a yr. In accordance with statistics,
    the foods wasted every year in Italy can feed a population of forty four million individuals and just five percent of the quantity wasted
    in the USA can fill four million starving stomachs in a day.
    These containers are designed especially for all types of individuals and you will get more effective result.
    In any other case, it is going to be a waste of arduous money for
    corporations with out getting the specified end result.
    If all of us decide to not waste even a single chunk of
    food many starving stomachs could be nourished. So, when you’ve got some
    leftover foods in your kitchen then retailer
    it in containers that may maintain the freshness for for much longer.
    So, why not get your mouth juices flowing by hitting ?

  7. lspG4c
    lspG4c Dice:

    My partner and I stumbled over here from a different website and thought I may as well
    check things out. I like what I see so now i am following you.

    Look forward to checking out your web page repeatedly.

  8. Rve7Gw
    Rve7Gw Dice:

    I think this is one of the most important information for me.

    And i’m glad reading your article. But want to remark on few general things,
    The website style is ideal, the articles is really
    excellent : D. Good job, cheers

  9. tubidy download
    tubidy download Dice:

    After I initially commented I appear to have clicked the -Notify me when new comments are added- checkbox and now each time a comment is added I receive four emails with the exact same comment. Is there a way you are able to remove me from that service? Many thanks.

  10. tubidy download
    tubidy download Dice:

    Hello there! This article could not be written much better! Looking through this post reminds me of my previous roommate! He continually kept talking about this. I will send this post to him. Fairly certain he will have a great read. Many thanks for sharing!

  11. ruslara yer yok
    ruslara yer yok Dice:

    It’s perfect time to make some plans for the future and it is time to
    be happy. I’ve learn this publish and if I could I want to recommend you some attention-grabbing things or tips.

    Perhaps you can write next articles regarding this article.

    I wish to learn more things about it!

  12. Gabriel
    Gabriel Dice:

    Small Business SEO Company Tools To Improve Your Daily Lifethe One Small Business SEO Company Trick That
    Should Be Used By Everyone Learn small business seo company –
    Gabriel

  13. Perry
    Perry Dice:

    Guide To Online Shopping Sites In United Kingdom: The Intermediate Guide Towards Online
    Shopping Sites In United Kingdom online shopping sites in united kingdom (Perry)

  14. asbestos claim
    asbestos claim Dice:

    Many companies offer a no-cost case review for patients with mesothelioma.
    This allows you to find out about the process a company uses to handle these claims and then decide
    if they are the right fit for you.

    My site – asbestos claim

  15. Teddy
    Teddy Dice:

    Double Glazing Door Repairs Near Me Tools To Help
    You Manage Your Everyday Lifethe Only Double Glazing Door
    Repairs Near Me Technique Every Person Needs
    To Learn double glazing door (Teddy)

  16. Asbestos legal
    Asbestos legal Dice:

    The December 2020 final TSCA risk evaluation for chrysotile
    Asbestos legal revealed unreasonable health
    risks to humans for all ongoing uses of chrysotile asbestos.
    The April 2019 rule bans the return of asbestos
    products for sale.